Skip to main content
SpringerLink
Log in

PandA: Pairings and Arithmetic

  • Conference paper
Pairing-Based Cryptography – Pairing 2013 (Pairing 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8365))

Included in the following conference series:

Abstract

This paper introduces PandA, a software framework for Pairings and Arithmetic. It is designed to bring together advances in the efficient computation of cryptographic pairings and the development and implementation of pairing-based protocols. The intention behind the PandA framework is to give protocol designers and implementors easy access to a toolbox of all functions needed for implementing pairing-based cryptographic protocols, while making it possible to use state-of-the-art algorithms for pairing computation and group arithmetic. PandA offers an API in the C programming language and all arithmetic operations run in constant time to protect against timing attacks. The framework also makes it easy to consistently test and benchmark the lower level functions used in pairing-based protocols.

As an example of how easy it is to implement pairing-based protocols with PandA, we use Boneh-Lynn-Shacham (BLS) signatures. Our PandA-based implementation of BLS needs only 434640 cycles for signature generation and 5832584 cycles for signature verification on one core of an Intel i5-3210M CPU. This includes full protection against timing attacks and compression of public keys and signatures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Adj, G., Menezes, A., Oliveira, T., Rodríguez-Henríquez, F.: Weakness of \(\mbox{${\mathbb F}$}_{3^{6 \cdot 509}}\) for discrete logarithm cryptography (2013), http://eprint.iacr.org/2013/446/

  2. Adj, G., Rodríguez-Henríquez, F.: Square root computation over even extension fields (2012), http://eprint.iacr.org/

  3. Akinyele, J.A., Garman, C., Miers, I., Pagano, M.W., Rushanan, M., Green, M., Rubin, A.D.: Charm: a framework for rapidly prototyping cryptosystems. Journal of Cryptographic Engineering, 3(2):111–128 (2013), http://eprint.iacr.org/2011/617/

    Google Scholar 

  4. Aranha, D.F., Gouvêa, C.P.L.: RELIC is an Efficient LIbrary for Cryptography, http://code.google.com/p/relic-toolkit/ (accessed November 5, 2013).

  5. Aranha, D.F., Karabina, K., Longa, P., Gebotys, C.H., López, J.: Faster explicit formulas for computing pairings over ordinary curves. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 48–68. Springer, Heidelberg (2011), http://eprint.iacr.org/2010/526/

  6. Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic (2013), http://eprint.iacr.org/2013/400/

  7. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient Algorithms for Pairing-Based Cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002), http://eprint.iacr.org/2002/008

  8. Barreto, P.S.L.M., Naehrig, M.: Pairing-Friendly Elliptic Curves of Prime Order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006), http://cryptosith.org/papers/#bn

  9. Barrett, P.: Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 311–323. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  10. Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable Proofs and Delegatable Anonymous Credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009), http://research.microsoft.com/pubs/122759/anoncred.pdf

  11. Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted Edwards Curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389–405. Springer, Heidelberg (2008), http://cr.yp.to/papers.html#twisted

  12. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-Speed High-Security Signatures. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 124–142. Springer, Heidelberg (2011) see also full version [13]

    Google Scholar 

  13. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. Journal of Cryptographic Engineering 2(2), 77–89 (2012), http://cryptojedi.org/papers/#ed25519 , see also short version [12]

    Google Scholar 

  14. Bernstein, D.J., Lange, T.: eBACS: ECRYPT benchmarking of cryptographic systems, http://bench.cr.yp.to (accessed August 15, 2013)

  15. Bernstein, D.J., Lange, T.: Faster Addition and Doubling on Elliptic Curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007), http://cr.yp.to/papers.html#newelliptic

  16. Bernstein, D.J., Lange, T., Schwabe, P.: The Security Impact of a New Cryptographic Library. In: Hevia, A., Neven, G. (eds.) LatinCrypt 2012. LNCS, vol. 7533, pp. 159–176. Springer, Heidelberg (2012), http://cryptojedi.org/papers/#coolnacl

  17. Beuchat, J.-L., Díaz, J.E.G., Mitsunari, S., Okamoto, E., Rodríguez-Henríquez, F., Teruya, T.: High-speed software implementation of the optimal ate pairing over Barreto-Naehrig curves (2010), http://eprint.iacr.org/2010/354/

  18. Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001), http://www.iacr.org/archive/crypto2001/21390212.pdf

    Chapter  Google Scholar 

  19. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. Journal of Cryptology 17(4), 297–319 (2004), http://crypto.stanford.edu/~dabo/pubs/papers/weilsigs.ps

    Article  MATH  MathSciNet  Google Scholar 

  20. Bos, J.W., Costello, C., Naehrig, M.: Exponentiating in pairing groups. In: Selected Areas in Cryptography – SAC 2013. LNCS (to appear, 2013), http://cryptosith.org/papers/#exppair

  21. Bosma, W., Lenstra, H.W.: Complete systems of two addition laws for elliptic curves. Journal of Number Theory 53, 229–240 (1995), http://www.math.ru.nl/~bosma/pubs/JNT1995.pdf

    Article  MATH  MathSciNet  Google Scholar 

  22. Brumley, B.B., Tuveri, N.: Remote timing attacks are still practical. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 355–371. Springer, Heidelberg (2011), http://eprint.iacr.org/2011/232/

  23. Certivox. MIRACL Cryptographic SDK, http://www.certivox.com/miracl

  24. Chatterjee, S., Menezes, A.: On cryptographic protocols employing asymmetric pairings – the role of ψ revisited. Discrete Applied Mathematics 159, 1311–1322 (2011), http://eprint.iacr.org/2009/480/

    Article  MATH  MathSciNet  Google Scholar 

  25. de Rooij, P.: Efficient exponentiation using precomputation and vector addition chains. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 389–399. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  26. Fardan, N.J.A., Paterson, K.G.: Lucky thirteen: Breaking the TLS and DTLS record protocols. In: 2013 IEEE Symposium on Security and Privacy, pp. 526–540. IEEE Computer Society (2013), www.isg.rhul.ac.uk/tls/TLStiming.pdf

  27. Fouque, P.-A., Tibouchi, M.: Indifferentiable hashing to barreto–naehrig curves. In: Hevia, A., Neven, G. (eds.) LatinCrypt 2012. LNCS, vol. 7533, pp. 1–17. Springer, Heidelberg (2012), www.di.ens.fr/~fouque/pub/latincrypt12.pdf

    Chapter  Google Scholar 

  28. Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. Journal of Cryptology 23(2), 224–280 (2010), http://eprint.iacr.org/2006/372/

    Article  MATH  MathSciNet  Google Scholar 

  29. Gentry, C., Silverberg, A.: Hierarchical ID-Based Cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002), http://www.cs.ucdavis.edu/~franklin/ecs228/pubs/extra_pubs/hibe.pdf

    Chapter  Google Scholar 

  30. The GNU MP library, http://gmplib.org/ (accessed November 02, 2013)

  31. Göloğlu, F., Granger, R., McGuire, G., Zumbrägel, J.: Solving a 6120-bit DLP on a desktop computer. In: Selected Areas in Cryptography. LNCS. Springer (to appear, 2013), http://eprint.iacr.org/2013/306

  32. Granger, R., Page, D., Stam, M.: On small characteristic algebraic tori in pairing-based cryptography, p. 132 (2004), http://eprint.iacr.org/2004/132

  33. Granger, R., Scott, M.: Faster Squaring in the Cyclotomic Subgroup of Sixth Degree Extensions. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 209–223. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  34. Groth, J.: Short Pairing-Based Non-interactive Zero-Knowledge Arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010), http://www.cs.ucl.ac.uk/staff/J.Groth/ShortNIZK.pdf

    Chapter  Google Scholar 

  35. Groth, J., Sahai, A.: Efficient noninteractive proof systems for bilinear groups. SIAM J. Comput. 41(5), 1193–1232 (2012), http://www0.cs.ucl.ac.uk/staff/J.Groth/WImoduleFull.pdf

    Article  MATH  MathSciNet  Google Scholar 

  36. Hess, F., Smart, N.P., Vercauteren, F.: The eta pairing revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006), http://eprint.iacr.org/2006/110

    Article  MATH  MathSciNet  Google Scholar 

  37. Hışıl, H.: Elliptic Curves, Group Law, and Efficient Computation. PhD thesis, Queensland University of Technology (2010), http://eprints.qut.edu.au/33233/

  38. Horwitz, J., Lynn, B.: Toward Hierarchical Identity-Based Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002), http://theory.stanford.edu/~horwitz/pubs/hibe.pdf

    Chapter  Google Scholar 

  39. Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–393. Springer, Heidelberg (2000), cgi.di.uoa.gr/~aggelos/crypto/page4/assets/joux-tripartite.pdf

  40. Joux, A.: A one round protocol for tripartite Diffie-Hellman. Journal of Cryptology, 17(4):263–276 (2004)

    Google Scholar 

  41. Joux, A.: A new index calculus algorithm with complexity L(1/4 + o(1)) in very small characteristic. In: SAC 2013. LNCS. Springer (invited paper) (to appear, 2013), http://eprint.iacr.org/2013/095/

  42. Lynn, B.: PBC library – the pairing-based cryptography library, http://crypto.stanford.edu/pbc/ (accessed November 05, 2013).

  43. Mitsunari, S.: A fast implementation of the optimal ate pairing over BN curve on Intel Haswell processor (2013), http://eprint.iacr.org/2013/362/

  44. Naehrig, M., Barreto, P.S.L.M., Schwabe, P.: On Compressible Pairings and Their Computation. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 371–388. Springer, Heidelberg (2008), http://eprint.iacr.org/2007/429/

  45. Naehrig, M., Niederhagen, R., Schwabe, P.: New Software Speed Records for Cryptographic Pairings. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 109–123. Springer, Heidelberg (2010), http://cryptojedi.org/users/peter/#dclxvi

  46. Ohgishi, K., Sakai, R., Kasahara, M.: Notes on ID-based key sharing systems over elliptic curve (in Japanese). Technical Report ISEC99-57, IEICE (1999)

    Google Scholar 

  47. Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006), http://eprint.iacr.org/2005/271/

    Chapter  Google Scholar 

  48. Parno, B., Gentry, C., Howell, J., Raykova, M.: Pinocchio: Nearly practical verifiable computation. In: Proceedings of the IEEE Symposium on Security and Privacy. IEEE (2013), http://eprint.iacr.org/2013/279

  49. Pereira, G.C.C.F., Simplício Jr., M.A., Naehrig, M., Barreto, P.S.L.M.: A family of implementation-friendly BN elliptic curves. Journal of Systems and Software 84(8), 1319–1326 (2011), http://cryptojedi.org/papers/#fast-bn

    Article  Google Scholar 

  50. Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005), http://eprint.iacr.org/2004/086/

    Chapter  Google Scholar 

  51. Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan, pp. 135–148 (2000)

    Google Scholar 

  52. Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing over elliptic curve (in Japanese). In: The 2001 Symposium on Cryptography and Information Security, Oiso, Japan, pp. 23–26 (2001)

    Google Scholar 

  53. Sánchez, A.H., Rodríguez-Henríquez, F.: NEON Implementation of an Attribute-Based Encryption Scheme. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 322–338. Springer, Heidelberg (2013), http://cacr.uwaterloo.ca/techreports/2013/cacr2013-07.pdf

  54. Scott, M.: On the efficient implementation of pairing-based protocols. In: Chen, L. (ed.) IMACC 2011. LNCS, vol. 7089, pp. 296–308. Springer, Heidelberg (2011), http://eprint.iacr.org/2011/334/

  55. Scott, M., Barreto, P.S.L.M.: Compressed Pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  56. Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L.J., Kachisa, E.J.: On the Final Exponentiation for Calculating Pairings on Ordinary Elliptic Curves. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 78–88. Springer, Heidelberg (2009), eprint.iacr.org/2008/490/

  57. Shallue, A., van de Woestijne, C.E.: Construction of Rational Points on Elliptic Curves over Finite Fields. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 510–524. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  58. Stam, M., Lenstra, A.K.: Efficient subgroup exponentiation in quadratic and sixth degree extensions. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 318–332. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  59. Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. Journal of Cryptology 23(1), 37–71 (2010), http://people.csail.mit.edu/tromer/papers/cache-joc-official.pdf

    Article  MATH  MathSciNet  Google Scholar 

  60. Vercauteren, F.: Optimal pairings. IEEE Transactions on Information Theory 56(1) (2010), http://www.cosic.esat.kuleuven.be/publications/article-1039.pdf

  61. Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, L3 cache side-channel attack (2013), http://eprint.iacr.org/2013/448/

Download references

Author information

Authors and Affiliations

  1. Technische Universiteit Eindhoven, The Netherlands

    Chitchanok Chuengsatiansup

  2. Microsoft Research, USA

    Michael Naehrig

  3. Ss. Cyril and Methodius University in Skopje, Macedonia

    Pance Ribarski

  4. Radboud University Nijmegen, The Netherlands

    Peter Schwabe

Authors
  1. Chitchanok Chuengsatiansup
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Naehrig
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pance Ribarski
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peter Schwabe
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, No. 800, Dongchuan Road, 200240, Shanghai, China

    Zhenfu Cao

  2. School of Information Science and Technology, Sun Yat-sen University, No. 135, Xingang Xi Road, 510275, Guangzhou, China

    Fangguo Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Chuengsatiansup, C., Naehrig, M., Ribarski, P., Schwabe, P. (2014). PandA: Pairings and Arithmetic. In: Cao, Z., Zhang, F. (eds) Pairing-Based Cryptography – Pairing 2013. Pairing 2013. Lecture Notes in Computer Science, vol 8365. Springer, Cham. https://doi.org/10.1007/978-3-319-04873-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04873-4_14

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04872-7

  • Online ISBN: 978-3-319-04873-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation