Faster \(\mathbb{F}_p\)-Arithmetic for Cryptographic Pairings on Barreto-Naehrig Curves

  • Junfeng Fan
  • Frederik Vercauteren
  • Ingrid Verbauwhede
Conference paper

DOI: 10.1007/978-3-642-04138-9_18

Volume 5747 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Fan J., Vercauteren F., Verbauwhede I. (2009) Faster $\mathbb{F}_p$-Arithmetic for Cryptographic Pairings on Barreto-Naehrig Curves. In: Clavier C., Gaj K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg

Abstract

This paper describes a new method to speed up \(\mathbb{F}_p\)-arithmetic for Barreto-Naehrig (BN) curves. We explore the characteristics of the modulus defined by BN curves and choose curve parameters such that \(\mathbb{F}_p\) multiplication becomes more efficient. The proposed algorithm uses Montgomery reduction in a polynomial ring combined with a coefficient reduction phase using a pseudo-Mersenne number. With this algorithm, the performance of pairings on BN curves can be significantly improved, resulting in a factor 5.4 speed-up compared with the state-of-the-art hardware implementations. Using this algorithm, we implemented a pairing processor in hardware, which runs at 204 MHz and finishes one ate and R-ate pairing computation over a 256-bit BN curve in 4.22 ms and 2.91 ms, respectively.

Keywords

PairingsBN curvesModular reduction
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Junfeng Fan
    • 1
  • Frederik Vercauteren
    • 1
  • Ingrid Verbauwhede
    • 1
  1. 1.ESAT/SCD-COSICKatholieke Universiteit Leuven and IBBTLeuven-HeverleeBelgium