Skip to main content
SpringerLink
Log in

Efficient pairing computation on supersingular Abelian varieties

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We present a general technique for the efficient computation of pairings on Jacobians of supersingular curves. This formulation, which we call the eta pairing, generalizes results of Duursma and Lee for computing the Tate pairing on supersingular elliptic curves in characteristic 3. We then show how our general technique leads to a new algorithm which is about twice as fast as the Duursma–Lee method. These ideas are applied to elliptic and hyperelliptic curves in characteristic 2 with very efficient results. In particular, the hyperelliptic case is faster than all previously known pairing algorithms.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Barreto PSLM (2004) A note on efficient computation of cube roots in characteristic 3. Cryptology ePrint Archive, Report 2004/305, 2004. Available from http:// eprint.iacr.org/2004/305

  2. Barreto PSLM, Kim HY, Lynn B, Scott M (2002) Efficient algorithms for pairing-based cryptosystems. In: Yung M (ed) Advances in cryptology—crypto’2002. Lecture notes in computer science, vol 2442. Springer, Berlin Heidelberg, New York, pp 354–368

  3. Barreto PSLM, Lynn B, Scott M (2004) Efficient implementation of pairing-based cryptosystems. J Cryptol 17(4):321–334

    Google Scholar 

  4. Barreto PSLM, Naehrig M (2005) Pairing-friendly elliptic curves of prime order. In: Preneel B, Tavares SE (eds) Selected areas in cryptography – SAC’2005. Lecture notes in computer science, vol 3897. Springer, Berlin Heidelberg NewYork, pp 319–331

  5. Blake IF, Seroussi G, Smart NP (2005) Advances in elliptic curve cryptography. Cambridge University Press, Cambridge

    MATH  Google Scholar 

  6. Boneh D, Franklin M (2003) Identity-based encryption from the Weil pairing. SIAM J Comput 32(3):586–615

    Article  MATH  MathSciNet  Google Scholar 

  7. Cantor DG (1987) Computing in the Jacobian of a hyperelliptic curve. Math Comput 48(177): 95–101

    Article  MATH  MathSciNet  Google Scholar 

  8. Duursma I, Lee H-S (2003) Tate pairing implementation for hyperelliptic curves y 2x pxd. In: Laih CS (ed) Advances in cryptology—asiacrypt’2003. Lecture notes in computer science, vol 2894. Springer, Berlin Heidelberg New York, pp 111–123

  9. Duursma I, Sakurai K (2000) Efficient algorithms for the Jacobian variety of hyperelliptic curves y 2 = x px + 1 over a finite field of odd characteristic p. In: Buchmann J, Hoholdt T, Stichtenoth H, Tapia-Recillas H (eds) Coding theory, cryptography and related areas (Guanajuato, 1998). Springer, Berlin Heidelberg New York, pp 73–89

  10. Fong K, Hankerson D, López J, Menezes A (2004) Field inversion and point halving revisited. IEEE Trans Comput 53(8):1047–1059

    Article  Google Scholar 

  11. Frey G, Lange T (2006) Fast bilinear maps from the Tate–Lichtenbaum pairing on hyperelliptic curves. In: Hess F et al (eds) ANTS VII. Lecture notes in computer science, vol 4076. Springer, Berlin Heidelberg New York, pp 466–479

  12. Frey G, Rück H-G (1994) A remark concerning m-divisibility and the discrete logarithm problem in the divisor class group of curves. Math Comput 52:865–874

    Google Scholar 

  13. Galbraith SD, Harrison K, Soldera D (2002) Implementing the Tate pairing. In: Goos G, Hartmanis J, van Leeuwen J (eds) Algorithmic number theory—ANTS V. Lecture notes in computer science, vol 2369. Springer, Berlin Heidelberg New York, pp 324–337

  14. Galbraith SD (2001) Supersingular curves in cryptography. In: Boyd C (ed) ASIACRYPT 2001. Lecture notes in computer science, vol 2248. Springer, Berlin Heidelberg New York, pp 495–513

  15. Granger R, Page D, Stam M (2006) On small characteristic algebraic tori in pairing-based cryptography. LMS J Comput Math 9:64–85

    MathSciNet  Google Scholar 

  16. Katagi M, Akishita T, Kitamura I, Takagi T (2005). Some improved algorithms for hyperelliptic curve cryptosystems using degenerate divisors. In: Park C, Chee S (eds) ICISC 2004, vol 3506. Springer, Berlin Heidelberg New York, pp 296–312

    Google Scholar 

  17. Katagi M, Kitamura I, Akishita T, Takagi T (2005) Novel efficient implementations of hyperelliptic curve cryptosystems using degenerate divisors. In: Lim CH, Yung M (eds) Information security applications—WISA’2004. Lecture notes in computer science, vol 3325. Springer, Berlin Heidelberg New York, pp 345–359

  18. Koblitz N (1989) Hyperelliptic cryptosystems. J Cryptol 1(3):139–150

    Article  MATH  MathSciNet  Google Scholar 

  19. Kwon S (2005) Efficient Tate pairing computation for supersingular elliptic curves over binary fields. In: Boyd C, Nieto JMG (eds) ACISP 2005. Lecture notes in computer science, vol 3574. Springer, Berlin Heidelberg, New York. pp 134–145

  20. Lange T (2004) Formulae for arithmetic on genus 2 hyperelliptic curves. In: Applicable algebra in engineering, communication and computing, Online publication. Springer, Berlin Heidelberg New York. http://www.springerlink.com/openurl.asp?genre=article&id=doi:10.1007/s0 0200-004-0154-8

  21. Lange T, Stevens M (2004) Efficient doubling on genus two curves over binary fields. In: Handschuh H, Anwar Hasan M (eds) Selected areas in cryptography—SAC’2004. Lecture notes in computer science, vol 3357. Springer, Berlin Heidelberg New York, pp 170–181

  22. Rubin K, Silverberg A (2002) Supersingular abelian varieties in cryptology. In: Yung M (ed) Advances in cryptology—crypto’2002. Lecture notes in computer science, vol 2442. Springer, Berlin Heidelberg New York, pp 336–353

  23. Rubin K, Silverberg A (2004) Using primitive subgroups to do more with fewer bits. In: Buell D (ed) Algorithmic number theory—ANTS VI. Lecture notes in computer science, vol 3076. Springer, Berlin Heidelberg New York, pp 18–41

  24. Scott M (2004) Faster identity based encryption. Electron Lett 40(14):861

    Article  Google Scholar 

  25. Scott M, Barreto P (2004) Compressed pairings. In: Franklin M (ed) Advances in cryptology—crypto’2004. Lecture notes in computer science, vol 3152. Springer, Berlin Heidelberg New York, pp~140–156. Also available from http://eprint.iacr.org/2004/032/

  26. Silverberg A (2005) Compression for trace zero subgroups of elliptic curves. Trends Math 8:93–100

    Google Scholar 

  27. Silverman JH (1986) The arithmetic of elliptic curves. Graduate texts in mathematics 106. Springer, Berlin Heidelberg New York

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computing and Digital Systems Engineering, Escola Politécnica, Universidade de São Paulo, Av. Prof. Luciano Gualberto, tr. 3, n. 158, 05508-900, São Paulo (SP), Brazil

    Paulo S. L. M. Barreto

  2. Mathematics Department, Royal Holloway University of London, Egham, Surrey, TW20 0EX, UK

    Steven D. Galbraith

  3. School of Computing, Dublin City University, Ballymun, Dublin 9, Ireland

    Colm Ó’ hÉigeartaigh & Michael Scott

Authors
  1. Paulo S. L. M. Barreto
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Steven D. Galbraith
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Colm Ó’ hÉigeartaigh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michael Scott
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Scott.

Additional information

Communicated by A. Enge.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Barreto, P.S.L.M., Galbraith, S.D., hÉigeartaigh, C.Ó. et al. Efficient pairing computation on supersingular Abelian varieties. Des Codes Crypt 42, 239–271 (2007). https://doi.org/10.1007/s10623-006-9033-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-006-9033-6

Keywords

AMS Classification

Search

Navigation