Converting Cryptographic Schemes from Symmetric to Asymmetric Bilinear Groups

  • Masayuki Abe
  • Jens Groth
  • Miyako Ohkubo
  • Takeya Tango
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8616)


We propose a method to convert schemes designed over symmetric bilinear groups into schemes over asymmetric bilinear groups. The conversion assigns variables to one or both of the two source groups in asymmetric bilinear groups so that all original computations in the symmetric bilinear groups go through over asymmetric groups without having to compute isomorphisms between the source groups. Our approach is to represent dependencies among variables using a directed graph, and split it into two graphs so that variables associated to the nodes in each graph are assigned to one of the source groups. Though searching for the best split is cumbersome by hand, our graph-based approach allows us to automate the task with a simple program. With the help of the automated search, our conversion method is applied to several existing schemes including one that has been considered hard to convert.


Conversion Symmetric Bilinear Groups Asymmetric Bilinear Groups 


  1. 1.
    Abe, M., David, B., Kohlweiss, M., Nishimaki, R., Ohkubo, M.: Tagged one-time signatures: Tight security and optimal tag size. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 312–331. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  2. 2.
    Akinyele, J.A., Green, M., Hohenberger, S.: Using SMT solvers to automate design tasks for encryption and signature schemes. In: ACM CCS 2013, pp. 399–410 (2013)Google Scholar
  3. 3.
    Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. IACR ePrint Archive, 2013/400 (2013)Google Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM CCS 1993, pp. 62–73 (1993)Google Scholar
  5. 5.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Shacham, H.: Group signatures with verifier-local revocation. In: ACM CCS 2004, pp. 168–177 (2004)Google Scholar
  8. 8.
    Chatterjee, S., Hankerson, D., Knapp, E., Menezes, A.: Comparing two pairing-based aggregate signature schemes. DCC 2010 55(2-3), 141–167 (2010)MathSciNetzbMATHGoogle Scholar
  9. 9.
    Chatterjee, S., Menezes, A.: On cryptographic protocols employing asymmetric pairings - the role of psi revisited. IACR ePrint Archive, 2009/480 (2009)Google Scholar
  10. 10.
    Chatterjee, S., Menezes, A.: On cryptographic protocols employing asymmetric pairings - the role of revisited. Discrete Applied Math. 159(13), 1311–1322 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Chen, J., Lim, H.W., Ling, S., Wang, H., Wee, H.: Shorter IBE and signatures via asymmetric pairings. In: Abdalla, M., Lange, T. (eds.) Pairing 2012. LNCS, vol. 7708, pp. 122–140. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  12. 12.
    De Moura, L., Bjørner, N.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156(16), 3113–3121 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Göloglu, F., Granger, R., McGuire, G., Zumbrägel, J.: On the function field sieve and the impact of higher splitting probabilities: Application to discrete logarithms in f21971. IACR ePrint Archive, 2013/074 (2013)Google Scholar
  15. 15.
    Joux, A.: Faster index calculus for the medium prime case application to 1175-bit and 1425-bit finite fields. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 177–193. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  16. 16.
    Joux, A.: A new index calculus algorithm with complexity l(1/4+o(1)) in very small characteristic. IACR ePrint Archive, 2013/095 (2013)Google Scholar
  17. 17.
    Maurer, U.M.: Abstract models of computation in cryptography. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 1–12. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Menezes, A.: Asymmetric pairings. Invited Talk in ECC 2009 (2009),
  19. 19.
    Ramanna, S.C., Chatterjee, S., Sarkar, P.: Variants of waters’ dual-system primitives using asymmetric pairings. IACR ePrint Archive, 2012/024 (2012)Google Scholar
  20. 20.
    Ramanna, S.C., Chatterjee, S., Sarkar, P.: Variants of waters’ dual system primitives using asymmetric pairings. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 298–315. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  21. 21.
    Reingold, O., Trevisan, L., Vadhan, S.P.: Notions of reducibility between cryptographic primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  22. 22.
    Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  23. 23.
    Smart, N.P., Vercauteren, F.: On computable isomorphisms in efficient asymmetric pairing-based systems. Discrete Applied Mathematics 155(4), 538–547 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Waters, B.: Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2014

Authors and Affiliations

  • Masayuki Abe
    • 1
  • Jens Groth
    • 2
  • Miyako Ohkubo
    • 3
  • Takeya Tango
    • 4
  1. 1.NTT Secure Platform LaboratoriesJapan
  2. 2.University College LondonUK
  3. 3.Security Fundamentals Lab, NSRI, NICTJapan
  4. 4.Kyoto UniversityJapan

Personalised recommendations