Abstract
Eta pairing on a supersingular elliptic curve over the binary field \(F_{2^{1223}}\) used to offer 128-bit security, and has been studied extensively for efficient implementations. In this paper, we report our GPU-based implementations of this algorithm on an NVIDIA Tesla C2050 platform. We propose efficient parallel implementation strategies for multiplication, square, square root and inverse in the underlying field. Our implementations achieve the best performance when López-Dahab multiplication with four-bit precomputations is used in conjunction with one-level Karatsuba multiplication. We have been able to compute up to 566 eta pairings per second. To the best of our knowledge, ours is the fastest GPU-based implementation of eta pairing. It is about twice as fast as the only reported GPU implementation, and about five times as fast as the fastest reported single-core SIMD implementation. We estimate that the NVIDIA GTX 480 platform is capable of producing the fastest known software implementation of eta pairing.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adikari, J., Hasan, M.A., Negre, C.: Towards faster and greener cryptoprocessor for eta pairing on supersingular elliptic curve over \({\rm I\!F}_{2^{1223}}\). In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 166–183. Springer, Heidelberg (2013)
Aranha, D.F., Beuchat, J.-L., Detrey, J., Estibals, N.: Optimal eta pairing on supersingular genus-2 binary hyperelliptic curves. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 98–115. Springer, Heidelberg (2012)
Aranha, D.F., López, J., Hankerson, D.: High-speed parallel software implementation of the η T pairing. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 89–105. Springer, Heidelberg (2010)
Barreto, P.S.L.M., Galbraith, S., hÉigeartaigh, C.O., Scott, M.: Efficient pairing computation on supersingular Abelian varieties. Designs, Codes and Cryptography, 239–271 (2004)
Beuchat, J.-L., López-Trejo, E., Martínez-Ramos, L., Mitsunari, S., Rodríguez-Henríquez, F.: Multi-core implementation of the tate pairing over supersingular elliptic curves. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 413–432. Springer, Heidelberg (2009)
Blake, I., Seroussi, G., Smart, N.: Elliptic curves in cryptography. London Mathematical Society, vol. 265. Cambridge University Press (1999)
Fan, J., Vercauteren, F., Verbauwhede, I.: Efficient hardware implementation of \({\rm I\!F}_p\)-arithmetic for pairing-friendly curves. IEEE Transactions on Computers 61(5), 676–685 (2012)
Fung, W.W.L., Sham, I., Yuan, G., Aamodt, T.M.: Dynamic warp formation and scheduling for efficient GPU control flow. Micro 40, 407–420 (2007)
Ghosh, S., Roychowdhury, D., Das, A.: High speed cryptoprocessor for η T pairing on 128-bit secure supersingular elliptic curves over characteristic two fields. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 442–458. Springer, Heidelberg (2011)
Glaskowsky, P.: NVIDIA’s Fermi: The first complete GPU computing architecture. White paper, NVIDIA Corporation (2009)
Hankerson, D., Menezes, A., Scott, M.: Software implementation of pairings. In: Cryptology and Information Security Series, vol. 2, pp. 188–206. IOS Press (2009)
Hankerson, D., Menezes, A., Vanstone, S.: Guide to elliptic curve cryptography. Springer (2004)
Joux, A.: A new index calculus algorithm with complexity L(1/4 + o(1)) in very small characteristic. Cryptology ePrint Archive, Report 2013/095 (2013), http://eprint.iacr.org/2013/095
Karatsuba, A., Ofman, Y.: Multiplication of many-digital numbers by automatic computers. Doklady Akad. Nauk. SSSR 145, 293–294 (1962)
Katoh, Y., Huang, Y.-J., Cheng, C.-M., Takagi, T.: Efficient implementation of the η T pairing on GPU. Cryptology ePrint Archive, Report 2011/540 (2011), http://eprint.iacr.org/2011/540
López, J., Dahab, R.: High-speed software multiplication in f2m. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 203–212. Springer, Heidelberg (2000)
NVIDIA Corporation, CUDA: Compute unified device architecture programming guide. Technical Report, NVIDIA (2007)
Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L.J., Kachisa, E.J.: On the final exponentiation for calculating pairings on ordinary elliptic curves. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 78–88. Springer, Heidelberg (2009)
Shinohara, N., Shimoyama, T., Hayashi, T., Takagi, T.: Key length estimation of pairing-based cryptosystems using η T pairing. Cryptology ePrint Archive, Report 2012/042 (2012), http://eprint.iacr.org/2012/042
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bose, U., Bhattacharya, A.K., Das, A. (2013). GPU-Based Implementation of 128-Bit Secure Eta Pairing over a Binary Field. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds) Progress in Cryptology – AFRICACRYPT 2013. AFRICACRYPT 2013. Lecture Notes in Computer Science, vol 7918. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38553-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-38553-7_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38552-0
Online ISBN: 978-3-642-38553-7
eBook Packages: Computer ScienceComputer Science (R0)