Abstract
Nearly all of public-key cryptosystems that are being used for real-world applications are not
secure against quantum adversaries. With the fast-track development of quantum computers
over the last few years there is an ever growing need to develop new cryptosystems that are
believed to be resistant to quantum adversaries. The field of post-quantum cryptography aims
to explore the construction and security of these cryptographic systems and has gained attraction
over the last few years.
Among the various known approaches for constructing post-quantum cryptosystems is one
based on isogenies between elliptic curves. The fundamental idea is that the problem of finding
an isogeny between two elliptic curves is believed to be hard for both classical and quantum
adversaries. Isogeny-based cryptosystems attain their security assuming the hardness of such
isogeny problems. Certain cryptosystems require a more constrained isogeny problem in order
to prove their security. These constrained problems are tasked to find an isogeny that has some
additional structure. We note that some of these constrained problems have proved detrimental
to the longevity of certain cryptosystems.
In this thesis we identify cryptographic protocols that either do not have an instantiations
based on isogenies or could do with an improvement. This not only includes novel constructions
of advanced protocols but also includes contributing to parameter generation of existing
protocols. In particular we demonstrate novel constructions of a commitment scheme and an
updatable public-key encryption scheme. We prove the security of these constructions based on
either well studied isogeny problems that are believed to be hard or based on novel well motivated
assumptions. Additionally, we explore new techniques for parameters for the isogeny-based
signature scheme SQISign through the problem of constructing twin-smooth integers. This is
a fundamental problem to study when searching for suitable parameters. To date, existing
SQISign parameters only attain 128 bits of classical security. With our techniques, we are able
to find parameters that attain 192 and 256 bits of classical security