Skip to main content
SpringerLink
Log in

Indifferentiable Hashing to Barreto–Naehrig Curves

  • Conference paper
Progress in Cryptology – LATINCRYPT 2012 (LATINCRYPT 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7533))

Abstract

A number of recent works have considered the problem of constructing constant-time hash functions to various families of elliptic curves over finite fields. In the relevant literature, it has been occasionally asserted that constant-time hashing to certain special elliptic curves, in particular so-called BN elliptic curves, was an open problem. It turns out, however, that a suitably general encoding function was constructed by Shallue and van de Woestijne back in 2006.

In this paper, we show that, by specializing the construction of Shallue and van de Woestijne to BN curves, one obtains an encoding function that can be implemented rather efficiently and securely, that reaches about 9/16ths of all points on the curve, and that is well-distributed in the sense of Farashahi et al., so that one can easily build from it a hash function that is indifferentiable from a random oracle.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Baek, J., Zheng, Y.: Identity-based threshold decryption. In: Bao et al. [2], pp. 262–276

    Google Scholar 

  2. Bao, F., Deng, R., Zhou, J. (eds.): PKC 2004. LNCS, vol. 2947. Springer, Heidelberg (2004)

    MATH  Google Scholar 

  3. Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing Elliptic Curves with Prescribed Embedding Degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  4. Barreto, P.S.L.M., Naehrig, M.: Pairing-Friendly Elliptic Curves of Prime Order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Barthe, G., Grégoire, B., Heraud, S., Olmedo, F., Zanella Béguelin, S.: Verified Indifferentiable Hashing into Elliptic Curves. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 209–228. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  6. Boldyreva, A.: Threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-group signature scheme. In: Desmedt [17], pp. 31–46

    Google Scholar 

  7. Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptology 17(4), 297–319 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  11. Boyen, X.: Multipurpose Identity-Based Signcryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 383–399. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Boyko, V., MacKenzie, P.D., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  13. Brier, E., Coron, J.-S., Icart, T., Madore, D., Randriam, H., Tibouchi, M.: Efficient Indifferentiable Hashing into Ordinary Elliptic Curves. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 237–254. Springer, Heidelberg (2010)

    Google Scholar 

  14. Cha, J.C., Cheon, J.H.: An identity-based signature from Gap Diffie-Hellman groups. In: Desmedt [17], pp. 18–30

    Google Scholar 

  15. Chevallier-Mames, B.: An Efficient CDH-Based Signature Scheme with a Tight Security Reduction. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 511–526. Springer, Heidelberg (2005)

    Google Scholar 

  16. Couveignes, J.-M., Kammerer, J.-G.: The geometry of flex tangents to a cubic curve and its parameterizations. Journal of Symbolic Computation 47(3), 266–281 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  17. Desmedt, Y.G. (ed.): PKC 2003. LNCS, vol. 2567. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  18. Farashahi, R.R.: Hashing into Hessian Curves. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 278–289. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  19. Farashahi, R.R., Fouque, P.-A., Shparlinski, I.E., Tibouchi, M., Voloch, J.F.: Indifferentiable deterministic hashing to elliptic and hyperelliptic curves. Math. Comput. (to appear, 2012)

    Google Scholar 

  20. Farashahi, R.R., Shparlinski, I.E., Voloch, J.F.: On hashing into elliptic curves. J. Math. Cryptology 3, 353–360 (2010)

    Article  MathSciNet  Google Scholar 

  21. Fouque, P.-A., Tibouchi, M.: Deterministic encoding and hashing to odd hyperelliptic curves. In: Joye et al. [28], pp. 265–277

    Google Scholar 

  22. Fouque, P.-A., Tibouchi, M.: Estimating the Size of the Image of Deterministic Hash Functions to Elliptic Curves. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 81–91. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  23. Fried, M.D., Jarden, M.: Field arithmetic, 2nd edn. Ergebnisse der Mathematik und ihrer Grenzgebiete, vol. 11. Springer, Berlin (2005)

    MATH  Google Scholar 

  24. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng [43], pp. 548–566

    Google Scholar 

  25. Horwitz, J., Lynn, B.: Toward Hierarchical Identity-Based Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  26. Icart, T.: How to Hash into Elliptic Curves. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 303–316. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  27. Jablon, D.P.: Strong password-only authenticated key exchange. SIGCOMM Comput. Commun. Rev. 26, 5–26 (1996)

    Article  Google Scholar 

  28. Groth, J.: Pairing-Based Non-interactive Zero-Knowledge Proofs. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 206–206. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  29. Kachisa, E.J., Schaefer, E.F., Scott, M.: Constructing Brezing-Weng Pairing-Friendly Elliptic Curves Using Elements in the Cyclotomic Field. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 126–135. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  30. Kammerer, J.-G., Lercier, R., Renault, G.: Encoding points on hyperelliptic curves over finite fields in deterministic polynomial time. In: Joye et al. [28], pp. 278–297

    Google Scholar 

  31. Kappe, L.-C., Warren, B.: An elementary test for the Galois group of a quartic polynomial. Amer. Math. Monthly 96(2), 133–137 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  32. Libert, B., Quisquater, J.-J.: Efficient signcryption with key privacy from Gap Diffie-Hellman groups. In: Bao et al. [2], pp. 187–200

    Google Scholar 

  33. Maurer, U.M., Renner, R.S., Holenstein, C.: Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  34. Pereira, G.C.C.F., Simplício Jr., M.A., Naehrig, M., Barreto, P.S.L.M.: A family of implementation-friendly BN elliptic curves. The Journal of Systems and Software 84(8), 1319–1326 (2011)

    Article  Google Scholar 

  35. Ristenpart, T., Shacham, H., Shrimpton, T.: Careful with Composition: Limitations of the Indifferentiability Framework. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 487–506. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  36. Sato, H., Hakuta, K.: An efficient method of generating rational points on elliptic curves. J. Math-for-Industry 1(A), 33–44 (2009)

    MathSciNet  MATH  Google Scholar 

  37. Schinzel, A., Skałba, M.: On equations y 2 = x n + k in a finite field. Bull. Pol. Acad. Sci. Math. 52(3), 223–226 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  38. Shallue, A., van de Woestijne, C.E.: Construction of Rational Points on Elliptic Curves over Finite Fields. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 510–524. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  39. Skałba, M.: Points on elliptic curves over finite fields. Acta Arith. 117, 293–301 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  40. Tibouchi, M.: Hachage vers les courbes elliptiques et cryptanalyse de schémas RSA. PhD thesis, Univ. Paris 7 and Univ. Luxembourg, Introduction in French, main matter in English (2011)

    Google Scholar 

  41. Tibouchi, M.: A note on hasing to BN curves. In: Miyaji, A. (ed.) SCIS. IEICE (2012)

    Google Scholar 

  42. Zhang, F., Kim, K.: ID-based blind signature and ring signature from pairings. In: Zheng [43], pp. 533–547

    Google Scholar 

  43. Zheng, Y. (ed.): ASIACRYPT 2002. LNCS, vol. 2501. Springer, Heidelberg (2002)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. École Normale Supérieure and INRIA Rennes, France

    Pierre-Alain Fouque

  2. NTT Secure Platform Laboratories, Japan

    Mehdi Tibouchi

Authors
  1. Pierre-Alain Fouque
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mehdi Tibouchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Chile, Blanco Encalada 2120, Tercer Piso, Santiago, Chile

    Alejandro Hevia

  2. IBM Research - Zürich, Säumerstrasse 4, 8803, Rüschlikon, Switzerland

    Gregory Neven

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fouque, PA., Tibouchi, M. (2012). Indifferentiable Hashing to Barreto–Naehrig Curves. In: Hevia, A., Neven, G. (eds) Progress in Cryptology – LATINCRYPT 2012. LATINCRYPT 2012. Lecture Notes in Computer Science, vol 7533. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33481-8_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33481-8_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33480-1

  • Online ISBN: 978-3-642-33481-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation