Wouter Castryck and Thomas Decru recently broke SIDH.
From the abstract:
"We present an efficient key recovery attack on the Supersingular Isogeny Diffie-Hellman protocol (SIDH), based on a "glue-and-split" theorem due to Kani."
Related Kani’s work is:
Ernst Kani, The number of curves of genus two with elliptic differentials, Journal f ̈ur die
reine und angewandte Mathematik 485, pp. 93–121 (1997), available at https://www.mast.
I have two questions:
1- Does it mean the end of isogeny based cryptography?
2- Why so late? 1997 to 2022?