Refinement of Miller’s Algorithm Over Edwards Curves

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5985)


Edwards gave a new form of elliptic curves in [1], and these curves were introduced to cryptography by Bernstein and Lange in [2]. The Edwards curves enjoy faster addition and doubling operations, so they are very attractive for elliptic curve cryptography.

In 2006, Blake, Murty and Xu proposed three refinements to Millers algorithm for computing Weil/Tate pairings over Weierstraß curves. In this paper we extend their method to Edwards curve and propose a faster algorithm for computing pairings with Edwards coordinates, which comes from the analysis of divisors of rational functions.


Cryptography bilinear pairing Miller algorithm twisted Edwards curve 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Edwards, H.M.: A Normal Form for Elliptic Curves. Bulletin of the American Mathematical Society 44, 393–442 (2007)zbMATHCrossRefGoogle Scholar
  2. 2.
    Bernstein, D.J., Lange, T.: Faster Addition and Doubleling on Elliptic Curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Menezes, A.J., Okamoto, T., Vanstone, S.A.: Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field. IEEE Transactions on Information Theory (1993)Google Scholar
  4. 4.
    Frey, G., Rück, H.G.: A Remark Concerning m-divisibility and the Discrete Logarithm in the Divisor Class Group of Curves. Mathematics of Computation 62, 865–874 (1994)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Boneh, D., Franklin, M.: Identity-based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  7. 7.
    Joux, A.: A One Round Protocol for Tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–393. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Lynn, B., Shacham, H.: Short Signature from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Miller, V.S.: The Weil Pairing, and its Efficient Calculation. Journal of Cryptology 17(4), 235–261 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Blake, I.F., Sroussi, G., Smart, P.N.: Advances in Elliptic Curve Cryptography. Cambridge University Press, Cambridge (2005)zbMATHCrossRefGoogle Scholar
  11. 11.
    Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted Edwards Curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389–405. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Das, M.P.L., Sarkar, P.: Pairing Computation on Twisted Edwards form Elliptic Curves. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 192–210. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Ionica, S., Joux, A.: Another Approach to Pairing Computation in Edwards Coordinates. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 400–413. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Aréne, C., Lange, T., Naehrig, M., Ritzenthaler, C.: Faster Pairing Computation. Cryptology ePrint Archive, Report 2009/155 (2009)Google Scholar
  15. 15.
    Barreto, P.S., Lynn, B., Scott, M.: Efficient Implementation of Pairing-based Cryptosystems. Journal of Cryptology 17, 321–334 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Hartshorne, R.: Algebraic Geometry. Graduate Texts in Mathematics. Springer, Heidelberg (1977)zbMATHGoogle Scholar
  17. 17.
    Blake, I.F., Murty, V.K., Xu, G.: Refinements of Miller’s Algorithm for Computing the Weil/Tate pairing. Journal of Algorithms 58, 134–149 (2006)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  1. 1.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingChina
  2. 2.Graduate University of Chinese Academy of SciencesBeijingChina

Personalised recommendations