{"id":"https://openalex.org/W2045890225","doi":"https://doi.org/10.1515/jmc-2012-0016","title":"Constructing elliptic curve isogenies in quantum subexponential time","display_name":"Constructing elliptic curve isogenies in quantum subexponential time","publication_year":2013,"publication_date":"2013-10-23","ids":{"openalex":"https://openalex.org/W2045890225","doi":"https://doi.org/10.1515/jmc-2012-0016","mag":"2045890225"},"language":"en","primary_location":{"id":"doi:10.1515/jmc-2012-0016","is_oa":true,"landing_page_url":"https://doi.org/10.1515/jmc-2012-0016","pdf_url":null,"source":{"id":"https://openalex.org/S100611479","display_name":"Journal of Mathematical Cryptology","issn_l":"1862-2976","issn":["1862-2976","1862-2984"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310313990","host_organization_name":"De Gruyter","host_organization_lineage":["https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Mathematical Cryptology","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1515/jmc-2012-0016","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Andrew Childs","orcid":null},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Andrew Childs","raw_affiliation_strings":["Department of Combinatorics & Optimization and Institute for Quantum Computing, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Combinatorics & Optimization and Institute for Quantum Computing, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada","institution_ids":["https://openalex.org/I151746483"]}]},{"author_position":"middle","author":{"id":null,"display_name":"David Jao","orcid":null},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"David Jao","raw_affiliation_strings":["Department of Combinatorics & Optimization, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Combinatorics & Optimization, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada","institution_ids":["https://openalex.org/I151746483"]}]},{"author_position":"last","author":{"id":null,"display_name":"Vladimir Soukharev","orcid":null},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Vladimir Soukharev","raw_affiliation_strings":["Department of Combinatorics & Optimization, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Combinatorics & Optimization, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada","institution_ids":["https://openalex.org/I151746483"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I151746483"],"apc_list":{"value":1000,"currency":"EUR","value_usd":1078},"apc_paid":{"value":1000,"currency":"EUR","value_usd":1078},"fwci":5.8529,"has_fulltext":false,"cited_by_count":187,"citation_normalized_percentile":{"value":0.95847419,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"8","issue":"1","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.7452999949455261,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.7452999949455261,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.10729999840259552,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11435","display_name":"Polynomial and algebraic computation","score":0.06289999932050705,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/isogeny","display_name":"Isogeny","score":0.8737999796867371},{"id":"https://openalex.org/keywords/finite-field","display_name":"Finite field","score":0.6399999856948853},{"id":"https://openalex.org/keywords/cardinality","display_name":"Cardinality (data modeling)","score":0.6007000207901001},{"id":"https://openalex.org/keywords/quantum-algorithm","display_name":"Quantum algorithm","score":0.5828999876976013},{"id":"https://openalex.org/keywords/quantum-fourier-transform","display_name":"Quantum Fourier transform","score":0.5559999942779541},{"id":"https://openalex.org/keywords/elliptic-curve","display_name":"Elliptic curve","score":0.517300009727478},{"id":"https://openalex.org/keywords/quantum","display_name":"Quantum","score":0.4609000086784363},{"id":"https://openalex.org/keywords/cryptosystem","display_name":"Cryptosystem","score":0.4235999882221222},{"id":"https://openalex.org/keywords/endomorphism","display_name":"Endomorphism","score":0.4147000014781952},{"id":"https://openalex.org/keywords/discrete-logarithm","display_name":"Discrete logarithm","score":0.3944000005722046}],"concepts":[{"id":"https://openalex.org/C2779765290","wikidata":"https://www.wikidata.org/wiki/Q1674414","display_name":"Isogeny","level":3,"score":0.8737999796867371},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.8083999752998352},{"id":"https://openalex.org/C77926391","wikidata":"https://www.wikidata.org/wiki/Q603880","display_name":"Finite field","level":2,"score":0.6399999856948853},{"id":"https://openalex.org/C87117476","wikidata":"https://www.wikidata.org/wiki/Q362383","display_name":"Cardinality (data modeling)","level":2,"score":0.6007000207901001},{"id":"https://openalex.org/C137019171","wikidata":"https://www.wikidata.org/wiki/Q2623817","display_name":"Quantum algorithm","level":3,"score":0.5828999876976013},{"id":"https://openalex.org/C59500034","wikidata":"https://www.wikidata.org/wiki/Q1464944","display_name":"Quantum Fourier transform","level":5,"score":0.5559999942779541},{"id":"https://openalex.org/C118615104","wikidata":"https://www.wikidata.org/wiki/Q121416","display_name":"Discrete mathematics","level":1,"score":0.5242999792098999},{"id":"https://openalex.org/C179603306","wikidata":"https://www.wikidata.org/wiki/Q268493","display_name":"Elliptic curve","level":2,"score":0.517300009727478},{"id":"https://openalex.org/C84114770","wikidata":"https://www.wikidata.org/wiki/Q46344","display_name":"Quantum","level":2,"score":0.4609000086784363},{"id":"https://openalex.org/C6295992","wikidata":"https://www.wikidata.org/wiki/Q976521","display_name":"Cryptosystem","level":3,"score":0.4235999882221222},{"id":"https://openalex.org/C116858840","wikidata":"https://www.wikidata.org/wiki/Q1340800","display_name":"Endomorphism","level":2,"score":0.4147000014781952},{"id":"https://openalex.org/C173259116","wikidata":"https://www.wikidata.org/wiki/Q864003","display_name":"Discrete logarithm","level":4,"score":0.3944000005722046},{"id":"https://openalex.org/C9652623","wikidata":"https://www.wikidata.org/wiki/Q190109","display_name":"Field (mathematics)","level":2,"score":0.38929998874664307},{"id":"https://openalex.org/C202444582","wikidata":"https://www.wikidata.org/wiki/Q837863","display_name":"Pure mathematics","level":1,"score":0.3666999936103821},{"id":"https://openalex.org/C111335779","wikidata":"https://www.wikidata.org/wiki/Q3454686","display_name":"Reduction (mathematics)","level":2,"score":0.3287000060081482},{"id":"https://openalex.org/C58053490","wikidata":"https://www.wikidata.org/wiki/Q176555","display_name":"Quantum computer","level":3,"score":0.3174000084400177},{"id":"https://openalex.org/C151376022","wikidata":"https://www.wikidata.org/wiki/Q168698","display_name":"Exponential function","level":2,"score":0.3127000033855438},{"id":"https://openalex.org/C199479865","wikidata":"https://www.wikidata.org/wiki/Q205966","display_name":"Riemann hypothesis","level":2,"score":0.3125},{"id":"https://openalex.org/C157567686","wikidata":"https://www.wikidata.org/wiki/Q7644139","display_name":"Supersingular elliptic curve","level":3,"score":0.30640000104904175},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.2962999939918518},{"id":"https://openalex.org/C127843967","wikidata":"https://www.wikidata.org/wiki/Q1554628","display_name":"Cyclotomic field","level":2,"score":0.2937999963760376},{"id":"https://openalex.org/C105546189","wikidata":"https://www.wikidata.org/wiki/Q1154787","display_name":"Theta function","level":2,"score":0.29170000553131104},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.2903999984264374},{"id":"https://openalex.org/C2778153370","wikidata":"https://www.wikidata.org/wiki/Q2896709","display_name":"Endomorphism ring","level":3,"score":0.2890999913215637},{"id":"https://openalex.org/C42058472","wikidata":"https://www.wikidata.org/wiki/Q810214","display_name":"Base (topology)","level":2,"score":0.27799999713897705},{"id":"https://openalex.org/C121444067","wikidata":"https://www.wikidata.org/wiki/Q2835817","display_name":"Schoof's algorithm","level":4,"score":0.27090001106262207},{"id":"https://openalex.org/C2778023678","wikidata":"https://www.wikidata.org/wiki/Q554403","display_name":"Duality (order theory)","level":2,"score":0.2669999897480011},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.262800008058548},{"id":"https://openalex.org/C2780595030","wikidata":"https://www.wikidata.org/wiki/Q3860309","display_name":"Multiplication (music)","level":2,"score":0.26260000467300415},{"id":"https://openalex.org/C46875033","wikidata":"https://www.wikidata.org/wiki/Q1244890","display_name":"Rational number","level":2,"score":0.26249998807907104},{"id":"https://openalex.org/C12657307","wikidata":"https://www.wikidata.org/wiki/Q616608","display_name":"Algebraic number field","level":2,"score":0.25850000977516174},{"id":"https://openalex.org/C169654258","wikidata":"https://www.wikidata.org/wiki/Q12479","display_name":"Number theory","level":2,"score":0.25619998574256897},{"id":"https://openalex.org/C123958593","wikidata":"https://www.wikidata.org/wiki/Q938102","display_name":"Elliptic function","level":2,"score":0.25380000472068787},{"id":"https://openalex.org/C11252640","wikidata":"https://www.wikidata.org/wiki/Q243723","display_name":"Monomial","level":2,"score":0.2500999867916107}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1515/jmc-2012-0016","is_oa":true,"landing_page_url":"https://doi.org/10.1515/jmc-2012-0016","pdf_url":null,"source":{"id":"https://openalex.org/S100611479","display_name":"Journal of Mathematical Cryptology","issn_l":"1862-2976","issn":["1862-2976","1862-2984"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310313990","host_organization_name":"De Gruyter","host_organization_lineage":["https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Mathematical Cryptology","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1012.4019","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1012.4019","pdf_url":"https://arxiv.org/pdf/1012.4019","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:doaj.org/article:398121efe757425994d4fbe5a897fe6e","is_oa":true,"landing_page_url":"https://doaj.org/article/398121efe757425994d4fbe5a897fe6e","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Mathematical Cryptology, Vol 8, Iss 1, Pp 1-29 (2014)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1515/jmc-2012-0016","is_oa":true,"landing_page_url":"https://doi.org/10.1515/jmc-2012-0016","pdf_url":null,"source":{"id":"https://openalex.org/S100611479","display_name":"Journal of Mathematical Cryptology","issn_l":"1862-2976","issn":["1862-2976","1862-2984"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310313990","host_organization_name":"De Gruyter","host_organization_lineage":["https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Mathematical Cryptology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320322675","display_name":"Mitacs","ror":"https://ror.org/00cjrc276"},{"id":"https://openalex.org/F4320334593","display_name":"Natural Sciences and Engineering Research Council of Canada","ror":"https://ror.org/01h531d29"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4249580765","https://openalex.org/W1989920940","https://openalex.org/W2137442321","https://openalex.org/W2742285599","https://openalex.org/W2133497138","https://openalex.org/W2963341196","https://openalex.org/W950944387","https://openalex.org/W2075819216","https://openalex.org/W2962878639","https://openalex.org/W2074608236"],"abstract_inverted_index":{"Abstract.":[0],"Given":[1],"two":[2,93],"ordinary":[3],"elliptic":[4,95],"curves":[5,22],"over":[6],"a":[7,24,83,112,115],"finite":[8],"field":[9,177],"having":[10,166],"the":[11,21,64,98,121,159,172,175],"same":[12],"cardinality":[13,173],"and":[14,48,119],"endomorphism":[15],"ring,":[16],"it":[17],"is":[18,34,109],"known":[19,42],"that":[20,136],"admit":[23],"nonzero":[25,90],"isogeny":[26,33],"between":[27,92],"them,":[28],"but":[29],"finding":[30,130],"such":[31,94,147],"an":[32],"believed":[35],"to":[36,50,114],"be":[37,140],"computationally":[38],"difficult.":[39],"The":[40],"fastest":[41],"classical":[43,161],"algorithm":[44,56,87,108,128,162],"takes":[45],"exponential":[46],"time,":[47],"prior":[49],"our":[51],"work":[52],"no":[53,104],"faster":[54],"quantum":[55,86,127],"was":[57],"known.":[58],"Recently,":[59],"public-key":[60],"cryptosystems":[61,138,146],"based":[62,110],"on":[63,111],"presumed":[65],"hardness":[66],"of":[67,125,153,174],"this":[68,79,154],"problem":[69],"have":[70],"been":[71],"proposed":[72],"as":[73,148],"candidates":[74],"for":[75,88,129,163],"post-quantum":[76],"cryptography.":[77],"In":[78],"paper,":[80],"we":[81,156],"give":[82],"new":[84],"subexponential-time":[85],"constructing":[89],"isogenies":[91,165],"curves,":[96],"assuming":[97],"Generalized":[99],"Riemann":[100],"Hypothesis":[101],"(but":[102],"with":[103,142],"other":[105],"assumptions).":[106],"Our":[107],"reduction":[113],"hidden":[116,131],"shift":[117],"problem,":[118],"represents":[120],"first":[122,160],"nontrivial":[123],"application":[124],"Kuperberg's":[126],"shifts.":[132],"This":[133],"result":[134],"suggests":[135],"isogeny-based":[137],"may":[139],"uncompetitive":[141],"more":[143],"mainstream":[144],"quantum-resistant":[145],"lattice-based":[149],"cryptosystems.":[150],"As":[151],"part":[152],"work,":[155],"also":[157],"present":[158],"evaluating":[164],"provably":[167],"subexponential":[168],"running":[169],"time":[170],"in":[171],"base":[176],"under":[178],"GRH.":[179]},"counts_by_year":[{"year":2026,"cited_by_count":7},{"year":2025,"cited_by_count":17},{"year":2024,"cited_by_count":21},{"year":2023,"cited_by_count":26},{"year":2022,"cited_by_count":21},{"year":2021,"cited_by_count":19},{"year":2020,"cited_by_count":24},{"year":2019,"cited_by_count":22},{"year":2018,"cited_by_count":13},{"year":2017,"cited_by_count":10},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":2}],"updated_date":"2026-06-16T09:24:06.705377","created_date":"2016-06-24T00:00:00"}