Skip to Main content Skip to Navigation

Arithmetic of pairings on algebraic curves for cryptography

Aurore Guillevic 1, 2, 3 
1 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique - ENS Paris, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : Since 2000 pairings became a very useful tool to design new protocols in cryptography. Short signatures and identity-based encryption became also practical thanks to these pairings. This thesis contains two parts. One part is about optimized pairing implementation on different elliptic curves according to the targeted protocol. Pairings are implemented on supersingular elliptic curves in large characteristic and on Barreto-Naehrig curves. The pairing library developed at Thales is used in a broadcast encryption scheme prototype. The prototype implements pairings over Barreto-Naehrig curves. Pairings over supersingular curves are much slower and have larger parameters. However these curves are interesting when implementing protocols which use composite-order elliptic curves (the group order is an RSA modulus). We implement two protocols that use pairings on composite-order groups and compare the benchmarks and the parameter size with their counterpart in a prime-order setting. The composite-order case is 30 up to 250 times much slower according to the considered step in the protocols: the efficiency difference in between the two cases is very important. A second part in this thesis is about two families of genus 2 curves. Their Jacobians are isogenous to the product of two elliptic curves over a small extension field. The properties of elliptic curves can be translated to the Jacobians thanks to this isogeny. Point counting is as easy as for elliptic curves in this case. We also construct two endomorphisms both on the Jacobians and the elliptic curves. These endomorphisms can be used for scalar multiplication improved with a four-dimensional Gallant-Lambert-Vanstone method.
Document type :
Complete list of metadata
Contributor : Aurore Guillevic Connect in order to contact the contributor
Submitted on : Sunday, December 22, 2013 - 9:26:56 PM
Last modification on : Thursday, March 17, 2022 - 10:08:35 AM
Long-term archiving on: : Sunday, March 23, 2014 - 1:20:09 AM


  • HAL Id : tel-00921940, version 1



Aurore Guillevic. Arithmetic of pairings on algebraic curves for cryptography. Cryptography and Security [cs.CR]. Ecole Normale Supérieure de Paris - ENS Paris, 2013. English. ⟨tel-00921940⟩



Record views


Files downloads