One-Round Authenticated Group Key Exchange from Isogenies.

This paper proposes two one-round authenticated group key exchange protocols from newly employed cryptographic invariant maps (CIMs): one is secure in the quantum random oracle model and the other resists against maximum exposure where a non-trivial combination of secret keys is revealed. The security of the former (resp. latter) is proved under the n-way decisional (resp. n-way gap) Diffie–Hellman assumption on the CIMs in the quantum random (resp. random) oracle model.