tldr:

1. Server does the SIDH key-exchange, but reuses its key. We are also given an oracle on the correctness of the agreement.

2. Known adaptive attack described in https://eprint.iacr.org/2016/859

3. Account for Bob (server) having a 3^n-isogeny (Remark 2 in the paper).

full writeup: https://sectt.github.io/writeups/Plaid20/crypto_sidhe/README

Original writeup (https://sectt.github.io/writeups/Plaid20/crypto_sidhe/README).