Speeding up the Final Exponentiation in Pairing Computation

In this paper we propose efficient and general method to accelerate the final exponentiation in pairing computation. For an elliptic curve over a prime field Fp, our approach is to adjust the greatest coefficient of the final exponent in p-ary representation to be minimized by multiplying the original final exponent by a suitable integer. Since our method does not exploit the structure of parameters of elliptic curves, it is applicable to any curve with small embedding degree k, which is small enough to solve the shortest vector problem in a φ(k)-dimensional lattice easily. On average our method reduces the number of multiplications and squarings required to perform the final exponentiation by (1 − 1 φ(k) ) if k 6= 2.

[1]  Hyang-Sook Lee,et al.  Efficient and Generalized Pairing Computation on Abelian Varieties , 2009, IEEE Transactions on Information Theory.

[2]  Michael Scott,et al.  A Taxonomy of Pairing-Friendly Elliptic Curves , 2010, Journal of Cryptology.

[3]  A. Miyaji,et al.  New Explicit Conditions of Elliptic Curve Traces for FR-Reduction , 2001 .

[4]  David Mandell Freeman,et al.  Constructing Pairing-Friendly Elliptic Curves with Embedding Degree 10 , 2006, ANTS.

[5]  Roberto Maria Avanzi,et al.  Generic Efficient Arithmetic Algorithms for PAFFs (Processor Adequate Finite Fields) and Related Algebraic Structures (Extended Abstract) , 2003, Selected Areas in Cryptography.

[6]  Satoru Tanaka,et al.  Implementing Cryptographic Pairings over Curves of Embedding Degrees 8 and 10 , 2007, IACR Cryptol. ePrint Arch..

[7]  Frederik Vercauteren,et al.  The Eta Pairing Revisited , 2006, IEEE Transactions on Information Theory.

[8]  Michael Scott,et al.  On the Final Exponentiation for Calculating Pairings on Ordinary Elliptic Curves , 2009, Pairing.

[9]  Paulo S. L. M. Barreto,et al.  Efficient Implementation of Pairing-Based Cryptosystems , 2004, Journal of Cryptology.

[10]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[11]  Frederik Vercauteren,et al.  Optimal Pairings , 2010, IEEE Transactions on Information Theory.

[12]  Victor S. Miller,et al.  The Weil Pairing, and Its Efficient Calculation , 2004, Journal of Cryptology.

[13]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[14]  Paulo S. L. M. Barreto,et al.  Compressed Pairings , 2004, CRYPTO.

[15]  Paulo S. L. M. Barreto,et al.  On Compressible Pairings and Their Computation , 2008, AFRICACRYPT.

[16]  Igor A. Semaev,et al.  A 3-Dimensional Lattice Reduction Algorithm , 2001, CaLC.

[17]  Damien Stehlé,et al.  Low-dimensional lattice basis reduction revisited , 2004, TALG.

[18]  Arjen K. Lenstra,et al.  Efficient Subgroup Exponentiation in Quadratic and Sixth Degree Extensions , 2002, CHES.