Self-pairings on Hyperelliptic Curves

A self-pairing is a pairing computation where both inputs are the same group element. Self-pairings are used in some cryptographic schemes and protocols. In this paper, we show how to compute the Tate-Lichtenbaum pairing (D,\phi(D)) on a curve more efficiently than the general case. The speedup is obtained by requiring a simpler final exponentiation. We also discuss how to use this pairing in cryptographic applications

Pairing-based algorithms for jacobians of genus 2 curves with maximal endomorphism ring

Using Galois cohomology, Schmoyer characterizes cryptographic non-trivial self-pairings of the $\ell$-Tate pairing in terms of the action of the Frobenius on the $\ell$-torsion of the Jacobian of a genus 2 curve. We apply similar techniques to study the non-degeneracy of the $\ell$-Tate pairing restrained to subgroups of the $\ell$-torsion which are maximal isotropic with respect to the Weil pairing. First, we deduce a criterion to verify whether the jacobian of a genus 2 curve has maximal endomorphism ring. Secondly, we derive a method to construct horizontal $(\ell,\ell)$-isogenies starting from a jacobian with maximal endomorphism ring

Generalized Jacobians and explicit descents

We develop a cohomological description of various explicit descents in terms of generalized Jacobians, generalizing the known description for hyperelliptic curves. Specifically, given an integer $n$ dividing the degree of some reduced effective divisor $\mathfrak{m}$ on a curve $C$, we show that multiplication by $n$ on the generalized Jacobian $J_\frak{m}$ factors through an isogeny $\varphi:A_{\mathfrak{m}} \rightarrow J_{\mathfrak{m}}$ whose kernel is naturally the dual of the Galois module $(\operatorname{Pic}(C_{\overline{k}})/\mathfrak{m})[n]$. By geometric class field theory, this corresponds to an abelian covering of $C_{\overline{k}} := C \times_{\operatorname{Spec}{k}} \operatorname{Spec}(\overline{k})$ of exponent $n$ unramified outside $\mathfrak{m}$. The $n$-coverings of $C$ parameterized by explicit descents are the maximal unramified subcoverings of the $k$-forms of this ramified covering. We present applications of this to the computation of Mordell-Weil groups of Jacobians.Comment: to appear in Math. Com

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page