Isogeny-based PAKE protocols

The passwords that we use in our everyday life are often chosen to be easily memorable which evidently makes them vulnerable to attacks. This problem is addressed by password-authenticated key exchange (PAKE). The general idea of such a protocol is to enable two parties who share the same (potentially weak) password to establish a strong session key. Most PAKE protocols used today are based on Diffie-Hellman key exchange in prime order groups, hence they are not secure against quantum attackers. A promising candidate for replacing Diffie-Hellman key exchange in a post-quantum world is the Commutative-Supersingular-Isogeny-Diffie-Hellman (CSIDH) key exchange. In this talk, we introduce two novel PAKE protocols based on CSIDH.