Designs, Codes and Cryptography

, Volume 42, Issue 3, pp 239–271

Efficient pairing computation on supersingular Abelian varieties

  • Paulo S. L. M. Barreto
  • Steven D. Galbraith
  • Colm Ó’ hÉigeartaigh
  • Michael Scott
Article

DOI: 10.1007/s10623-006-9033-6

Cite this article as:
Barreto, P.S.L.M., Galbraith, S.D., hÉigeartaigh, C.Ó. et al. Des Codes Crypt (2007) 42: 239. doi:10.1007/s10623-006-9033-6

Abstract

We present a general technique for the efficient computation of pairings on Jacobians of supersingular curves. This formulation, which we call the eta pairing, generalizes results of Duursma and Lee for computing the Tate pairing on supersingular elliptic curves in characteristic 3. We then show how our general technique leads to a new algorithm which is about twice as fast as the Duursma–Lee method. These ideas are applied to elliptic and hyperelliptic curves in characteristic 2 with very efficient results. In particular, the hyperelliptic case is faster than all previously known pairing algorithms.

Keywords

Tate pairingSupersingular curvesPairing-based cryptosystemsEfficient algorithms

AMS Classification

14G5014Q0511G2094A6011T71

Copyright information

© Springer Science+Business Media, LLC 2007

Authors and Affiliations

  • Paulo S. L. M. Barreto
    • 1
  • Steven D. Galbraith
    • 2
  • Colm Ó’ hÉigeartaigh
    • 3
  • Michael Scott
    • 3
  1. 1.Department of Computing and Digital Systems Engineering, Escola PolitécnicaUniversidade de São PauloSão Paulo (SP)Brazil
  2. 2.Mathematics DepartmentRoyal Holloway University of LondonEgham, SurreyUK
  3. 3.School of ComputingDublin City UniversityDublin 9Ireland