4,114 research outputs found
Easy decision-Diffie-Hellman groups
The decision-Diffie-Hellman problem (DDH) is a central computational problem
in cryptography. It is known that the Weil and Tate pairings can be used to
solve many DDH problems on elliptic curves. Distortion maps are an important
tool for solving DDH problems using pairings and it is known that distortion
maps exist for all supersingular elliptic curves. We present an algorithm to
construct suitable distortion maps. The algorithm is efficient on the curves
usable in practice, and hence all DDH problems on these curves are easy. We
also discuss the issue of which DDH problems on ordinary curves are easy
Efficient generation of pairing friendly elliptic curves
Pairings on elliptic curves have become very popular in the decade due to the possibility of implementing modern cryptographic schemes and protocols based on the pairings. For pairings to be effective, special kind of elliptic curves are required. Construction of such curves combines knowledge from algebraic geometry, number theory and cryptography. This is the main reason, that pairings are not implemented as often as they could be.
The purpose of this thesis is to present elliptic curves and pairings on elliptic curves, constructing of pairing friendly elliptic curves and researching their use and efficient implementation. The thesis also contains required preliminaries from algebraic geometry and number theory.
The thesis contains four parts divided in to eight chapters. The first surveys the history of pairings in Chapter 1; Chapter 2 defines pairings, types of pairings and describes bilinear Diffie-Hellman's problem. Algebraic geometry and basic theory on elliptic curves, required for understanding are presented in the second part. It contains definition of algebraic varieties and their properties in Chapter 3 and elliptic curves and their properties in Chapter 4. The third part of the thesis introduces pairings on elliptic curves: Chapter 5 presents pairings and related algorithms, Chapter 6 includes examples of the use of pairings in cryptography. The main part of the thesis is Chapter 7. It includes the definition of pairing friendly curves and all known constructions of pairing friendly curves together with the proofs of these constructions. It also contains recommendations for further implementation and optimization.
Conclusion lists some open problems regarding pairings and pairing friendly curves. Mathematical preliminaries required throughout the thesis and examples of pairing friendly curves can be found in the Appendices
Refinements of Miller's Algorithm over Weierstrass Curves Revisited
In 1986 Victor Miller described an algorithm for computing the Weil pairing
in his unpublished manuscript. This algorithm has then become the core of all
pairing-based cryptosystems. Many improvements of the algorithm have been
presented. Most of them involve a choice of elliptic curves of a \emph{special}
forms to exploit a possible twist during Tate pairing computation. Other
improvements involve a reduction of the number of iterations in the Miller's
algorithm. For the generic case, Blake, Murty and Xu proposed three refinements
to Miller's algorithm over Weierstrass curves. Though their refinements which
only reduce the total number of vertical lines in Miller's algorithm, did not
give an efficient computation as other optimizations, but they can be applied
for computing \emph{both} of Weil and Tate pairings on \emph{all}
pairing-friendly elliptic curves. In this paper we extend the Blake-Murty-Xu's
method and show how to perform an elimination of all vertical lines in Miller's
algorithm during Weil/Tate pairings computation on \emph{general} elliptic
curves. Experimental results show that our algorithm is faster about 25% in
comparison with the original Miller's algorithm.Comment: 17 page
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
Elliptic Curve Cryptography (ECC) has gained widespread adoption in the field of cryptography due to its efficiency and security properties. Symmetric bilinear pairings on elliptic curves have emerged as a powerful tool in cryptographic protocols, enabling advanced constructions and functionalities. This paper explores the intersection of symmetric bilinear pairings, elliptic curves, and Lie algebras in the context of cryptography. We provide a comprehensive overview of the theoretical foundations, applications, and security considerations of this amalgamation
Pairing computation on hyperelliptic curves of genus 2
Bilinear pairings have been recently used to construct cryptographic schemes with new and novel properties, the most celebrated example being the Identity Based Encryption scheme of Boneh and Franklin. As pairing computation is generally the most computationally intensive part of any painng-based cryptosystem, it is essential to investigate new ways in which to compute pairings efficiently.
The vast majority of the literature on pairing computation focuscs solely on using elliptic curves. In this thesis we investigate pairing computation on supersingular hyperelliptic curves of genus 2 Our aim is to provide a practical alternative to using elliptic curves for pairing based cryptography. Specifically, we illustrate how to implement pairings efficiently using genus 2 curves, and how to attain performance comparable to using elliptic curves.
We show that pairing computation on genus 2 curves over F2m can outperform elliptic curves by using a new variant of the Tate pairing, called the r¡j pairing, to compute the fastest pairing implementation in the literature to date We also show for the first time how the final exponentiation required to compute the Tate pairing can be avoided for certain hyperelliptic curves.
We investigate pairing computation using genus 2 curves over large prime fields, and detail various techniques that lead to an efficient implementation, thus showing that these curves are a viable candidate for practical use
Isogenies of Elliptic Curves: A Computational Approach
Isogenies, the mappings of elliptic curves, have become a useful tool in
cryptology. These mathematical objects have been proposed for use in computing
pairings, constructing hash functions and random number generators, and
analyzing the reducibility of the elliptic curve discrete logarithm problem.
With such diverse uses, understanding these objects is important for anyone
interested in the field of elliptic curve cryptography. This paper, targeted at
an audience with a knowledge of the basic theory of elliptic curves, provides
an introduction to the necessary theoretical background for understanding what
isogenies are and their basic properties. This theoretical background is used
to explain some of the basic computational tasks associated with isogenies.
Herein, algorithms for computing isogenies are collected and presented with
proofs of correctness and complexity analyses. As opposed to the complex
analytic approach provided in most texts on the subject, the proofs in this
paper are primarily algebraic in nature. This provides alternate explanations
that some with a more concrete or computational bias may find more clear.Comment: Submitted as a Masters Thesis in the Mathematics department of the
University of Washingto
An FPGA-based programmable processor for bilinear pairings
Bilinear pairings on elliptic curves are an active research field in cryptography. First cryptographic protocols based on bilinear pairings were proposed by the year 2000 and they are promising solutions to security concerns in different domains, as in Pervasive Computing and Cloud Computing. The computation of bilinear pairings that relies on arithmetic over finite fields is the most time-consuming in Pairing-based cryptosystems. That has motivated the research on efficient hardware architectures that improve the performance of security protocols. In the literature, several works have focused in the design of custom hardware architectures for pairings, however, flexible designs provide advantages due to the fact that there are several types of pairings and algorithms to compute them. This work presents the design and implementation of a novel programmable cryptoprocessor for computing bilinear pairings over binary fields in FPGAs, which is able to support different pairing algorithms and parameters as the elliptic curve, the tower field and the distortion map. The results show that high flexibility is achieved by the proposed cryptoprocessor at a competitive timing and area usage when it is compared to custom designs for pairings defined over singular/supersingular elliptic curves at a 128-bit security level
Faster Computation of Self-pairings
Self-pairings have found interesting applications in cryptographic schemes. In this paper, we present a novel method for constructing a self-pairing on supersingular elliptic curves with even embedding degrees, which we call the Ateil pairing. This new pairing improves the efficiency of the self-pairing computation on supersingular curves over finite fields with large characteristics. Based on the pairing, we propose a generalization of the Ateil pairing, which we call the Ateil pairing. The optimal Ateil pairing which has the shortest Miller loop is faster than previously known self-pairings on supersingular elliptic curves over finite fields with small characteristics. We also present a new self-pairing based on the Weil pairing which is faster than the self-pairing based on the Tate pairing on ordinary elliptic curves with embedding degree
Weak instances of class group action based cryptography via self-pairings
In this paper we study non-trivial self-pairings with cyclic domains that are compatible with isogenies between elliptic curves oriented by an imaginary quadratic order . We prove that the order of such a self-pairing necessarily satisfies (and even if and if ) and is not a multiple of the field characteristic. Conversely, for each satisfying these necessary conditions, we construct a family of non-trivial cyclic self-pairings of order that are compatible with oriented isogenies, based on generalized Weil and Tate pairings.
As an application, we identify weak instances of class group actions on elliptic curves assuming the degree of the secret isogeny is known. More in detail, we show that if for some prime power then given two primitively -oriented elliptic curves and connected by an unknown invertible ideal , we can recover essentially at the cost of a discrete logarithm computation in a group of order , assuming the norm of is given and is smaller than . We give concrete instances, involving ordinary elliptic curves over finite fields, where this turns into a polynomial time attack.
Finally, we show that these self-pairings simplify known results on the decisional Diffie-Hellman problem for class group actions on oriented elliptic curves
Hesse Pencils and 3-Torsion Structures
This paper intends to focus on the universal property of this Hesse pencil
and of its twists. The main goal is to do this as explicit and elementary as
possible, and moreover to do it in such a way that it works in every
characteristic different from three
- …