Paper 2005/150

Secure Delegation of Elliptic-Curve Pairing

Benoit Chevallier-Mames, Jean-Sebastien Coron, Noel McCullagh, David Naccache, and Michael Scott

Abstract

In this paper we describe a simple protocol for securely delegating elliptic-curve pairings. A computationally limited device (typically a smart-card) will delegate the computation of the pairing e(A,B) to a more powerful device (for example a PC), in such a way that: 1. the powerful device learns nothing about the points being paired (A and B), nor about the pairing’s result e(A,B), 2. and the limited device is able to detect when the powerful device is cheating. We also describe more efficient variants of our protocol when one of the points or both are already known, and further efficiency gains when constant points are used.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
PairingsSmartcards
Contact author(s)
noel mccullagh @ computing dcu ie
History
2005-05-26: last of 2 revisions
2005-05-26: received
See all versions
Short URL
https://ia.cr/2005/150
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/150,
      author = {Benoit Chevallier-Mames and Jean-Sebastien Coron and Noel McCullagh and David Naccache and Michael Scott},
      title = {Secure Delegation of Elliptic-Curve Pairing},
      howpublished = {Cryptology ePrint Archive, Paper 2005/150},
      year = {2005},
      note = {\url{https://eprint.iacr.org/2005/150}},
      url = {https://eprint.iacr.org/2005/150}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.