Squaring in cyclotomic subgroups

Squaring in cyclotomic subgroups

We propose new squaring formulae for cyclotomic subgroups of certain finite fields. Our formulae use a compressed representation of elements having the property that decompression can be performed at a very low cost. The squaring formulae lead to new exponentiation algorithms in cyclotomic subgroups which outperform the fastest previously-known exponentiation algorithms when the exponent has lo...

Faster Squaring in the Cyclotomic Subgroup of Sixth Degree Extensions

This paper describes an extremely efficient squaring operation in the so-called ‘cyclotomic subgroup’ of F× q6 , for q ≡ 1 mod 6. Our result arises from considering the Weil restriction of scalars of this group from Fq6 to Fq2 , and provides efficiency improvements for both pairingbased and torus-based cryptographic protocols. In particular we argue that such fields are ideally suited for the l...

Computation of several cyclotomic Swan subgroups

Let Cl(OK [G]) denote the locally free class group, that is the group of stable isomorphism classes of locally free OK [G]-modules, where OK is the ring of algebraic integers in the number field K and G is a finite group. We show how to compute the Swan subgroup, T (OK [G]), of Cl(OK [G]) when K = Q(ζp), ζp a primitive p-th root of unity, G = C2, where p is an odd (rational) prime so that hp = ...

Cyclotomic Swan subgroups and primitive roots

Factor-4 and 6 compression of cyclotomic subgroups of and

Bilinear pairings derived from supersingular elliptic curves of embedding degrees 4 and 6 over finite fields F2m and F3m , respectively, have been used to implement pairing-based cryptographic protocols. The pairing values lie in certain prime-order subgroups of the cyclotomic subgroups of orders 22m+1 and 32m−3m+1, respectively, of the multiplicative groups F∗ 24m and F∗ 36m . It was previousl...