Speeding up pairing computations on genus 2 hyperelliptic curves with efficiently computable automorphisms

Pairings on the Jacobians of (hyper-)elliptic curves have received considerable attention not only as a tool to attack curve based cryptosystems but also as a building block for constructing cryptographic schemes with new and novel properties. Motivated by the work of Scott [34], we investigate how to use efficiently computable automorphisms to speed up pairing computations on two families of non-supersingular genus 2 hyperelliptic curves over prime fields. Our findings lead to new variants of Miller’s algorithm in which the length of the main loop can be up to 4 times shorter than that of the original Miller’s algorithm in the best case. We also implement the calculation of the Tate pairing on both a supersingular and a non-supersingular genus 2 curve with the same embedding degree of k = 4. Combining the new algorithm with known optimization techniques, we show that pairing computations on non-supersingular genus 2 curves over primes fields use up to 56.2 % fewer field operations and run about 10 % faster than supersingular genus 2 curves for the same security level