SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA

Elliptic Curve Cryptography (ECC) has gained widespread adoption in the field of cryptography due to its efficiency and security properties. Symmetric bilinear pairings on elliptic curves have emerged as a powerful tool in cryptographic protocols, enabling advanced constructions and functionalities. This paper explores the intersection of symmetric bilinear pairings, elliptic curves, and Lie algebras in the context of cryptography. We provide a comprehensive overview of the theoretical foundations, applications, and security considerations of this amalgamation

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

An FPGA-based programmable processor for bilinear pairings

Bilinear pairings on elliptic curves are an active research field in cryptography. First cryptographic protocols based on bilinear pairings were proposed by the year 2000 and they are promising solutions to security concerns in different domains, as in Pervasive Computing and Cloud Computing. The computation of bilinear pairings that relies on arithmetic over finite fields is the most time-consuming in Pairing-based cryptosystems. That has motivated the research on efficient hardware architectures that improve the performance of security protocols. In the literature, several works have focused in the design of custom hardware architectures for pairings, however, flexible designs provide advantages due to the fact that there are several types of pairings and algorithms to compute them. This work presents the design and implementation of a novel programmable cryptoprocessor for computing bilinear pairings over binary fields in FPGAs, which is able to support different pairing algorithms and parameters as the elliptic curve, the tower field and the distortion map. The results show that high flexibility is achieved by the proposed cryptoprocessor at a competitive timing and area usage when it is compared to custom designs for pairings defined over singular/supersingular elliptic curves at a 128-bit security level

Investigating power and fault analysis with specific application to bilinear pairings

The security of bilinear pairings against implementation attacks such as side channel and fault attacks is largely an uncharted area of research. Apart from one publication on the topic, coverage of this area is non-existent. Armed with the fact that the number of applications based on bilinear pairings is ever-increasing, the bilinear pairing algorithms themselves are constantly being enhanced and optimised such that they are commercially viable, and the fact that the current research on elliptic curve primitives is not applicable to bilinear pairings, makes this a vital topic for further investigation and analysis. This research aims to begin to fill this void. Along with addressing some of the more subtle aspects of implementation attacks, this research presents an investigation into the security of bilinear pairings against implementation attacks. Specifically, the process of performing the data analysis phase of a Side Channel Attack (SCA) is analysed. A theoretical fault attack on the Digital Signature Algorithm (DSA) is examined and implemented in practice. A number of candidate bilinear pairing algorithms are assessed for vulnerability to the SCA, first-order power analysis, which passively monitors the power consumption of a device. Furthermore, a number of candidate bilinear pairing algorithms are assessed for vulnerability to fault analysis, which seeks to actively disrupt the normal execution of an algorithm. Our principal results can be summarised as follows: We suggest computational improvements to the Differential Power Analysis (DPA) data analysis process, which can reduce the number of operations by up to 97%. We demonstrate how a theoretical attack on the DSA using lattice reduction can be executed in practice with the aid of a glitch attack. We propose a novel SCA technique to attack various finite field operations. This attack involves analysing the structural evolution of finite field operations and is based on Correlation Power Analysis (CPA), which is a form of first-order power analysis. We examine the Tate, Ate and nT pairing for vulnerability to first-order power analysis and discover that given certain parameter choice, the Tate and Ate pairing can provide options for minimising an attack, whereas the nT pairing provides no such options and can be attacked from all parameter positions. We investigate the existence of opportunistic faults on the Weil, Tate and nT pairing and discover two types of fault attacks that can be successfully applied to the Weil and n pairing to reveal the secret key. This weakness is attributed to the absence or simplicity of the final exponentiation employed, highlighting the fact that the final exponentiation is a vital operation in bilinear pairing computation and in particular adds a layer of protection to pairings. This fact is further compounded in the proof that the Tate pairing is immune to such fault attacks. Finally, we provide recommendations based on our findings for secure bilinear pairing implementation in terms of power and fault analysis