Abstract
There have been recent advances in solving the finite extension field discrete logarithm problem as it arises in the context of pairing-friendly elliptic curves. This has lead to the abandonment of approaches based on supersingular curves of small characteristic, and to the reconsideration of the field sizes required for implementation based on non-supersingular curves of large characteristic. This has resulted in a revision of recommendations for suitable curves, particularly at a higher level of security. Indeed for a security level of 256 bits, the BLS48 curves have been suggested, and demonstrated to be superior to other candidates. These curves have an embedding degree of 48. The well known taxonomy of Freeman, Scott and Teske only considered curves with embedding degrees up to 50. Given some uncertainty around the constants that apply to the best discrete logarithm algorithm, it would seem to be prudent to push a little beyond 50. In this note we announce the discovery of a new family of pairing friendly elliptic curves which includes a new construction for a curve with an embedding degree of 54.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Barbulescu, R., Duquesne, S.: Updating key size estimations for pairings. J. Cryptol. (2018). https://doi.org/10.1007/s00145-018-9280-5. http://eprint.iacr.org/2017/334
Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_19
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). https://doi.org/10.1007/11693383_22
Benger, N., Scott, M.: Constructing tower extensions of finite fields for implementation of pairing-based cryptography. In: Hasan, M.A., Helleseth, T. (eds.) WAIFI 2010. LNCS, vol. 6087, pp. 180–195. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13797-6_13
Brent, R.P.: On computing factors of cyclotomic polynomials. Math. Comp. 61(203), 131–149 (1993). https://doi.org/10.2307/2152941
Brezing, F., Weng, A.: Elliptic curves suitable for pairing based cryptography. Des. Codes Cryptogr. 37(1), 133–141 (2005). https://eprint.iacr.org/2003/143
Brillhart, J., Lehmer, D.H., Selfridge, J.L., Tuckerman, B., Wagstaff Jr., S.S.: Factorizations of \(b^n \pm 1\), \(b=2,3,5,6,7,10,11,12\) up to High Powers. Contemporary Mathematics, 2nd edn, vol. 22. American Mathematical Society, Providence (1988). https://homes.cerias.purdue.edu/ssw/cun/
Estibals, N.: Compact hardware for computing the tate pairing over 128-bit-security supersingular curves. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 397–416. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17455-1_25
Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptol. 23(2), 224–280 (2010). http://eprint.iacr.org/2006/372
Galbraith, S.D., McKee, J.F., Valença, P.C.: Ordinary Abelian varieties having small embedding degree. Finite Fields Appl. 13(4), 800–814 (2007). https://eprint.iacr.org/2004/365
Granville, A., Pleasants, P.: Aurifeuillian factorization. Math. Comp. 75(253), 497–508 (2006). https://doi.org/10.1090/S0025-5718-05-01766-7
Joux, A., Pierrot, C.: The special number field sieve in \(\mathbb{F}_{p^{n}}\) - application to pairing-friendly constructions. In: Cao, Z., Zhang, F. (eds.) Pairing 2013. LNCS, vol. 8365, pp. 45–61. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04873-4_3
Kachisa, E.J., Schaefer, E.F., Scott, M.: Constructing brezing-weng pairing-friendly elliptic curves using elements in the cyclotomic field. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 126–135. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85538-5_9
Kim, T., Barbulescu, R.: Extended tower number field sieve: a new complexity for the medium prime case. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 543–571. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_20
Kiyomura, Y., Inoue, A., Kawahara, Y., Yasuda, M., Takagi, T., Kobayashi, T.: Secure and efficient pairing at 256-bit security level. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 59–79. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61204-1_4
Menezes, A., Sarkar, P., Singh, S.: Challenges with assessing the impact of NFS advances on the security of pairing-based cryptography. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 83–108. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61273-7_5
El Mrabet, N., Joye, M. (eds.): Guide to Pairing-Based Cryptography. Chapman and Hall/CRC, Boca Raton (2016). https://www.crcpress.com/Guide-to-Pairing-Based-Cryptography/El-Mrabet-Joye/p/book/9781498729505
Schinzel, A.: On primitive prime factors of \(a^n-b^n\). Proc. Cambridge Philos. Soc. 58(4), 555–562 (1962). https://doi.org/10.1017/S0305004100040561
Schirokauer, O.: The number field sieve for integers of low weight. Math. Comput. 79(269), 583–602 (2010). https://doi.org/10.1090/S0025-5718-09-02198-X. http://eprint.iacr.org/2006/107
Scott, M.: On the efficient implementation of pairing-based protocols. In: Chen, L. (ed.) IMACC 2011. LNCS, vol. 7089, pp. 296–308. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25516-8_18
Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L.J., Kachisa, E.J.: On the final exponentiation for calculating pairings on ordinary elliptic curves. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 78–88. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03298-1_6
Stevenhagen, P.: On Aurifeuillian factorizations. Nederl. Akad. Wetensch. Indag. Math. 49(4), 451–468 (1987). https://doi.org/10.1016/1385-7258(87)90009-6
Vercauteren, F.: Optimal pairings. IEEE Trans. Inf. Theory 56, 455–461 (2009). https://eprint.iacr.org/2008/096
Wagstaff Jr., S.S.: The search for Aurifeuillian-like factorizations. J. Integers 12A(6), 1449–1461 (2012). https://homes.cerias.purdue.edu/~ssw/cun/mine.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Scott, M., Guillevic, A. (2018). A New Family of Pairing-Friendly Elliptic Curves. In: Budaghyan, L., Rodríguez-Henríquez, F. (eds) Arithmetic of Finite Fields. WAIFI 2018. Lecture Notes in Computer Science(), vol 11321. Springer, Cham. https://doi.org/10.1007/978-3-030-05153-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-05153-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05152-5
Online ISBN: 978-3-030-05153-2
eBook Packages: Computer ScienceComputer Science (R0)