Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

A Comparative Study of Twist Property in KSS Curves of Embedding Degree 16 and 18 from the Implementation Perspective

  • Khandaker, Md. Al-Amin (Department of Information and Communication Systems, Okayama University) ;
  • Park, Taehwan (Department of Electrical and Computer, Pusan National University) ;
  • Nogami, Yasuyuki (Department of Information and Communication Systems, Okayama University) ;
  • Kim, Howon (Department of Electrical and Computer, Pusan National University)
  • Received : 2017.06.05
  • Accepted : 2017.06.13
  • Published : 2017.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Implementation of faster pairing calculation is the basis of efficient pairing-based cryptographic protocol implementation. Generally, pairing is a costly operation carried out over the extension field of degree $k{\geq}12$. But the twist property of the pairing friendly curve allows us to calculate pairing over the sub-field twisted curve, where the extension degree becomes k/d and twist degree d = 2, 3, 4, 6. The calculation cost is reduced substantially by twisting but it makes the discrete logarithm problem easier if the curve parameters are not carefully chosen. Therefore, this paper considers the most recent parameters setting presented by Barbulescu and Duquesne [1] for pairing-based cryptography; that are secure enough for 128-bit security level; to explicitly show the quartic twist (d = 4) and sextic twist (d = 6) mapping between the isomorphic rational point groups for KSS (Kachisa-Schaefer-Scott) curve of embedding degree k = 16 and k = 18, receptively. This paper also evaluates the performance enhancement of the obtained twisted mapping by comparing the elliptic curve scalar multiplications.

Keywords

References

  1. R. Barbulescu and S. Duquesne, "Updating key size estimations for pairings," Cryptology ePrint Archive, 2017 [Internet], Available: http://ia.cr/2017/334.
  2. H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen, and F. Vercauteren, Handbook of Elliptic and Hyperelliptic Curve Cryptography. Boca Raton, FL: CRC Press, 2005.
  3. E. Kachisa, E. Schaefer, and M. Scott, "Constructing BrezingWeng pairing-friendly elliptic curves using elements in the cyclotomic field," in Pairing-Based Cryptography-Pairing 2008, Lecture Notes in Computer Science, vol. 5209, pp. 126-135, 2008.
  4. T. Kim and R. Barbulescu, "Extended tower number field sieve: a new complexity for the medium prime case," in Advances in Cryptology-CRYPTO 2016, Lecture Notes in Computer Science, vol. 9814, pp. 543-571, 2016.
  5. L. C. Washington, Elliptic Curves: Number Theory and Cryptography. Boca Raton, FL: CRC press, 2008.
  6. P. C. Kocher, "Timing attacks on implementations of DiffieHellman, RSA, DSS, and other systems," in Advances in Cryptology-CRYPTO'96, Lecture Notes in Computer Science, vol. 1109, pp. 104-113, 1996.
  7. P. L. Montgomery, "Speeding the pollard and elliptic curve methods of factorization," Journal of Mathematics of Computation, vol. 48, no. 177, pp. 243-264, 1987. https://doi.org/10.1090/S0025-5718-1987-0866113-7
  8. C. K. Koc, "High-radix and bit recoding techniques for modular exponentiation," International Journal of Computer Mathematics, vol. 40, no. 3-4, pp. 139-156, 1991. https://doi.org/10.1080/00207169108804009
  9. D. V. Bailey and C. Paar, "Efficient arithmetic in finite field extensions with application in elliptic curve cryptography," Journal of Cryptology, vol. 14, no. 3, pp. 153-176, 2001. https://doi.org/10.1007/s001450010012
  10. Y. Mori, S. Akagi, Y. Nogami, and M. Shirase, "Pseudo 8-sparse multiplication for efficient ate- based pairing on Barreto-Naehrig curve," in Pairing-Based Cryptography-Pairing 2013, Lecture Notes in Computer Science, vol. 8365, pp. 186-198, 2013.
  11. The GNU Multiple Precision Arithmetic Library 6.1.1 edition, 2016 [Internet], Available: http://gmplib.or.