Paper 2008/417

On the security of pairing-friendly abelian varieties over non-prime fields

Naomi Benger, Manuel Charlemagne, and David Freeman

Abstract

Let $A$ be an abelian variety defined over a non-prime finite field $\F_{q}$ that has embedding degree $k$ with respect to a subgroup of prime order $r$. In this paper we give explicit conditions on $q$, $k$, and $r$ that imply that the minimal embedding field of $A$ with respect to $r$ is $\F_{q^k}$. When these conditions hold, the embedding degree $k$ is a good measure of the security level of a pairing-based cryptosystem that uses $A$. We apply our theorem to supersingular elliptic curves and to supersingular genus 2 curves, in each case computing a maximum $\rho$-value for which the minimal embedding field must be $\F_{q^k}$. Our results are in most cases stronger (i.e., give larger allowable $\rho$-values) than previously known results for supersingular varieties, and our theorem holds for general abelian varieties, not only supersingular ones.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
pairing-friendly abelian varietiesnon-prime fieldssecurity
Contact author(s)
nbenger @ computing dcu ie
History
2009-03-10: last of 7 revisions
2008-10-02: received
See all versions
Short URL
https://ia.cr/2008/417
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/417,
      author = {Naomi Benger and Manuel Charlemagne and David Freeman},
      title = {On the security of pairing-friendly abelian varieties over non-prime fields},
      howpublished = {Cryptology ePrint Archive, Paper 2008/417},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/417}},
      url = {https://eprint.iacr.org/2008/417}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.