Abstract
Since the introduction of pairings over (hyper)elliptic curves in constructive cryptographic applications, an ever increasing number of protocols based on pairings have appeared in the literature. Software implementations being rather slow, the study of hardware architectures became an active research area. Beuchat et al. proposed for instance a coprocessor which computes the characteristic three η T pairing, from which the Tate pairing can easily be derived, in 33 μs on a Cyclone II FPGA. However, a final exponentiation is required to ensure a unique output value and the authors proposed to supplement their η T pairing accelerator with a coprocessor for exponentiation. Thus, the challenge consists in designing the smallest possible piece of hardware able to perform this task in less than 33 μs on a Cyclone II device. In this paper, we propose a novel arithmetic operator implementing addition, cubing, and multiplication over \(\mathbb{F}_{3^{97}}\) and show that a coprocessor based on a single such operator meets this timing constraint.
This work was supported by the New Energy and Industrial Technology Development Organization (NEDO), Japan.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Altera.: Cyclone II Device Handbook (2006), Available from Altera’s web site ( http://altera.com )
Barreto, P.S.L.M., Galbraith, S.D., Ó hÉigeartaigh, C., Scott, M.: Efficient pairing computation on supersingular abelian varieties. Designs, Codes and Cryptography 42(3), 239–271 (2007)
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Beuchat, J.-L., Miyoshi, T., Oyama, Y., Okamoto, E.: Multiplication over \(\mathbb{F}_{p^m}\) on FPGA: A survey. In: Diniz, P.C., Marques, E., Bertels, K., Fernandes, M.M., Cardoso, J.M.P. (eds.) Reconfigurable Computing: Architectures, Tools and Applications – Proceedings of ARC 2007. LNCS, vol. 4419, pp. 214–225. Springer, Heidelberg (2007)
Beuchat, J.-L., Shirase, M., Takagi, T., Okamoto, E.: An algorithm for the η T pairing calculation in characteristic three and its hardware implementation. In: Proceedings of the 18th IEEE Symposium on Computer Arithmetic (To appear 2007)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Chevallier-Mames, B., Ciet, M., Joye, M.: Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity. IEEE Transactions on Computers 53(6), 760–768 (2004)
Duursma, I., Lee, H.S.: Tate pairing implementation for hyperelliptic curves y 2 = x p − x + d. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)
Frey, G., Rück, H.-G.: A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Math. Comp. 62(206), 865–874 (1994)
Galbraith, S.D., Harrison, K., Soldera, D.: Implementing the Tate pairing. In: Fieker, C., Kohel, D.R. (eds.) Algorithmic Number Theory – ANTS V. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)
Grabher, P., Page, D.: Hardware acceleration of the Tate Pairing in characteristic three. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 398–411. Springer, Heidelberg (2005)
Granger, R., Page, D., Stam, M.: On small characteristic algebraic tori in pairing-based cryptography. LMS Journal of Computation and Mathematics 9, 64–85 (2006), Available from http://www.lms.ac.uk/jcm/9/lms2004-025/
Guajardo, J., Güneysu, T., Kumar, S., Paar, C., Pelzl, J.: Efficient hardware implementation of finite fields with applications to cryptography. Acta Applicandae Mathematicae 93(1–3), 75–118 (2006)
Itoh, T., Tsujii, S.: A fast algorithm for computing multiplicative inverses in GF(2m) using normal bases. Information and Computation 78, 171–177 (1988)
Kerins, T., Marnane, W.P., Popovici, E.M., Barreto, P.S.L.M.: Efficient hardware for the Tate Pairing calculation in characteristic three. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 412–426. Springer, Heidelberg (2005)
Kerins, T., Popovici, E., Marnane, W.: Algorithms and architectures for use in FPGA implementations of identity based encryption schemes. In: Becker, J., Platzner, M., Vernalde, S. (eds.) FPL 2004. LNCS, vol. 3203, pp. 74–83. Springer, Heidelberg (2004)
Kwon, S.: Efficient Tate pairing computation for supersingular elliptic curves over binary fields. Cryptology ePrint Archive, Report 2004/303 (2004)
Menezes, A., Okamoto, T., Vanstone, S.A.: Reducing elliptic curves logarithms to logarithms in a finite field. IEEE Transactions on Information Theory 39(5), 1639–1646 (1993)
Miller, V.S.: Short programs for functions on curves. (1986) Unpublished manuscript available at http://crypto.stanford.edu/miller/miller.pdf
Ronan, R., Ó hÉigeartaigh, C., Murphy, C., Kerins, T., Barreto, P.S.L.M.: Hardware implementation of the η T pairing in characteristic 3. Cryptology ePrint Archive, Report 2006/371 (2006)
Ronan, R., Ó hÉigeartaigh, C., Murphy, C., Scott, M., Kerins, T., Marnane, W.P.: An embedded processor for a pairing-based cryptosystem. In: Proceedings of the Third International Conference on Information Technology: New Generations (ITNG’06), IEEE Computer Society Press, Los Alamitos (2006)
Shirase, M., Takagi, T., Okamoto, E.: Some efficient algorithms for the final exponentiation of η T pairing. In: 3rd Information Security Practice and Experience Conference – ISPEC 2007. LNCS, Springer, Heidelberg (2007)
Shu, C., Kwon, S., Gaj, K.: FPGA accelerated Tate pairing based cryptosystem over binary fields. In: Proceedings of 2006 IEEE International Conference on Field Programmable Technology (FPT 2006), pp. 173–180. IEEE Computer Society Press, Los Alamitos (2006)
Song, L., Parhi, K.K.: Low energy digit-serial/parallel finite field multipliers. Journal of VLSI Signal Processing 19(2), 149–166 (1998)
Vithanage, A.: Personal communication
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beuchat, JL., Brisebarre, N., Shirase, M., Takagi, T., Okamoto, E. (2007). A Coprocessor for the Final Exponentiation of the η T Pairing in Characteristic Three. In: Carlet, C., Sunar, B. (eds) Arithmetic of Finite Fields. WAIFI 2007. Lecture Notes in Computer Science, vol 4547. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73074-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-73074-3_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73073-6
Online ISBN: 978-3-540-73074-3
eBook Packages: Computer ScienceComputer Science (R0)