Spelling suggestions: "subject:"date pairing"" "subject:"rate pairing""
1 |
FPGA Implementations of Elliptic Curve Cryptography and Tate Pairing over Binary FieldHuang, Jian 08 1900 (has links)
Elliptic curve cryptography (ECC) is an alternative to traditional techniques for public key cryptography. It offers smaller key size without sacrificing security level. Tate pairing is a bilinear map used in identity based cryptography schemes. In a typical elliptic curve cryptosystem, elliptic curve point multiplication is the most computationally expensive component. Similarly, Tate pairing is also quite computationally expensive. Therefore, it is more attractive to implement the ECC and Tate pairing using hardware than using software. The bases of both ECC and Tate pairing are Galois field arithmetic units. In this thesis, I propose the FPGA implementations of the elliptic curve point multiplication in GF (2283) as well as Tate pairing computation on supersingular elliptic curve in GF (2283). I have designed and synthesized the elliptic curve point multiplication and Tate pairing module using Xilinx's FPGA, as well as synthesized all the Galois arithmetic units used in the designs. Experimental results demonstrate that the FPGA implementation can speedup the elliptic curve point multiplication by 31.6 times compared to software based implementation. The results also demonstrate that the FPGA implementation can speedup the Tate pairing computation by 152 times compared to software based implementation.
|
2 |
Efficient and Tamper-Resilient Architectures for Pairing Based CryptographyOzturk, Erdinc 04 January 2009 (has links)
Identity based cryptography was first proposed by Shamir in 1984. Rather than deriving a public key from private information, which would be the case in traditional public key encryption schemes, in identity based schemes a user's identity plays the role of the public key. This reduces the amount of computations required for authentication, and simplifies key-management. Efficient and strong implementations of identity based schemes are based around easily computable bilinear mappings of two points on an elliptic curve onto a multiplicative subgroup of a field, also called pairing. The idea of utilizing the identity of the user simplifies the public key infrastructure. However, since pairing computations are expensive for both area and timing, the proposed identity based cryptosystem are hard to implement. In order to be able to efficiently utilize the idea of identity based cryptography, there is a strong need for an efficient pairing implementations. Pairing computations could be realized in multiple fields. Since the main building block and the bottleneck of the algorithm is multiplication, we focused our research on building a fast and small arithmetic core that can work on multiple fields. This would allow a single piece of hardware to realize a wide spectrum of cryptographic algorithms, including pairings, with minimal amount of software coding. We present a novel unified core design which is extended to realize Montgomery multiplication in the fields GF(2^n), GF(3^m), and GF(p). Our unified design supports RSA and elliptic curve schemes, as well as identity based encryption which requires a pairing computation on an elliptic curve. The architecture is pipelined and is highly scalable. The unified core utilizes the redundant signed digit representation to reduce the critical path delay. While the carry-save representation used in classical unified architectures is only good for addition and multiplication operations, the redundant signed digit representation also facilitates efficient computation of comparison and subtraction operations besides addition and multiplication. Thus, there is no need for transformation between the redundant and non-redundant representations of field elements, which would be required in classical unified architectures to realize the subtraction and comparison operations. We also quantify the benefits of unified architectures in terms of area and critical path delay. We provide detailed implementation results. The metric shows that the new unified architecture provides an improvement over a hypothetical non-unified architecture of at least 24.88 % while the improvement over a classical unified architecture is at least 32.07 %. Until recently there has been no work covering the security of pairing based cryptographic hardware in the presence of side-channel attacks, despite their apparent suitability for identity-aware personal security devices, such as smart cards. We present a novel non-linear error coding framework which incorporates strong adversarial fault detection capabilities into identity based encryption schemes built using Tate pairing computations. The presented algorithms provide quantifiable resilience in a well defined strong attacker model. Given the emergence of fault attacks as a serious threat to pairing based cryptography, the proposed technique solves a key problem when incorporated into software and hardware implementations. In this dissertation, we also present an efficient accelerator for computing the Tate Pairing in characteristic 3, based on the Modified Duursma Lee algorithm.
|
3 |
Computing the Cassels-Tate pairingvan Beek, Monique January 2015 (has links)
No description available.
|
4 |
Machine-Level Software Optimization of Cryptographic ProtocolsFishbein, Dieter January 2014 (has links)
This work explores two methods for practical cryptography on mobile devices. The first method is a quantum-resistant key-exchange protocol proposed by Jao et al.. As the use of mobile devices increases, the deployment of practical cryptographic protocols designed for use on these devices is of increasing importance. Furthermore, we are faced with the possible development of a large-scale quantum computer in the near future and must take steps to prepare for this possibility. We describe the key-exchange protocol of Jao et al. and discuss their original implementation. We then describe our modifications to their scheme that make it suitable for use in mobile devices. Our code is between 18-26% faster (depending on the security level). The second is an highly optimized implementation of Miller's algorithm that efficiently computes the Optimal Ate pairing over Barreto-Naehrig curves proposed by Grewal et al.. We give an introduction to cryptographic pairings and describe the Tate pairing and its variants. We then proceed to describe Grewal et al.'s implementation of Miller's algorithm, along with their optimizations. We describe our use of hand-optimized assembly code to increase the performance of their implementation. For the Optimal Ate pairing over the BN-446 curve, our code is between 7-8% faster depending on whether the pairing uses affine or projective coordinates.
|
5 |
Géométrie et arithmétique explicites des variétés abéliennes et applications à la cryptographieArène, Christophe 27 September 2011 (has links)
Les principaux objets étudiés dans cette thèse sont les équations décrivant le morphisme de groupe sur une variété abélienne, plongée dans un espace projectif, et leurs applications en cryptographie. Notons g sa dimension et k son corps de définition. Ce mémoire est composé de deux parties. La première porte sur l'étude des courbes d'Edwards, un modèle pour les courbes elliptiques possédant un sous-groupe de points k-rationnels cyclique d'ordre 4, connues en cryptographie pour l'efficacité de leur loi d'addition et la possibilité qu'elle soit définie pour toute paire de points k-rationnels (loi d'addition k-complète). Nous en donnons une interprétation géométrique et en déduisons des formules explicites pour le calcul du couplage de Tate réduit sur courbes d'Edwards tordues, dont l'efficacité rivalise avec les modèles elliptiques couramment utilisés. Cette partie se conclut par la génération, spécifique au calcul de couplages, de courbes d'Edwards dont les tailles correspondent aux standards cryptographiques actuellement en vigueur. Dans la seconde partie nous nous intéressons à la notion de complétude introduite ci-dessus. Cette propriété est cryptographiquement importante car elle permet d'éviter des attaques physiques, comme les attaques par canaux cachés, sur des cryptosystèmes basés sur les courbes elliptiques ou hyperelliptiques. Un précédent travail de Lange et Ruppert, basé sur la cohomologie des fibrés en droite, permet une approche théorique des lois d'addition. Nous présentons trois résultats importants : tout d'abord nous généralisons un résultat de Bosma et Lenstra en démontrant que le morphisme de groupe ne peut être décrit par strictement moins de g+1 lois d'addition sur la clôture algébrique de k. Ensuite nous démontrons que si le groupe de Galois absolu de k est infini, alors toute variété abélienne peut être plongée dans un espace projectif de manière à ce qu'il existe une loi d'addition k-complète. De plus, l'utilisation des variétés abéliennes nous limitant à celles de dimension un ou deux, nous démontrons qu'une telle loi existe pour leur plongement projectif usuel. Finalement, nous développons un algorithme, basé sur la théorie des fonctions thêta, calculant celle-ci dans P^15 sur la jacobienne d'une courbe de genre deux donnée par sa forme de Rosenhain. Il est désormais intégré au package AVIsogenies de Magma. / The main objects we study in this PhD thesis are the equations describing the group morphism on an abelian variety, embedded in a projective space, and their applications in cryptograhy. We denote by g its dimension and k its field of definition. This thesis is built in two parts. The first one is concerned by the study of Edwards curves, a model for elliptic curves having a cyclic subgroup of k-rational points of order 4, known in cryptography for the efficiency of their addition law and the fact that it can be defined for any couple of k-rational points (k-complete addition law). We give the corresponding geometric interpretation and deduce explicit formulae to calculate the reduced Tate pairing on twisted Edwards curves, whose efficiency compete with currently used elliptic models. The part ends with the generation, specific to pairing computation, of Edwards curves with today's cryptographic standard sizes. In the second part, we are interested in the notion of completeness introduced above. This property is cryptographically significant, indeed it permits to avoid physical attacks as side channel attacks, on elliptic -- or hyperelliptic -- curves cryptosystems. A preceeding work of Lange and Ruppert, based on cohomology of line bundles, brings a theoretic approach of addition laws. We present three important results: first of all we generalize a result of Bosma and Lenstra by proving that the group morphism can not be described by less than g+1 addition laws on the algebraic closure of k. Next, we prove that if the absolute Galois group of k is infinite, then any abelian variety can be projectively embedded together with a k-complete addition law. Moreover, a cryptographic use of abelian varieties restricting us to the dimension one and two cases, we prove that such a law exists for their classical projective embedding. Finally, we develop an algorithm, based on the theory of theta functions, computing this addition law in P^15 on the Jacobian of a genus two curve given in Rosenhain form. It is now included in AVIsogenies, a Magma package.
|
Page generated in 0.0791 seconds