Factor - 4 and 6 Compression of Cyclotomic Subgroups
نویسنده
چکیده
Bilinear pairings derived from supersingular elliptic curves of embedding degrees 4 and 6 over finite fields F2m and F3m , respectively, have been used to implement pairing-based cryptographic protocols. The pairing values lie in certain prime-order subgroups of the cyclotomic subgroups of orders 22m+1 and 32m−3m+1, respectively, of the multiplicative groups F∗ 24m and F∗ 36m . It was previously known how to compress the pairing values over characteristic two fields by a factor of 2, and the pairing values over characteristic three fields by a factor of 6. In this paper, we show how the pairing values over characteristic two fields can be compressed by a factor of 4. Moreover, we present and compare several algorithms for performing exponentiation in the prime-order subgroups using the compressed representations. In particular, in the case where the base is fixed, we expect to gain at least a 54% speed up over the fastest previously known exponentiation algorithm that uses factor-6 compressed representations.
منابع مشابه
Factor-4 and 6 compression of cyclotomic subgroups of and
Bilinear pairings derived from supersingular elliptic curves of embedding degrees 4 and 6 over finite fields F2m and F3m , respectively, have been used to implement pairing-based cryptographic protocols. The pairing values lie in certain prime-order subgroups of the cyclotomic subgroups of orders 22m+1 and 32m−3m+1, respectively, of the multiplicative groups F∗ 24m and F∗ 36m . It was previousl...
متن کاملDouble-Exponentiation in Factor-4 Groups and Its Applications
In previous work we showed how to compress certain prime-order subgroups of the cyclotomic subgroups of orders 22m + 1 of the multiplicative groups of F∗ 24m by a factor of 4. We also showed that single-exponentiation can be efficiently performed using compressed representations. In this paper we show that double-exponentiation can be efficiently performed using factor-4 compressed representati...
متن کاملSquaring in cyclotomic subgroups
We propose new squaring formulae for cyclotomic subgroups of certain finite fields. Our formulae use a compressed representation of elements having the property that decompression can be performed at a very low cost. The squaring formulae lead to new exponentiation algorithms in cyclotomic subgroups which outperform the fastest previously-known exponentiation algorithms when the exponent has lo...
متن کاملTrading GRH for algebra: algorithms for factoring polynomials and related structures
In this paper we develop techniques that eliminate the need of the Generalized Riemann Hypothesis (GRH) from various (almost all) known results about deterministic polynomial factoring over finite fields. Our main result shows that given a polynomial f(x) of degree n over a finite field k, we can find in deterministic poly(n n, log |k|) time either a nontrivial factor of f(x) or a nontrivial au...
متن کامل