• Journal of the Korean Mathematical Society
• /
• v.45 no.4
• /
• pp.1057-1073
• /
• 2008

We present an explicit Eta pairing approach for computing the Tate pairing on general divisors of hyperelliptic curves $H_d$ of genus 2, where $H_d\;:\;y^2+y=x^5+x^3+d$ is defined over ${\mathbb{F}}_{2^n}$ with d=0 or 1. We use the resultant for computing the Eta pairing on general divisors. Our method is very general in the sense that it can be used for general divisors, not only for degenerate divisors. In the pairing-based cryptography, the efficient pairing implementation on general divisors is significantly important because the decryption process definitely requires computing a pairing of general divisors.

• Communications of the Korean Mathematical Society
• /
• v.20 no.3
• /
• pp.611-621
• /
• 2005

This paper introduces an ID based authenticated two pass key agreement protocol of Smart[4] which used the Weil pairing. We propose other an ID based authenticated two pass key agreement protocol which using the Tate Pairing. We will compare protocol of Smart with this protocol.

• Journal of Communications and Networks
• /
• v.10 no.4
• /
• pp.437-443
• /
• 2008

The randomized projective coordinate (RPC) method applied to a pairing computation algorithm is a good solution that provides an efficient countermeasure against side channel attacks. In this study, we investigate measures for increasing the efficiency of the RPC-based countermeasures and construct a method that provides an efficient RPC-based countermeasure against side channel attacks. We then apply our method to the well-known $\eta_T$ pairing algorithm over binary fields and obtain an RPC-based countermeasure for the $\eta_T$ pairing; our method is more efficient than the RPC method applied to the original $\eta_T$ pairing algorithm.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.2
• /
• pp.70-79
• /
• 2013

Recently, there has been introduced various types of pairing computations to implement ID based cryptosystem for mobile ad hoc network. The Miller algorithm is the most popular algorithm for the typical pairing computation such as Weil, Tate and Ate. In this paper, we analyze the feasibility of concrete data fault injection attack, which was proposed by Whelan and Scott, in terms of regardless of round positions during the execution of the Miller algorithm. As the simulation results, the proposed attack that can be employed to regardless of round positions and coordinate systems is effective and powerful.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.11-25
• /
• 2011

The Miller algorithm is employed in the typical pairing computation such as Weil, Tate and Ate for implementing ID based cryptosystem. By analyzing the Mrabet's attack that is one of fault attacks against the Miller algorithm, this paper presents au efficient fault attack in Affine coordinate system, it is the most basic coordinates for construction of elliptic curve. The proposed attack is the effective model of a count check fault attack, it is verified to work well by practical fault injection experiments and can omit the probabilistic analysis that is required in the previous counter fault model.

• Communications of the Korean Mathematical Society
• /
• v.15 no.1
• /
• pp.37-44
• /
• 2000

In this paper, for a given p-adic quasicharacter $c_{v}$ : $k_{v}$longrightarrow $Q_{p}$ satisfying a special condition, we will explicitly construct an admissible pairing corresponding to $c_{v}$. We define a p-adic height on the arbitrary abelian varieties associated to divisors and $c_{v}$ by using admissible pairings at every nonarchimedean places. We also show that our p-adic height satisfies similar properties of Neron-Tate's canonical p-adic height.t.ght.t.t.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.3-11
• /
• 2011

Evaluation of cube roots in characteristic three finite fields is required for Tate (or modified Tate) pairing computation. The Hamming weights (the number of nonzero coefficients) in the polynomial representations of $x^{1/3}$ and $x^{2/3}$ determine the efficiency of cube roots computation, where $F_{3^m}$is represented as $F_3[x]/(f)$ and $f(x)=x^m+ax^k+b{\in}F_3[x]$ (a, $b{\in}F_3$) is an irreducible trinomial. O. Ahmadi et al. determined the Hamming weights of $x^{1/3}$ and $x^{2/3}$ for all irreducible trinomials. In this paper, we present formulas for cube roots in $F_{3^m}$ using the shifted polynomial basis(SPB). Moreover, we provide the suitable shifted polynomial basis bring no further modular reduction process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.83-90
• /
• 2011

Recently, pairings over elliptic curve have been applied for various ID-based encryption/signature/authentication/key agreement schemes. For efficiency, the $Eta_T$ pairings over GF($P^n$) (P = 2, 3) were invented, however, they are vulnerable to side channel attacks such as DPA because of their symmetric computation structure compared to other pairings such as Tate, Ate pairings. Several countermeasures have been proposed to prevent side channel attacks. Especially, Masaaki Shirase's method is very efficient with regard to computational efficiency, however, it has security flaws. This paper examines closely the security flaws of RVA-based countermeasure on $Eta_T$ Pairing algorithm from the implementation point of view.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.1C
• /
• pp.14-21
• /
• 2011

Cryptographic protocols based on bilinear pairings provide excellent alternatives to conventional elliptic curve cryptosystems based on discrete logarithm problems. Through active research has been done toward fast computation of the bilinear pairings, it is still believed that the computational cost of one pairing computation is heavier than the cost of one ECC scalar multiplication. However, there have been many progresses in pairing computations over binary fields. In this paper, we compare the cost of BLS signature scheme with ECDSA with equvalent level of security parameters. Analysis shows that the cost of the pairing computation is quite comparable to the cost of ECC scalar multiplication for the case of binary fields.