International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Revisiting Pairing-Friendly Curves with Embedding Degrees 10 and 14

Authors:
Yu Dai , Wuhan university
Debiao He , Wuhan university
Cong Peng , Wuhan university
Zhijian Yang , Wuhan university
Chang-an Zhao , Sun Yat-sen University
Download:
Search ePrint
Search Google
Conference: ASIACRYPT 2024
Abstract: Since 2015, there has been a significant decrease in the asymptotic complexity of computing discrete logarithms in finite fields. As a result, the key sizes of many mainstream pairing-friendly curves have to be updated to maintain the desired security level. In PKC'20, Guillevic conducted a comprehensive assessment of the security of a series of pairing-friendly curves with embedding degrees ranging from $9$ to $17$. In this paper, we focus on five pairing-friendly curves with embedding degrees 10 and 14 at the 128-bit security level, with BW14-351 emerging as the most competitive candidate. First, we extend the optimized formula for the optimal pairing on BW13-310, a 128-bit secure curve with a prime $p$ in 310 bits and embedding degree $13$, to our target curves. This generalization allows us to compute the optimal pairing in approximately $\log r/(2\varphi(k))$ Miller iterations, where $r$ and $k$ are the order of pairing groups and the embedding degree respectively. Second, we develop optimized algorithms for cofactor multiplication for $\G_1$ and $\G_2$, as well as subgroup membership testing for $\G_2$ on these curves. Finally, we provide detailed performance comparisons between BW14-351 and other popular curves on a 64-bit platform in terms of pairing computation, hashing to $\G_1$ and $\G_2$, group exponentiations, and subgroup membership testings. Our results demonstrate that BW14-351 is a strong candidate for building pairing-based cryptographic protocols.
BibTeX
@inproceedings{asiacrypt-2024-34800,
  title={Revisiting Pairing-Friendly Curves with Embedding Degrees 10 and 14},
  publisher={Springer-Verlag},
  author={Yu Dai and Debiao He and Cong Peng and Zhijian Yang and Chang-an Zhao},
  year=2024
}