Abstract
For ID-based cryptography, not only pairing but also scalar multiplication must be efficiently computable. In this paper, we propose a scalar multiplication method on the circumstances that we work at Ate pairing with Barreto-Naehrig (BN) curve. Note that the parameters of BN curve are given by a certain integer, namely mother parameter. Adhering the authors' previous policy that we execute scalar multiplication on subfield-twisted curve E∼(F p2) instead of doing on the original curve E(F p12), we at first show sextic twisted subfield Frobenius mapping (ST-SFM) φ∼ in E∼(Fp2). On BN curves, note φ∼ is identified with the scalar multiplication by p. However a scalar is always smaller than the order r of BN curve for Ate pairing, so ST-SFM does not directly applicable to the above circumstances. We then exploit the expressions of the curve order r and the characteristic p by the mother parameter to derive some radices such that they are expressed as a polynomial of p. Thus, a scalar multiplication [s] can be written by the series of ST-SFMs φ∼. In combination with the binary method or multi-exponentiation technique, this paper shows that the proposed method runs about twice or more faster than plain binary method.
| Original language | English |
|---|---|
| Pages (from-to) | 182-189 |
| Number of pages | 8 |
| Journal | IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences |
| Volume | E92-A |
| Issue number | 1 |
| DOIs | |
| Publication status | Published - Jan 2009 |
Keywords
- Ate pairing
- BN curve
- Frobenius mapping
- Scalar multiplication
- Twisted subfield computation
ASJC Scopus subject areas
- Signal Processing
- Computer Graphics and Computer-Aided Design
- Electrical and Electronic Engineering
- Applied Mathematics