Advertisement

Pairing Computation on Elliptic Curves with Efficiently Computable Endomorphism and Small Embedding Degree

  • Sorina Ionica
  • Antoine Joux
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6487)

Abstract

Scott uses an efficiently computable isomorphism in order to optimize pairing computation on a particular class of curves with embedding degree 2. He points out that pairing implementation becomes thus faster on these curves than on their supersingular equivalent, originally recommended by Boneh and Franklin for Identity Based Encryption. We extend Scott’s method to other classes of curves with small embedding degree and efficiently computable endomorphism.

Keywords

Elliptic Curve Elliptic Curf Security Level Bilinear Pairing Pairing Computation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arène, C., Lange, T., Naehrig, M., Ritzenthaler, C.: Faster computation of the Tate pairing, http://eprint.iacr.org/2009/155
  2. 2.
    Barreto, P., Galbraith, S., Héigeartaigh, C., Scott, M.: Efficient Pairing Computation on Supersingular Abelian Varieties. Des. Codes Cryptography 42(3), 239–271 (2007)zbMATHCrossRefGoogle Scholar
  3. 3.
    Bernstein, D.: Integer multiplication benchmarks, http://cr.yp.to/speed/mult/gmp.html
  4. 4.
    Blake, I.F., Seroussi, G., Smart, N.P.: Advances in Elliptic Curve Cryptography. London Mathematical Society Lecture Note Series, vol. 317. Cambridge University Press, Cambridge (2005)zbMATHGoogle Scholar
  5. 5.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Costello, C., Lange, T., Naehrig, M.: Faster Pairing Computations on Curves with High-Degree Twists. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 224–242. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. Journal of Cryptology 23, 224–280 (2010)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Granger, R., Hess, F., Oyono, R., Thériault, N., Vercauteren, F.: Ate pairing on hyperelliptic curves. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 430–447. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Hartshorne, R.: Algebraic geometry. Graduate Texts in Mathematics, vol. 52. Springer, Heidelberg (1977)zbMATHGoogle Scholar
  12. 12.
    Hess, F.: A note on the Tate pairing of curves over finite fields. Arch. Math. 82, 28–32 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Hess, F., Smart, N.P., Vercauteren, F.: The Eta pairing revisited. IEEE Transactions on Information Theory 52, 4595–4602 (2006)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Ionica, S., Joux, A.: Another approach to pairing computation in Edwards coordinates. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 400–413. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. Journal of Cryptology 17(4), 263–276 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Joux, A., Lercier, R.: The function field sieve in the medium prime case. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 254–270. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Joux, A., Lercier, R., Smart, N., Vercauteren, F.: The number field sieve in the medium prime case. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 326–344. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Koblitz, N., Menezes, A.: Pairing-based cryptography at high security levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    MAGMA Computational Algebra System. MAGMA version V2.16-5 (2010), http://magma.maths.usyd.edu.au/magma
  20. 20.
    Miller, V.: The Weil pairing, and its efficient calculation. Journal of Cryptology 17(4), 235–261 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Okamoto, T., Menezes, A., Vanstone, S.A.: Reducing elliptic curve logarithms to logarithms in the finite field. In: Proceedings 23rd Annual ACM Symposium on Theory of Computing (STOC), pp. 80–89. ACM Press, New York (1991)Google Scholar
  22. 22.
    Pollard, J.: Monte Carlo methods for index computation (mod p). Mathematics of Computation (32), 918–924 (1978)Google Scholar
  23. 23.
    Scott, M.: Faster pairings using an elliptic curve with an efficient endomorphism. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 258–269. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Silverman, J.H.: The Arithmetic of Elliptic Curves. Graduate Texts in Mathematics, vol. 106. Springer, Heidelberg (1986)zbMATHGoogle Scholar
  25. 25.
    van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. Journal of Cryptology (12), 1–18 (1999)Google Scholar
  26. 26.
    Vélu, J.: Isogenies entre courbes elliptiques. Comptes Rendus De Academie Des Sciences Paris, Serie I-Mathematique, Serie A 273, 238–241 (1971)zbMATHGoogle Scholar
  27. 27.
    Vercauteren, F.: Optimal pairings. IEEE Transactions on Information Theory (2009) (to appear)Google Scholar
  28. 28.
    Verheul, E.R.: Evidence that XTR is more secure than supersingular elliptic curve cryptosystems. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 195–201. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  29. 29.
    Zhao, C., Xie, D., Zhang, F., Zhang, J., Chen, B.: Computing the Bilinear Pairings on Elliptic Curves with Automorphisms. Designes, Codes and Cryptography (to appear)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Sorina Ionica
    • 2
  • Antoine Joux
    • 1
    • 2
  1. 1.Université de Versailles Saint-Quentin-en-YvelinesVersailles CEDEXFrance
  2. 2.DGA 

Personalised recommendations