On Compressible Pairings and Their Computation
نویسندگان
چکیده
In this paper we provide explicit formulæ to compute bilinear pairings in compressed form, and indicate families of curves where particularly generalised versions of the Eta and Ate pairings due to Zhao et al. are especially efficient. With the new formulæ it is possible to entirely avoid F pk arithmetic during pairing computation on elliptic curves over Fp with even embedding degree k. Using our new method all intermediate results in the Miller loop are represented by just one F pk/2 element and manipulated in compressed form. For certain families of ordinary curves with embedding degree k = 6m all arithmetic can be done in a subfield of size p and the representation can be further compressed to two Fpm elements.
منابع مشابه
An Efficient Electronic Cash Scheme with Multiple Banks Using Group Signature
In 2008, an electronic cash scheme with multiple banks based on group signatures was proposed by Wang et al. They adopted a group blind signature scheme based on bilinear pairings to generate the electronic cash and it can be verified by the bilinear pairings operation. However, we find some security problems in their approach. By the way, the cost of communication and computation in their sche...
متن کاملA Comprehensive Approach for Railway Crew Scheduling Problem (Case Study: Iranian Railway Network)
The aim of this study is to propose a comprehensive approach for handling the crew scheduling problem in the railway systems. In this approach, the information of different railway trips are considered as input and the problem is divided to three separated phases. In phase I, we generate all feasible sequences of the trips, which are named as the pairings. A depth-first search algorithm is deve...
متن کاملSelf-pairings on supersingular elliptic curves with embedding degree three
Self-pairings are a special subclass of pairings and have interesting applications in cryptographic schemes and protocols. In this paper, we explore the computation of the self-pairings on supersingular elliptic curves with embedding degree k = 3. We construct a novel self-pairing which has the same Miller loop as the Eta/Ate pairing. However, the proposed self-pairing has a simple final expone...
متن کاملAdequate Elliptic Curves for Computing the Product of n Pairings
Many pairing-based protocols require the computation of the product and/or of a quotient of n pairings where n > 1 is a natural integer. Zhang et al.[1] recently showed that the Kachisa-Schafer and Scott family of elliptic curves with embedding degree 16 denoted KSS16 at the 192-bit security level is suitable for such protocols comparatively to the BarettoLynn and Scott family of elliptic curve...
متن کاملEfficient Pairing Computation on Genus 2 Curves in Projective Coordinates
In recent years there has been much interest in the development and the fast computation of bilinear pairings due to their practical and myriad applications in cryptography. Well known efficient examples are the Weil and Tate pairings and their variants such as the Eta and Ate pairings on the Jacobians of (hyper-)elliptic curves. In this paper, we consider the use of projective coordinates for ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2007 شماره
صفحات -
تاریخ انتشار 2007