Abstract
In this paper we show that the Ate pairing, originally defined for elliptic curves, generalises to hyperelliptic curves and in fact to arbitrary algebraic curves. It has the following surprising properties: The loop length in Miller’s algorithm can be up to g times shorter than for the Tate pairing, with g the genus of the curve, and the pairing is automatically reduced, i.e. no final exponentiation is needed.
Chapter PDF
Similar content being viewed by others
References
Avanzi, R.M.: Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 148–162. Springer, Heidelberg (2004)
Avanzi, R., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of elliptic and hyperelliptic curve cryptography. In: Discrete Mathematics and its Applications, Chapman and Hall, Boca Raton (2006)
Avanzi, R., Thériault, N., Wang, Z.: Rethinking low genus hyperelliptic jacobian arithmetic over binary fields: Interplay of field arithmetic and explicit formulae. Technical report, CACR, CACR 2006-07 (2006)
Barreto, P.S.L.M., Galbraith, S., hEigeartaigh, C.O., Scott, M.: Efficient pairing computation on supersingular abelian varieties. Designs, Codes and Cryptography, to be published (2005)
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Cantor, D.G.: Computing in the Jacobian of a hyperelliptic curve. Math. Comp. 48(177), 95–101 (1987)
Duursma, I.M., Lee, H.-S.: Tate Pairing Implementation for Hyperelliptic Curves y 2 = x p− x + d. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)
Frey, G., Lange, T.: Fast Bilinear Maps from the Tate-Lichtenbaum Pairing on Hyperelliptic Curves. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 466–479. Springer, Heidelberg (2006)
Frey, G., Rück, H.-G.: A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Math. Comp. 62(206), 865–874 (1994)
Galbraith, S., hEigeartaigh, C.O., Sheedy, C.: Simplified pairing computation and security implications. To appear in J. Math. Crypt. (2007)
Gaudry, P., Hess, F., Smart, N.P.: Constructive and Destructive Facets of Weil Descent on Elliptic Curves. J. Cryptology 15(1), 19–46 (2002)
Gaudry, P., Thomé, E., Thériault, N., Diem, C.: A double large prime variation for small genus hyperelliptic index calculus. Math. Comp. 76(257), 475–492 (2007)
Granger, R., Page, D., Smart, N.: High security pairing-based cryptography revisited. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 480–494. Springer, Heidelberg (2006)
Guyot, C., Kaveh, K., Patankar, V.M.: Explicit algorithm for the arithmetic on the hyperelliptic Jacobians of genus 3. J. Ramanujan Math. Soc. 19(2), 75–115 (2004)
Hess, F.: Computing Riemann-Roch spaces in algebraic function fields and related topics. J. Symb. Comp. 33(4), 425–445 (2002)
Hess, F.: A Note on the Tate Pairing of Curves over Finite Fields. Arch. Math. 82, 28–32 (2004)
Hess, F., Smart, N., Vercauteren, F.: The Eta-pairing revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006)
Lange, T.: Formulae for arithmetic on genus 2 hyperelliptic curves. Appl. Algebra Engrg. Comm. Comput. 15(5), 295–328 (2005)
Koblitz, N., Menezes, A.: Pairing-Based Cryptography at High Security Levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)
Miller, V.S.: Short programs for functions on curves. Unpublished manuscript (1986), Available at http://crypto.stanford.edu/miller/miller.pdf
Miller, V.S.: The Weil pairing, and its efficient calculation. J. Cryptology 17(4), 235–261 (2004)
Silverman, J.H.: The arithmetic of elliptic curves. Graduate Texts in Mathematics, vol. 106. Springer, New York (1986)
Stichtenoth, H.: Algebraic function fields and codes. Universitext. Springer, Berlin (1993)
Verheul, E.R.: Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 195–210. Springer, Heidelberg (2001)
Yui, N.: On the Jacobian varieties of hyperelliptic curves over fields of characteristic p > 2. J. Algebra 52(2), 378–410 (1978)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Granger, R., Hess, F., Oyono, R., Thériault, N., Vercauteren, F. (2007). Ate Pairing on Hyperelliptic Curves. In: Naor, M. (eds) Advances in Cryptology - EUROCRYPT 2007. EUROCRYPT 2007. Lecture Notes in Computer Science, vol 4515. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72540-4_25
Download citation
DOI: https://doi.org/10.1007/978-3-540-72540-4_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72539-8
Online ISBN: 978-3-540-72540-4
eBook Packages: Computer ScienceComputer Science (R0)