Paper 2009/398

Fast Architectures for the ηT Pairing over Small-Characteristic Supersingular Elliptic Curves

Jean-Luc Beuchat, Jérémie Detrey, Nicolas Estibals, Eiji Okamoto, and Francisco Rodríguez-Henríquez

Abstract

This paper is devoted to the design of fast parallel accelerators for the cryptographic ηT pairing on supersingular elliptic curves over finite fields of characteristics two and three. We propose here a novel hardware implementation of Miller's algorithm based on a parallel pipelined Karatsuba multiplier. After a short description of the strategies we considered to design our multiplier, we point out the intrinsic parallelism of Miller's loop and outline the architecture of coprocessors for the ηT pairing over F2m and F3m. Thanks to a careful choice of algorithms for the tower field arithmetic associated with the ηT pairing, we manage to keep the pipelined multiplier at the heart of each coprocessor busy. A final exponentiation is still required to obtain a unique value, which is desirable in most cryptographic protocols. We supplement our pairing accelerators with a coprocessor responsible for this task. An improved exponentiation algorithm allows us to save hardware resources. According to our place-and-route results on Xilinx FPGAs, our designs improve both the computation time and the area-time trade-off compared to previously published coprocessors.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
Tate pairing pairingelliptic curvefinite field arithmeticKaratsuba multiplierhardware acceleratorFPGA
Contact author(s)
jeanluc beuchat @ gmail com
History
2009-08-19: revised
2009-08-15: received
See all versions
Short URL
https://ia.cr/2009/398
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/398,
      author = {Jean-Luc Beuchat and Jérémie Detrey and Nicolas Estibals and Eiji Okamoto and Francisco Rodríguez-Henríquez},
      title = {Fast Architectures for the $\e{ta_T}$ Pairing over Small-Characteristic Supersingular Elliptic Curves},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/398},
      year = {2009},
      url = {https://eprint.iacr.org/2009/398}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.