Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Faster computation of the Tate pairing

This paper proposes new explicit formulas for the doubling and addition step in Miller's algorithm to compute the Tate pairing. For Edwards curves the formulas come from a new way of seeing the arithmetic. We state the first geometric interpretation of the group law on Edwards curves by presenting the functions which arise in the addition and doubling. Computing the coefficients of the functions and the sum or double of the points is faster than with all previously proposed formulas for pairings on Edwards curves. They are even competitive with all published formulas for pairing computation on Weierstrass curves. We also speed up pairing computation on Weierstrass curves in Jacobian coordinates. Finally, we present several examples of pairing-friendly Edwards curves.Comment: 15 pages, 2 figures. Final version accepted for publication in Journal of Number Theor

Tame Class Field Theory for Global Function Fields

We give a function field specific, algebraic proof of the main results of class field theory for abelian extensions of degree coprime to the characteristic. By adapting some methods known for number fields and combining them in a new way, we obtain a different and much simplified proof, which builds directly on a standard basic knowledge of the theory of function fields. Our methods are explicit and constructive and thus relevant for algorithmic applications. We use generalized forms of the Tate-Lichtenbaum and Ate pairings, which are well-known in cryptography, as an important tool.Comment: 25 pages, to appear in Journal of Number Theor

Semiclassical Theory of Bardeen-Cooper-Schrieffer Pairing-Gap Fluctuations

Superfluidity and superconductivity are genuine many-body manifestations of quantum coherence. For finite-size systems the associated pairing gap fluctuates as a function of size or shape. We provide a parameter free theoretical description of pairing fluctuations in mesoscopic systems characterized by order/chaos dynamics. The theory accurately describes experimental observations of nuclear superfluidity (regular system), predicts universal fluctuations of superconductivity in small chaotic metallic grains, and provides a global analysis in ultracold Fermi gases.Comment: 4 pages, 2 figure

Coexistence of Pairing Tendencies and Ferromagnetism in a Doped Two-Orbital Hubbard Model on Two-Leg Ladders

Using the Density Matrix Renormalization Group and two-leg ladders, we investigate an electronic two-orbital Hubbard model including plaquette diagonal hopping amplitudes. Our goal is to search for regimes where charges added to the undoped state form pairs, presumably a precursor of a superconducting state.For the electronic density $\rho=2$, i.e. the undoped limit, our investigations show a robust $(\pi,0)$ antiferromagnetic ground state, as in previous investigations. Doping away from $\rho=2$ and for large values of the Hund coupling $J$, a ferromagnetic region is found to be stable. Moreover, when the interorbital on-site Hubbard repulsion is smaller than the Hund coupling, i.e. for $U'<J$ in the standard notation of multiorbital Hubbard models, our results indicate the coexistence of pairing tendencies and ferromagnetism close to $\rho=2$. These results are compatible with previous investigations using one dimensional systems. Although further research is needed to clarify if the range of couplings used here is of relevance for real materials, such as superconducting heavy fermions or pnictides, our theoretical results address a possible mechanism for pairing that may be active in the presence of short-range ferromagnetic fluctuations.Comment: 8 pages, 4 Fig

Is N-doped SrO magnetic? A first-principles view

N-doped SrO seems to be one of the model systems for d^0 magnetism, in which magnetism (or ideally, ferromagnetism) was ascribed to the localized N 2p spins mediated by delocalized O 2p holes. Here we offer a different view, using density functional calculations. We find that N-doped SrO with solely substitutional N impurities as widely assumed in the literature is unstable, and instead that a pairing state of substitutional and interstitial N impurities is significantly more stable and has a much lower formation energy than the former by 6.7 eV. The stable (N_{sub}-N_{int})^{2-} dimers behave like a charged (N_2)^{2-} molecule and have each a molecular spin=1. However, their spin-polarized molecular levels lie well inside the wide band gap of SrO and thus the exchange interaction is negligibly weak. As a consequence, N-doped SrO could not be ferromagnetic but paramagnetic.Comment: 7 pages, 2 figures, Appl. Phys. Lett., in pres