Abstract
We describe, in detail sufficient for easy implementation, a fast method for calculation of the Tate pairing, as required for pairing-based cryptographic protocols. We point out various optimisations and tricks, and compare timings of a pairing-based Identity Based Encryption scheme with an optimised RSA implementation.
Research supported by Enterprise Ireland grant IF/2002/0312/N.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barreto, P.S.L.M.: The pairing-based crypto lounge (2004), http://planeta.terra.com.br/informatica/paulobarreto/pblounge.html
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 263–273. Springer, Heidelberg (2003)
Barreto, P.S.L.M., Lynn, B., Scott, M.: On the selection of pairing-friendly groups. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 17–25. Springer, Heidelberg (2004)
Blake, I.F., Seroussi, G., Smart, N.P. (eds.): Advances in Elliptic Curve Cryptography, vol. 2. Cambridge University Press, Cambridge (2005)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Brezing, F., Weng, A.: Elliptic curves suitable for pairing based cryptography. Cryptology ePrint Archive, Report 2003/143 (2003), Available from http://eprint.iacr.org/2003/143
Brickell, E.F., Gordon, D.M., McCurley, K.S., Wilson, D.B.: Fast exponentiation with precomputation: Algorithms and lower bounds. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 200–207. Springer, Heidelberg (1993)
Dupont, R., Enge, A., Morain, F.: Building curves with arbitrary small MOV degree over finite prime fields. Cryptology ePrint Archive, Report 2002/094 (2002), http://eprint.iacr.org/2002/094
Dutta, R., Barua, R., Sarkar, P.: Pairing-based cryptography: A survey. Cryptology ePrint Archive, Report 2004/064 (2004), http://eprint.iacr.org/2004/064
Duursma, I., Lee, H.-S.: Tate-pairing implementations for tripartite key agreement. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)
Galbraith, S., Harrison, K., Soldera, D.: Implementing the Tate pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)
IEEE Std 1363-2000. Standard specifications for public-key cryptography. IEEE P1363 Working Group (2000)
Izu, T., Takagi, T.: Efficient computations of the Tate pairing for the large MOV degrees. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 283–297. Springer, Heidelberg (2003)
Joye, M., Yen, S.: The Montgomery powering ladder. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)
Kocher, P., Jaffe, J., Jun, B.: Introduction to differential power analysis and related attacks (1998), http://www.cryptography.com/dpa/technical
Mao, W., Harrison, K.: Divisors, bilinear pairings, and pairing enabled cryptographic applications (2003), http://hplbwww.hpl.hp.com/people/wm/research/pairing.pdf
McCullagh, N.: Personal Communication (2004)
Menezes, A.: Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, Dordrecht (1993)
Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Transactions on Fundamentals E84-A(5), 1234–1243 (2001)
Sakai, R., Kasahara, M.: ID based cryptosystems with pairing on elliptic curve. Cryptography ePrint Archive, Report 2003/054 (2003), http://eprint.iacr.org/2003/054
Scott, M.: (2002), http://ftp.compapp.dcu.ie/pub/crypto/cm.exe
Scott, M.: (2002), http://www.computing.dcu.ie/~mike/tate.html
Scott, M., Barreto, P.: Compressed pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004), Also available from http://eprint.iacr.org/2004/032/
Scott, M., Barreto, P.: Generating more MNT elliptic curves. Cryptology ePrint Archive, Report 2004/058 (2004), Available from http://eprint.iacr.org/2004/058/
Semaev, I.: Summation polynomials and the discrete logarithm problem on elliptic curves. Cryptography ePrint Archive, Report 2004/031 (2003), http://eprint.iacr.org/2004/031/
Smart, N.P.: An identity based authenticated key agreement protocol based on the Weil pairing. Electronics Letters 38, 630–632 (2002)
Solinas, J.: ID-based digital signature algorithms (2003), http://www.cacr.math.uwaterloo.ca/conferences/2003/ecc2003/solinas.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Scott, M. (2005). Computing the Tate Pairing. In: Menezes, A. (eds) Topics in Cryptology – CT-RSA 2005. CT-RSA 2005. Lecture Notes in Computer Science, vol 3376. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30574-3_20
Download citation
DOI: https://doi.org/10.1007/978-3-540-30574-3_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24399-1
Online ISBN: 978-3-540-30574-3
eBook Packages: Computer ScienceComputer Science (R0)