# Introduction to Public-Key Cryptography

## Abstract

Cryptography was once considered to be a means of maintaining secrecy of communications only in military affairs and diplomacy. However, today, modern cryptography is used for various purposes in familiar circumstances. Public-key cryptography is a key technology of modern society; it is used for personal authentication, electronic commerce on the Internet, copyright protection of DVDs, and so on. In particular, the RSA public-key cryptosystem, which was proposed more than 30 years ago, has become the de facto standard of cryptographic software since the spread of the Internet in the 1990s. Another technology, called elliptic curve cryptography, was proposed in 1985. It can perform arithmetic processing at high speed, and since the beginning of the 2000s, it has been implemented in devices such as DVD players and personal digital assistants. Pairing-based cryptography, first proposed in 2000, can be incorporated in security technologies that are not practical with the previous public-key cryptographies. It is actively studied by various organizations around the world. In this chapter, we explain the basic mathematics and security evaluations of public-key cryptography.

### Keywords

Bilinear pairing Public-key cryptography Discrete logarithm problem Elliptic curve Factoring### References

- 1.J.-L. Beuchat, N. Brisebarre, J. Detrey, E. Okamoto, M. Shirase, T. Takagi, Algorithms and arithmetic operators for computing the \(\eta _T\) pairing in characteristic three. IEEE Trans. Comput.
**57**(11), 1454–1468 (2008)MathSciNetCrossRefGoogle Scholar - 2.I. Blake, G. Seroussi, N. Smart, in
*Elliptic Curves in Cryptography*, London Mathematical Society Lecture Note Series, vol 265 (Cambridge University Press, Cambridge, 1999)Google Scholar - 3.I. Blake, G. Seroussi, N. Smart (eds.), in
*Advances in Elliptic Curve Cryptography*, London Mathematical Society Lecture Note Series, vol 317 (Cambridge University Press, Cambridge, 2005)Google Scholar - 4.D. Boneh, M. Franklin, Identity based encryption from the Weil pairing. SIAM J. Comput.
**32**(3), 586–615 (2003)MathSciNetCrossRefMATHGoogle Scholar - 5.D. Boneh, G. Di Crescenzo, R. Ostrovsky, G. Persiano, Public key encryption with keyword search, in
*Proceedings of EUROCRYPT 2004*. LNCS, vol. 3027 (Springer, Heidelberg, 2004), pp. 506–522Google Scholar - 6.D. Boneh, C. Gentry, B. Waters, Collusion resistant broadcast encryption with short ciphertexts and private keys, in
*Proceedings of CRYPTO 2005*. LNCS, vol. 3621 (Springer, 2005), pp. 258–275Google Scholar - 7.D. Boneh, R. Venkatesan, Breaking RSA may not be equivalent to factoring,
*Proceedings of EUROCRYPT’98*. LNCS, vol. 1233 (Springer, 1998), pp. 59–71Google Scholar - 8.X. Boyen, L. Martin, in
*Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems, RFC 5091 (Informational), December 2007*, http://www.ietf.org/rfc/rfc5091.txt - 9.H. Cohen, A. Miyaji, T. Ono, in
*Efficient Elliptic Curve Exponentiation Using Mixed Coordinates, ASIACRYPT 1998*. LNCS, vol. 1514 (Springer, 1998), pp. 51–65Google Scholar - 10.Cryptography Research and Evaluation Committees, http://www.cryptrec.jp/
- 11.D. Freeman, M. Scott, E. Teske, A taxonomy of pairing-friendly elliptic curves. J. Cryptol.
**23**(2), 224–280 (2010)MathSciNetCrossRefMATHGoogle Scholar - 12.D. Hanerson, A. Menezes, S. Vanstone,
*Guide to Elliptic Curve Cryptography*(Springer, Berlin, 2003)Google Scholar - 13.T. Hayashi, T. Shimoyama, N. Shinohara, T. Takagi, in
*Breaking Pairing-Based Cryptosystems Using*\({\eta _{T}}\)*Pairing Over*\(GF(3^{97})\),*ASIACRYPT 2012*. LNCS, vol. 7658 (Springer, 2012), pp. 43–60Google Scholar - 14.T. Iyama, S. Kiyomoto, K. Fukushima, T. Tanaka, T. Takagi, in
*IEICE Transaction on Implementation of Pairing Based Cryptosystem on Mobile Phones*, vol. J95-A, no. 7 (2012), pp. 579–587 (in Japanese)Google Scholar - 15.T. Izu, T. Takagi, in
*Efficient Computations of the Tate Pairing for the Large MOV Degrees, ICISC 2002*. LNCS, vol. 2513 (2002), pp. 283–297Google Scholar - 16.N. Koblitz, Elliptic curve cryptosystems. Math. Comput.
**48**, 203–209 (1987)MathSciNetCrossRefMATHGoogle Scholar - 17.A.K. Lenstra, H.W. Lenstra Jr., (eds.), in
*The Development of the Number Field Sieve*, Lecture Notes in Mathematics, vol 1554 (Springer, Berlin, 1993)Google Scholar - 18.V. Miller, in
*Use of Elliptic Curves in Cryptography, CRYPTO 1985*. LNCS, vol. 218 (Springer, 1985), pp. 417–426Google Scholar - 19.V. Miller, The Weil pairing, and its efficient calculation. J. Cryptol.
**17**(4), 235–261 (2004)MATHGoogle Scholar - 20.J. Pollard, A Monte Carlo method for factorization. BIT Numer. Math.
**15**(3), 331–334 (1975)MathSciNetCrossRefMATHGoogle Scholar - 21.R. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM
**21**(2), 120–126 (1978)MathSciNetCrossRefMATHGoogle Scholar - 22.R. Sakai, K. Ohgishi, M. Kasahara, Cryptosystems based on pairing, in
*The 2000 Symposium on Cryptography and Information, Security, SCIS2000-C20*, 2000Google Scholar - 23.O. Schirokauer, Discrete logarithms and local units. Philos. Trans. Royal Soc. A
**345**(1676), 409–424 (1993)MathSciNetCrossRefMATHGoogle Scholar - 24.T. Takagi, T. Okamoto, E. Okamoto, T. Okamoto (Eds.), in
*Pairing-Based Cryptography—Pairing 2007*. LNCS, vol. 4575 (Springer, 2007)Google Scholar - 25.T. Yasuda, T. Takagi, K. Sakurai, in
*Application of Scalar Multiplication of Edwards Curves to Pairing-Based Cryptography, IWSEC 2012*. LNCS, vol. 7631 (Springer, 2012), pp. 19–36Google Scholar - 26.M. Yoshitomi, T. Takagi, S. Kiyomoto, T. Tanaka, in
*IEICE Transaction on Efficient Implementation of the Pairing on Mobilephones using BREW*, vol. E91-D, no.5 (2008), pp. 1330–1337Google Scholar