Cryptology ePrint Archive: Report 2004/303

Efficient Tate Pairing Computation for Supersingular Elliptic Curves over Binary Fields

Soonhak Kwon

Abstract: We present a closed formula for the Tate pairing computation for supersingular elliptic curves defined over the binary field F_{2^m} of odd dimension. There are exactly three isomorphism classes of supersingular elliptic curves over F_{2^m} for odd m and our result is applicable to all these curves. Moreover we show that our algorithm and also the Duursma-Lee algorithm can be modified to another algorithm which does not need any inverse Frobenius operation (square root or cube root extractions) without sacrificing any of the computational merits of the original algorithm. Since the computation of the inverse Frobenius map is not at all trivial in a polynomial basis and since a polynomial basis is still a preferred choice for the Tate pairing computation in many situations, this new algorithm avoiding the inverse Frobenius operation has some advantage over the existing algorithms.

Category / Keywords: public-key cryptography / Tate pairing, elliptic curve

Date: received 14 Nov 2004, last revised 20 Nov 2004

Contact author: shkwon at skku edu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20041121:050329 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]