**tldr:**

1. Server does the SIDH key-exchange, but reuses its key. We are also given an oracle on the correctness of the agreement.

2. Known adaptive attack described in [https://eprint.iacr.org/2016/859](https://eprint.iacr.org/2016/859)

3. Account for Bob (server) having a 3^n-isogeny (Remark 2 in the paper).

**full writeup:** [https://sectt.github.io/writeups/Plaid20/crypto_sidhe/README](https://sectt.github.io/writeups/Plaid20/crypto_sidhe/README)

Original writeup (https://sectt.github.io/writeups/Plaid20/crypto_sidhe/README).