Secure and efficient pairing at 256-Bit security level

Yutaro Kiyomura, Akiko Inoue, Yuto Kawahara, Masaya Yasuda, Tsuyoshi Takagi, Tetsutaro Kobayashi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

At CRYPTO 2016, Kim and Barbulescu proposed an efficient number field sieve (NFS) algorithm for the discrete logarithm problem (DLP) in a finite field. The security of pairing-based cryptography (PBC) is based on the difficulty in solving the DLP. Hence, it has become necessary to revise the bitlength that the DLP is computationally infeasible against the efficient NFS algorithms. The timing of the main operations of PBC (i.e. pairing, scalar multiplication on the elliptic curves, and exponentiation on the finite field) generally becomes slower as the bitlength becomes longer, so it has become increasingly important to compute the main operations of PBC more efficiently. To choose a suitable pairing-friendly curve from among various pairing-friendly curves is one of the factors that affect the efficiency of computing the main operations of PBC. We should implement the main operations of PBC and compare the timing among some pairing-friendly curves in order to choose the suitable pairing-friendly curve precisely. In this paper, we focus on the five candidate pairing-friendly curves from the Barreto- Lynn-Scott (BLS) and Kachisa-Schaefer-Scott (KSS) families as the 256- bit secure pairing-friendly curves and show the following two results; (1) the revised bitlength that the DLP is computationally infeasible against the efficient NFS algorithms for each candidate pairing-friendly curve, (2) the suitable pairing-friendly curve by comparing the timing of the main operations of PBC among the candidate pairing-friendly curves using the revised bitlength.

Original languageEnglish
Title of host publicationApplied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings
EditorsDieter Gollmann, Atsuko Miyaji, Hiroaki Kikuchi
PublisherSpringer Verlag
Pages59-79
Number of pages21
ISBN (Print)9783319612034
DOIs
Publication statusPublished - Jan 1 2017
Event15th International Conference on Applied Cryptography and Network Security, ACNS 2017 - Kanazawa, Japan
Duration: Jul 10 2017Jul 12 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10355 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other15th International Conference on Applied Cryptography and Network Security, ACNS 2017
CountryJapan
CityKanazawa
Period7/10/177/12/17

Fingerprint

Pairing
Cryptography
Pairing-based Cryptography
Sieves
Curve
Discrete Logarithm Problem
Number Field Sieve
Timing
Galois field
Choose
Scalar multiplication
Exponentiation
Elliptic Curves
Necessary
Computing

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Kiyomura, Y., Inoue, A., Kawahara, Y., Yasuda, M., Takagi, T., & Kobayashi, T. (2017). Secure and efficient pairing at 256-Bit security level. In D. Gollmann, A. Miyaji, & H. Kikuchi (Eds.), Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings (pp. 59-79). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10355 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-61204-1_4

Secure and efficient pairing at 256-Bit security level. / Kiyomura, Yutaro; Inoue, Akiko; Kawahara, Yuto; Yasuda, Masaya; Takagi, Tsuyoshi; Kobayashi, Tetsutaro.

Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. ed. / Dieter Gollmann; Atsuko Miyaji; Hiroaki Kikuchi. Springer Verlag, 2017. p. 59-79 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10355 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kiyomura, Y, Inoue, A, Kawahara, Y, Yasuda, M, Takagi, T & Kobayashi, T 2017, Secure and efficient pairing at 256-Bit security level. in D Gollmann, A Miyaji & H Kikuchi (eds), Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10355 LNCS, Springer Verlag, pp. 59-79, 15th International Conference on Applied Cryptography and Network Security, ACNS 2017, Kanazawa, Japan, 7/10/17. https://doi.org/10.1007/978-3-319-61204-1_4
Kiyomura Y, Inoue A, Kawahara Y, Yasuda M, Takagi T, Kobayashi T. Secure and efficient pairing at 256-Bit security level. In Gollmann D, Miyaji A, Kikuchi H, editors, Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. Springer Verlag. 2017. p. 59-79. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-61204-1_4
Kiyomura, Yutaro ; Inoue, Akiko ; Kawahara, Yuto ; Yasuda, Masaya ; Takagi, Tsuyoshi ; Kobayashi, Tetsutaro. / Secure and efficient pairing at 256-Bit security level. Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. editor / Dieter Gollmann ; Atsuko Miyaji ; Hiroaki Kikuchi. Springer Verlag, 2017. pp. 59-79 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{8fd68f8b4b18432da69881822813469e,
title = "Secure and efficient pairing at 256-Bit security level",
abstract = "At CRYPTO 2016, Kim and Barbulescu proposed an efficient number field sieve (NFS) algorithm for the discrete logarithm problem (DLP) in a finite field. The security of pairing-based cryptography (PBC) is based on the difficulty in solving the DLP. Hence, it has become necessary to revise the bitlength that the DLP is computationally infeasible against the efficient NFS algorithms. The timing of the main operations of PBC (i.e. pairing, scalar multiplication on the elliptic curves, and exponentiation on the finite field) generally becomes slower as the bitlength becomes longer, so it has become increasingly important to compute the main operations of PBC more efficiently. To choose a suitable pairing-friendly curve from among various pairing-friendly curves is one of the factors that affect the efficiency of computing the main operations of PBC. We should implement the main operations of PBC and compare the timing among some pairing-friendly curves in order to choose the suitable pairing-friendly curve precisely. In this paper, we focus on the five candidate pairing-friendly curves from the Barreto- Lynn-Scott (BLS) and Kachisa-Schaefer-Scott (KSS) families as the 256- bit secure pairing-friendly curves and show the following two results; (1) the revised bitlength that the DLP is computationally infeasible against the efficient NFS algorithms for each candidate pairing-friendly curve, (2) the suitable pairing-friendly curve by comparing the timing of the main operations of PBC among the candidate pairing-friendly curves using the revised bitlength.",
author = "Yutaro Kiyomura and Akiko Inoue and Yuto Kawahara and Masaya Yasuda and Tsuyoshi Takagi and Tetsutaro Kobayashi",
year = "2017",
month = "1",
day = "1",
doi = "10.1007/978-3-319-61204-1_4",
language = "English",
isbn = "9783319612034",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "59--79",
editor = "Dieter Gollmann and Atsuko Miyaji and Hiroaki Kikuchi",
booktitle = "Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings",
address = "Germany",

}

TY - GEN

T1 - Secure and efficient pairing at 256-Bit security level

AU - Kiyomura, Yutaro

AU - Inoue, Akiko

AU - Kawahara, Yuto

AU - Yasuda, Masaya

AU - Takagi, Tsuyoshi

AU - Kobayashi, Tetsutaro

PY - 2017/1/1

Y1 - 2017/1/1

N2 - At CRYPTO 2016, Kim and Barbulescu proposed an efficient number field sieve (NFS) algorithm for the discrete logarithm problem (DLP) in a finite field. The security of pairing-based cryptography (PBC) is based on the difficulty in solving the DLP. Hence, it has become necessary to revise the bitlength that the DLP is computationally infeasible against the efficient NFS algorithms. The timing of the main operations of PBC (i.e. pairing, scalar multiplication on the elliptic curves, and exponentiation on the finite field) generally becomes slower as the bitlength becomes longer, so it has become increasingly important to compute the main operations of PBC more efficiently. To choose a suitable pairing-friendly curve from among various pairing-friendly curves is one of the factors that affect the efficiency of computing the main operations of PBC. We should implement the main operations of PBC and compare the timing among some pairing-friendly curves in order to choose the suitable pairing-friendly curve precisely. In this paper, we focus on the five candidate pairing-friendly curves from the Barreto- Lynn-Scott (BLS) and Kachisa-Schaefer-Scott (KSS) families as the 256- bit secure pairing-friendly curves and show the following two results; (1) the revised bitlength that the DLP is computationally infeasible against the efficient NFS algorithms for each candidate pairing-friendly curve, (2) the suitable pairing-friendly curve by comparing the timing of the main operations of PBC among the candidate pairing-friendly curves using the revised bitlength.

AB - At CRYPTO 2016, Kim and Barbulescu proposed an efficient number field sieve (NFS) algorithm for the discrete logarithm problem (DLP) in a finite field. The security of pairing-based cryptography (PBC) is based on the difficulty in solving the DLP. Hence, it has become necessary to revise the bitlength that the DLP is computationally infeasible against the efficient NFS algorithms. The timing of the main operations of PBC (i.e. pairing, scalar multiplication on the elliptic curves, and exponentiation on the finite field) generally becomes slower as the bitlength becomes longer, so it has become increasingly important to compute the main operations of PBC more efficiently. To choose a suitable pairing-friendly curve from among various pairing-friendly curves is one of the factors that affect the efficiency of computing the main operations of PBC. We should implement the main operations of PBC and compare the timing among some pairing-friendly curves in order to choose the suitable pairing-friendly curve precisely. In this paper, we focus on the five candidate pairing-friendly curves from the Barreto- Lynn-Scott (BLS) and Kachisa-Schaefer-Scott (KSS) families as the 256- bit secure pairing-friendly curves and show the following two results; (1) the revised bitlength that the DLP is computationally infeasible against the efficient NFS algorithms for each candidate pairing-friendly curve, (2) the suitable pairing-friendly curve by comparing the timing of the main operations of PBC among the candidate pairing-friendly curves using the revised bitlength.

UR - http://www.scopus.com/inward/record.url?scp=85022342177&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85022342177&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-61204-1_4

DO - 10.1007/978-3-319-61204-1_4

M3 - Conference contribution

SN - 9783319612034

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 59

EP - 79

BT - Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings

A2 - Gollmann, Dieter

A2 - Miyaji, Atsuko

A2 - Kikuchi, Hiroaki

PB - Springer Verlag

ER -