Abstract
This paper describes a new method to speed up \(\mathbb{F}_p\)-arithmetic for Barreto-Naehrig (BN) curves. We explore the characteristics of the modulus defined by BN curves and choose curve parameters such that \(\mathbb{F}_p\) multiplication becomes more efficient. The proposed algorithm uses Montgomery reduction in a polynomial ring combined with a coefficient reduction phase using a pseudo-Mersenne number. With this algorithm, the performance of pairings on BN curves can be significantly improved, resulting in a factor 5.4 speed-up compared with the state-of-the-art hardware implementations. Using this algorithm, we implemented a pairing processor in hardware, which runs at 204 MHz and finishes one ate and R-ate pairing computation over a 256-bit BN curve in 4.22 ms and 2.91 ms, respectively.
This work was supported by research grants of Katholieke Universiteit Leuven (OT/06/40) and FWO projects (G.0300.07), by the IAP Programme P6/26 BCRYPT of the Belgian State (Belgian Science Policy), by the EU IST FP6 projects (ECRYPT) and by the IBBT-QoE project of the IBBT.
Chapter PDF
Similar content being viewed by others
References
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient Algorithms for Pairing-Based Cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–369. Springer, Heidelberg (2002)
Barrett, P.: Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 311–323. Springer, Heidelberg (1987)
Beuchat, J., Detrey, J., Estibals, N., Okamoto, E., RodrÃguez-HenrÃquez, F.: Hardware Accelerator for the Tate Pairing in Characteristic Three Based on Karatsuba-Ofman Multipliers. Cryptology ePrint Archive, Report 2009/122 (2009), http://eprint.iacr.org/
Chung, J., Hasan, M.A.: Low-Weight Polynomial Form Integers for Efficient Modular Multiplication. IEEE Trans. Comput. 56(1), 44–57 (2007)
Chung, J., Hasan, M.A.: Montgomery Reduction Algorithm for Modular Multiplication Using Low-Weight Polynomial Form Integers. In: ARITH 2007: Proceedings of the 18th IEEE Symposium on Computer Arithmetic, Washington, DC, USA, 2007, pp. 230–239. IEEE Computer Society Press, Los Alamitos (2007)
Dahab, R., Devegili, A., Ó’hÉigeartaigh, C., Scott, M.: Multiplication and Squaring on Pairing-Friendly Fields. Cryptology ePrint Archive, Report 2006/ /471, http://eprint.iacr.org
Devegili, A.J., Scott, M., Dahab, R.: Implementing Cryptographic Pairings over Barreto-Naehrig Curves. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 197–207. Springer, Heidelberg (2007)
Dhem, J.-F.: Design of an efficient public-key cryptographic library for RISC-based smart cards. PhD thesis, Universite catholique de Louvain, Louvain-la-Neuve, Belgium (1998)
Grabher, P., Großschädl, J., Page, D.: On Software Parallel Implementation of Cryptographic Pairings. In: Avanzi, R., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 35–50. Springer, Heidelberg (2008)
Hankerson, D., Menezes, A., Scott, M.: Software implementation of Pairings. In: Joye, M., Neven, G. (eds.) Identity-Based Cryptography (2008)
Hess, F., Smart, N.P., Vercauteren, F.: The Eta Pairing Revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006)
Kammler, D., Zhang, D., Schwabe, P., Scharwaechter, H., Langenberg, M., Auras, D., Ascheid, G., Leupers, R., Mathar, R., Meyr, H.: Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves. Cryptology ePrint Archive, Report 2009/056 (2009), http://eprint.iacr.org/
Lee, E., Lee, H.-S., Park, C.-M.: Efficient and Generalized Pairing Computation on Abelian Varieties. Cryptology ePrint Archive, Report 2009/040, http://eprint.iacr.org/
Miller, V.S.: Short Programs for Functions on Curves (unpublished manuscript) (1986), http://crypto.stanford.edu/miller/miller.pdf
Miller, V.S.: The Weil Pairing, and Its Efficient Calculation. Journal of Cryptology 17(4), 235–261 (2004)
Montgomery, P.: Modular Multiplication without Trial Division. Mathematics of Computation 44(170), 519–521 (1985)
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)
Shu, C., Kwon, S., Gaj, K.: FPGA Accelerated Tate Pairing Based Cryptosystems over Binary Fields. In: Proceedings of IEEE International Conference on Field Programmable Technology (FPT), pp. 173–180 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fan, J., Vercauteren, F., Verbauwhede, I. (2009). Faster \(\mathbb{F}_p\)-Arithmetic for Cryptographic Pairings on Barreto-Naehrig Curves. In: Clavier, C., Gaj, K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04138-9_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-04138-9_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04137-2
Online ISBN: 978-3-642-04138-9
eBook Packages: Computer ScienceComputer Science (R0)