Efficient Pairing Computation on Elliptic Curves in Hessian Form

Pairings in elliptic curve cryptography are functions which map a pair of elliptic curve points to a non-zero element of a finite field. In recent years, many useful cryptographic protocols based on pairings have been proposed. The fast implementations of pairings have become a subject of active research areas in cryptology. In this paper, we give the geometric interpretation of the group law on Hessian curves. Furthermore, we propose the first algorithm for computing the Tate pairing on elliptic curves in Hessian form. Analysis indicates that it is faster than all algorithms of Tate pairing computation known so far for Weierstrass and Edwards curves excepted for the very special elliptic curves with a4 = 0, a6 = b2.

[1]  Hovav Shacham,et al.  Pairing-Based Cryptography - Pairing 2009, Third International Conference, Palo Alto, CA, USA, August 12-14, 2009, Proceedings , 2009, Pairing.

[2]  Ed Dawson,et al.  New Formulae for Efficient Elliptic Curve Arithmetic , 2007, INDOCRYPT.

[3]  Tanja Lange,et al.  Faster computation of Tate pairings , 2009 .

[4]  Antoine Joux,et al.  The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems , 2002, ANTS.

[5]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[6]  Colin Boyd,et al.  Faster Pairings on Special Weierstrass Curves , 2009, Pairing.

[7]  D. Chudnovsky,et al.  Sequences of numbers generated by addition in formal groups and new primality and factorization tests , 1986 .

[8]  Tanja Lange,et al.  Analysis and optimization of elliptic-curve single-scalar multiplication , 2007, IACR Cryptol. ePrint Arch..

[9]  Sanjit Chatterjee,et al.  Efficient Computation of Tate Pairing in Projective Coordinate over General Characteristic Fields , 2004, ICISC.

[10]  Antoine Joux,et al.  Another Approach to Pairing Computation in Edwards Coordinates , 2008, INDOCRYPT.

[11]  Victor S. Miller,et al.  The Weil Pairing, and Its Efficient Calculation , 2004, Journal of Cryptology.

[12]  G. Frey,et al.  A remark concerning m -divisibility and the discrete logarithm in the divisor class group of curves , 1994 .

[13]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[14]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[15]  Alfred Menezes,et al.  Pairing-Based Cryptography at High Security Levels , 2005, IMACC.

[16]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[17]  C. Pandu Rangan,et al.  Progress in Cryptology - INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007, Proceedings , 2007, INDOCRYPT.

[18]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[19]  Nigel P. Smart,et al.  The Hessian Form of an Elliptic Curve , 2001, CHES.

[20]  Choonsik Park,et al.  Information Security and Cryptology - ICISC 2004, 7th International Conference, Seoul, Korea, December 2-3, 2004, Revised Selected Papers , 2005, ICISC.

[21]  Marc Joye,et al.  Hessian Elliptic Curves and Side-Channel Attacks , 2001, CHES.

[22]  Vincent Rijmen,et al.  Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings , 2008, INDOCRYPT.

[23]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .