Download presentation

Presentation is loading. Please wait.

Published byRoberta Parrish Modified over 2 years ago

1
Graduate School of Natural Science and Technology Okayama University Yumi Sakemi, Hidehiro Kato, Shoichi Takeuchi, Yasuyuki Nogami and Yoshitaka Morikawa Two Improvements of Twisted Ate Pairing with Barreto–Naehrig Curve by Dividing Miller’s Algorithm

2
Elliptic curve cryptography Finite field theory Background Pairing based cryptography Identity(ID)-based cryptography ( Sakai et al. 2000 ) Group signature ( Boneh et al. 2003 ) An efficient algorithm for pairing calculation is required. 2 expensive operation!! Pairing Pairing based cryptography

3
Elliptic Curve over Finite Field ○ Finite fields ○ Elliptic curve over ● ： rational point Prime field Extension Field order of ： 3 Group of rational points on the curve ： ： embedding degree

4
Pairing 4 Group 1 Group 2 Group 3 order= r e additive multiplicative

5
Pairing 5 Group 1 Group 2 Group 3 order = r

6
Pairing 6 Group 1 Group 2 Group 3 order = r

7
Pairing 7 Group 1 Group 2 Group 3 order = r Bilinearity Innovative cryptographic applications are based on bilinearity of pairing.

8
Pairing 8 Group 1 Group 2 Group 3 order = r Final exponentiation Miller’s algorithm Weil Tate Ate Twisted Ate slow fast Miller’s algorithm Several improvements for pairing (1946) (2006) (1994) (2006)

9
Barreto-Naehrig(BN) Curve Elliptic curve of k =12 Parameters p, r and t of BN curve are given by integer variable as 9

10
Miller’s Algorithm Output : i-th bit of the binary representation of s from the lower Hw(s) : Hamming Weight of s Hw(s) is large → computationally expensive 10 yes no yes no additional operation main loop Input :

11
Twisted Ate Pairing with BN Curve It is not easy to control the Hw(s) small !! 11 : integer We can select of small hamming weight.

12
Improvement 1 conventional method Miller’s algorithm ( s ) 12 Out put Improvement 1 is based on divisor theorem proposed method Miller’s algorithm ( ) Miller’s algorithm ( ) Miller’s algorithm ( ) Combining Output

13
Improvement 2 Miller’s algorithm ( a ) Miller’s algorithm ( ab ) Output f ab Miller’s algorithm ( b ) combining fafa fbfb f ab = f a b ･ f b An exponentiation is additionally required !! f ap = f a p ･ f p Frobenius mapping 12

14
Improvement 2 conventional method Miller’s algorithm ( s ) Out put 13 proposed method Miller’s algorithm ( ) Miller’s algorithm ( p ) combining and some calculations Output s = ( 6 － 3 ) p + ( 6 － 1) s = 36 3 － 18 2 ＋ 6 － 1 f s is given by f and f p.

15
Computational environment

16
Experimental results [ms] - 14.8% 14 conventionalImprovement 1Improvement 2 Miller’s algorithm15.712.912.8 Final exponentiation4.70 total20.417.617.5

17
Conclusion ○ We proposed two improvements for twisted Ate pairing. ○ It was shown that they have almost the same efficiency. 16

Similar presentations

OK

Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.

Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Simple machines for kids ppt on batteries Ppt on non agricultural activities Ppt on water transport in india Ppt on world diabetes day Free ppt on self development Ppt on maintenance of diesel engine Ppt on product management process Ppt on money and credit download Ppt on power sharing in democracy it is important Ppt on forest in india