Abstract

CSIDH is a post-quantum cryptographic primitive built from the action of an ideal class group on a set of supersingular elliptic curves over a finite field. Its hardness relies on a problem called vectorization, a group-action analogue of discrete logarithm. Several protocols derived from CSIDH, notably CSI-SharK and BCP, publish additional structured public information. This additional structure can be exploited by quantum algorithms, making these variants weaker than ordinary CSIDH vectorization. I will briefly review the CSIDH class-group action, the vectorization problem, and the role of shifted inputs. I will then explain how an instance of the generalized hidden shift problem, how Fourier sampling reduces this to a bounded modular knapsack problem, and how the latter becomes a low-dimensional closest vector problem in supremum norm. This yields concrete fault-tolerant quantum attacks that outperform previous estimates for plain CSIDH.

Bio

Lam Pham is a postdoctoral researcher in mathematics at Ghent University (Belgium). Previously, he was an instructor in mathematics at Brandeis University and a Zuckerman postdoctoral scholar at the Hebrew University of Jerusalem. He received his PhD in mathematics from Yale University. His research topics include arithmetic and algebraic groups, geometric group theory, number theory, geometry, cryptography, and quantum computing.