CryptoDB
Pairing with Supersingular Trace Zero Varieties Revisited
| Authors: | |
|---|---|
| Download: | |
| Abstract: | A Trace Zero Variety is a specific subgroup of the group of the divisor classes on a hyperelliptic curve $C/\F_q$, which are rational over a small degree extension $\F_{q^r}$ of the definition field. Trace Zero Varieties (\tzv) are interesting for cryptographic applications since they enjoy properties that can be exploited to achieve fast arithmetic and group construction. Furthermore, supersingular \tzv allows to achieve higher MOV security per bit than supersingular elliptic curves, thus making them interesting for applications in pairing-based cryptography. In this paper we survey algorithms in literature for computing bilinear pairings and we present a new algorithm for the Tate pairing over supersingular \tzv, which exploits the action of the $q$-Frobenius. We give explicit examples and provide experimental results for supersingular \tzv defined over fields of characteristic 2. Moreover, in the same settings, we propose a more efficient variant of the Silverberg's point compression algorithm. |
BibTeX
@misc{eprint-2008-18177,
title={Pairing with Supersingular Trace Zero Varieties Revisited},
booktitle={IACR Eprint archive},
keywords={implementation / trace zero variety, supersingular elliptic curve, tate pairing, miller function},
url={http://eprint.iacr.org/2008/404},
note={ emanuele.cesena@gmail.com 14144 received 22 Sep 2008},
author={Emanuele Cesena},
year=2008
}