Cryptology ePrint Archive: Report 2020/1369

Multiplication over Extension Fields for Pairing-based Cryptography: an Hardware Point of View

Arthur Lavice and Nadia El Mrabet and Alexandre Berzati and Jean-Baptiste Rigaud

Abstract: New Number Field Sieves (NFS) attacks on the discrete logarithm problem have led to increase the key size of pairing-based cryptography and more precisely pairings on most popular curves like BN. To ensure 128-bit security level, recent costs estimations recommand to switch for BLS24 curves. However, using BLS24 curves for pairing requires to have an efficient arithmetic in Fp4.

In this paper, we transposed previous work on multiplication over extesnsion fields using Newton's interpolation to construct a new formula for multiplication in Fp4 and propose time x area efficient hardware implementation of this operation.

This co-processor is implemented on Kintex-7 Xilinx FPGA. The efficiency of our design in terms of time x area is almost 3 times better than previous specific architecture for multiplication in Fp4. Our architecture is used to estimate the efficiency of hardware implementations of full pairings on BLS12 and BLS24 curves with a 128-bit security level. This co-processeur can be easily modified to anticipate further curve changes.

Category / Keywords: implementation / pairing-based cryptography and multiplication over extension fields and polynomial interpolation and Newton's formula and exact divisions and hardware implementation and FPGA

Date: received 30 Oct 2020

Contact author: arthur lavice at external thalesgroup com

Available format(s): PDF | BibTeX Citation

Version: 20201102:104217 (All versions of this report)

Short URL: ia.cr/2020/1369