Compact hardware for computing the Tate pairing over 128-bit-security supersingular curves

Nicolas Estibals 1
1 CARAMEL - Cryptology, Arithmetic: Hardware and Software
Inria Nancy - Grand Est, LORIA - ALGO - Department of Algorithms, Computation, Image and Geometry
Abstract : This paper presents a novel method for designing compact yet efficient hardware implementations of the Tate pairing over supersingular curves in small characteristic. Since such curves are usually restricted to lower levels of security because of their bounded embedding degree, aiming for the recommended security of 128 bits implies considering them over very large finite fields. We however manage to mitigate this effect by considering curves over field extensions of moderately-composite degree, hence taking advantage of a much easier tower field arithmetic. This technique of course lowers the security on the curves, which are then vulnerable to Weil descent attacks, but a careful analysis allows us to maintain their security above the 128-bit threshold. As a proof of concept of the proposed method, we detail an FPGA ac- celerator for computing the Tate pairing on a supersingular curve over GF(3^(5·97)) , which satisfies the 128-bit security target. On a mid-range Xilinx Virtex-4 FPGA, this accelerator computes the pairing in 2.2 ms while requiring no more than 4755 slices.
Document type :
Conference papers
Liste complète des métadonnées

Cited literature [48 references]  Display  Hide  Download

https://hal.inria.fr/inria-00539926
Contributor : Nicolas Estibals <>
Submitted on : Thursday, November 25, 2010 - 3:28:08 PM
Last modification on : Tuesday, December 18, 2018 - 4:18:25 PM
Document(s) archivé(s) le : Saturday, December 3, 2016 - 12:35:14 AM

File

pairing2010.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Nicolas Estibals. Compact hardware for computing the Tate pairing over 128-bit-security supersingular curves. Marc Joye and Atsuko Miyaji and Akira Otsuka. Pairing 2010 -- 4th International Conference on Pairing-Based Cryptography, Dec 2010, Yamanaka Hot Spring, Japan. 6487, pp.397-416, 2010, Lecture Notes in Computer Science. 〈10.1007/978-3-642-17455-1〉. 〈inria-00539926〉

Share

Metrics

Record views

182

Files downloads

194