Faster Pairings on Special Weierstrass Curves

  • Craig Costello
  • Huseyin Hisil
  • Colin Boyd
  • Juan Gonzalez Nieto
  • Kenneth Koon-Ho Wong
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5671)

Abstract

This paper presents efficient formulas for computing cryptographic pairings on the curve y2 = cx3 + 1 over fields of large characteristic. We provide examples of pairing-friendly elliptic curves of this form which are of interest for efficient pairing implementations.

Keywords

Tate pairing Miller’s algorithm elliptic curves 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arène, C., Lange, T., Naehrig, M., Ritzenthaler, C.: Faster pairing computation. Cryptology ePrint Archive, Report 2009/155 (2009), http://eprint.iacr.org/2009/155
  2. 2.
    Barreto, P.S.L.M., Galbraith, S.D., Ó’ Héigeartaigh, C., Scott, M.: Efficient pairing computation on supersingular Abelian varieties. Cryptology ePrint Archive, Report 2004/375 (2004), http://eprint.iacr.org/2004/375
  3. 3.
    Barreto, P.S.L.M., Galbraith, S.D., Ó’ Héigeartaigh, C., Scott, M.: Efficient pairing computation on supersingular Abelian varieties. Des. Codes Cryptography 42(3), 239–271 (2007)MathSciNetCrossRefMATHGoogle Scholar
  4. 4.
    Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–369. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Barreto, P.S.L.M., Lynn, B., Scott, M.: Efficient implementation of pairing-based cryptosystems. Journal of Cryptology 17(4), 321–334 (2004)MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Barreto, P.S.L.M., Lynn, B., Scott, M.: On the selection of pairing-friendly groups. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 17–25. Springer, Heidelberg (2004)Google Scholar
  8. 8.
    Barreto, P.S., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Bernstein, D.J., Lange, T.: Explicit-formulas database, http://www.hyperelliptic.org/EFD
  10. 10.
    Brezing, F., Weng, A.: Elliptic curves suitable for pairing based cryptography. Des. Codes Cryptography 37(1), 133–141 (2005)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)MathSciNetCrossRefMATHGoogle Scholar
  12. 12.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. Journal of Cryptology 17(4), 297–319 (2004)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Cohen, H., Miyaji, A., Ono, T.: Efficient elliptic curve exponentiation using mixed coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  14. 14.
    Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. Cryptology ePrint Archive, Report 2006/372 (2006), http://eprint.iacr.org/2006/372
  15. 15.
    Galbraith, S.D.: Pairings. London Mathematics Society Lecture Note Series, vol. 317, pp. 183–213. Cambridge University Press, Cambridge (2005)Google Scholar
  16. 16.
    Galbraith, S.D., Scott, M.: Exponentiation in pairing-friendly groups using homomorphisms. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 211–224. Springer, Heidelberg (2008)Google Scholar
  17. 17.
    Hess, F., Smart, N.P., Vercauteren, F.: The Eta pairing revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006)MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. Journal of Cryptology 17(4), 263–276 (2004)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Kachisa, E.J., Schaefer, E.F., Scott, M.: Constructing Brezing-Weng pairing-friendly elliptic curves using elements in the cyclotomic field. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 126–135. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Koblitz, N., Menezes, A.: Pairing-based cryptography at high security levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Lee, E., Lee, H.S., Park, C.M.: Efficient and generalized pairing computation on Abelian varieties. Cryptology ePrint Archive, Report 2008/040 (2008), http://eprint.iacr.org/2008/040
  22. 22.
    Matsuda, S., Kanayama, N., Hess, F., Okamoto, E.: Optimised versions of the Ate and twisted Ate pairings. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 302–312. Springer, Heidelberg (2007), http://eprint.iacr.org/2007/013 CrossRefGoogle Scholar
  23. 23.
    Miller, V.S.: The Weil pairing, and its efficient calculation. Journal of Cryptology 17(4), 235–261 (2004)MathSciNetCrossRefMATHGoogle Scholar
  24. 24.
    Monagan, M., Pearce, R.: Rational simplification modulo a polynomial ideal. In: ISSAC 2006, pp. 239–245. ACM, New York (2006)Google Scholar
  25. 25.
    Perez, L.J.D., Kachisa, E.J., Scott, M.: Implementing cryptographic pairings: a MAGMA tutorial. Cryptology ePrint Archive, Report 2009/072 (2009), http://eprint.iacr.org/2009/072
  26. 26.
    Scott, M.: Faster identity based encryption. Electronics Letters 40(14), 861–862 (2004)CrossRefGoogle Scholar
  27. 27.
    Scott, M.: Faster pairings using an elliptic curve with an efficient endomorphism. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 258–269. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  28. 28.
    Scott, M., Benger, N., Charlemagne, M., Perez, L.J.D., Kachisa, E.J.: Fast hashing to G2 on pairing friendly curves. Cryptology ePrint Archive, Report 2008/530 (2008), http://eprint.iacr.org/2008/530
  29. 29.
    Vercauteren, F.: Optimal pairings. Cryptology ePrint Archive, Report 2008/096 (2008), http://eprint.iacr.org/2008/096
  30. 30.
    Zhao, C.A., Zhang, F., Huang, J.: A note on the Ate pairing. Cryptology ePrint Archive, Report 2007/247 (2007), http://eprint.iacr.org/2007/247

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Craig Costello
    • 1
  • Huseyin Hisil
    • 1
  • Colin Boyd
    • 1
  • Juan Gonzalez Nieto
    • 1
  • Kenneth Koon-Ho Wong
    • 1
  1. 1.Information Security InstituteQueensland University of TechnologyBrisbaneAustralia

Personalised recommendations