Optimal eta pairing on supersingular genus-2 binary hyperelliptic curves

Authors:
Diego F. Aranha;Jean-Luc Beuchat;Jérémie Detrey;Nicolas Estibals
Affiliations:
Institute of Computing, University of Campinas, Campinas, Brazil;Graduate School of Systems and Information Engineering, University of Tsukuba, Tsukuba, Ibaraki, Japan;CARAMEL project-team, LORIA, INRIA / CNRS / Nancy Université, Vandoeuvre-lès-Nancy Cedex, France;CARAMEL project-team, LORIA, INRIA / CNRS / Nancy Université, Vandoeuvre-lès-Nancy Cedex, France
Venue:
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Year:
2012

Citing 32
Cited 0

A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves

Mathematics of Computation
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Short Signatures from the Weil Pairing

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Supersingular Curves in Cryptography

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A One Round Protocol for Tripartite Diffie-Hellman

ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems

Journal of Cryptology
The Weil Pairing, and Its Efficient Calculation

Journal of Cryptology
Hardware acceleration of the Tate pairing on a genus 2 hyperelliptic curve

Journal of Systems Architecture: the EUROMICRO Journal
Efficient pairing computation on supersingular Abelian varieties

Designs, Codes and Cryptography
Ate Pairing on Hyperelliptic Curves

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Pairing Lattices

Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Pairings for cryptographers

Discrete Applied Mathematics
Using Abelian Varieties to Improve Pairing-Based Cryptography

Journal of Cryptology
Multi-core Implementation of the Tate Pairing over Supersingular Elliptic Curves

CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Optimal pairings

IEEE Transactions on Information Theory
New software speed records for cryptographic pairings

LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Efficient software implementation of binary field arithmetic using vector instruction sets

LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
On the efficiency and security of pairing-based protocols in the type 1 and type 4 settings

WAIFI'10 Proceedings of the Third international conference on Arithmetic of finite fields
Fast Architectures for the \eta_T Pairing over Small-Characteristic Supersingular Elliptic Curves

IEEE Transactions on Computers
High-speed software implementation of the optimal ate pairing over Barreto-Naehrig curves

Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
Compact hardware for computing the tate pairing over 128-bit-security supersingular curves

Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
Faster explicit formulas for computing pairings over ordinary curves

EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
FPGA implementation of pairings using residue number system and lazy reduction

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
High speed cryptoprocessor for ηT pairing on 128-bit secure supersingular elliptic curves over characteristic two fields

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
High security pairing-based cryptography revisited

ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
Collusion resistant broadcast encryption with short ciphertexts and private keys

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
High-speed parallel software implementation of the ηT pairing

CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Pairing-Based cryptography at high security levels

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Pairing-Friendly elliptic curves of prime order

SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Parallelizing the weil and tate pairings

IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
The Eta Pairing Revisited

IEEE Transactions on Information Theory
Handbook of Elliptic and Hyperelliptic Curve Cryptography, Second Edition

Handbook of Elliptic and Hyperelliptic Curve Cryptography, Second Edition

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article presents a novel pairing algorithm over supersingular genus-2 binary hyperelliptic curves. Starting from Vercauteren's work on optimal pairings, we describe how to exploit the action of the 23m-th power Verschiebung in order to reduce the loop length of Miller's algorithm even further than the genus-2 ηT approach. As a proof of concept, we detail an optimized software implementation and an FPGA accelerator for computing the proposed optimal Eta pairing on a genus-2 hyperelliptic curve over $\mathbb{F}_{2^{367}}$ , which satisfies the recommended security level of 128 bits. These designs achieve favourable performance in comparison with the best known implementations of 128-bit-security Type-1 pairings from the literature.