Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Algorithms for Pairing-Based Cryptosystems
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Efficient Implementation of Pairing-Based Cryptosystems
Journal of Cryptology
The Weil Pairing, and Its Efficient Calculation
Journal of Cryptology
Elliptic Curves Suitable for Pairing Based Cryptography
Designs, Codes and Cryptography
Generating More MNT Elliptic Curves
Designs, Codes and Cryptography
Efficient pairing computation on supersingular Abelian varieties
Designs, Codes and Cryptography
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Constructing Brezing-Weng Pairing-Friendly Elliptic Curves Using Elements in the Cyclotomic Field
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
A Generalized Brezing-Weng Algorithm for Constructing Pairing-Friendly Ordinary Abelian Varieties
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Pairing Computation on Twisted Edwards Form Elliptic Curves
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Another Approach to Pairing Computation in Edwards Coordinates
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Faster Pairings on Special Weierstrass Curves
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Efficient and generalized pairing computation on Abelian varieties
IEEE Transactions on Information Theory
Refinements of Miller's algorithm for computing the Weil/Tate pairing
Journal of Algorithms
A Taxonomy of Pairing-Friendly Elliptic Curves
Journal of Cryptology
Constructing elliptic curves with prescribed embedding degrees
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Proceedings of the 11th IMA international conference on Cryptography and coding
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Optimised versions of the ate and twisted ate pairings
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Constructing pairing-friendly elliptic curves using Gröbner basis reduction
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
IEEE Transactions on Information Theory
Constructing pairing-friendly elliptic curves with embedding degree 10
ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Efficient computation of tate pairing in projective coordinate over general characteristic fields
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Faster pairing computations on curves with high-degree twists
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Pairing-Based cryptography at high security levels
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Pairing-Friendly elliptic curves of prime order
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
IEEE Transactions on Information Theory
Ordinary abelian varieties having small embedding degree
Finite Fields and Their Applications
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Delaying mismatched field multiplications in pairing computations
WAIFI'10 Proceedings of the Third international conference on Arithmetic of finite fields
Speeding up ate pairing computation in affine coordinates
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Hi-index | 0.00 |
The most costly operations encountered in pairing computations are those that take place in the full extension field $\mathbb{F}_{p^k}$. At high levels of security, the complexity of operations in $\mathbb{F}_{p^k}$ dominates the complexity of the operations that occur in the lower degree subfields. Consequently, full extension field operations have the greatest effect on the runtime of Miller's algorithm. Many recent optimizations in the literature have focussed on improving the overall operation count by presenting new explicit formulas that reduce the number of subfield operations encountered throughout an iteration of Miller's algorithm. Unfortunately, almost all of these improvements tend to suffer for larger embedding degrees where the expensive extension field operations far outweigh the operations in the smaller subfields. In this paper, we propose a new way of carrying out Miller's algorithm that involves new explicit formulas which reduce the number of full extension field operations that occur in an iteration of the Miller loop, resulting in significant speed ups in most practical situations of between 5 and 30 percent.