SAC 2009: Selected Areas in Cryptography pp 364-375

# An Efficient Residue Group Multiplication for the ηT Pairing over $${\mathbb F}_{3^m}$$

• Yuta Sasaki
• Satsuki Nishina
• Masaaki Shirase
• Tsuyoshi Takagi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5867)

## Abstract

When we implement the η T pairing, which is one of the fastest pairings, we need multiplications in a base field $${\mathbb F}_{3^m}$$ and in a group G. We have previously regarded elements in G as those in $${\mathbb F}_{3^{6m}}$$ to implement the η T pairing. Gorla et al. proposed a multiplication algorithm in $${\mathbb F}_{3^{6m}}$$ that takes 5 multiplications in $${\mathbb F}_{3^{2m}}$$, namely 15 multiplications in $${\mathbb F}_{3^{m}}$$. This algorithm then reaches the theoretical lower bound of the number of multiplications. On the other hand, we may also regard elements in G as those in the residue group $${\mathbb F}_{3^{6m}}^{\,*}\,/\,{\mathbb F}_{3^{m}}^{\,*}$$ in which βa is equivalent to a for $$a \in {\mathbb F}_{3^{6m}}^{\,*}$$ and $$\beta \in {\mathbb F}_{3^{m}}^{\,*}$$. This paper proposes an algorithm for computing a multiplication in the residue group. Its cost is asymptotically 12 multiplications in $${\mathbb F}_{3^{m}}$$ as m → ∞, which reaches beyond the lower bound the algorithm of Gorla et al. reaches. The proposed algorithm is especially effective when multiplication in the finite field is implemented using a basic method such as shift-and-add.

## Keywords

Finite field multiplication pairing residue group Vandermonde matrix

## References

1. 1.
Barreto, P., Galbraith, S., O’hEigeartaigh, C., Scott, S.: Efficient pairing computation on supersingular Abelian varieties. Designs, Codes and Cryptography 42(3), 239–271 (2007)
2. 2.
Barreto, P., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)
3. 3.
Beuchat, J.-L., Brisebarre, N., Detrey, J., Okamoto, E., Shirase, M., Takagi, T.: Algorithms and arithmetic operators for computing the η T pairing in characteristic three. IEEE Transactions on Computers 57(11), 1454–1468 (2008)
4. 4.
Bodrato, M.: Towards optimal Toom-Cook multiplication for univariate and multivariate polynomials in characteristic 2 and 0. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 116–133. Springer, Heidelberg (2007)
5. 5.
Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)Google Scholar
6. 6.
Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)
7. 7.
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)Google Scholar
8. 8.
Brent, R., Gaudry, P., Thomé, E., Zimmermann, P.: Faster multiplication in GF(2)[x]. In: van der Poorten, A.J., Stein, A. (eds.) ANTS-VIII 2008. LNCS, vol. 5011, pp. 153–166. Springer, Heidelberg (2008)
9. 9.
Cantor, D.: On arithmetical algorithms over finite fields. J. Combinatorial Theory, Series A-50, 285–300 (1989)Google Scholar
10. 10.
Cook, S.: On the minimum computation time of functions. PhD thesis, Harvard University (1966)Google Scholar
11. 11.
Gorla, E., Puttmann, C., Shokrollahi, J.: Explicit formulas for efficient multiplication in $$\mathbb F_{3^{6m}}$$. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 173–183. Springer, Heidelberg (2007)
12. 12.
Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Soviet Physics-Doklady 7, 595–596 (1963)Google Scholar
13. 13.
Kerins, T., Marnane, W., Popovici, E., Barreto, P.: Efficient hardware for the Tate pairing calculation in characteristic three. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 412–426. Springer, Heidelberg (2005)
14. 14.
Lempel, A., Winograd, S.: A new approach to error-correcting codes. IEEE Transactions on Information Theory IT-23, 503–508 (1977)Google Scholar
15. 15.
Schönhage, A.: Schnelle multiplikation von polynomen über körpen der Charakteristik 2. Acta Inf. 7, 395–398 (1977)
16. 16.
Shirase, M., Takagi, T., Choi, D., Han, D.-H., Kim, H.: Efficient computation of Eta pairing over binary field with Vandermonde matrix. ETRI Journal 31(2), 129–139 (2009)
17. 17.
Toom, A.: The complexity of a scheme of functional elements realizing the multiplication of integers. Soviet Mathematics 3, 714–716 (1963)Google Scholar
18. 18.
Winograd, S.: Arithmetic complexity of computations. SIAM, Philadelphia (1980)

© Springer-Verlag Berlin Heidelberg 2009

## Authors and Affiliations

• Yuta Sasaki
• 1
• Satsuki Nishina
• 1
• Masaaki Shirase
• 1
• Tsuyoshi Takagi
• 1
1. 1.Future University Hakodate

## Personalised recommendations

### Citepaper 