Improved Miller’s Algorithm for Computing Pairings on Edwards Curves

Author

Duc-Phong Le ; Chik How Tan

Author_Institution

Temasek Labs., Nat. Univ. of Singapore, Singapore, Singapore

Volume

63

Issue

10

fYear

2014

fDate

Oct. 2014

Firstpage

2626

Lastpage

2632

Abstract

Since Edwards curves were introduced to elliptic curve cryptography by Bernstein and Lange in 2007, they have received a lot of attention due to their very fast group law operation. Pairing computation on such curves is slightly slower than on Weierstrass curves. However, in some pairing-based cryptosystems, they might require a number of scalar multiplications which is time-consuming operation and this can be advantageous to use Edwards in this scenario. In this paper, we present a variant of Miller´s algorithm for pairing computation on Edwards curves. Our approach is generic, it is able to compute both Weil and Tate pairings on pairing-friendly Edwards curves of any embedding degree. Our analysis shows that the new algorithm is faster than the previous algorithms for odd embedding degree and as fast as for even embedding degree. Hence, the new algorithm is suitable for computing optimal pairings and in situations where the denominators elimination technique is not possible.

Keywords

public key cryptography; Edwards curves; Miller algorithm; Tate pairings; Weierstrass curve; Weil pairings; curve pairing computation; elliptic curve cryptography; embedding degree; group law operation; pairing-based cryptosystems; scalar multiplications; Algorithm design and analysis; Cryptographic protocols; Elliptic curve cryptography; Elliptic curves; Equations; Edwards curves; Miller’s algorithm; Weil/Tate pairings; pairing computation; pairing-based cryptography; pairing-friendly elliptic curves;

fLanguage

English

Journal_Title

Computers, IEEE Transactions on

Publisher

ieee

ISSN

0018-9340

Type

jour

DOI

10.1109/TC.2013.125

Filename

6532295