Eta pairing on supersingular elliptic curves defined over fields of characteristics two and three is a popular and practical variant of pairing used in many cryptographic protocols. In this paper, we study SIMD-based implementations of eta pairing over these fields. Our implementations use standard SIMD-based vectorization techniques which we call horizontal and vertical vectorization. To the b...

The vector decomposition problem (VDP) has been proposed as a computational problem on which to base the security of public key cryptosystems. We give a generalisation and simplification of the results of Yoshida on the VDP. We then show that, for the supersingular elliptic curves which can be used in practice, the VDP is equivalent to the computational Diffie-Hellman problem (CDH) in a cyclic ...

Fast arithmetic for characteristic three finite fields F3m is desirable in pairing-based cryptography because there is a suitable family of elliptic curves over F3m having embedding degree 6. In this paper we present some structure results for Gaussian normal bases of F3m , and use the results to devise faster multiplication algorithms. We carefully compare multiplication in F3m using polynomia...

This paper addresses the discrete logarithm problem in elliptic curve cryptography. In particular, we generalize the Menezes, Okamoto, and Vanstone (MOV) reduction so that it can be applied to some non-supersingular elliptic curves (ECs); decrypt Frey and Rück (FR)’s idea to describe the detail of the FR reduction and to implement it for actual elliptic curves with finite fields on a practical ...

Constructing non-supersingular elliptic curves for pairing-based cryptosystems have attracted much attention in recent years. The best previous technique builds curves with ρ = lg(q)/lg(r) ≈ 1 (k = 12) and ρ = lg(q)/lg(r) ≈ 1.25 (k = 24). When k > 12, most of the previous works address the question by representing r(x) as a cyclotomic polynomial. In this paper, we propose a new method to find m...

After Miller’s original algorithm for the Tate pairing computation, many improved algorithms have been suggested, to name just a few, by Galbraith et al. and Barreto et al., especially for the fields with characteristic three. Also Duursma and Lee found a closed formula of the Tate pairing computation for the fields with characteristic three. In this paper, we show that a similar argument is al...

In this paper we study the p-adic dynamics of prime-to-p Hecke operators on set points modular curves in both cases good ordinary and supersingular reduction. We pay special attention to CM points. case reduction employ Serre–Tate coordinates, while use a parameter deformation space unique formal group height 2 over