Scalar Multiplication Using Frobenius Expansion over Twisted Elliptic Curve for Ate Pairing Based Cryptography

IEICE Trans. Inf. & Syst.

Kagotani

Iokibe

et al. 2016

Self Cite

SUMMARYPairing-based cryptography has realized a lot of innovative cryptographic applications such as attribute-based cryptography and semi homomorphic encryption. Pairing is a bilinear map constructed on a torsion group structure that is defined on a special class of elliptic curves, namely pairing-friendly curve. Pairing-friendly curves are roughly classified into supersingular and non supersingular curves. In these years, non supersingular pairing-friendly curves have been focused on from a security reason. Although non supersingular pairing-friendly curves have an ability to bridge various security levels with various parameter settings, most of software and hardware implementations tightly restrict them to achieve calculation efficiencies and avoid implementation difficulties. This paper shows an FPGA implementation that supports various parameter settings of pairings on non supersingular pairing-friendly curves for which Montgomery reduction, cyclic vector multiplication algorithm, projective coordinates, and Tate pairing have been combinatorially applied. Then, some experimental results with resource usages are shown.

Section: Binary Methods and Montgomery Powering Laddermentioning

confidence: 99%

FPGA Implementation of Various Elliptic Curve Pairings over Odd Characteristic Field with Non Supersingular Curves

IEICE Trans. Inf. & Syst.

Kagotani

Iokibe

et al. 2016

Self Cite

“…On the other hand, in case of using type-3 pairings, the anonymity proof cannot be proved due to the lack of the homomorphism. In this paper, we modify the previous scheme 10) to have the provable anonymity without the homomorphism, and implemented the modified scheme using an efficient type-3 pairing 16), 19) . We implemented the authentication system by extending EAP-TTLS 29) in the IEEE802.1X protocol such that it can use the group signature as the digital certificate of the client.…”

Section: Our Contributionsmentioning

confidence: 99%

“…This pairing library gives the fast pairing called "Cross-twisted χ-based Ate (Xt-Xate) pairing" with subfield-twisted curve 18), 19) . The number of iterations of Miller's algorithm for the Xt-Xate pairing is about one-quarter of the plain Tate pairing.…”

Section: Utilized Pairing Librarymentioning

confidence: 99%

Anonymous IEEE802.1X Authentication System Using Group Signatures

Sudarsono

Nakanishi

Journal of Information Processing

et al. 2010

Self Cite

Recently, ubiquitous Internet-access services have been provided by Internet service providers (ISPs) by deploying wireless local area networks (LANs) in public spaces including stations, hotels, and coffee shops. The IEEE802.1X protocol is usually used for user authentications to allow only authorized users to access services. Then, although user personal information of access locations, services, and operations can be easily collected by ISPs and thus, their strict management has been demanded, it becomes very difficult when multiple ISPs provide roaming services by their corporations. In this paper, we present an anonymous IEEE802.1X authentication system using a group signature scheme to allow user authentication without revealing their identities. Without user identities, ISPs cannot collect personal information. As an efficient revocable group signature scheme, we adopt the verifier-local revocation (VLR) type with some modifications for use of the fast pairing computation. We show the implementation of our proposal and evaluation results where the practicality of our system is confirmed for up to 1,000 revoked users.

“…where ∈ F p is a primitive cubic root of unity such that = z (p−1)/3 . On the other hand, according to Galbraith et al [6] and Nogami et al [12], an arbitrary rational point Q (x Q , y Q ) ∈ G 2 satisfies the following relation.…”

Section: Other Operationsmentioning

confidence: 99%

Ordinary pairing friendly curve of embedding degree 1 whose order has two large prime factors

Izuta

TENCON 2010 - 2010 IEEE Region 10 Conference

Morikawa

2010

This paper proposes a method for generating a certain composite order ordinary pairing-friendly elliptic curve of embedding degree 3. In detail, the order has two large prime factors such as the modulus of RSA cryptography. The method is based on the property that the order of the target pairing-friendly curve is given by a polynomial as r(χ) of degree 2 with respect to the integer variable χ. When the bit size of the prime factors is about 500 bits, the proposed method averagely takes about 15 minutes on Core 2 Quad (2.66Hz) for generating one.