Alice calcule e(bg, cg) a , Bob calcule e(cg, ag) b , Charlie calcule e(ag, bg) c , Par bilinéarité du couplage la clé commune est e(g, g) abc ,
Antoine Joux ne nécessite qu'un échange de données, au lieu de deux pour le protocole original de Die Hellman. La simplication réside dans le nombre d'échanges à faire pour construire une clé commune ,
156 V.6.2 La ? -ième itération, p.167 ,
Transaction Security System, IBM Systems Journal, vol.30, issue.2, pp.206-229, 1991. ,
DOI : 10.1147/sj.302.0206
Software Implementation of Arithmetic in F 3 m, WAIFI '07 : Proceedings of the 1st international workshop on Arithmetic of Finite Fields, p.85102, 2007. ,
Tamper resistance : a cautionary note, WOEC'96 : Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, 1996. ,
A coprocessor for the nal exponentiation of the ? T pairing in characteristic three, Proceedings of Wai 2007, number 4547 in Lecture Notes in Computer Science, p.2539, 2007. ,
Computing Tate pairing on smartcards, 2005. ,
The Magma Algebra System I: The User Language, Jounal of Symbolic Computation, 1997. ,
DOI : 10.1006/jsco.1996.0125
Hardware accelerator for the Tate pairing in characteristic three based on Karatsuba-Ofman multipliers, Cryptographic Hardware and Embedded Systems CHES 2009, number 5747 in Lecture Notes in Computer Science, p.225239, 2009. ,
Residue systems eciency for modular products summation : Application to Elliptic Curves Cryptography, Advanced Signal Processing Algorithms, Architectures, and Implementations XVI, part of the SPIE Optics Photonics 2006 Symposium (Proceedings of SPIE)), volume, pp.631304-631304, 2006. ,
Pairing in cryptography : an arithmetic point of view, Advanced Signal Processing Algorithms, Architectures, and Implementations XVII, part of the SPIE Optics & Photonics 2007 Symposium (Proceedings of SPIE), p.66970, 2007. ,
URL : https://hal.archives-ouvertes.fr/lirmm-00181362
Identity-Based Encryption from the Weil Pairing, CRYPTO '01 : Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213229, 2001. ,
Fast Point Multiplication on Elliptic Curves through Isogenies, Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, AAECC 2003, p.4350, 2003. ,
DOI : 10.1007/3-540-44828-4_6
The improbability that an elliptic curve has sub-exponential discrete log problem under the Menezes Okamoto Vanstone algorithm, In Journal of Cryptology, vol.11, p.141145, 1998. ,
Ecient Algorithms for Pairing-Based Cryptosystems, CRYPTO '02 : Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.354368, 2002. ,
Performance evaluation of a new side channel resistant coordinate system for elliptic curves, 2007. ,
Short signatures from the Weil pairing, Advances in Cryptology ASIACRYPT 2001, p.514532, 2001. ,
Ecient Implementation of Pairing-Based Cryptosystems, Journal of Cryptology, p.321334, 2004. ,
On the Selection of Pairing- Friendly Groups, SAC 2003 : 10th Annual International Workshop on Selected Areas in Cryptography, p.1725, 2004. ,
Pairing-Friendly Elliptic Curves of Prime Order, Selected Areas in Cryptography -SAC 2005, pp.319-331, 2006. ,
DOI : 10.1007/11693383_22
Group Signatures with Verier- Local Revocation, ACM CCS 04 : 11th Conference on Computer and Communications Security, p.168177, 2004. ,
DOI : 10.1145/1030083.1030106
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.77.8033
Advances in Elliptic Curve Cryptography, 2005. ,
DOI : 10.1017/CBO9780511546570
Elliptic Curves Suitable for Pairing Based Cryptography, Designs Codes and Cryptography, p.133141, 2005. ,
DOI : 10.1007/s10623-004-3808-4
Handbook of elliptic and hyperelliptic curve cryptography, Discrete Math. Appl, vol.20051020, 2006. ,
DOI : 10.1201/9781420034981
Benedetto xiv, pontece massimo, tomo secondo, 1750. ,
Indentity-based cryptosystems based on the Weil pairing, 2001. ,
Method and apparatus for public key exchange in a cryptographic system, 1992. ,
Efficient Computation of Tate Pairing in Projective Coordinate over General Characteristic Fields, Information Security and Cryptology -ICISC 2004, pp.168-181, 2004. ,
DOI : 10.1007/11496618_13
Special polynomial families for generating more suitable pairing-friendly elliptic curves, EHAC'06 : Proceedings of the 5th WSEAS International Conference on Electronics, Hardware, Wireless and Optical Communications, p.187192, 2006. ,
New directions in cryptography, IEEE Transactions on Information Theory, volume IT-22, p.654, 1976. ,
A practical dierential power analysis attack against the miller algorithm, PRIME 2009 -5th Conference on Ph.D. Research in Microelectronics and Electronics, Circuits and Systems Magazine, 2009. ,
Pairing computation for elliptic curves with embedding degree 15, Cryptology ePrint Archive Report, vol.370, 2009. ,
URL : https://hal.archives-ouvertes.fr/lirmm-00380549
An l(13) discrete logarithm algorithm for low degree curves, 2009. ,
URL : https://hal.archives-ouvertes.fr/inria-00135324
Finite eld multiplication combining AMNS and DFT approach for pairing cryptography, ACISP '09 : Proceedings of the 14th Australasian conference on Information Security and Privacy, p.422436, 2009. ,
A remark concerning m-divisibility and the discrete logarithm problem in the divisor class group of groups, Mathematics of Computation, pp.865-874, 1994. ,
A taxonomy of pairingfriendly elliptic curves, Cryptology ePrint Archive Report, vol.372, 2006. ,
Pairings in Advances in Elliptic Curve Cryptography, 2005. ,
Arithmetic on superelliptic curves, Mathematics of Computation, p.393405, 2002. ,
DOI : 10.1090/S0025-5718-00-01297-7
Hardware and Software Normal Basis Arithmetic for Pairing-Based Cryptography in Characteristic Three, IEEE Transactions on Computers, vol.54, issue.7, p.852860, 2005. ,
DOI : 10.1109/TC.2005.120
High security pairingbased cryptography revisited, ANTS VI, p.480494, 2006. ,
Explicit formulas for ecient multiplication in F 3 6m, Selected Areas in Cryptography (SAC'2007), p.173183, 2007. ,
The use of lasers to simulate radiation-induced transients in semiconductor devices and circuits, IEEE Transactions On Nuclear Science, vol.39, 1992. ,
Probability distributions related to random mappings, Annals of Math, p.10451062, 1960. ,
Pairing Lattices, Lectures Notes in Computer Science, vol.5209, p.1838, 2008. ,
The Eta Pairing Revisited, IEEE Transactions on Information Theory, p.45954602, 2006. ,
DOI : 10.1109/TIT.2006.881709
Another Approach to Pairing Computation in Edwards Coordinates, INDOCRYPT '08 : Proceedings of the 9th International Conference on Cryptology in India, p.400413, 2008. ,
DOI : 10.1007/s00145-004-0315-8
Algorithmes pour résoudre le problème du logarithme discret dans les corps nis, Nouvelles Méthodes Mathématiques en Cryptographie, volume Fascicule Journées Annuelles, p.2353, 2007. ,
Identity-Based Cryptography, of Cryptology and Information Security Series, 2009. ,
A one round protocol for tripartite Die-Hellman, ANTS-IV : Proceedings of the 4th International Symposium on Algorithmic Number Theory, p.385394, 2000. ,
Dierential power analysis, Advances in Cryptology Crypto, p.388397, 1999. ,
Pairing-Based Cryptography at High Security Levels, Cryptography and Coding, p.1336, 2005. ,
DOI : 10.1007/11586821_2
Elliptic curve cryptosystems, Mathematics of Computation, vol.48, p.203209, 1987. ,
Constructing Brezing-Weng pairing-friendly elliptic curves using elements in the cyclotomic eld, Pairing '08 : Proceedings of the 2nd international conference on Pairing-Based Cryptography, p.126135, 2008. ,
Elliptic curves formulas date base http, 2009. ,
Finite Fields, 1994. ,
DOI : 10.1017/CBO9780511525926
Ecient subgroup exponentiation in quadratic and sixth degree extensions, CHES '02 : Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, p.318332, 2003. ,
Computing the Ate Pairing on Elliptic Curves with Embedding Degree k = 9, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol.91, issue.9, p.23872393, 2008. ,
DOI : 10.1093/ietfec/e91-a.9.2387
Short programs for functions on curves. unpublished, 1986. ,
Use of elliptic curves in cryptography In Lecture notes in computer sciences ; 218 on Advances in cryptology CRYPTO 85, p.417426, 1986. ,
The Weil pairing, and its ecient calculation, Jounal of Cryptology, p.235261, 2004. ,
Geometrie der Zahlen, Leipzig und Berlin, 1910. ,
Optimised versions of the Ate and Twisted Ate pairings, Cryptography and Coding, p.302312, 2007. ,
New explicit conditions of elliptic curve traces for FR-reduction, In IEICE Trans., Fundamentails, p.12341243, 2001. ,
Modular multiplication without trial division, Mathematics of Computation, pp.519-521, 1985. ,
Reducing elliptic curve logarithms to logarithms in a nite eld, STOC '91 : Proceedings of the twenty-third annual ACM symposium on Theory of computing, p.8089, 1991. ,
The theory of errorcorrecting codes ii, North-Holland Mathematical Library, p.1369, 1998. ,
An integrated validation environment for dierential power analysis, IEEE International Symposium on Electronic Design Hong Kong, p.527532, 2008. ,
Ecient modular arithmetic in adapted modular number system using Lagrange representation, ACISP '08 : Proceedings of the 13th Australasian conference on Information Security and Privacy, pp.463-477, 2008. ,
Lattice basis reduction in function elds, ANTS-III : Proceedings of the Third International Symposium on Algorithmic Number Theory, p.567575, 1998. ,
Fast arithmetic for public-key algorithms in Galois fields with composite exponents, IEEE Transactions on Computers, vol.48, issue.10, pp.1025-1034, 1999. ,
DOI : 10.1109/12.805153
Modular arithmetic for cryptography, 2005. ,
Monte carlo methods for index computations (mod p), Mathematics of Computation, 1978. ,
Fault and side channel attacks on pairing based cryptography, IEEE Transactions on Computers, 2006. ,
A method for obtaining digital signatures and public-key cryptosystems, In Communications of the ACM, vol.21, p.120126, 1978. ,
Compressed Pairings, Advances in cryptology -Crypto, p.140156, 2004. ,
DOI : 10.1007/978-3-540-28628-8_9
Counting points on elliptic curves over nite elds, Jounal de Theorie des Nombres Bordeaux, 1995. ,
Computing the Tate Pairing, Topics in Cryptology -CT-RSA 2005, p.293304, 2005. ,
Identity-based cryptosystems and signature schemes, Proceedings of CRYPTO 84 on Advances in cryptology. [Sho96] V. Shoup. Number Theory Library, p.4753, 1984. ,
The arithmetic of elliptic curves, Graduate Texts in Mathematics, vol.106, 1992. ,
Side channel attacks and countermeasures on pairing based cryptosystems over binary elds, The 5th International Conference on Cryptology and Network Security, p.168181, 2006. ,
Elliptic Curves, Numbers Theory and Cryptography, 2003. ,
Side Channel Analysis of Practical Pairing Implementations: Which Path Is More Secure?, Lecture Notes in Computer Science, 2006. ,
DOI : 10.1007/11958239_7
The importance of the nal exponentiation in pairings when considering fault attacks, Pairing- Based Cryptography Pairing, p.225246, 2007. ,
Scan based side channel attack on dedicated hardware implementation of data encryption standard, Test Conference, pp.339-344, 2004. ,
Modern Computer Algebra, 2003. ,
DOI : 10.1017/CBO9781139856065
En eet, si N = pgcd(T k ? 1, p k ? 1), alors par dénition du plus grand commun diviseur de (T k ? 1) et (p k ? 1), n'importe quel autre diviseur commun de (T k ? 1) et (p k ? 1) est un diviseur de N . Or, r est un diviseur du cardinal de la courbe elliptique, par conséquent p ? t ? 1 mod r, et donc p ? T mod r. Nous savons que r divise (p k ? 1), nous en déduisons que r divise (T k ? 1). r est donc un diviseur commun à (T k ? 1) et (p k ? 1), N étant le plus grand commun diviseur de ces valeurs cela impose que r divise N . Ce qui permet d'écrire l, alors nous savons que N vérie la condition rN ?1))N . En élevant cette égalité à la puissance L nous obtenons e T (Q, P ) L = f N,Q (P ) L(p k ?1))N , qui nous donne le membre de gauche de l'égalité que nous souhaitons prouver ,