Comparing the Pairing Efficiency over Composite-Order and Prime-Order Elliptic Curves

Aurore Guillevic 1, 2
1 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : We provide software implementation timings for pairings over composite-order and prime-order elliptic curves. Composite orders must be large enough to be infeasible to factor. They are modulus of 2 up to 5 large prime numbers in the literature. There exists size recommendations for two-prime RSA modulus and we extend the results of Lenstra concerning the RSA modulus sizes to multi-prime modulus, for various security levels. We then implement a Tate pairing over a composite order supersingular curve and an optimal ate pairing over a prime-order Barreto-Naehrig curve, both at the 128-bit security level. We use our implementation timings to deduce the total cost of the homomorphic encryption scheme of Boneh, Goh and Nissim and its translation by Freeman in the prime-order setting. We also compare the efficiency of the unbounded Hierarchical Identity Based Encryption protocol of Lewko and Waters and its translation by Lewko in the prime order setting. Our results strengthen the previously observed inefficiency of composite-order bilinear groups and advocate the use of prime-order group whenever possible in protocol design.
Type de document :
Communication dans un congrès
ACNS - 11th International Conference on Applied Cryptography and Network Security - 2013, Jun 2013, Banff, Canada. 2013
Liste complète des métadonnées

Littérature citée [26 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00812960
Contributeur : Aurore Guillevic <>
Soumis le : samedi 13 avril 2013 - 21:11:03
Dernière modification le : mardi 24 avril 2018 - 17:20:13
Document(s) archivé(s) le : dimanche 14 juillet 2013 - 04:06:52

Fichier

Paper_v6.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00812960, version 1

Collections

Citation

Aurore Guillevic. Comparing the Pairing Efficiency over Composite-Order and Prime-Order Elliptic Curves. ACNS - 11th International Conference on Applied Cryptography and Network Security - 2013, Jun 2013, Banff, Canada. 2013. 〈hal-00812960〉

Partager

Métriques

Consultations de la notice

411

Téléchargements de fichiers

612