Key Length Estimation of Pairing-Based Cryptosystems Using η T Pairing
نویسندگان
چکیده
The security of pairing-based cryptosystems depends on the difficulty of the discrete logarithm problem (DLP) over certain types of finite fields. One of the most efficient algorithms for computing a pairing is the ηT pairing over supersingular curves on finite fields whose characteristic is 3. Indeed many high-speed implementations of this pairing have been reported, and it is an attractive candidate for practical deployment of pairing-based cryptosystems. The embedding degree of the ηT pairing is 6, so we deal with the difficulty of a DLP over the finite field GF (3), where the function field sieve (FFS) is known as the asymptotically fastest algorithm of solving it. Moreover, several efficient algorithms are employed for implementation of the FFS, such as the large prime variation. In this paper, we estimate the time complexity of solving the DLP for the extension degrees n = 97, 163, 193, 239, 313, 353, 509, when we use the improved FFS. To accomplish our aim, we present several new computable estimation formulas to compute the explicit number of special polynomials used in the improved FFS. Our estimation contributes to the evaluation for the key length of pairing-based cryptosystems using the ηT pairing.
منابع مشابه
Efficient Implementation of the Pairing on Mobilephones Using BREW
Pairing based cryptosystems can accomplish novel security applications such as ID based cryptosystems which have not been con structed e ciently without the pairing The processing speed of the pair ing based cryptosystems is relatively slow compared with the other con ventional public key cryptosystems However several e cient algorithms for computing the pairing have been proposed namely Duursm...
متن کاملBreaking Pairing-Based Cryptosystems Using η T Pairing over GF(397)
There are many useful cryptographic schemes, such as ID-based encryption, short signature, keyword searchable encryption, attribute-based encryption, functional encryption, that use a bilinear pairing. It is important to estimate the security of such pairing-based cryptosystems in cryptography. The most essential number-theoretic problem in pairing-based cryptosystems is the discrete logarithm ...
متن کاملImplementing Pairing-Based Cryptosystems
Pairing-based cryptosystems have been developing very fast in the last few years. As the key primitive, pairing is also the heaviest operation in these systems. The performance of pairing affects the application of the schemes in practice. In this report, we summarise the formulas of the Tate pairing operation on elliptic curves in different coordinate systems and describe a few observations of...
متن کاملPairing-friendly Elliptic Curves of Embedding Degree 1 and Applications to Cryptography
Recently, Wang et al. [1] proposed a new method for constructing pairingfriendly elliptic curves of embedding degree 1. Authors claim that this method significantly improves the efficiency of generating elliptic curves. In this paper, we give the arithmetic of pairing-friendly elliptic curves of embedding degree 1. We prove that conventional classification of pairings into Type 1, 2, 3 and 4 is...
متن کاملAn Efficient and Secure Pairing-Based Fair Blind Signature Scheme with Message Recovery
In this paper, we propose a new fair blind signature scheme with message recovery using pairing-based self-certified public key cryptosystems. Preserving the merits inherent in pairing-based cryptosystems, it can possess fewer bits to achieve the higher security level. In addition, our new scheme has the advantage that the authentication of the public key can be accomplished with the verificati...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2012 شماره
صفحات -
تاریخ انتشار 2012