Skip to main content
SpringerLink
Log in

Fast Bilinear Maps from the Tate-Lichtenbaum Pairing on Hyperelliptic Curves

  • Conference paper
Algorithmic Number Theory (ANTS 2006)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 4076))

Included in the following conference series:

Abstract

Pairings on elliptic curves recently obtained a lot of attention not only as a means to attack curve based cryptography but also as a building block for cryptosystems with special properties like short signatures or identity based encryption.

In this paper we consider the Tate pairing on hyperelliptic curves of genus g. We give mathematically sound arguments why it is possible to use particular representatives of the involved residue classes in the second argument that allow to compute the pairing much faster, where the speed-up grows with the size of g. Since the curve arithmetic takes about the same time for small g and constant group size, this implies that g>1 offers advantages for implementations. We give two examples of how to apply the modified setting in pairing based protocols such that all parties profit from the idea.

We stress that our results apply also to non-supersingular curves, e. g. those constructed by complex multiplication, and do not need distortion maps. They are also applicable if the co-factor is nontrivial.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Avanzi, R., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: The Handbook of Elliptic and Hyperelliptic Curve Cryptography. CRC Press, Boca Raton (2005)

    Google Scholar 

  2. Barreto, P.S.L.M., Galbraith, S.D., hEigeartaigh, C.O., Scott, M.: Efficient pairing computation on supersingular abelian varieties (preprint, 2004)

    Google Scholar 

  3. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  4. Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  5. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order (preprint, 2005)

    Google Scholar 

  6. Blake, I.F., Murty, K., Xu, G.: Refinements of Miller’s algorithm for computing Weil/Tate pairing (preprint, 2004)

    Google Scholar 

  7. Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (1999)

    MATH  Google Scholar 

  8. Bleichenbacher, D., Flammenkamp, A.: An efficient algorithm for computing shortest addition chains

    Google Scholar 

  9. Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  10. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Cantor, D.G.: Computing in the Jacobian of a hyperelliptic curve. Math. Comp. 48, 95–101 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  12. Choie, Y., Lee, E.: Implementation of Tate Pairing on Hyperelliptic Curves of Genus 2. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 97–111. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Dupont, R., Enge, A., Morain, F.: Building curves with arbitrary small MOV degree over finite prime fields. J. Cryptology 18(2), 79–89 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  14. Duursma, I., Lee, H.-S.: Tate-pairing implementations for tripartite key agreement (2003)

    Google Scholar 

  15. Eisenträger, K., Lauter, K., Montgomery, P.L.: Fast elliptic curve arithmetic and improved Weil pairing evaluation. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 343–354. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  16. Eisenträger, K., Lauter, K., Montgomery, P.L.: Improved Weil and Tate pairings for elliptic and hyperelliptic curves. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 169–183. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Frey, G., Lange, T.: Mathematical background of public key cryptography. Technical Report 10, IEM Essen. Séminaires et Congrès (to appear, 2003)

    Google Scholar 

  18. Frey, G., Müller, M., Rück, H.G.: The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems. IEEE Trans. Inform. Theory 45(5), 1717–1719 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  19. Frey, G., Rück, H.G.: A remark concerning m-divisibility and the discrete logarithm problem in the divisor class group of curves. Math. Comp. 62, 865–874 (1994)

    Article  MATH  MathSciNet  Google Scholar 

  20. Galbraith, S.D.: Supersingular curves in cryptography. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 495–513. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  21. Galbraith, S.D., Harrison, K., Soldera, D.: Implementing the Tate pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  22. Gaudry, P., Thériault, N., Thomé, E., Diem, C.: A double large prime variation for small genus hyperelliptic index calculus (last update November 21, 2005) (preprint, 2005)

    Google Scholar 

  23. Guyot, C., Kaveh, K., Patankar, V.M.: Explicit algorithm for the arithmetic on the hyperelliptic Jacobians of genus 3. J. Ramanujan Math. Soc. 19, 119–159 (2004)

    MathSciNet  Google Scholar 

  24. Hess, F., Seroussi, G., Smart, N.P.: Two topics in hyperelliptic cryptography. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 181–189. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Izu, T., Takagi, T.: Efficient computations of the Tate pairing for the large MOV degrees. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 283–297. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  26. Joux, A.: A one round protocol for tripartite Diffie–Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  27. Katagi, M., Kitamura, I., Akishita, T., Takagi, T.: Novel efficient implementations of hyperelliptic curve cryptosystems using degenerate divisors. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 347–361. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  28. Koblitz, N.: Hyperelliptic cryptosystems. J. Cryptology 1, 139–150 (1989)

    Article  MATH  MathSciNet  Google Scholar 

  29. Lange, T.: Formulae for arithmetic on genus 2 hyperelliptic curves. Appl. Algebra Engrg. Comm. Comput. 15(5), 295–328 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  30. Lorenzini, D.: An invitation to arithmetic geometry. Graduate studies in mathematics, vol. 9. AMS (1996)

    Google Scholar 

  31. Miller, V.S.: Short programs for functions on curves. IBM, Thomas J. Watson Research Center (1986)

    Google Scholar 

  32. Miller, V.C.: The Weil Pairing, and Its Efficient Calculation. J. Cryptology 17, 235–261 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  33. Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Trans. Fundamentals E84-A(5), 1234–1243 (2001)

    Google Scholar 

  34. Miyamoto, Y., Doi, H., Matsuo, K., Chao, J., Tsuji, S.: A fast addition algorithm of genus two hyperelliptic curve. In: Symposium on Cryptography and Information Security – SCIS 2002, pp. 497–502 (2002) (in Japanese)

    Google Scholar 

  35. Okamoto, T., Pointcheval, D.: The gap-problems: a new class of problems for the security of cryptographic schemes. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104–118. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  36. Pelzl, J., Wollinger, T., Guajardo, J., Paar, C.: Hyperelliptic curve cryptosystems: Closing the performance gap to elliptic curves. In: D.Walter, C., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 351–365. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  37. Rivest, R.L., Silverman, R.D.: Are “strong” primes needed for RSA? (preprint, 1997)

    Google Scholar 

  38. Rück, H.G.: On the discrete logarithm problem in the divisor class group of curves. Math. Comp. 68, 805–806 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  39. Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: Symposium on Cryptography and Information Security – SCIS 2000 (2000)

    Google Scholar 

  40. Stahlke, C.: Point compression on Jacobians of hyperelliptic curves over \(\mathbb{F}_q\) (preprint, 2004)

    Google Scholar 

  41. Stichtenoth, H.: Algebraic Function Fields and Codes. Springer, Heidelberg (1993)

    MATH  Google Scholar 

  42. Sugizaki, H., Matsuo, K., Chao, J., Tsujii, S.: An Extension of Harley algorithm addition algorithm for hyperelliptic curves over finite fields of characteristic two. Technical Report ISEC2002-9(2002-5), IEICE (2002)

    Google Scholar 

  43. Takahashi, M.: Improving Harley algorithms for Jacobians of genus 2 hyperelliptic curves. In: Symposium on Cryptography and Information Security – SCIS 2002 (2002) (in Japanese)

    Google Scholar 

  44. Wollinger, T.: Software and Hardware Implementation of Hyperelliptic Curve Cryptosystems. PhD thesis, Ruhr-University of Bochum (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Experimental Mathematics (IEM), University of Duisburg-Essen, Ellernstrasse 29, D-45326, Essen, Germany

    Gerhard Frey

  2. Department of Mathematics, Technical University of Denmark, Matematiktorvet 303, 2800 Kgs., Lyngby, Denmark

    Tanja Lange

Authors
  1. Gerhard Frey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tanja Lange
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Technische Universität Berlin, Germany

    Florian Hess

  2. Institut für Mathematik, MA 8–1, Technische Universität Berlin, Straße des 17. Juni 136, 10623, Berlin, Germany

    Sebastian Pauli

  3. Institut für Mathematik, Technische Universität Berlin, Fakultät II, MA 8-1, Strasse des 17. Juni 136, 10623, Berlin, Germany

    Michael Pohst

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Frey, G., Lange, T. (2006). Fast Bilinear Maps from the Tate-Lichtenbaum Pairing on Hyperelliptic Curves. In: Hess, F., Pauli, S., Pohst, M. (eds) Algorithmic Number Theory. ANTS 2006. Lecture Notes in Computer Science, vol 4076. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11792086_33

Download citation

  • DOI: https://doi.org/10.1007/11792086_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-36075-9

  • Online ISBN: 978-3-540-36076-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation