Showing papers on "Weil pairing published in 2011"
TL;DR: In this article, a general formula relating self cup products in cohomology to connecting maps in nonabelian cohomologies was given, and applied to obtain a formula for the self cup product associated to the Weil pairing.
Abstract: We give a general formula relating self cup products in cohomology to connecting maps in nonabelian cohomology, and apply it to obtain a formula for the self cup product associated to the Weil pairing.
28 citations
12 Dec 2011
TL;DR: This paper describes a parallel implementation of the optimal ate pairing over Barreto-Naehrig (BN) curves that is about 1.23 times faster using two cores of an Intel Core i5 or Core i7 machine, and 1.45 times faster than the state-of-the-art implementation on a single core.
Abstract: In the past year, the speed record for pairing implementations on desktop-class machines has been broken several times. The speed records for asymmetric pairings were set on a single processor. In this paper, we describe our parallel implementation of the optimal ate pairing over Barreto-Naehrig (BN) curves that is about 1.23 times faster using two cores of an Intel Core i5 or Core i7 machine, and 1.45 times faster using 4 cores of the Core i7 than the state-of-the-art implementation on a single core. We instantiate Hess's general Weil pairing construction and introduce a new optimal Weil pairing tailored for parallel execution. Our experimental results suggest that the new Weil pairing is 1.25 times faster than the optimal ate pairing on 8-core extensions of the aforementioned machines. Finally, we combine previous techniques for parallelizing the eta pairing on a supersingular elliptic curve with embedding degree 4, and achieve an estimated 1.24-fold speedup on an 8-core extension of an Intel Core i7 over the previous best technique.
23 citations
TL;DR: In this paper, the authors presented a novel method for constructing a super-optimal pairing with great efficiency, which they call the omega pairing, which is called the simple final exponentiation and short loop length in Miller's algorithm which leads to a significant improvement over the previously known techniques on certain pairing-friendly curves.
Abstract: In this paper, we present a novel method for constructing a super-optimal pairing with great efficiency, which we call the omega pairing. The computation of the omega pairing requires the simple final exponentiation and short loop length in Miller's algorithm which leads to a significant improvement over the previously known techniques on certain pairing-friendly curves. Experimental results show that the omega pairing is about 22% faster and 19% faster than the super-optimal pairing proposed by Scott at security level of AES 80 bits on certain pairing-friendly curves in affine coordinate systems and projective coordinate systems, respectively.
20 citations
Posted Content•
TL;DR: In this article, a genus one curve of degree 5 is defined by the 4 x 4 Pfaffians of a 5 × 5 alternating matrix of linear forms on P^4.
Abstract: A genus one curve of degree 5 is defined by the 4 x 4 Pfaffians of a 5 x 5 alternating matrix of linear forms on P^4. We describe a general method for investigating the invariant theory of such models. We use it to explain how we found our algorithm for computing the invariants [12] and to extend our method in [14] for computing equations for visible elements of order 5 in the Tate-Shafarevich group of an elliptic curve. As a special case of the latter we find a formula for the family of elliptic curves 5-congruent to a given elliptic curve in the case the 5-congruence does not respect the Weil pairing. We also give an algorithm for doubling elements in the 5-Selmer group of an elliptic curve, and make a conjecture about the matrices representing the invariant differential on a genus one normal curve of arbitrary degree.
15 citations
Posted Content•
TL;DR: In this article, the authors extend the Blake-Murty-Xu's method and show how to perform an elimination of all vertical lines in Miller's algorithm during Weil/Tate pairings computation on \emph{general} elliptic curves.
Abstract: In 1986 Victor Miller described an algorithm for computing the Weil pairing in his unpublished manuscript. This algorithm has then become the core of all pairing-based cryptosystems. Many improvements of the algorithm have been presented. Most of them involve a choice of elliptic curves of a \emph{special} forms to exploit a possible twist during Tate pairing computation. Other improvements involve a reduction of the number of iterations in the Miller's algorithm. For the generic case, Blake, Murty and Xu proposed three refinements to Miller's algorithm over Weierstrass curves. Though their refinements which only reduce the total number of vertical lines in Miller's algorithm, did not give an efficient computation as other optimizations, but they can be applied for computing \emph{both} of Weil and Tate pairings on \emph{all} pairing-friendly elliptic curves. In this paper we extend the Blake-Murty-Xu's method and show how to perform an elimination of all vertical lines in Miller's algorithm during Weil/Tate pairings computation on \emph{general} elliptic curves. Experimental results show that our algorithm is faster about 25% in comparison with the original Miller's algorithm.
8 citations
01 Jan 2011
TL;DR: This thesis presents the Weil pairing on elliptic curves as a tool to implement a tripartite Diffie-Helman key exchange and proves several important qualities of the Weirstrass ℘-function.
Abstract: This thesis presents the Weil pairing on elliptic curves as a tool to implement a tripartite Diffie-Helman key exchange. Elliptic curves are introduced, as well as the addition operation that creates a group structure on its points. In leading to the definition of the Weil pairing, divisors of rational functions are studied, as well as the Weierstrass ℘-function, which shows the complex lattice as isomorphic to elliptic curves. Several important qualities of the Weil pairing are proved, and Miller’s algorithm for quick calculation is shown. Next, the bipartite Diffie-Helman key exchange is discussed over finite fields and elliptic curves. Finally an example of a modified Weil pairing is defined, which leads to the tripartite Diffie-Helman key exchange.
6 citations
TL;DR: The Blake–Murty–Xu's method is extended and shown how to perform an elimination of all vertical lines in Miller's algorithm during computation of Weil/Tate pairings, on general elliptic curves.
Abstract: In 1986, Victor Miller described an algorithm for computing the Weil pairing in his unpublished manuscript. This algorithm has then become the core of all pairing-based cryptosystems. Many improvements of the algorithm have been presented. Most of them involve a choice of elliptic curves of a special form to exploit a possible twist during Tate pairing computation. Other improvements involve a reduction of the number of iterations in the Miller's algorithm. For the generic case, Blake, Murty and Xu proposed three refinements to Miller's algorithm over Weierstrass curves. Though their refinements, which only reduce the total number of vertical lines in Miller's algorithm, did not give an efficient computation as other optimizations, they can be applied for computing both Weil and Tate pairings on all pairing-friendly elliptic curves. In this paper, we extend the Blake–Murty–Xu's method and show how to perform an elimination of all vertical lines in Miller's algorithm during computation of Weil/Tate pairings, on general elliptic curves. Experimental results show that our algorithm is faster by ~25% in comparison with the original Miller's algorithm.
6 citations
TL;DR: The security model for certificateless signcryption from Weil pairings is explicit and the new scheme not only can be proved to be secure in this model but also can simultaneously provide public verifiability and forward security.
Abstract: Certificateless signcryption has both the advantage of certificateless public key cryptography, which overcome the escrow problem inherited from identity based cryptography without the use of certificates as in traditional public key cryptography, and signcryption which can fulfill both the functions of signature and encryption in a logical signal step. In this paper, we explicit the security model for certificateless signcryption and propose an efficient certificateless signcryption scheme from Weil pairings. The new scheme not only can be proved to be secure in our model but also can simultaneously provide public verifiability and forward security. Furthermore, compared with existing schemes, the new scheme is more efficient.
6 citations
12 Dec 2011
TL;DR: Efficient pairings on ordinary elliptic curves of embedding degree 1 and 2 from the point of shortening Miller's loop are analyzed, and modified Omega pairing lattices over RSA rings can be computed without knowing the RSA trapdoor.
Abstract: In pairing-based cryptography, most researches are focused on elliptic curves of embedding degrees greater than six, but less on curves of small embedding degrees, although they are important for pairing-based cryptography over composite-order groups. This paper analyzes efficient pairings on ordinary elliptic curves of embedding degree 1 and 2 from the point of shortening Miller's loop. We first show that pairing lattices presented by Hess can be redefined on composite-order groups. Then we give a simpler variant of the Weil pairing lattice which can also be regarded as an Omega pairing lattice, and extend it to ordinary curves of embedding degree 1. In our analysis, the optimal Omega pairing, as the super-optimal pairing on elliptic curves of embedding degree 1 and 2, could be more efficient than Weil and Tate pairings. On the other hand, elliptic curves of embedding degree 2 are also very useful for pairings on elliptic curves over RSA rings proposed by Galbraith and McKee. So we analyze the construction of such curves over RSA rings, and redefine pairing lattices over RSA rings. Specially, modified Omega pairing lattices over RSA rings can be computed without knowing the RSA trapdoor. Furthermore, for keeping the trapdoor secret, we develop an original idea of evaluating pairings without leaking the group order.
5 citations
TL;DR: In this paper, a general formula relating self cup products in cohomology to connecting maps in nonabelian cohomologies was given, and applied to obtain a formula for the self cup product associated to the Weil pairing.
Abstract: We give a general formula relating self cup products in cohomology to connecting maps in nonabelian cohomology, and apply it to obtain a formula for the self cup product associated to the Weil pairing.
4 citations
24 Dec 2011
TL;DR: A newly ID-based key agreement protocol from the Tate pairing is proposed, which minimizes the cost of computation with no extra message exchange time and provides known key security, no key control,no key-compromise impersonation and perfect forward secrecy.
Abstract: Key agreement protocols are designed to establish a session keys between two or multiple entities oven an insecure
network and the session key is used to assure confidentiality thought encryption. With the advantages of identity-based
(ID-based) cryptography, there have been many ID-based key agreement protocols proposed. However, most of them are
based on Weil pairing, which is more cost of computation compared with Tate paring. In this paper, we propose a newly
ID-based key agreement protocol from the Tate pairing. Compared with previous protocols, the new protocol minimizes
the cost of computation with no extra message exchange time. In addition, the proposed protocol provides known key
security, no key control, no key-compromise impersonation and perfect forward secrecy.