Efficient implementation of pairing-based cryptosystems

被引：9

作者：

Barreto, PSLM

Lynn, B

Scott, M

机构：

[1] Univ Sao Paulo, Escola Politecn, BR-05508900 Sao Paulo, Brazil

[2] Stanford Univ, Dept Comp Sci, Stanford, CA 94305 USA

[3] Dublin City Univ, Sch Comp Applicat, Dublin 9, Ireland

来源：

JOURNAL OF CRYPTOLOGY | 2004年 / 17卷 / 04期

关键词：

pairing-based cryptosystem; elliptic curve construction; efficient implementation; Tate pairing;

D O I：

10.1007/s00145-004-0311-z

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Pairing-based cryptosystems rely on the existence of bilinear, nondegenerate, efficiently computable maps (called pairings) over certain groups. Currently, all such pairings used in practice are related to the Tate pairing on elliptic curve groups whose embedding degree is large enough to maintain a good security level, but small enough for arithmetic operations to be feasible. In this paper we describe how to construct ordinary (non-supersingular) elliptic curves containing groups with arbitrary embedding degree, and show how to compute the Tate pairing on these groups efficiently.

引用

页码：321 / 334

页数：14

共 28 条

[1] The improbability that an elliptic curve has subexponential discrete log problem under the Menezes-Okamoto-Vanstone algorithm [J].