1,208 research outputs found
Pairings in Cryptology: efficiency, security and applications
Abstract
The study of pairings can be considered in so many di�erent ways that it
may not be useless to state in a few words the plan which has been adopted,
and the chief objects at which it has aimed. This is not an attempt to write
the whole history of the pairings in cryptology, or to detail every discovery,
but rather a general presentation motivated by the two main requirements
in cryptology; e�ciency and security.
Starting from the basic underlying mathematics, pairing maps are con-
structed and a major security issue related to the question of the minimal
embedding �eld [12]1 is resolved. This is followed by an exposition on how
to compute e�ciently the �nal exponentiation occurring in the calculation
of a pairing [124]2 and a thorough survey on the security of the discrete log-
arithm problem from both theoretical and implementational perspectives.
These two crucial cryptologic requirements being ful�lled an identity based
encryption scheme taking advantage of pairings [24]3 is introduced. Then,
perceiving the need to hash identities to points on a pairing-friendly elliptic
curve in the more general context of identity based cryptography, a new
technique to efficiently solve this practical issue is exhibited.
Unveiling pairings in cryptology involves a good understanding of both
mathematical and cryptologic principles. Therefore, although �rst pre-
sented from an abstract mathematical viewpoint, pairings are then studied
from a more practical perspective, slowly drifting away toward cryptologic
applications
Constructing suitable ordinary pairing-friendly curves: A case of elliptic curves and genus two hyperelliptic curves
One of the challenges in the designing of pairing-based cryptographic protocols is to construct suitable pairing-friendly curves: Curves which would provide e�cient implementation without compromising the security of the protocols. These curves have small embedding degree and large prime order subgroup. Random curves are likely to have large embedding degree and hence are not practical for implementation of pairing-based protocols.
In this thesis we review some mathematical background on elliptic and hyperelliptic curves in relation to the construction of pairing-friendly hyper-elliptic curves. We also present the notion of pairing-friendly curves. Furthermore, we construct new pairing-friendly elliptic curves and Jacobians of genus two hyperelliptic curves which would facilitate an efficient implementation in pairing-based protocols. We aim for curves that have smaller values than ever before reported for di�erent embedding degrees. We also discuss optimisation of computing pairing in Tate pairing and its variants. Here we show how to e�ciently multiply a point in a subgroup de�ned on a twist curve by a large cofactor. Our approach uses the theory of addition chains. We also show a new method for implementation of the computation of the hard part of the �nal exponentiation in the calculation of the Tate pairing and its varian
On near prime-order elliptic curves with small embedding degrees (Full version)
In this paper, we extend the method of Scott and Barreto and present an explicit and simple algorithm to generate families of generalized MNT elliptic curves. Our algorithm allows us to obtain all families of generalized MNT curves with any given cofactor. Then, we analyze the complex multiplication equations of these families of curves and transform them into generalized Pell equation. As an example, we describe a way to generate Edwards curves with embedding degree 6, that is, elliptic curves having cofactor h = 4
Heuristics on pairing-friendly abelian varieties
We discuss heuristic asymptotic formulae for the number of pairing-friendly
abelian varieties over prime fields, generalizing previous work of one of the
authors arXiv:math1107.0307Comment: Pages 6-7 rewritten, other minor changes mad
Identity based cryptography from bilinear pairings
This report contains an overview of two related areas of research in cryptography
which have been prolific in significant advances in recent years. The first of
these areas is pairing based cryptography. Bilinear pairings over elliptic curves
were initially used as formal mathematical tools and later as cryptanalysis tools
that rendered supersingular curves insecure. In recent years, bilinear pairings
have been used to construct many cryptographic schemes. The second area
covered by this report is identity based cryptography. Digital certificates are
a fundamental part of public key cryptography, as one needs a secure way of
associating an agent’s identity with a random (meaningless) public key. In
identity based cryptography, public keys can be arbitrary bit strings, including
readable representations of one’s identity.Fundação para a Ci~Encia e Tecnologia - SFRH/BPD/20528/2004
Ordinary Calabi-Yau-3 Crystals
We show that crystals with the properties of crystalline cohomology of
ordinary Calabi-Yau threefolds in characteristic p>0, exhibit a remarkable
similarity with the well known structure on the cohomology of complex
Calabi-Yau threefolds near a boundary point of the moduli space with maximal
unipotent local monodromy. In particular, there are canonical coordinates and
an analogue of the prepotential of the Yukawa coupling. Moreover we show p-adic
analogues of the integrality properties for the canonical coordinates and the
prepotential of the Yukawa coupling, which have been observed in the examples
of Mirror Symmetry.Comment: 17 p.; Latex2e;v2: only change: style file fic-l.cls provided; to
appear in proceedings of Workshop on Calabi-Yau Varieties and Mirror Symmetry
at Fields Institute, July 200
The Number Field Sieve for Barreto-Naehrig Curves: Smoothness of Norms
The security of pairing-based cryptography can be reduced to the difficulty of the discrete logarithm problem (DLP) in finite fields of medium characteristic. The number field sieve is the best known algorithm for this problem. We look at a recent improvement to the number field sieve (NFS) by Joux and Pierrot that applies to finite field DLPs arising from elliptic curves used in pairing-based cryptography. We give specific parameter values for use with Miyaji-Nakabayashi-Takano curves offering 80-bits of security, and Barreto-Naehrig (BN) curves offering 128-bits of security. The running times of the corresponding NFS implementations are compared to the running times arising from prior versions of the NFS, showing that for BN curves the Joux-Pierrot version of the NFS is faster than the conventional version, but that BN curves still provide 128-bits of security. To get a better estimate on the number of relations that can be obtained during the sieving stage, we then analyze the distribution of the sizes of the product of the norms. Using this data, we give some guidelines for choosing which Joux-Pierrot polynomials to use for a specific DLP instance. We attempt to find a model for the distribution in order to further improve on the Joux-Pierrot version of the NFS. Finally, we prove some tighter bounds on the product of the norms
Heuristics on pairing-friendly elliptic curves
We present a heuristic asymptotic formula as for the number of
isogeny classes of pairing-friendly elliptic curves with fixed embedding degree
, with fixed discriminant, with rho-value bounded by a fixed
such that , and with prime subgroup order at most .Comment: text substantially rewritten, tables correcte
Dynamic Modulus and Damping of Boron, Silicon Carbide, and Alumina Fibers
The dynamic modulus and damping capacity for boron, silicon carbide, and silicon carbide coated boron fibers were measured from-190 to 800 C. The single fiber vibration test also allowed measurement of transverse thermal conductivity for the silicon carbide fibers. Temperature dependent damping capacity data for alumina fibers were calculated from axial damping results for alumina-aluminum composites. The dynamics fiber data indicate essentially elastic behavior for both the silicon carbide and alumina fibers. In contrast, the boron based fibers are strongly anelastic, displaying frequency dependent moduli and very high microstructural damping. Ths single fiber damping results were compared with composite damping data in order to investigate the practical and basic effects of employing the four fiber types as reinforcement for aluminum and titanium matrices
- …