Paper 2023/1542

Don’t Forget Pairing-Friendly Curves with Odd Prime Embedding Degrees

Yu Dai
Fangguo Zhang
Chang-an Zhao
Abstract

Pairing-friendly curves with odd prime embedding degrees at the 128-bit security level, such as BW13-310 and BW19-286, sparked interest in the field of public-key cryptography as small sizes of the prime fields. However, compared to mainstream pairing-friendly curves at the same security level, i.e., BN446 and BLS12-446, the performance of pairing computations on BW13-310 and BW19-286 is usually considered ineffcient. In this paper we investigate high performance software implementations of pairing computation on BW13-310 and corresponding building blocks used in pairing-based protocols, including hashing, group exponentiations and membership testings. Firstly, we propose effcient explicit formulas for pairing computation on this curve. Moreover, we also exploit the state-of-art techniques to implement hashing in G1 and G2, group exponentiations and membership testings. In particular, for exponentiations in G2 and GT , we present new optimizations to speed up computational effciency. Our implementation results on a 64-bit processor show that the gap in the performance of pairing computation between BW13-310 and BN446 (resp. BLS12-446) is only up to 4.9% (resp. 26%). More importantly, compared to BN446 and BLS12-446, BW13- 310 is about 109.1% − 227.3%, 100% − 192.6%, 24.5% − 108.5% and 68.2% − 145.5% faster in terms of hashing to G1, exponentiations in G1 and GT , and membership testing for GT , respectively. These results reveal that BW13-310 would be an interesting candidate in pairing-based cryptographic protocols.

Metadata
Available format(s)
PDF
Publication info
A minor revision of an IACR publication in TCHES 2023
Contact author(s)
eccdaiy39 @ gmail com
isszhfg @ mail sysu edu cn
zhaochan3 @ mail sysu edu cn
History
2024-05-28: revised
2023-10-08: received
See all versions
Short URL
https://ia.cr/2023/1542
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1542,
      author = {Yu Dai and Fangguo Zhang and Chang-an Zhao},
      title = {Don’t Forget Pairing-Friendly Curves with Odd Prime Embedding Degrees},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1542},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1542}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.