High Security Pairing-Based Cryptography Revisited

  • R. Granger
  • D. Page
  • N. P. Smart
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4076)


The security and performance of pairing based cryptography has provoked a large volume of research, in part because of the exciting new cryptographic schemes that it underpins. We re-examine how one should implement pairings over ordinary elliptic curves for various practical levels of security. We conclude, contrary to prior work, that the Tate pairing is more efficient than the Weil pairing for all such security levels. This is achieved by using efficient exponentiation techniques in the cyclotomic subgroup backed by efficient squaring routines within the same subgroup.


Elliptic Curve Elliptic Curf Security Level Operation Count High Security Level 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Avanzi, R.M.: On Multi-exponentiation in Cryptography. In: Cryptology ePrint Archive, Report 2002/154 (2002)Google Scholar
  2. 2.
    Avanzi, R.M., Mihailescu, P.: Generic efficient arithmetic algorithms for PAFFs (Processor Adequate Finite Fields) and related algebraic structures. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 320–334. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic Curves in Cryptography. Cambridge University Press, Cambridge (1999)MATHGoogle Scholar
  5. 5.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM Journal of Computing 32, 586–615 (2003)MATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Brezing, F., Weng, A.: Elliptic Curves Suitable for Pairing Based Cryptography. Designs, Codes and Cryptography 37, 133–141 (2005)MATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Cheng, M., Chen, L., Malone-Lee, J., Smart, N.P.: An Efficient ID-KEM Based On The Sakai-Kasahara Key Construction (to appear, 2006)Google Scholar
  8. 8.
    van Dijk, M., Granger, R., Page, D., Rubin, K., Silverberg, A., Stam, M., Woodruff, D.: Practical cryptography in high dimensional tori. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 234–250. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Granger, R., Page, D., Stam, M.: A Comparison of CEILIDH and XTR. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 235–249. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Koblitz, N., Menezes, A.: Pairing-based Cryptography at High Security Levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Lenstra, A.K., Verheul, E.: The XTR Public Key System. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 1–19. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Lim, S., Kim, S., Yie, I., Kim, J., Lee, H.: XTR extended to GF(p6m). In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 301–312. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Scott, M., Barreto, P.S.L.M.: Compressed Pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004)Google Scholar
  14. 14.
    Stam, M.: Speeding up Subgroup Cryptosystems. PhD Thesis, T.U. Eindhoven (2003)Google Scholar
  15. 15.
    Stam, M., Lenstra, A.: Efficient Subgroup Exponentiation in Quadratic and Sixth Degree Extensions. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 318–332. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Stam, M., Lenstra, A.K.: Speeding Up XTR. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 125–143. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • R. Granger
    • 1
  • D. Page
    • 1
  • N. P. Smart
    • 1
  1. 1.Dept. Computer ScienceUniversity of BristolBristolUK

Personalised recommendations