Advertisement

Exponentiation Inversion Problem Reduced from Fixed Argument Pairing Inversion on Twistable Ate Pairing and Its Difficulty

  • Shoichi Akagi
  • Yasuyuki Nogami
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8639)

Abstract

As one of problems that guarantee the security of pairing–based cryptography, pairing inversion problem is studied. Some recent works have reduced fixed argument pairing inversion (FAPI) problem to exponentiation inversion (EI) problem. According to the results, FAPI problem is solved if EI problem of exponent (q k  − 1)/Φ k (q) is solved, where q, k, and r are the characteristic, embedding degree, and order of pairing group, respectively. Φ k (x) is the cyclotomic polynomial of order k. This paper shows an approach for reducing the exponent of EI problem to q − 1 especially on Ate pairing. For many embedding degrees, it is considerably reduced from the previous result (q k  − 1)/Φ k (q). After that, the difficulty of the reduced EI problem is discussed based on the distribution of correct (q − 1)–th roots on a small example.

Keywords

pairing inversion problem trace Barreto–Naehrig curve 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aranha, D.F., Karabina, K., Longa, P., Gebotys, C.H., Lopez, J.: Faster Explicit Formulas for Computing Pairings over Ordinary Curves, Cryptology ePrint Archive, Report 2010/526 (2010)Google Scholar
  2. 2.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-Friendly Elliptic Curves of Prime Order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Freeman, D., Scott, M., Teske, E.: A Taxonomy of Pairing–Friendly Elliptic Curves, IACR ePrint archive, http://eprint.iacr.org/2006/372.pdf
  4. 4.
    Galbraith, S.D., Hess, F., Vercauteren, F.: Aspects of pairing inversion. IEEE Transactions on Information Theory 54(12), 5719–5728 (2008)CrossRefzbMATHMathSciNetGoogle Scholar
  5. 5.
    Kanayama, N., Okamoto, E.: Approach to Pairing Inversions Without Solving Miller Inversion. IEEE Transactions on Information Theory 58(2), 1248–1253 (2012)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Hess, F., Smart, N., Vercauteren, F.: The Eta Pairing Revisited. IEEE Trans. Information Theory, 4595–4602 (2006)Google Scholar
  7. 7.
    Galbraith, S.D., Harrison, K., Soldera, D.: Implemeting the Tate pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Matsuda, S., Kanayama, N., Hess, F., Okamoto, E.: Optimized versions of the Ate and Twisted Ate Pairings, Cryptology ePrint Archive, Report 2007/013 (2007), http://eprint.iacr.org/2007/013.pdf
  9. 9.
    Miller, V.S.: The Weil Pairing, and its Efficient Calculation. Journal of Cryptology 17, 235–261 (2004)CrossRefzbMATHGoogle Scholar
  10. 10.
    Nogami, Y., Akane, M., Sakemi, Y., Kato, H., Morikawa, Y.: Integer Variable χ–Based Ate Pairing. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 178–191. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Shoichi Akagi
    • 1
  • Yasuyuki Nogami
    • 1
  1. 1.Graduate School of Natural Science and TechnologyOkayama UniversityJapan

Personalised recommendations