• Received : 2010.05.12
  • Published : 2012.01.31


A new algorithm is proposed for the construction of Brezing-Weng-like elliptic curves such that polynomials defining the CM discriminant are linear. Using this construction, new families of curves with variable discriminants and embedding degrees of $k{\in}\{8,16,20,24\}$, which were not covered by Freeman, Scott, and Teske [9], are presented. Our result is useful for constructing elliptic curves with larger and more flexible discriminants.


  1. R. M. Avanzi, H. Cohen, C. Doche, G. Frey, T. Lange, K. Nguyen, and F. Vercauteren, Handbook of Elliptic and Hyperelliptic Curve Cryptography, Chapman & Hall/CRC, Sydney, 2006.
  2. R. Balasubramanian and N. Koblitz, The improbability that an elliptic curve has subex-ponential discrete log problem under the Menezes-Okamoto-Vanstone algorithm, J. Cryptology 11 (1998), no. 2, 141-145.
  3. P. S. L. M. Barreto and M. Naehrig, Pairing-friendly elliptic curves of prime order, Proceedings of SAC 2005-Workshop on Selected Areas in Cryptography, Lecture Notes in Computer Science, vol. 3897, pp 319-331, Springer-Verlag, 2006.
  4. D. Boneh and M. Franklin, Identity-based encryption from the Weil pairing. Advances in Cryptography, Proceedings of Crypto 2001, Lecture Notes in Computer Science, Vol. 2139, pp. 213-229, Springer-Verlag, 2001.
  5. D. Boneh, B. Lynn, and H. Shacham, Short signatures from the Weil pairing, Advances in Cryptology: Proceedings of Asiacrypt 2001, Lecture Notes in Computer Science, Vol. 2248, pp. 514-532, Springer-Verlag, 2002.
  6. W. Bosma, J. Cannon, and C. Playoust. The Magma algebra system. I. The user language, J. Symbolic Comput. 24 (1997), no. 3-4, 235-265.
  7. F. Brezing and A. Weng, Elliptic curves suitable for pairing based cryptography, Des. Codes Cryptogr. 37 (2005), no. 1, 133-141.
  8. D. Freeman, Constructing Pairing-Friendly Elliptic Curves with Embedding Degree 10,Algorithmic Number Theory Symposium ANTS-VII, Lecture Notes in Computer Science, Vol. 4076, pp. 452-465, Springer-Verlag, 2006.
  9. D. Freeman, M. Scott, and E. Teske, A taxonomy of pairing-friendly elliptic curves, J. Cryptology 23 (2010), no. 2, 224-280.
  10. S. Galbraith, J. McKee, and P. Valenca, Ordinary abelian varieties having small embedding degree, Finite Fields Appl. 13 (2007), no. 4, 800-814.
  11. T. W. Hungerford, Algebra, Graduate Texts in Mathematics, Vol. 73, Springer, Heidelberg, 1996.
  12. A. Joux, A one round protocol for tripartite Diffie-Hellman, Proceedings of Algorithmic Number Theory Symposium, ANTS-IV, Lecture Notes in Computer Science, Vol. 1838, pp. 385-394, Springer-Verlag, 2000.
  13. E. Kachisa, E. Schaefer, and M. Scott, Constructing Brezing-Weng pairing-friendly elliptic curves using elements in the cyclotomic field, Pairing-based cryptography-Pairing 2008, 126-135, Lecture Notes in Comput. Sci., 5209, Springer, Berlin, 2008.
  14. H.-S. Lee and C.-M. Park, Generating pairing-friendly curves with the CM equation of degree 1, Pairing 2009, vol. 5671, Lecture Notes in Computer Science, page 66-77, Springer-Verlag, 2009.
  15. R. Sakai, K. Ohgishi and M. Kasahara, Cryptosystems based on pairing, The 2000 Symposium on Cryptography and Information Security(SCIS 2000), 2000.
  16. J. H. Silverman, The Arithmetic of Elliptic Curves, Springer-Verlag, Berlin, Germany, 1986.
  17. A. V. Sutherland, Computing Hilbert class polynomials with the Chinese Remainder Theorem, Math. Comp. 80 (2011), no. 273, 501-538.

Cited by

  1. Generating pairing-friendly elliptic curve parameters using sparse families vol.12, pp.2, 2018,