A public key cryptosystem and a signature scheme based on discrete logarithms
Proceedings of CRYPTO 84 on Advances in cryptology
A fast algorithm for computing multiplicative inverses in GF(2m) using normal bases
Information and Computation
A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves
Mathematics of Computation
Improving the parallelized Pollard lambda search on anomalous binary curves
Mathematics of Computation
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Algorithms for Pairing-Based Cryptosystems
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Supersingular Abelian Varieties in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Speeding up the Discrete Log Computation on Curves with Automorphisms
ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
ANTS-I Proceedings of the First International Symposium on Algorithmic Number Theory
A One Round Protocol for Tripartite Diffie-Hellman
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Short Signatures from the Weil Pairing
Journal of Cryptology
The Weil Pairing, and Its Efficient Calculation
Journal of Cryptology
Five, Six, and Seven-Term Karatsuba-Like Formulae
IEEE Transactions on Computers
Hardware acceleration of the Tate pairing on a genus 2 hyperelliptic curve
Journal of Systems Architecture: the EUROMICRO Journal
Efficient pairing computation on supersingular Abelian varieties
Designs, Codes and Cryptography
Comments on "Five, Six, and Seven-Term Karatsuba-Like Formulae"
IEEE Transactions on Computers
A FPGA Coprocessor for the Cryptographic Tate Pairing over Fp
ITNG '08 Proceedings of the Fifth International Conference on Information Technology: New Generations
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Algorithms and Arithmetic Operators for Computing the ηT Pairing in Characteristic Three
IEEE Transactions on Computers
Using Abelian Varieties to Improve Pairing-Based Cryptography
Journal of Cryptology
Reconfigurable Computing Approach for Tate Pairing Cryptosystems over Binary Fields
IEEE Transactions on Computers
Journal of Symbolic Computation
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Faster $\mathbb{F}_p$-Arithmetic for Cryptographic Pairings on Barreto-Naehrig Curves
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
FPGA and ASIC implementations of the ηT pairing in characteristic three
Computers and Electrical Engineering
Multi-core Implementation of the Tate Pairing over Supersingular Elliptic Curves
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
On multiplication in finite fields
Journal of Complexity
Efficient multiplication in F3lm, m ≥ 1 and 5 ≤ l ≤ 18
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Efficient hardware for the tate pairing calculation in characteristic three
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Pairing-Friendly elliptic curves of prime order
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
FPGA implementation of pairings using residue number system and lazy reduction
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Optimal eta pairing on supersingular genus-2 binary hyperelliptic curves
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Parallelizing the weil and tate pairings
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Information Sciences: an International Journal
On efficient pairings on elliptic curves over extension fields
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Core based architecture to speed up optimal ate pairing on FPGA platform
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Faster pairing coprocessor architecture
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
| Hi-index | 0.00 |
This paper presents a novel method for designing compact yet efficient hardware implementations of the Tate pairing over supersingular curves in small characteristic. Since such curves are usually restricted to lower levels of security because of their bounded embedding degree, aiming for the recommended security of 128 bits implies considering them over very large finite fields. We however manage to mitigate this effect by considering curves over field extensions of moderately-composite degree, hence taking advantage of a much easier tower field arithmetic. This technique of course lowers the security on the curves, which are then vulnerable to Weil descent attacks, but a careful analysis allows us to maintain their security above the 128-bit threshold. As a proof of concept of the proposed method, we detail an FPGA accelerator for computing the Tate pairing on a supersingular curve over F35.97, which satisfies the 128-bit security target. On a mid-range Xilinx Virtex-4 FPGA, this accelerator computes the pairing in 2.2 ms while requiring no more than 4755 slices.