Browse > Article

Construction of Efficient and Secure Pairing Algorithm and Its Application  

Choi, Doo-Ho (Electronics and Telecommunications Research Institute (ETRI))
Han, Dong-Guk (Electronics and Telecommunications Research Institute (ETRI))
Kim, Ho-Won (Department of Computer Engineering, Pusan National University)
Publication Information
Abstract
The randomized projective coordinate (RPC) method applied to a pairing computation algorithm is a good solution that provides an efficient countermeasure against side channel attacks. In this study, we investigate measures for increasing the efficiency of the RPC-based countermeasures and construct a method that provides an efficient RPC-based countermeasure against side channel attacks. We then apply our method to the well-known $\eta_T$ pairing algorithm over binary fields and obtain an RPC-based countermeasure for the $\eta_T$ pairing; our method is more efficient than the RPC method applied to the original $\eta_T$ pairing algorithm.
Keywords
Differential power analysis (DPA); Eta pairing; randomized projective coordinate (RPC); side channel attacks (SCAs); Tate pairing;
Citations & Related Records

Times Cited By Web Of Science : 1  (Related Records In Web of Science)
Times Cited By SCOPUS : 1
연도 인용수 순위
1 S. D. Galbraith, K. Harrison, and D. Soldera, "Implementing the Tate pairing," in Proc. ANTS V, 2002, LNCS 2369, pp. 324-337.
2 S. Kwon, "Efficient Tate pairing computation for elliptic curves over binary fields," in Proc. ACISP 2005, LNCS 3574, pp. 134-145.
3 P. S. L. M. Barreto, S. Galbraith, C. OhEigeartaigh, and M. Scott, "Efficient pairing computation on supersingular abelian varieties," Designs, Codes, and Cryptography, vol. 42, no. 3, pp. 239-271, 2007.   DOI
4 P. Kocher, "Timing attacks on implementations of diffie-Hellman, RSA, DSS, and other systems," in Proc. CRYPTO 1996, LNCS 1109, pp. 104-113.
5 P. S. L. M. Barreto, B. Lynn, and M. Scott, "On the selection of pairingfriendly groups," in Proc. SAC 2003, LNCS 3006, pp. 17-25.
6 G. Frey and H. G. R¨uck, "A remark concening m-divisibility and the discrete logarithm in the divisor class group of curves," Math. Comput., vol. 62, pp. 865-874, 1994.   DOI
7 C. Whelan and M. Scott, "Side channel analysis of practical pairing implementations: Which path is more secure?" Cryptography ePrint Archive, Report 2006/237, 2006. [Online]. Available: http://eprint.iacr.org/2006/ 237.
8 J. C. Cha and J. H. Cheon, "An indentity-based signature from gap diffie- Hellman groups," in Proc. PKC 2003, LNCS 2567, pp. 18-30.
9 R. Sakai and M. Kasahara, "ID based cryptosystems with pairing on elliptic curve," Cryptography ePrint Archive, Report 2003/054, 2003. [Online]. Available: http://eprint.iacr.org/2003/054.
10 K. G. Paterson, "ID-based signature from pairings on elliptic curves," Electron. Lett., vol. 38, no. 18, pp. 1025-1026, 2002.   DOI   ScienceOn
11 D. Page and F. Vercauteren, "Fault and sde-channel attacks on pairing based cryptography," Cryptology ePrint Archive, Report 2004/283, 2005. [Online]. Available: http://eprint.iacr.org/2004/283.
12 M. Scott, "Computing the Tate pairing," in Proc. CT-RSA 2005, LNCS 3376, pp. 293-304.
13 F. Hess, "Exponent group signature schemes and efficient identity based signature schems based on pairing," in Proc. SAC 2002, LNCS 2595, pp. 310-324.
14 A. Joux, "A one round protocol for tripartite diffie-Hellman," J. Cryptology, vol. 17, no. 4, pp. 263-276, 2004.
15 V. S. Miller, "Short programs for functions on curves," unpublished manuscript, 1986.
16 P. S. L. M. Barreto, H. Y. Kim, B. Lynn, and M. Scott, "Efficient algorithms for pairing-based cryptosystems," in Proc. CRYPTO 2002, LNCS 2442, pp. 354-368.
17 A. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, 1993.
18 K. Fong, D. Hankerson, J. L'opez, and A. Menezes, "Field inversion and point halving revisited," Technical Report CORR 2003-18, University of Waterloo, Aug. 2002.
19 C. Kocher, J. Jaffe, and B. Jun, "Differential power analysis," in Proc. CRYPTO 1999, LNCS 1666, pp. 388-397.
20 T. H. Kim, T. Takagi, D.-G. Han, H. W. Kim, and J. Lim, "Side channel attacks and countermeasures on pairing based cyrptosystems over binary fields," in Proc. CANS 2006, LNCS 4301, pp. 168-181.
21 I. Duursma and H.-S. Lee, "Tate pairing implementation for hyperelliptic curves $y^2$ = $x^p$ − x + d," in Proc. Asiacrypt 2003, LNCS 2894, pp. 111-123.
22 D. Boneh and M. Franklin, "Identity based encryption from the Weil pairing," SIAM J. Comput., vol. 32, no. 3, pp. 586-615, 2003.   DOI   ScienceOn
23 A. Menezes, T. Okamoto, and S. Vanstone, "Reducing elliptic curve logarithms to logarithms in a finite field," IEEE Trans. Inf. Theory, vol. 39, no. 5, pp. 1639-1646, 1993.   DOI   ScienceOn
24 D. Hankerson, J. L. Hernandez, and A. Menezes, "Software implementation of elliptic curve cryptography over binary fields," in Proc. CHES 2000, LNCS 1965, pp. 1-24.
25 D. Boneh, B. Lynn, and H. Shacham, "Short signatures from the Weil pairing," J. Cryptology, vol. 17, no. 4, pp. 297-319, 2004.
26 N. P. Smart, "An identity based authentication key agreement protocol based on pairing," Electron. Lett., vol. 38, no. 13, pp. 630-632, 2002.   DOI   ScienceOn
27 A. K. Lenstra and E. R. Verheul, "The XTR public key system," in Proc. CRYPTO 2000, LNCS 1880, pp. 1-19.
28 F. Hess, N. Smart, and F. Vercauteren, "The eta pairing revisited," IEEE Trans. Inf. Theory, vol. 52 no. 10, pp. 4595-4602, 2006.   DOI   ScienceOn