Compressed Pairings
نویسندگان
چکیده
Pairing-based cryptosystems rely on bilinear non-degenerate maps called pairings, such as the Tate and Weil pairings defined over certain elliptic curve groups. In this paper we show how to compress pairing values, how to couple this technique with that of point compression, and how to benefit from the compressed representation to speed up exponentiations involving pairing values, as required in many pairing based protocols.
منابع مشابه
On Compressible Pairings and Their Computation
In this paper we provide explicit formulæ to compute bilinear pairings in compressed form, and indicate families of curves where particularly generalised versions of the Eta and Ate pairings due to Zhao et al. are especially efficient. With the new formulæ it is possible to entirely avoid F pk arithmetic during pairing computation on elliptic curves over Fp with even embedding degree k. Using o...
متن کاملCompression of Tate Pairings on Elliptic Curves
In this paper, utilizing maps between cyclic groups contained in a finite field, two efficient methods for compressing a Tate pairing defined on a supersingular elliptic curve with prime characteristic p and MOV degree 3 are presented. They compress a pairing value from a string of length of 6logp bits to ones of 3logp and 2logp bits, respectively, and an implementation for both the compressed ...
متن کاملComputing pairings using x -coordinates only
To reduce bandwidth in elliptic curve cryptography one can transmit only x-coordinates of points (or x-coordinates together with an extra bit). For further computation using the points one can either recover the y-coordinates by taking square roots or one can use point multiplication formulae which use x-coordinates only. We consider how to efficiently use point compression in pairing-based cry...
متن کاملFaster Explicit Formulas for Computing Pairings over Ordinary Curves
We describe e cient formulas for computing pairings on ordinary elliptic curves over prime elds. First, we generalize lazy reduction techniques, previously considered only for arithmetic in quadratic extensions, to the whole pairing computation, including towering and curve arithmetic. Second, we introduce a new compressed squaring formula for cyclotomic subgroups and a new technique to avoid p...
متن کاملFactor-4 and 6 compression of cyclotomic subgroups of and
Bilinear pairings derived from supersingular elliptic curves of embedding degrees 4 and 6 over finite fields F2m and F3m , respectively, have been used to implement pairing-based cryptographic protocols. The pairing values lie in certain prime-order subgroups of the cyclotomic subgroups of orders 22m+1 and 32m−3m+1, respectively, of the multiplicative groups F∗ 24m and F∗ 36m . It was previousl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2004 شماره
صفحات -
تاریخ انتشار 2004