Advertisement

Ate Pairing on Hyperelliptic Curves

  • R. Granger
  • F. Hess
  • R. Oyono
  • N. Thériault
  • F. Vercauteren
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4515)

Abstract

In this paper we show that the Ate pairing, originally defined for elliptic curves, generalises to hyperelliptic curves and in fact to arbitrary algebraic curves. It has the following surprising properties: The loop length in Miller’s algorithm can be up to g times shorter than for the Tate pairing, with g the genus of the curve, and the pairing is automatically reduced, i.e. no final exponentiation is needed.

Keywords

Tate pairing Ate pairing hyperelliptic curves finite fields 

References

  1. 1.
    Avanzi, R.M.: Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 148–162. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Avanzi, R., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of elliptic and hyperelliptic curve cryptography. In: Discrete Mathematics and its Applications, Chapman and Hall, Boca Raton (2006)Google Scholar
  3. 3.
    Avanzi, R., Thériault, N., Wang, Z.: Rethinking low genus hyperelliptic jacobian arithmetic over binary fields: Interplay of field arithmetic and explicit formulae. Technical report, CACR, CACR 2006-07 (2006)Google Scholar
  4. 4.
    Barreto, P.S.L.M., Galbraith, S., hEigeartaigh, C.O., Scott, M.: Efficient pairing computation on supersingular abelian varieties. Designs, Codes and Cryptography, to be published (2005)Google Scholar
  5. 5.
    Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Cantor, D.G.: Computing in the Jacobian of a hyperelliptic curve. Math. Comp. 48(177), 95–101 (1987)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Duursma, I.M., Lee, H.-S.: Tate Pairing Implementation for Hyperelliptic Curves y 2 = x p− x + d. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Frey, G., Lange, T.: Fast Bilinear Maps from the Tate-Lichtenbaum Pairing on Hyperelliptic Curves. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 466–479. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Frey, G., Rück, H.-G.: A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Math. Comp. 62(206), 865–874 (1994)zbMATHMathSciNetGoogle Scholar
  10. 10.
    Galbraith, S., hEigeartaigh, C.O., Sheedy, C.: Simplified pairing computation and security implications. To appear in J. Math. Crypt. (2007)Google Scholar
  11. 11.
    Gaudry, P., Hess, F., Smart, N.P.: Constructive and Destructive Facets of Weil Descent on Elliptic Curves. J. Cryptology 15(1), 19–46 (2002)CrossRefMathSciNetGoogle Scholar
  12. 12.
    Gaudry, P., Thomé, E., Thériault, N., Diem, C.: A double large prime variation for small genus hyperelliptic index calculus. Math. Comp. 76(257), 475–492 (2007)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Granger, R., Page, D., Smart, N.: High security pairing-based cryptography revisited. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 480–494. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Guyot, C., Kaveh, K., Patankar, V.M.: Explicit algorithm for the arithmetic on the hyperelliptic Jacobians of genus 3. J. Ramanujan Math. Soc. 19(2), 75–115 (2004)zbMATHMathSciNetGoogle Scholar
  15. 15.
    Hess, F.: Computing Riemann-Roch spaces in algebraic function fields and related topics. J. Symb. Comp. 33(4), 425–445 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Hess, F.: A Note on the Tate Pairing of Curves over Finite Fields. Arch. Math. 82, 28–32 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    Hess, F., Smart, N., Vercauteren, F.: The Eta-pairing revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006)zbMATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    Lange, T.: Formulae for arithmetic on genus 2 hyperelliptic curves. Appl. Algebra Engrg. Comm. Comput. 15(5), 295–328 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Koblitz, N., Menezes, A.: Pairing-Based Cryptography at High Security Levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Miller, V.S.: Short programs for functions on curves. Unpublished manuscript (1986), Available at http://crypto.stanford.edu/miller/miller.pdf
  21. 21.
    Miller, V.S.: The Weil pairing, and its efficient calculation. J. Cryptology 17(4), 235–261 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    Silverman, J.H.: The arithmetic of elliptic curves. Graduate Texts in Mathematics, vol. 106. Springer, New York (1986)zbMATHGoogle Scholar
  23. 23.
    Stichtenoth, H.: Algebraic function fields and codes. Universitext. Springer, Berlin (1993)zbMATHGoogle Scholar
  24. 24.
    Verheul, E.R.: Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 195–210. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Yui, N.: On the Jacobian varieties of hyperelliptic curves over fields of characteristic p > 2. J. Algebra 52(2), 378–410 (1978)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • R. Granger
    • 1
  • F. Hess
    • 2
  • R. Oyono
    • 3
  • N. Thériault
    • 4
  • F. Vercauteren
    • 5
  1. 1.Dept. Computer ScienceUniversity of Bristol, MVBBristolUnited Kingdom
  2. 2.Fakultät II, Institut für Mathematik Sekr. MA 8-1Technische Universität BerlinBerlinGermany
  3. 3.Department of Combinatorics and OptimizationUniversity of WaterlooWaterlooCanada
  4. 4.Instituto de Matemática y FísicaUniversidad de TalcaTalcaChile
  5. 5.Department of Electrical EngineeringKatholieke Universiteit LeuvenLeuven-HeverleeBelgium

Personalised recommendations