Showing papers on "Weil pairing published in 2010"

Optimal Pairings

Abstract: In this paper, we introduce the concept of an optimal pairing, which by definition can be computed using only log 2 r/?(k) basic Miller iterations, with r the order of the groups involved and k the embedding degree. We describe an algorithm to construct optimal ate pairings on all parametrized families of pairing friendly elliptic curves. Finally, we conjecture that any nondegenerate pairing on an elliptic curve without efficiently computable endomorphisms different from powers of Frobenius requires at least log 2 r/?(k) basic Miller iterations.

A variant of Miller's formula and algorithm

Abstract: Miller's algorithm is at the heart of all pairing-based cryptosystems since it is used in the computation of pairing such as that of Weil or Tate and their variants. Most of the optimizations of this algorithm involve elliptic curves of particular forms, or curves with even embedding degree, or having an equation of a special form. Other improvements involve a reduction of the number of iterations. In this article, we propose a variant of Miller's formula which gives rise to a generically faster algorithm for any pairing friendly curve. Concretely, it provides an improvement in cases little studied until now, in particular when denominator elimination is not available. It allows for instance the use of elliptic curve with embedding degree not of the form 2i3j, and is suitable for the computation of optimal pairings. We also present a version with denominator elimination for even embedding degree. In our implementations, our variant saves between 10% and 40% in running time in comparison with the usual version of Miller's algorithm without any optimization.

An Improvement on a Three-party Password-based Key Exchange Protocol Using Weil Pairing

Abstract: The three-party password-based key exchange protocols using Weil pairing proposed by Wen is vulnerable to impersonation attack. By introducing hard artificial intelligence problem, we show an improved protocol, which can resist against not only the impersonation attack but also all the other well-known attacks. Analysis also shows that improved protocol reduces about one third computational cost and two thirds throughput. The protocol is suitable for lightweight or mobile equipments.

An identity-based multisignature scheme from the Weil pairing

Abstract: An identity-based multisignature scheme is proposed using the bilinear property of the Weil pairing defined on elliptic curves and Euler's criterion. In the scheme, each signer is only responsible for the signing of a particular section of the message, and then the signature is sent to the system administrato, a multisignature of the message is signed finally; the multisignature can be verified by the corresponding public key and partial contents of the message without revealing the whole message. The multisignature size is only about a quarter of the Guillou-Quisquater signature. The management and storage spending of the public key certificate could be efficiently diminished using this scheme.

Elliptic Curve Cryptography

Abstract: Elliptic curve cryptography, in essence, entails using the group of points on an elliptic curve as the underlying number system for public key cryptography. There are two main reasons for using elliptic curves as a basis for public key cryptosystems. The first reason is that elliptic curve based cryptosystems appear to provide better security than traditional cryptosystems for a given key size. One can take advantage of this fact to increase security, or (more often) to increase performance by reducing the key size while keeping the same security. The second reason is that the additional structure on an elliptic curve can be exploited to construct cryptosystems with interesting features which are difficult or impossible to achieve in any other way. A notable example of this phenomenon is the development of identity-based encryption and the accompanying emergence of pairing-based cryptographic protocols.

Twisted Ate pairing on hyperelliptic curves and applications

Abstract: In this paper we show that the twisted Ate pairing on elliptic curves can be generalized to hyperelliptic curves, and give a series of variations of the hyperelliptic Ate and twisted Ate pairings Using the hyperelliptic Ate pairing and twisted Ate pairing, we propose a new approach to speeding up the Weil pairing computation For some hyperelliptic curves with high degree twist, computing Weil pairing by our approach may be faster than Tate pairing, Ate pairing, and all other known pairings

Faster Computation of Self-pairings.

Abstract: Self-pairings have found interesting applications in cryptographic schemes. In this paper, we present a novel method for constructing a self-pairing on supersingular elliptic curves with even embedding degrees, which we call the Ateil pairing. This new pairing improves the efficiency of the self-pairing computation on supersingular curves over finite fields with large characteristic. Based on the ηT pairing, we propose a generalization of the Ateil pairing, which we call the Ateili pairing. The optimal Ateili pairing which has the shortest Miller loop is faster than previously known self-pairings on supersingular elliptic curves over finite fields with small characteristic. We also present a new self-pairing based on the Weil pairing which is faster than the self-pairing based on the Tate pairing on ordinary elliptic curves with embedding degree one.