Skip to main content
SpringerLink
Log in

Key Length Estimation of Pairing-Based Cryptosystems Using η T Pairing

  • Conference paper
Information Security Practice and Experience (ISPEC 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7232))

Abstract

The security of pairing-based cryptosystems depends on the difficulty of the discrete logarithm problem (DLP) over certain types of finite fields. One of the most efficient algorithms for computing a pairing is the η T pairing over supersingular curves on finite fields whose characteristic is 3. Indeed many high-speed implementations of this pairing have been reported, and it is an attractive candidate for practical deployment of pairing-based cryptosystems. The embedding degree of the η T pairing is 6, so we deal with the difficulty of a DLP over the finite field GF(36n), where the function field sieve (FFS) is known as the asymptotically fastest algorithm of solving it. Moreover, several efficient algorithms are employed for implementation of the FFS, such as the large prime variation. In this paper, we estimate the time complexity of solving the DLP for the extension degrees n = 97,163, 193,239,313,353,509, when we use the improved FFS. To accomplish our aim, we present several new computable estimation formulas to compute the explicit number of special polynomials used in the improved FFS. Our estimation contributes to the evaluation for the key length of pairing-based cryptosystems using the η T pairing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adleman, L.M.: The Function Field Sieve. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol. 877, pp. 108–121. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  2. Aoki, K., Shimoyama, T., Ueda, H.: Experiments on the Linear Algebra Step in the Number Field Sieve. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 58–73. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  3. Adleman, L.M., Huang, M.-D.A.: Function field sieve method for discrete logarithms over finite fields. Inform. and Comput. 151, 5–16 (1999)

    Article  MathSciNet  MATH  Google Scholar 

  4. Ahmadi, O., Hankerson, D., Menezes, A.: Software Implementation of Arithmetic in \(F_{3^m}\). In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 85–102. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management - Part 1: General (Revised). NIST Special Publication 800-57 (2007)

    Google Scholar 

  6. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient Algorithms for Pairing-Based Cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Barreto, P.S.L.M., Galbraith, S., ÓhÉigeartaigh, C., Scott, M.: Efficient pairing computation on supersingular abelian varieties. Des., Codes Cryptogr. 42(3), 239–271 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  8. Beuchat, J.-L., Brisebarre, N., Detrey, J., Okamoto, E., Shirase, M., Takagi, T.: Algorithms and arithmetic operators for computing the η T pairing in characteristic three. IEEE Trans. Comput. 57(11), 1454–1468 (2008)

    Article  MathSciNet  Google Scholar 

  9. Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  10. Cavallar, S.: Strategies in Filtering in the Number Field Sieve. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 209–231. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  11. Galbraith, S., Harrison, K., Soldera, D.: Implementing the Tate Pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Gorla, E., Puttmann, C., Shokrollahi, J.: Explicit Formulas for Efficient Multiplication in \(F_{3^{6m}}\). In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 173–183. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  13. Granger, R.: Estimates for Discrete Logarithm Computations in Finite Fields of Small Characteristic. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 190–206. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  14. Granger, R., Holt, A.J., Page, D., Smart, N.P., Vercauteren, F.: Function Field Sieve in Characteristic Three. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 223–234. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  15. Granger, R., Page, D., Stam, M.: Hardware and software normal basis arithmetic for pairing-based cryptography in characteristic three. IEEE Trans. Comput. 54(7), 852–860 (2005)

    Article  Google Scholar 

  16. Hankerson, D., Menezes, A., Scott, M.: Software implementation of pairings. In: Identity-Based Cryptography, pp. 188–206 (2009)

    Google Scholar 

  17. Harrison, K., Page, D., Smart, N.P.: Software implementation of finite fields of characteristic three, for use in pairing-based cryptosystems. LMS Journal of Computation and Mathematics 5, 181–193 (2002)

    MathSciNet  MATH  Google Scholar 

  18. Hayashi, T., Shinohara, N., Wang, L., Matsuo, S., Shirase, M., Takagi, T.: Solving a 676-Bit Discrete Logarithm Problem in GF(36n). In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 351–367. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  19. Joux, A., et al.: Discrete logarithms in GF(2607) and GF(2613). Posting to the Number Theory List (2005), http://listserv.nodak.edu/cgi-bin/wa.exe?A2=ind0509&L=nmbrthry&T=0&P=3690

  20. Joux, A., Lercier, R.: The Function Field Sieve Is Quite Special. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 431–445. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Joux, A., Lercier, R.: The Function Field Sieve in the Medium Prime Case. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 254–270. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. Kawahara, Y., Aoki, K., Takagi, T.: Faster Implementation of η T Pairing Over GF(3m) Using Minimum Number of Logical Instructions for GF(3)-Addition. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 282–296. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. Kleinjung, T., Aoki, K., Franke, J., Lenstra, A.K., Thomé, E., Bos, J.W., Gaudry, P., Kruppa, A., Montgomery, P.L., Osvik, D.A., te Riele, H., Timofeev, A., Zimmermann, P.: Factorization of a 768-Bit RSA Modulus. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 333–350. Springer, Heidelberg (2010)

    Google Scholar 

  24. Kerins, T., Marnane, W., Popovici, E., Barreto, P.S.L.M.: Efficient Hardware for the Tate Pairing Calculation in Characteristic Three. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 412–426. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Lanczos, C.: Solution of systems of linear equations by minimized iterations. J. Res. Nat. Bureau of Standards 49(1), 33–53 (1952)

    MathSciNet  Google Scholar 

  26. Lenstra, A.K., Lenstra Jr., H.W., Manasse, M.S., Pollard, J.M.: The number field sieve. LNIM, vol. 1554, pp. 43–49 (1993)

    Google Scholar 

  27. Pollard, J.M.: The lattice sieve. LNIM, vol. 1554, pp. 43–49 (1993)

    Google Scholar 

  28. Page, D., Smart, N.P.: Hardware Implementation of Finite Fields of Characteristic Three. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 529–539. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  29. Pomerance, C., Wagstaff Jr., S.S.: Implementation of the continued fraction integer factoring algorithm. Congress Numer. 37, 99–118 (1983)

    MathSciNet  Google Scholar 

  30. Shinohara, N., Shimoyama, T., Hayashi, T., Takagi, T.: Key Length Estimation of Pairing-based Cryptosystems using η T Pairing, Cryptology ePrint Archive: Report 2012/042 (2012), http://eprint.iacr.org/2012/042

  31. Smart, N., Page, D., Vercauteren, F.: A comparison of MNT curves and supersingular curves. Applicable Algebra in Engineering, Communication and Computing 17, 379–392 (2006)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Information and Communications Technology, Japan

    Naoyuki Shinohara

  2. FUJITSU LABORATORIES Ltd., Japan

    Takeshi Shimoyama

  3. Kyushu University, Japan

    Takuya Hayashi & Tsuyoshi Takagi

Authors
  1. Naoyuki Shinohara
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Takeshi Shimoyama
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Takuya Hayashi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tsuyoshi Takagi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, University of Birmingham, UK

    Mark D. Ryan

  2. Toshiba Corporation, 1, Komukai-Toshiba–Cho, 212-8582, Saiwai-ku, Kawasaki, Japan

    Ben Smyth

  3. School of Computer Science & Software Engineering, University of Wollongong, Northfields Avenue, 2522, Wollongong, NSW, Australia

    Guilin Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shinohara, N., Shimoyama, T., Hayashi, T., Takagi, T. (2012). Key Length Estimation of Pairing-Based Cryptosystems Using η T Pairing. In: Ryan, M.D., Smyth, B., Wang, G. (eds) Information Security Practice and Experience. ISPEC 2012. Lecture Notes in Computer Science, vol 7232. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29101-2_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29101-2_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29100-5

  • Online ISBN: 978-3-642-29101-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation