Abstract
Pairings on elliptic curves are fast coming of age as cryptographic primitives for deployment in new security applications, particularly in the context of implementations of Identity-Based Encryption (IBE). In this paper we describe the implementation of various pairings on a contemporary 32-bit smart-card, the Philips HiPerSmartTM, an instantiation of the MIPS-32 based SmartMIPSTM architecture. Three types of pairing are considered, first the standard Tate pairing on a nonsupersingular curve \(E(\mathbb{F}_p)\), second the Ate pairing, also on a nonsupersingular curve \(E(\mathbb{F}_p)\), and finally the η T pairing on a supersingular curve \(E(\mathbb{F}_{2^m})\). We demonstrate that pairings can be calculated as efficiently as classic cryptographic primitives on this architecture, with a calculation time of as little as 0.15 seconds.
Keywords
- Elliptic curves
- pairing-based cryptosystems
- fast implementations
Chapter PDF
References
Barreto, P.S.L.M.: The pairing-based crypto lounge, http://paginas.terra.com.br/informatica/paulobarreto/pblounge.html
Barreto, P.S.L.M., Galbraith, S., O’hEigeartaigh, C., Scott, M.: Efficient pairing computation on supersingular abelian varietie. Cryptology ePrint Archive, Report 2004/375 (2004), http://eprint.iacr.org/2004/375
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003)
Barreto, P.S.L.M., Lynn, B., Scott, M.: On the selection of pairing-friendly groups. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 17–25. Springer, Heidelberg (2004)
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. Cryptology ePrint Archive, Report 2005/133 (2005), http://eprint.iacr.org/2005/133
Bertoni, G.M., Chen, L., Fragneto, P., Harrison, K.A., Pelosi, G.: Computing tate pairing on smartcards (2005), http://www.st.com/stonline/products/families/smartcard/ches2005_v4.pdf
Blake, I.F., Seroussi, G., Smart, N.P. (eds.): Advances in Elliptic Curve Cryptography, vol. 2. Cambridge University Press, Cambridge (2005)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Chen, L., Cheng, Z.: Security proof of Sakai-Kasahara’s identity-based encryption scheme (2005), http://eprint.iacr.org/2005/226
Chevallier-Mames, B., Coron, J.-S., McCullagh, N., Naccache, D., Scott, M.: Secure delegation of elliptic-curve pairing (2005), http://eprint.iacr.org/2005/150
Coppersmith, D.: Fast evaluation of logarithms in fields of characteristics two. IEEE Transactions on Information Theory 30, 587–594 (1984)
Duursma, I., Lee, H.-S.: Tate pairing implementation for hyperelliptic curves y 2 = x p − x + d. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)
Frey, G., Müller, M., Rück, H.: The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems. IEEE Transactions on Information Theory 45(5), 1717–1719 (1999)
Gemplus. ID based Cryptography and Smartcards (2005), http://www.gemplus.com/smart/rd/publications/pdf/Joy05iden.pdf
Granger, R., Page, D., Stam, M.: Hardware and software normal basis arithmetic for pairing based cryptography in characteristic three. Cryptology ePrint Archive, Report2004/157 (2004), http://eprint.iacr.org/2004/157
Großschädl, J., Savas, E.: Instruction set extensions for fast arithmetic in finite fields GF(p) and GF(2\(^{\mbox{m}}\)). In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 133–147. Springer, Heidelberg (2004)
Hennessy, J., Patterson, D.: Computer Architecture - a Qualitative Approach, 3rd edn. Morgan Kaufmann, San Francisco (2003)
Hess, F., Smart, N., Vercauteren, F.: The eta pairing revisited. Cryptology ePrint Archive, Report2006/110 (2006), http://eprint.iacr.org/2006/110
IEEE Standard Specifications for Public-Key Cryptography – IEEE Std 1363:2000. IEEE Computer Society, New York (2000)
Joux, A.: A one-round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)
Lenstra, A.K.: Unbelievable security. Matching AES security using public key systems. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 67–86. Springer, Heidelberg (2001)
Lercier, R.: Discrete logarithms in GF(p). Posting to NMBRTHRY List (2001)
McCullagh, N., Barreto, P.S.L.M.: Efficient and forward-secure identity-based signcryption. Cryptology ePrint Archive, Report2004/117 (2004), http://eprint.iacr.org/2004/117
Menezes, A.: Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, Dordrecht (1993)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton (1996), URL: http://cacr.math.uwaterloo.ca/hac
Miller, V.: Short programs for functions on curves (unpublished, manuscript) (1986), http://crypto.stanford.edu/miller/miller.pdf
Nogami, Y., Morikawa, Y.: A fast implementation of elliptic curve cryptosystem with prime order defined over \(f_{p^8}\) (1998), http://www.trans.cne.okayama-u.ac.jp/nogami-group/papers/kiyou2.pdf
Page, D., Smart, N.P., Vercauteren, F.: A comparison of MNT curves and supersingular curves. Cryptology ePrint Archive (2004), http://eprint.iacr.org/2004/165
Sakai, R., Kasahara, M.: ID based cryptosystems with pairing on elliptic curve. Cryptography ePrint Archive, Report 2003/054 (2003), http://eprint.iacr.org/2003/054
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan (2000)
Scott, M.: Computing the Tate pairing. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 293–304. Springer, Heidelberg (2005)
Scott, M.: (2006), http://ftp.computing.dcu.ie/pub/crypto/miracl.zip
Scott, M., Barreto, P.: Compressed pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004), Also available from: http://eprint.iacr.org/2004/032/
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Thomé, E.: Computation of discrete logarithms in \(\mathbb{F}_{2^{607}}\). In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 107–124. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Scott, M., Costigan, N., Abdulwahab, W. (2006). Implementing Cryptographic Pairings on Smartcards. In: Goubin, L., Matsui, M. (eds) Cryptographic Hardware and Embedded Systems - CHES 2006. CHES 2006. Lecture Notes in Computer Science, vol 4249. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11894063_11
Download citation
DOI: https://doi.org/10.1007/11894063_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46559-1
Online ISBN: 978-3-540-46561-4
eBook Packages: Computer ScienceComputer Science (R0)