Constructing Pairing-Friendly Elliptic Curves with Embedding Degree 10

  • David Freeman
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4076)


We present a general framework for constructing families of elliptic curves of prime order with prescribed embedding degree. We demonstrate this method by constructing curves with embedding degree k = 10, which solves an open problem posed by Boneh, Lynn, and Shacham [6]. We show that our framework incorporates existing constructions for k = 3, 4, 6, and 12, and we give evidence that the method is unlikely to produce infinite families of curves with embedding degree k > 12.


Elliptic Curve Elliptic Curf Prime Order Integer Solution Congruence Condition 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography. LMS Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (1999)zbMATHGoogle Scholar
  4. 4.
    Blake, I., Seroussi, G., Smart, N. (eds.): Advances in Elliptic Curve Cryptography. LMS Lecture Note Series, vol. 317. Cambridge University Press, Cambridge (2005)zbMATHGoogle Scholar
  5. 5.
    Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Brezing, F., Weng, A.: Elliptic curves suitable for pairing based cryptography. Designs, Codes, and Cryptography 37, 133–141 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Cocks, C., Pinch, R.G.E.: Identity-based cryptosystems based on the Weil pairing (unpublished manuscript, 2001)Google Scholar
  9. 9.
    Cornell, G., Silverman, J. (eds.): Arithmetic Geometry. Springer, New York (1986)zbMATHGoogle Scholar
  10. 10.
    Cui, S., Duan, P., Chan, C.W.: A new method of building more non-supersingular elliptic curves. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3481, pp. 657–664. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Freeman, D.: Constructing families of pairing-friendly elliptic curves. Hew-lett-Packard Laboratories technical report HPL-2005-155 (2005), Available at:
  12. 12.
    Galbraith, S., McKee, J., Valença, P.: Ordinary abelian varieties having small embedding degree. In: Cramer, R., Okamoto, T. (eds.) Proceedings of a Workshop on Mathematical Problems and Techniques in Cryptology, CRM Barcelona, pp. 29–45 (2005)Google Scholar
  13. 13.
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Luca, F., Shparlinski, I.: Elliptic curves with low embedding degree (preprint), Available at:
  15. 15.
    Matthews, K.: The diophantine equation x 2 − Dy 2 = N, D > 0, in integers. Expositiones Mathematicae 18, 323–331 (2000)zbMATHMathSciNetGoogle Scholar
  16. 16.
    Menezes, A., Okamoto, T., Vanstone, S.: Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory 39, 1639–1646 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Transactions on Fundamentals E84-A(5), 1234–1243 (2001)Google Scholar
  18. 18.
    Mollin, R.: Fundamental Number Theory with Applications. CRC Press, Boca Raton (1998)zbMATHGoogle Scholar
  19. 19.
    Morain, F.: Building cyclic elliptic curves modulo large primes. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 328–336. Springer, Heidelberg (1991)Google Scholar
  20. 20.
    Neukirch, J.: Algebraic Number Theory. Springer, Berlin (1999)zbMATHGoogle Scholar
  21. 21.
    Robertson, J.: Solving the generalized Pell equation (unpublished manuscript, 2004), Available at:
  22. 22.
    Scott, M.: Personal communication (November 7, 2005)Google Scholar
  23. 23.
    Silverman, J.: The Arithmetic of Elliptic Curves. GTM, vol. 106. Springer, Heidelberg (1986)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • David Freeman
    • 1
  1. 1.University of CaliforniaBerkeley

Personalised recommendations