Since their introduction in constructive cryptographic applications, pairings over (hyper)elliptic curves are at the heart of an ever increasing number of protocols. As they rely critically on efficient implementations of pairing primitives, the study of hardware accelerators has become an active research area. In this paper, we propose two coprocessors for the reduced ηT pairing introduced by ...

We focus on the implementation and security aspects of cryptographic protocols that use Type 1 and Type 4 pairings. On the implementation front, we report improved timings for Type 1 pairings derived from supersingular elliptic curves in characteristic 2 and 3 and the first timings for supersingular genus-2 curves in characteristic 2 at the 128-bit security level. In the case of Type 4 pairings...

Pairings on the Jacobians of (hyper-)elliptic curves have received considerable attention not only as a tool to attack curve based cryptosystems but also as a building block for constructing cryptographic schemes with new and novel properties. Motivated by the work of Scott, we investigate how to use efficiently computable automorphisms to speed up pairing computations on two families of non-su...

In this paper we present a new algorithm for computing the bilinear pairings on a family of non-supersingular elliptic curves with non-trivial automorphisms. We obtain a short iteration loop in Miller’s algorithm using non-trivial efficient automorphisms. The proposed algorithm is as efficient as the algorithm in [12].

There are two types of elliptic curves, ordinary curves and supersingular curves. In 2012, Sutherland proposed an efficient almost deterministic algorithm for determining whether a given curve is or supersingular. Sutherland's based on sequences isogenies started from the input curve, computation each isogeny requires square root computations, which dominant cost algorithm. this paper, we reduc...

The most significant pairing-based cryptographic protocol to be proposed so far is undoubtedly the Identity-Based Encryption (IBE) protocol of Boneh and Franklin. In their paper [6] they give details of how their scheme might be implemented in practise on certain supersingular elliptic curves of prime characteristic. They also point out that the scheme could as easily be implemented on certain ...

We compute Tate pairing over supersingular elliptic curves via the generic BGhES[3] method for p = 5, 7. In those cases, the point multiplication by p is efficiently computed by the Frobenius endomorphism. The function in a cycle can be efficiently computed by the method of continued fraction.

In a 1998 paper [2], Kaneko and Zagier explain unpublished work of Atkin which exhibits an infinite sequence of polynomials with the property that when suitable polynomials are reduced mod p for a prime p, one gets the locus of supersingular elliptic curves. Here we generalize this phenomenon by considering the continued fraction expansions of modular and quasimodular forms.