## CryptoDB

### Chang-An Zhao

#### Publications

Year
Venue
Title
2015
EPRINT
2015
EPRINT
2010
EPRINT
Self-pairings have found interesting applications in cryptographic schemes. In this paper, we present a novel method for constructing a self-pairing on supersingular elliptic curves with even embedding degrees, which we call the Ateil pairing. This new pairing improves the efficiency of the self-pairing computation on supersingular curves over finite fields with large characteristics. Based on the $\eta_T$ pairing, we propose a generalization of the Ateil pairing, which we call the Ateil$_i$ pairing. The optimal Ateil$_i$ pairing which has the shortest Miller loop is faster than previously known self-pairings on supersingular elliptic curves over finite fields with small characteristics. We also present a new self-pairing based on the Weil pairing which is faster than the self-pairing based on the Tate pairing on ordinary elliptic curves with embedding degree $one$.
2008
EPRINT
In this paper, we suggest that all pairings be in a group from an abstract angle. It is possible that our observation can be applied into other aspects of pairing-based cryptosystems.
2008
EPRINT
In this paper, a super-optimal pairing based on the Weil pairing is proposed with great efficiency. It is the first approach to reduce the Miller iteration loop when computing the variants of the Weil pairing. The super-optimal pairing based on the Weil pairing is computed rather fast, while it is slightly slower than the previous fastest pairing on the corresponding elliptic curves.
2008
EPRINT
In this paper, we investigate to compute the variants based on the Weil pairing with short Miller iteration loops.
2007
EPRINT
The Ate pairing has been suggested since it can be computed efficiently on ordinary elliptic curves with small values of the traces of Frobenius $t$. However, not all pairing-friendly elliptic curves have this property. In this paper, we generalize the Ate pairing and find a series of variations of the Ate pairing. We show that the shortest Miller loop of the variations of the Ate pairing can possibly be as small as $r^{1/\varphi(k)}$ on more pairing-friendly curves generated by the method of complex multiplications, and hence speed up the pairing computation significantly.
2007
EPRINT
For AES 128 security level there are several natural choices for pairing-friendly elliptic curves. In particular, as we will explain, one might choose curves with $k=9$ or curves with $k=12$. The case $k=9$ has not been studied in the literature, and so it is not clear how efficiently pairings can be computed in that case. In this paper, we present efficient methods for the $k=9$ case, including generation of elliptic curves with the shorter Miller loop, the denominator elimination and speed up of the final exponentiation. Then we compare the performance of these choices. From the analysis, we conclude that for pairing-based cryptography at the AES 128 security level, the Barreto-Naehrig curves are the most efficient choice, and the performance of the case $k=9$ is comparable to the Barreto-Naehrig curves.
2006
EPRINT
In this paper we present an algorithm for computing the bilinear pairings on a family of non-supersingular elliptic curves with non-trivial automorphisms. We obtain a short iteration loop in Miller's algorithm using non-trivial ecient automorphisms. The proposed algorithm is as ecient as Scott's algorithm in [12].

#### Coauthors

Binglong Chen (2)
Chuangqiang Hu (1)
Jiwu Huang (3)
Xibin Lin (1)
Yanming Wang (1)
Dongqing Xie (1)
Fangguo Zhang (7)