Constructing Tower Extensions of Finite Fields for Implementation of Pairing-Based Cryptography

A cryptographic pairing evaluates as an element of a finite extension field, and the evaluation itself involves a considerable amount of extension field arithmetic. It is recognised that organising the extension field as a "tower" of subfield extensions has many advantages. Here we consider criteria that apply when choosing the best towering construction, and the associated choice of irreducible polynomials for the implementation of pairing-based cryptosystems. We introduce a method for automatically constructing efficient towers for more classes of finite fields than previous methods, some of which allow faster arithmetic. We also show that for some families of pairing-friendly elliptic curves defined over Fp there are a large number of instances for which an efficient tower extension Fpk is given immediately if the parameter defining the prime characteristic of the field satisfies a few easily checked equivalences.

[1]  Paulo S. L. M. Barreto,et al.  Compressed Pairings , 2004, CRYPTO.

[2]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[3]  Steven D. Galbraith,et al.  Pairing-Based Cryptography - Pairing 2008, Second International Conference, Egham, UK, September 1-3, 2008. Proceedings , 2008, Pairing.

[4]  Rudolf Lide,et al.  Finite fields , 1983 .

[5]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[6]  Tsuyoshi Takagi,et al.  Pairing-Based Cryptography - Pairing 2007, First International Conference, Tokyo, Japan, July 2-4, 2007, Proceedings , 2007, Pairing.

[7]  晋輝 趙,et al.  H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercauteren (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography, Discrete Math. Appl. (Boca Raton)., Chapman & Hall/CRC, 2006年,xxxiv + 808ページ. , 2009 .

[8]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[9]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[10]  Paulo S. L. M. Barreto,et al.  Constructing Elliptic Curves with Prescribed Embedding Degrees , 2002, SCN.

[11]  Franz Lemmermeyer,et al.  Reciprocity Laws: From Euler to Eisenstein , 2000 .

[12]  Martijn Stam,et al.  On Small Characteristic Algebraic Tori in Pairing-Based Cryptography , 2004, IACR Cryptol. ePrint Arch..

[13]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[14]  Alfred Menezes,et al.  Pairing-Based Cryptography at High Security Levels , 2005, IMACC.

[15]  Frederik Vercauteren,et al.  The Eta Pairing Revisited , 2006, IEEE Transactions on Information Theory.

[16]  Tanja Lange,et al.  Faster Computation of the Tate Pairing , 2009, IACR Cryptol. ePrint Arch..

[17]  Michael Scott,et al.  Constructing Brezing-Weng Pairing-Friendly Elliptic Curves Using Elements in the Cyclotomic Field , 2008, Pairing.

[18]  Christof Paar,et al.  Optimal Extension Fields for Fast Arithmetic in Public-Key Algorithms , 1998, CRYPTO.

[19]  Berk Sunar,et al.  Optimal tower fields , 2004, IEEE Transactions on Computers.

[20]  Michael Scott,et al.  A Taxonomy of Pairing-Friendly Elliptic Curves , 2010, Journal of Cryptology.

[21]  Masaaki Shirase,et al.  Universally Constructing 12-th Degree Extension Field for Ate Pairing , 2009, IACR Cryptol. ePrint Arch..

[22]  Michael Scott,et al.  Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves , 2009, Journal of Cryptology.

[23]  W. J. Thron,et al.  Encyclopedia of Mathematics and its Applications. , 1982 .

[24]  Ricardo Dahab,et al.  Implementing Cryptographic Pairings over Barreto-Naehrig Curves , 2007, Pairing.

[25]  K. Brown,et al.  Graduate Texts in Mathematics , 1982 .

[26]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[27]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[28]  Hyang-Sook Lee,et al.  Efficient and Generalized Pairing Computation on Abelian Varieties , 2009, IEEE Transactions on Information Theory.

[29]  Tanja Lange,et al.  Faster computation of Tate pairings , 2009 .

[30]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[31]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.