Skip to main content

Faster Pairings Using an Elliptic Curve with an Efficient Endomorphism

  • Conference paper
Progress in Cryptology - INDOCRYPT 2005 (INDOCRYPT 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3797))

Included in the following conference series:

Abstract

The most significant pairing-based cryptographic protocol to be proposed so far is undoubtedly the Identity-Based Encryption (IBE) protocol of Boneh and Franklin. In their paper [6] they give details of how their scheme might be implemented in practice on certain supersingular elliptic curves of prime characteristic. They also point out that the scheme could as easily be implemented on certain special non-supersingular curves for the same level of security. An obvious question to be answered is – which is most efficient? Motivated by the work of Gallant, Lambert and Vanstone [14] we demonstrate that, perhaps counter to intuition, certain ordinary curves closely related to the supersingular curves originally recommended by Boneh and Franklin, provide better performance. We illustrate our technique by implementing the fastest pairing algorithm to date (on elliptic curves over fields of prime characteristic) for contemporary levels of security, albeit on a rather particular class of curves. We also point out that many of the non-supersingular families of curves recently discovered and proposed for use in pairing-based cryptography can also benefit (to an extent) from the same technique.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Barreto, P.S.L.M., Galbraith, S.,, C.: Efficient pairing computation on supersingular abelian varieties. Cryptology ePrint Archive, Report 2004/375 (2004), http://eprint.iacr.org/2004/375

  2. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  3. Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 263–273. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  4. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. Cryptology ePrint Archive, Report 2005/133 (2005), http://eprint.iacr.org/2005/133

  5. Blake, I.F., Seroussi, G., Smart, N.P. (eds.): Advances in Elliptic Curve Cryptography, vol. 2. Cambridge University Press, Cambridge (2005)

    MATH  Google Scholar 

  6. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  7. Brezing, F., Weng, A.: Elliptic curves suitable for pairing based cryptography. Cryptology ePrint Archive, Report 2003/143 (2003), Available from http://eprint.iacr.org/2003/143

  8. Buchmann, J., Baier, H.: Efficient construction of cryptographically strong elliptic curves. In: INDOCRYPT, pp. 191–202 (2000)

    Google Scholar 

  9. Coppersmith, D.: Fast evaluation of logarithms in fields of characteristics two. IEEE Transactions on Information Theory 30, 587–594 (1984)

    Article  MATH  MathSciNet  Google Scholar 

  10. Crandall, R., Pomerance, C.: Prime Numbers: a Computational Perspective. Springer, Berlin (2001)

    Google Scholar 

  11. Duursma, I., Lee, H.S.: Tate-pairing implementations for tripartite key agreement. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Frey, G., Müller, M., Rück, H.: The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems. IEEE Transactions on Information Theory 45(5), 1717–1719 (1999)

    Article  MATH  Google Scholar 

  13. Galbraith, S., Harrison, K., Soldera, D.: Implementing the Tate pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  14. Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Koblitz, N., Menezes, A.: Pairing-based cryptography at high security levels. Cryptology ePrint Archive, Report 2005/076 (2005), http://eprint.iacr.org/2005/076

  16. Lenstra, A.K.: Unbelievable security. Matching AES security using public key systems. In: Advances in Cryptology – Asiacrypt 2001, vol. 2248, pp. 67–86. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  17. Menezes, A.: Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, Dordrecht (1993)

    MATH  Google Scholar 

  18. Miller, V.: Short programs for functions on curves. unpublished manuscript (1986)

    Google Scholar 

  19. Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Transactions on Fundamentals E84-A(5), 1234–1243 (2001)

    Google Scholar 

  20. Page, D., Smart, N.P., Vercauteren, F.: A comparison of MNT curves and supersingular curves. Cryptology ePrint Archive, Report 2004/165 (2004), http://eprint.iacr.org/2004/165

  21. Scott, M.: Computing the Tate pairing. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 293–304. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  22. Scott, M.: Scaling security in pairing-based protocols. Cryptology ePrint Archive, Report 2005/139 (2005), http://eprint.iacr.org/2005/139

  23. Scott, M., Barreto, P.: Compressed pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004), Also available from http://eprint.iacr.org/2004/032/

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Scott, M. (2005). Faster Pairings Using an Elliptic Curve with an Efficient Endomorphism. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds) Progress in Cryptology - INDOCRYPT 2005. INDOCRYPT 2005. Lecture Notes in Computer Science, vol 3797. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596219_21

Download citation

  • DOI: https://doi.org/10.1007/11596219_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30805-8

  • Online ISBN: 978-3-540-32278-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics