A flexible processor for the characteristic 3 ηT pairing

The η T pairing is an efficient method for the calculation of the Tate pairing. In this paper, we describe the hardware implementation of the η T pairing on a supersingular elliptic curve of characteristic 3. All characteristic 3 operations required for the computation of the pairing are outlined in detail. We describe how the required extension field operations can be performed in terms of subfield operations, many of which can be computed in parallel in hardware. The hardware architectures required for pairing computation are also described. An efficient and reconfigurable processor utilising these hardware architectures is presented and discussed. The processor is highly reconfigurable and can easily be tailored for a low area implementation, or for a high throughput implementation or for a desired balance between the two. Results are provided for various configurations of the processor when implemented over the field F397 on an FPGA.

[1]  Guido Bertoni,et al.  Efficient GF(pm) Arithmetic Architectures for Cryptographic Applications , 2003, CT-RSA.

[2]  Keshab K. Parhi,et al.  Low-Energy Digit-Serial/Parallel Finite Field Multipliers , 1998 .

[3]  Eric R. Verheul,et al.  Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems , 2004, Journal of Cryptology.

[4]  Dan Page,et al.  Hardware Acceleration of the Tate Pairing in Characteristic Three , 2005, CHES.

[5]  Tim Kerins,et al.  Algorithms and Architectures for Use in FPGA Implementations of Identity Based Encryption Schemes , 2004, FPL.

[6]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[7]  Soonhak Kwon,et al.  Efficient Tate Pairing Computation for Elliptic Curves over Binary Fields , 2005, ACISP.

[8]  Steven D. Galbraith,et al.  Implementing the Tate Pairing , 2002, ANTS.

[9]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[10]  Gerardo Pelosi,et al.  Parallel Hardware Architectures for the Cryptographic Tate Pairing , 2006, Third International Conference on Information Technology: New Generations (ITNG'06).

[11]  Paulo S. L. M. Barreto,et al.  Efficient Hardware for the Tate Pairing Calculation in Characteristic Three , 2005, CHES.

[12]  Masaaki Shirase,et al.  An Algorithm for the nt Pairing Calculation in Characteristic Three and its Hardware Implementation , 2007, 18th IEEE Symposium on Computer Arithmetic (ARITH '07).

[13]  Iwan M. Duursma,et al.  Tate Pairing Implementation for Hyperelliptic Curves y2 = xp-x + d , 2003, ASIACRYPT.

[14]  Ratna Dutta,et al.  Pairing-based cryptography : A survey , 2004 .

[15]  G. Frey,et al.  A remark concerning m -divisibility and the discrete logarithm in the divisor class group of curves , 1994 .

[16]  Masaaki Shirase,et al.  An Algorithm for the ηT Pairing Calculation in Characteristic Three and its Hardware Implementation , 2006, IACR Cryptol. ePrint Arch..