, Alice calcule e(bg, cg) a , Bob calcule e(cg, ag) b , Charlie calcule e(ag, bg) c , ˆ Par bilinéarité du couplage la clé commune est e(g, g) abc
, Antoine Joux ne nécessite qu'un échange de données, au lieu de deux pour le protocole original de Die Hellman. La simplication réside dans le nombre d'échanges à faire pour construire une clé commune
, 156 V.6.2 La ? -ième itération, p.167
, Transaction Security System, IBM Systems Journal, vol.30, issue.2, pp.206-229, 1991.
DOI : 10.1147/sj.302.0206
, Software Implementation of Arithmetic in F 3 m, WAIFI '07 : Proceedings of the 1st international workshop on Arithmetic of Finite Fields, p.85102, 2007.
, Tamper resistance : a cautionary note, WOEC'96 : Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, 1996.
, A coprocessor for the nal exponentiation of the ? T pairing in characteristic three, Proceedings of Wai 2007, number 4547 in Lecture Notes in Computer Science, p.2539, 2007.
, Computing Tate pairing on smartcards, 2005.
, The Magma Algebra System I: The User Language, Jounal of Symbolic Computation, 1997.
DOI : 10.1006/jsco.1996.0125
, Hardware accelerator for the Tate pairing in characteristic three based on Karatsuba-Ofman multipliers, Cryptographic Hardware and Embedded Systems CHES 2009, number 5747 in Lecture Notes in Computer Science, p.225239, 2009.
, Residue systems eciency for modular products summation : Application to Elliptic Curves Cryptography, Advanced Signal Processing Algorithms, Architectures, and Implementations XVI, part of the SPIE Optics Photonics 2006 Symposium (Proceedings of SPIE)), volume, pp.631304-631304, 2006.
, Pairing in cryptography : an arithmetic point of view, Advanced Signal Processing Algorithms, Architectures, and Implementations XVII, part of the SPIE Optics & Photonics 2007 Symposium (Proceedings of SPIE), p.66970, 2007.
URL : https://hal.archives-ouvertes.fr/lirmm-00181362
, Identity-Based Encryption from the Weil Pairing, CRYPTO '01 : Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213229, 2001.
, Fast Point Multiplication on Elliptic Curves through Isogenies, Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, AAECC 2003, p.4350, 2003.
DOI : 10.1007/3-540-44828-4_6
, The improbability that an elliptic curve has sub-exponential discrete log problem under the Menezes Okamoto Vanstone algorithm, In Journal of Cryptology, vol.11, p.141145, 1998.
, Ecient Algorithms for Pairing-Based Cryptosystems, CRYPTO '02 : Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.354368, 2002.
, Performance evaluation of a new side channel resistant coordinate system for elliptic curves, 2007.
, Short signatures from the Weil pairing, Advances in Cryptology ASIACRYPT 2001, p.514532, 2001.
, Ecient Implementation of Pairing-Based Cryptosystems, Journal of Cryptology, p.321334, 2004.
, On the Selection of Pairing- Friendly Groups, SAC 2003 : 10th Annual International Workshop on Selected Areas in Cryptography, p.1725, 2004.
, Pairing-Friendly Elliptic Curves of Prime Order, Selected Areas in Cryptography -SAC 2005, pp.319-331, 2006.
DOI : 10.1007/11693383_22
, Group Signatures with Verier- Local Revocation, ACM CCS 04 : 11th Conference on Computer and Communications Security, p.168177, 2004.
DOI : 10.1145/1030083.1030106
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.77.8033
, Advances in Elliptic Curve Cryptography, 2005.
DOI : 10.1017/CBO9780511546570
, Elliptic Curves Suitable for Pairing Based Cryptography, Designs Codes and Cryptography, p.133141, 2005.
DOI : 10.1007/s10623-004-3808-4
, Handbook of elliptic and hyperelliptic curve cryptography, Discrete Math. Appl, vol.20051020, 2006.
DOI : 10.1201/9781420034981
, Benedetto xiv, pontece massimo, tomo secondo, 1750.
, Indentity-based cryptosystems based on the Weil pairing, 2001.
, Method and apparatus for public key exchange in a cryptographic system, 1992.
, Efficient Computation of Tate Pairing in Projective Coordinate over General Characteristic Fields, Information Security and Cryptology -ICISC 2004, pp.168-181, 2004.
DOI : 10.1007/11496618_13
, Special polynomial families for generating more suitable pairing-friendly elliptic curves, EHAC'06 : Proceedings of the 5th WSEAS International Conference on Electronics, Hardware, Wireless and Optical Communications, p.187192, 2006.
, New directions in cryptography, IEEE Transactions on Information Theory, volume IT-22, p.654, 1976.
, A practical dierential power analysis attack against the miller algorithm, PRIME 2009 -5th Conference on Ph.D. Research in Microelectronics and Electronics, Circuits and Systems Magazine, 2009.
, Pairing computation for elliptic curves with embedding degree 15, Cryptology ePrint Archive Report, vol.370, 2009.
URL : https://hal.archives-ouvertes.fr/lirmm-00380549
, An l(13) discrete logarithm algorithm for low degree curves, 2009.
URL : https://hal.archives-ouvertes.fr/inria-00135324
, Finite eld multiplication combining AMNS and DFT approach for pairing cryptography, ACISP '09 : Proceedings of the 14th Australasian conference on Information Security and Privacy, p.422436, 2009.
, A remark concerning m-divisibility and the discrete logarithm problem in the divisor class group of groups, Mathematics of Computation, pp.865-874, 1994.
, A taxonomy of pairingfriendly elliptic curves, Cryptology ePrint Archive Report, vol.372, 2006.
, Pairings in Advances in Elliptic Curve Cryptography, 2005.
, Arithmetic on superelliptic curves, Mathematics of Computation, p.393405, 2002.
DOI : 10.1090/S0025-5718-00-01297-7
, Hardware and Software Normal Basis Arithmetic for Pairing-Based Cryptography in Characteristic Three, IEEE Transactions on Computers, vol.54, issue.7, p.852860, 2005.
DOI : 10.1109/TC.2005.120
, High security pairingbased cryptography revisited, ANTS VI, p.480494, 2006.
, Explicit formulas for ecient multiplication in F 3 6m, Selected Areas in Cryptography (SAC'2007), p.173183, 2007.
, The use of lasers to simulate radiation-induced transients in semiconductor devices and circuits, IEEE Transactions On Nuclear Science, vol.39, 1992.
, Probability distributions related to random mappings, Annals of Math, p.10451062, 1960.
, Pairing Lattices, Lectures Notes in Computer Science, vol.5209, p.1838, 2008.
, The Eta Pairing Revisited, IEEE Transactions on Information Theory, p.45954602, 2006.
DOI : 10.1109/TIT.2006.881709
, Another Approach to Pairing Computation in Edwards Coordinates, INDOCRYPT '08 : Proceedings of the 9th International Conference on Cryptology in India, p.400413, 2008.
DOI : 10.1007/s00145-004-0315-8
, Algorithmes pour résoudre le problème du logarithme discret dans les corps nis, Nouvelles Méthodes Mathématiques en Cryptographie, volume Fascicule Journées Annuelles, p.2353, 2007.
, Identity-Based Cryptography, of Cryptology and Information Security Series, 2009.
, A one round protocol for tripartite Die-Hellman, ANTS-IV : Proceedings of the 4th International Symposium on Algorithmic Number Theory, p.385394, 2000.
, Dierential power analysis, Advances in Cryptology – Crypto, p.388397, 1999.
, Pairing-Based Cryptography at High Security Levels, Cryptography and Coding, p.1336, 2005.
DOI : 10.1007/11586821_2
, Elliptic curve cryptosystems, Mathematics of Computation, vol.48, p.203209, 1987.
, Constructing Brezing-Weng pairing-friendly elliptic curves using elements in the cyclotomic eld, Pairing '08 : Proceedings of the 2nd international conference on Pairing-Based Cryptography, p.126135, 2008.
, Elliptic curves formulas date base http, 2009.
, Finite Fields, 1994.
DOI : 10.1017/CBO9780511525926
, Ecient subgroup exponentiation in quadratic and sixth degree extensions, CHES '02 : Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, p.318332, 2003.
, Computing the Ate Pairing on Elliptic Curves with Embedding Degree k = 9, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol.91, issue.9, p.23872393, 2008.
DOI : 10.1093/ietfec/e91-a.9.2387
, Short programs for functions on curves. unpublished, 1986.
, Use of elliptic curves in cryptography In Lecture notes in computer sciences ; 218 on Advances in cryptology CRYPTO 85, p.417426, 1986.
, The Weil pairing, and its ecient calculation, Jounal of Cryptology, p.235261, 2004.
, Geometrie der Zahlen, Leipzig und Berlin, 1910.
, Optimised versions of the Ate and Twisted Ate pairings, Cryptography and Coding, p.302312, 2007.
, New explicit conditions of elliptic curve traces for FR-reduction, In IEICE Trans., Fundamentails, p.12341243, 2001.
, Modular multiplication without trial division, Mathematics of Computation, pp.519-521, 1985.
, Reducing elliptic curve logarithms to logarithms in a nite eld, STOC '91 : Proceedings of the twenty-third annual ACM symposium on Theory of computing, p.8089, 1991.
, The theory of errorcorrecting codes ii, North-Holland Mathematical Library, p.1369, 1998.
, An integrated validation environment for dierential power analysis, IEEE International Symposium on Electronic Design Hong Kong, p.527532, 2008.
, Ecient modular arithmetic in adapted modular number system using Lagrange representation, ACISP '08 : Proceedings of the 13th Australasian conference on Information Security and Privacy, pp.463-477, 2008.
, Lattice basis reduction in function elds, ANTS-III : Proceedings of the Third International Symposium on Algorithmic Number Theory, p.567575, 1998.
, Fast arithmetic for public-key algorithms in Galois fields with composite exponents, IEEE Transactions on Computers, vol.48, issue.10, pp.1025-1034, 1999.
DOI : 10.1109/12.805153
, Modular arithmetic for cryptography, 2005.
, Monte carlo methods for index computations (mod p), Mathematics of Computation, 1978.
, Fault and side channel attacks on pairing based cryptography, IEEE Transactions on Computers, 2006.
, A method for obtaining digital signatures and public-key cryptosystems, In Communications of the ACM, vol.21, p.120126, 1978.
, Compressed Pairings, Advances in cryptology -Crypto, p.140156, 2004.
DOI : 10.1007/978-3-540-28628-8_9
, Counting points on elliptic curves over nite elds, Jounal de Theorie des Nombres Bordeaux, 1995.
, Computing the Tate Pairing, Topics in Cryptology -CT-RSA 2005, p.293304, 2005.
, Identity-based cryptosystems and signature schemes, Proceedings of CRYPTO 84 on Advances in cryptology. [Sho96] V. Shoup. Number Theory Library, p.4753, 1984.
, The arithmetic of elliptic curves, Graduate Texts in Mathematics, vol.106, 1992.
, Side channel attacks and countermeasures on pairing based cryptosystems over binary elds, The 5th International Conference on Cryptology and Network Security, p.168181, 2006.
, Elliptic Curves, Numbers Theory and Cryptography, 2003.
, Side Channel Analysis of Practical Pairing Implementations: Which Path Is More Secure?, Lecture Notes in Computer Science, 2006.
DOI : 10.1007/11958239_7
, The importance of the nal exponentiation in pairings when considering fault attacks, Pairing- Based Cryptography – Pairing, p.225246, 2007.
, Scan based side channel attack on dedicated hardware implementation of data encryption standard, Test Conference, pp.339-344, 2004.
, Modern Computer Algebra, 2003.
DOI : 10.1017/CBO9781139856065
, En eet, si N = pgcd(T k ? 1, p k ? 1), alors par dénition du plus grand commun diviseur de (T k ? 1) et (p k ? 1), n'importe quel autre diviseur commun de (T k ? 1) et (p k ? 1) est un diviseur de N . Or, r est un diviseur du cardinal de la courbe elliptique, par conséquent p ? t ? 1 mod r, et donc p ? T mod r. Nous savons que r divise (p k ? 1), nous en déduisons que r divise (T k ? 1). r est donc un diviseur commun à (T k ? 1) et (p k ? 1), N étant le plus grand commun diviseur de ces valeurs cela impose que r divise N . Ce qui permet d'écrire l, alors nous savons que N vérie la condition rN ?1))N . En élevant cette égalité à la puissance L nous obtenons e T (Q, P ) L = f N,Q (P ) L(p k ?1))N , qui nous donne le membre de gauche de l'égalité que nous souhaitons prouver