Cryptology ePrint Archive: Report 2010/186

New software speed records for cryptographic pairings

Michael Naehrig and Ruben Niederhagen and Peter Schwabe

Abstract: This paper presents new software speed records for the computation of cryptographic pairings. More specifically, we present details of an implementation which computes the optimal ate pairing on a 256-bit Barreto-Naehrig curve in only 4,379,912 cycles on one core of an Intel Core 2 Quad Q9550 processor.

This speed is achieved by combining 1.) state-of-the-art high-level optimization techniques, 2.) a new representation of elements in the underlying finite fields which makes use of the special modulus arising from the Barreto-Naehrig curve construction, and 3.) implementing arithmetic in this representation using the double-precision floating-point SIMD instructions of the AMD64 architecture.

Category / Keywords: implementation / Pairings, Barreto-Naehrig curves, ate pairing, amd64 architecture, modular arithmetic, SIMD floating-point instructions

Date: received 6 Apr 2010, last revised 14 Jul 2010

Contact author: michael at cryptojedi org, ruben@polycephaly org, peter@cryptojedi org

Available format(s): PDF | BibTeX Citation

Version: 20100714:135917 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]