Sharing the Path: A Threshold Scheme from Isogenies and Error Correcting Codes
Mohamadou Sall, M. Anwar Hasan
TL;DR
This work develops a threshold secret-sharing framework for isogeny-based cryptography by turning a polynomial-time SIDH-key-recovery attack into a constructive tool for computing isogeny paths. It combines this tool with elliptic-curve encodings (SESS) and a linear error-correcting code to distribute an isogeny path among $n$ participants with threshold $t$, leveraging SI-TP/SI-OTP reductions and Feo et al.'s results to enable reconstruction. The security analysis derives parameter regimes ensuring perfect secrecy thresholds for NIST levels and proposes concrete code-based instantiations, notably binary subfield RS codes from hyperoval RS codes, along with burst-erasure mitigation strategies. The approach provides a principled, practically motivated pathway to distributed trust in isogeny-based protocols while maintaining the integrity of the underlying hard problems (IPP). Overall, it connects cryptographic utility from recent SIDH attacks with classical coding-theoretic secret sharing to realize robust, thresholded, isogeny-based secrecy.
Abstract
In 2022, a prominent supersingular isogeny-based cryptographic scheme, namely SIDH, was compromised by a key recovery attack. However, this attack does not undermine the isogeny path problem, which remains central to the security of isogeny-based cryptography. Following the attacks by Castryck and Decru, as well as Maino and Martindale, Robert gave a mature and polynomial-time algorithm that transforms the SIDH key recovery attack into a valuable cryptographic tool. In this paper, we combine this tool with advanced encoding techniques to construct a novel threshold scheme.