Constructing Elliptic Curves with Prescribed Embedding Degrees
- Cite this paper as:
- Barreto P.S.L.M., Lynn B., Scott M. (2003) Constructing Elliptic Curves with Prescribed Embedding Degrees. In: Cimato S., Persiano G., Galdi C. (eds) Security in Communication Networks. SCN 2002. Lecture Notes in Computer Science, vol 2576. Springer, Berlin, Heidelberg
Pairing-based cryptosystems depend on the existence of groups where the Decision Diffie-Hellman problem is easy to solve, but the Computational Diffie-Hellman problem is hard. Such is the case of elliptic curve groups whose embedding degree is large enough to maintain a good security level, but small enough for arithmetic operations to be feasible. However, the embedding degree for most elliptic curves is enormous, and the few previously known suitable elliptic curves have embedding degree k ≤ 6. In this paper, we examine criteria for curves with larger k that generalize prior work by Miyaji et al. based on the properties of cyclotomic polynomials, and propose efficient representations for the underlying algebraic structures.
Unable to display preview. Download preview PDF.