Institutional Repository
| analysis of optimum pairing products at high security levels | |
| Zhang Xusheng; Lin Dongdai | |
| 2012 | |
| 会议名称 | 13th International Conference on Cryptology in India, INDOCRYPT 2012 |
| 会议录名称 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| 页码 | 412-430 |
| 会议日期 | December 9, 2012 - December 12, 2012 |
| 会议地点 | Kolkata, India |
| 收录类别 | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642349300 |
| 部门归属 | (1) Institute of Software Chinese Academy of Sciences Beijing 100190 China; (2) University of Chinese Academy of Sciences Beijing 100049 China; (3) Institute of Information Engineering Chinese Academy of Sciences Beijing 100093 China |
| 摘要 | In modern pairing implementations, considerable researches target at the optimum pairings at different security levels. However, in many cryptographic protocols, computing products or quotients of pairings is needed instead of computing single pairings. In this paper, we mainly analyze the computations of fast pairings on Kachisa-Schaefer-Scott curves with embedding degree 16 (KSS16) for the 192-bit security and Barreto-Lynn-Scott curves with embedding degree 27 (BLS27) for the 256-bit security, and then compare the cost estimations for implementing products and quotients of pairings at the 192 and 256-bit security levels. Being different from implementing single pairings, our results show that KSS16 curves could be most efficient for computing products or quotients of pairings for the 192-bit security; and for the 256-bit security, BLS27 curves might be more efficient for computing products of no less than 25 pairings, otherwise BLS24 curves are much more efficient. In addition, for the fast pairing computation on BLS27 curves, we propose faster Miller formulas in both affine and projective coordinates on curves with only cubic twist and embedding degree divisible by 3. © Springer-Verlag 2012.; In modern pairing implementations, considerable researches target at the optimum pairings at different security levels. However, in many cryptographic protocols, computing products or quotients of pairings is needed instead of computing single pairings. In this paper, we mainly analyze the computations of fast pairings on Kachisa-Schaefer-Scott curves with embedding degree 16 (KSS16) for the 192-bit security and Barreto-Lynn-Scott curves with embedding degree 27 (BLS27) for the 256-bit security, and then compare the cost estimations for implementing products and quotients of pairings at the 192 and 256-bit security levels. Being different from implementing single pairings, our results show that KSS16 curves could be most efficient for computing products or quotients of pairings for the 192-bit security; and for the 256-bit security, BLS27 curves might be more efficient for computing products of no less than 25 pairings, otherwise BLS24 curves are much more efficient. In addition, for the fast pairing computation on BLS27 curves, we propose faster Miller formulas in both affine and projective coordinates on curves with only cubic twist and embedding degree divisible by 3. © Springer-Verlag 2012. |
| 关键词 | Cryptography |
| 主办者 | Defence Research and Developement Organization (D.R.D.O.); Google Inc.; Microsoft Research; National Board of Higher Mathematics (N.B.H.M.); Reserve Bank of India (R.B.I.); Tata Consultancy Services (T.C.S.) |
| 语种 | 英语 |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/15823 |
| 专题 | 中国科学院软件研究所 |
| 推荐引用方式 GB/T 7714 | Zhang Xusheng,Lin Dongdai. analysis of optimum pairing products at high security levels[C],2012:412-430. |
| 条目包含的文件 | 条目无相关文件。 | |||||
| 个性服务 |
| 推荐该条目 |
| 保存到收藏夹 |
| 查看访问统计 |
| 导出为Endnote文件 |
| 谷歌学术 |
| 谷歌学术中相似的文章 |
| [Zhang Xusheng]的文章 |
| [Lin Dongdai]的文章 |
| 百度学术 |
| 百度学术中相似的文章 |
| [Zhang Xusheng]的文章 |
| [Lin Dongdai]的文章 |
| 必应学术 |
| 必应学术中相似的文章 |
| [Zhang Xusheng]的文章 |
| [Lin Dongdai]的文章 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论