High-Speed Parallel Software Implementation of the ηT Pairing

We describe a high-speed software implementation of the ηT pairing over binary supersingular curves at the 128-bit security level. This implementation explores two types of parallelism found in modern multi-core platforms: vector instructions and multiprocessing. We first introduce novel techniques for implementing arithmetic in binary fields with vector instructions. We then devise a new parallelization of Miller's Algorithm to compute pairings. This parallelization provides an algorithm for pairing computation without increasing storage costs significantly. The combination of these acceleration techniques produce serial timings at least 24% faster and parallel timings 66% faster than the best previous result in an Intel Core platform, establishing a new state-of-the-art implementation of this pairing instantiation in this platform.

[1]  Frederik Vercauteren,et al.  The Eta Pairing Revisited , 2006, IEEE Transactions on Information Theory.

[2]  William P. Marnane,et al.  Identity- Based Cryptography , 2008 .

[3]  Emanuele Cesena Pairing with Supersingular Trace Zero Varieties Revisited , 2008, IACR Cryptol. ePrint Arch..

[4]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[5]  Francisco Rodríguez-Henríquez,et al.  A Comparison between Hardware Accelerators for the Modified Tate Pairing over F2m and F3m , 2008, Pairing.

[6]  Shigeo Mitsunari A Fast Implementation of etaT Pairing in Characteristic Three on Intel Core 2 Duo Processor , 2009, IACR Cryptol. ePrint Arch..

[7]  Antonio Lioy,et al.  Trace Zero Varieties in Pairing-based Cryptography , 2010 .

[8]  Frederik Vercauteren,et al.  Optimal Pairings , 2010, IEEE Transactions on Information Theory.

[9]  Michael E. Kounavis,et al.  Multiplication Instruction and its Usage for Computing the GCM Mode , 2010 .

[10]  Ricardo Dahab,et al.  High-Speed Software Multiplication in F2m , 2000, INDOCRYPT.

[11]  Steven D. Galbraith,et al.  Pairing-Based Cryptography - Pairing 2008, Second International Conference, Egham, UK, September 1-3, 2008. Proceedings , 2008, Pairing.

[12]  Bimal Roy,et al.  Progress in Cryptology —INDOCRYPT 2000 , 2002, Lecture Notes in Computer Science.

[13]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[14]  Hyang-Sook Lee,et al.  Efficient and Generalized Pairing Computation on Abelian Varieties , 2009, IEEE Transactions on Information Theory.

[15]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[16]  Paulo S. L. M. Barreto,et al.  Efficient Implementation of Pairing-Based Cryptosystems , 2004, Journal of Cryptology.

[17]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[18]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[19]  Victor S. Miller,et al.  The Weil Pairing, and Its Efficient Calculation , 2004, Journal of Cryptology.

[20]  Francisco Rodríguez-Henríquez,et al.  Multi-core Implementation of the Tate Pairing over Supersingular Elliptic Curves , 2009, CANS.

[21]  Johann Großschädl,et al.  On Software Parallel Implementation of Cryptographic Pairings , 2008, IACR Cryptol. ePrint Arch..

[22]  Robert B. Ash,et al.  Information Theory , 2020, The SAGE International Encyclopedia of Mass Media and Society.

[23]  Alfred Menezes,et al.  Field inversion and point halving revisited , 2004, IEEE Transactions on Computers.