Cryptosystems using pairing computation on elliptic curves have various applications including ID-based encryption ([19],[29],[30] etc.). Scott [33] proposed a scaling method of security by a change of the embedding degree k. On the other hand, he also presented an efficient pairing computation method on an ordinary (non-supersingular) elliptic curve over a large prime field Fp ([34]). In this paper, we present an implementation method of the pairing computation with both of the security scaling in [33] and the efficiency in [34]. First, we will investigate the mathematical nature of the set of the paremeter r (the order of cyclic group used) so as to support many k's. Then, based on it, we will suggest some modification to the algorithm of Scott in [34] to achieve flexible scalability of security level.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Katsuyuki TAKASHIMA, "Scaling Security of Elliptic Curves with Fast Pairing Using Efficient Endomorphisms" in IEICE TRANSACTIONS on Fundamentals,
vol. E90-A, no. 1, pp. 152-159, January 2007, doi: 10.1093/ietfec/e90-a.1.152.
Abstract: Cryptosystems using pairing computation on elliptic curves have various applications including ID-based encryption ([19],[29],[30] etc.). Scott [33] proposed a scaling method of security by a change of the embedding degree k. On the other hand, he also presented an efficient pairing computation method on an ordinary (non-supersingular) elliptic curve over a large prime field Fp ([34]). In this paper, we present an implementation method of the pairing computation with both of the security scaling in [33] and the efficiency in [34]. First, we will investigate the mathematical nature of the set of the paremeter r (the order of cyclic group used) so as to support many k's. Then, based on it, we will suggest some modification to the algorithm of Scott in [34] to achieve flexible scalability of security level.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e90-a.1.152/_p
Copy
@ARTICLE{e90-a_1_152,
author={Katsuyuki TAKASHIMA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Scaling Security of Elliptic Curves with Fast Pairing Using Efficient Endomorphisms},
year={2007},
volume={E90-A},
number={1},
pages={152-159},
abstract={Cryptosystems using pairing computation on elliptic curves have various applications including ID-based encryption ([19],[29],[30] etc.). Scott [33] proposed a scaling method of security by a change of the embedding degree k. On the other hand, he also presented an efficient pairing computation method on an ordinary (non-supersingular) elliptic curve over a large prime field Fp ([34]). In this paper, we present an implementation method of the pairing computation with both of the security scaling in [33] and the efficiency in [34]. First, we will investigate the mathematical nature of the set of the paremeter r (the order of cyclic group used) so as to support many k's. Then, based on it, we will suggest some modification to the algorithm of Scott in [34] to achieve flexible scalability of security level.},
keywords={},
doi={10.1093/ietfec/e90-a.1.152},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - Scaling Security of Elliptic Curves with Fast Pairing Using Efficient Endomorphisms
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 152
EP - 159
AU - Katsuyuki TAKASHIMA
PY - 2007
DO - 10.1093/ietfec/e90-a.1.152
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E90-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2007
AB - Cryptosystems using pairing computation on elliptic curves have various applications including ID-based encryption ([19],[29],[30] etc.). Scott [33] proposed a scaling method of security by a change of the embedding degree k. On the other hand, he also presented an efficient pairing computation method on an ordinary (non-supersingular) elliptic curve over a large prime field Fp ([34]). In this paper, we present an implementation method of the pairing computation with both of the security scaling in [33] and the efficiency in [34]. First, we will investigate the mathematical nature of the set of the paremeter r (the order of cyclic group used) so as to support many k's. Then, based on it, we will suggest some modification to the algorithm of Scott in [34] to achieve flexible scalability of security level.
ER -