Key length estimation of pairing-based cryptosystems using η T pairing

Naoyuki Shinohara, Takeshi Shimoyama, Takuya Hayashi, Tsuyoshi Takagi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)


The security of pairing-based cryptosystems depends on the difficulty of the discrete logarithm problem (DLP) over certain types of finite fields. One of the most efficient algorithms for computing a pairing is the η T pairing over supersingular curves on finite fields whose characteristic is 3. Indeed many high-speed implementations of this pairing have been reported, and it is an attractive candidate for practical deployment of pairing-based cryptosystems. The embedding degree of the η T pairing is 6, so we deal with the difficulty of a DLP over the finite field GF(3 6n), where the function field sieve (FFS) is known as the asymptotically fastest algorithm of solving it. Moreover, several efficient algorithms are employed for implementation of the FFS, such as the large prime variation. In this paper, we estimate the time complexity of solving the DLP for the extension degrees n=97,163, 193,239,313,353,509, when we use the improved FFS. To accomplish our aim, we present several new computable estimation formulas to compute the explicit number of special polynomials used in the improved FFS. Our estimation contributes to the evaluation for the key length of pairing-based cryptosystems using the η T pairing.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - 8th International Conference, ISPEC 2012, Proceedings
Number of pages17
Publication statusPublished - 2012
Event8th International Conference on Information Security Practice and Experience, ISPEC 2012 - Hangzhou, China
Duration: Apr 9 2012Apr 12 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7232 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other8th International Conference on Information Security Practice and Experience, ISPEC 2012

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Key length estimation of pairing-based cryptosystems using η <sub>T</sub> pairing'. Together they form a unique fingerprint.

Cite this