Pairing Calculation on Supersingular Genus 2 Curves

hÉigeartaigh, Colm Ó; Scott, Michael

doi:10.1007/978-3-540-74462-7_21

Cited by 11 publications

(19 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The formulae presented in [7] require 1I + 23M + 3S and 1I + 23M + 5S in F p for divisor class addition 1 and doubling, respectively, thereby saving 2 field multiplications over the previous method.Ó hÉigeartaigh and Scott [16] further optimized the doubling formula proposed in [7] for supersingular genus 2 curves over F p of the form y 2 = x 5 + a by saving 1 multiplication and 1 squaring.…”

Section: Encapsulated Computation On Genus 2 Curvesmentioning

confidence: 99%

“…[27] Affine 1I, 23M, 4S no cost Projective 53M no cost Lange [22] Affine 1I, 22M, 5S 3M Projective 38M, 6S 3M New 34M, 7S 3M Choie and Lee [7] Affine 1I, 23M, 5S no cost O hÉigeartaigh and Scott [16] Affine 1I, 22M, 4S no cost Our work Projective 39M, 6S no cost Table 10 New 35M, 7S no cost Table 3 For efficiency reasons, the first input to the Tate pairing is usually restricted to the 1-eigenspace of the Frobenius endomorphism on J C [n]. Therefore, we have the following relation…”

Section: Encapsulated Divisor Addition and Line Computationmentioning

confidence: 99%

“…Degenerate divisors have been widely used in the literature to speed up pairing computations on supersingular hyperelliptic curves [2,9,16]. Frey and Lange [12] have shown that the value of the Tate pairing is non-trivial if one restricts the second input to the embedding of C(F q k ) into J C (F q k ).…”

Section: Using Degenerate Divisors and Denominator Eliminationmentioning

confidence: 99%

“…We then analyze the case of non-supersingular genus 2 curves. In [7] and [16], the authors considered the pairing computation on a family of supersingular genus 2 hyperelliptic curves with embedding degree 4 in affine coordinates. The curves are defined by the equation y 2 = x 5 + a, where a ∈ F * p and p ≡ 2, 3 mod 5.…”

Section: Efficiency Comparison and Analysismentioning

confidence: 99%

“…Choie and Lee [7] investigated the implementation of the Tate pairing on supersingular genus 2 hyperelliptic curves over prime fields. Later on,Ó hÉigeartaigh and Scott [16] improved the implementation of [7] significantly by using a new variant of Miller's algorithm combined with various optimization techniques. Duursma and Lee [9] presented a closed formula for the Tate pairing computation on a very special family of supersingular hyperelliptic curves.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Efficient Pairing Computation on Genus 2 Curves in Projective Coordinates

Fan

Gong

Jao

2009

Selected Areas in Cryptography

View full text Add to dashboard Cite

Abstract. In recent years there has been much interest in the development and the fast computation of bilinear pairings due to their practical and myriad applications in cryptography. Well known efficient examples are the Weil and Tate pairings and their variants such as the Eta and Ate pairings on the Jacobians of (hyper-)elliptic curves. In this paper, we consider the use of projective coordinates for pairing computations on genus 2 hyperelliptic curves over prime fields. We generalize Chatterjee et. al.'s idea of encapsulating the computation of the line function with the group operations to genus 2 hyperelliptic curves, and derive new explicit formulae for the group operations in projective and new coordinates in the context of pairing computations. When applying the encapsulated explicit formulae to pairing computations on supersingular genus 2 curves over prime fields, theoretical analysis shows that our algorithm is faster than previously best known algorithms whenever a field inversion is more expensive than about fifteen field multiplications. We also investigate pairing computations on non-supersingular genus 2 curves over prime fields based on the new formulae, and detail the various techniques required for efficient implementation.

show abstract

Section: Encapsulated Computation On Genus 2 Curvesmentioning

confidence: 99%

Section: Encapsulated Divisor Addition and Line Computationmentioning

confidence: 99%

Section: Using Degenerate Divisors and Denominator Eliminationmentioning

confidence: 99%

Section: Efficiency Comparison and Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Efficient Pairing Computation on Genus 2 Curves in Projective Coordinates

Fan

Gong

Jao

2009

Selected Areas in Cryptography

View full text Add to dashboard Cite

show abstract

Hyperelliptic Pairings

Galbraith¹,

Heß²,

Vercauteren³

Pairing-Based Cryptography – Pairing 2007

View full text Add to dashboard Cite

show abstract

Speeding Up Pairing Computations on Genus 2 Hyperelliptic Curves with Efficiently Computable Automorphisms

Fan

Gong

Jao

Pairing-Based Cryptography – Pairing 2008

View full text Add to dashboard Cite

Abstract. Pairings on the Jacobians of (hyper-)elliptic curves have received considerable attention not only as a tool to attack curve based cryptosystems but also as a building block for constructing cryptographic schemes with new and novel properties. Motivated by the work of Scott [34], we investigate how to use efficiently computable automorphisms to speed up pairing computations on two families of non-supersingular genus 2 hyperelliptic curves over prime fields. Our findings lead to new variants of Miller's algorithm in which the length of the main loop can be up to 4 times shorter than that of the original Miller's algorithm in the best case. We also implement the calculation of the Tate pairing on both a supersingular and a non-supersingular genus 2 curve with the same embedding degree of k = 4. Combining the new algorithm with known optimization techniques, we show that pairing computations on non-supersingular genus 2 curves over primes fields use up to 56.2% fewer field operations and run about 10% faster than supersingular genus 2 curves for the same security level.

show abstract

Pairing Calculation on Supersingular Genus 2 Curves

Cited by 11 publications

References 26 publications

Efficient Pairing Computation on Genus 2 Curves in Projective Coordinates

Efficient Pairing Computation on Genus 2 Curves in Projective Coordinates

Hyperelliptic Pairings

Speeding Up Pairing Computations on Genus 2 Hyperelliptic Curves with Efficiently Computable Automorphisms

Contact Info

Product

Resources

About