High Security Pairing-Based Cryptography Revisited
The security and performance of pairing based cryptography has provoked a large volume of research, in part because of the exciting new cryptographic schemes that it underpins. We re-examine how one should implement pairings over ordinary elliptic curves for various practical levels of security. We conclude, contrary to prior work, that the Tate pairing is more efficient than the Weil pairing for all such security levels. This is achieved by using efficient exponentiation techniques in the cyclotomic subgroup backed by efficient squaring routines within the same subgroup.
KeywordsElliptic Curve Elliptic Curf Security Level Operation Count High Security Level
Unable to display preview. Download preview PDF.
- 1.Avanzi, R.M.: On Multi-exponentiation in Cryptography. In: Cryptology ePrint Archive, Report 2002/154 (2002)Google Scholar
- 7.Cheng, M., Chen, L., Malone-Lee, J., Smart, N.P.: An Efficient ID-KEM Based On The Sakai-Kasahara Key Construction (to appear, 2006)Google Scholar
- 13.Scott, M., Barreto, P.S.L.M.: Compressed Pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004)Google Scholar
- 14.Stam, M.: Speeding up Subgroup Cryptosystems. PhD Thesis, T.U. Eindhoven (2003)Google Scholar