## CryptoDB

### Paper: Scaling security in pairing-based protocols

Authors: Michael Scott URL: http://eprint.iacr.org/2005/139 Search ePrint Search Google In number theoretic cryptography there is always the problem of scaling-up security to a higher level. This usually means increasing the size of the modulus, from, say 1024 bits to 2048 bits. In pairing-based cryptography however another option is available, keeping the modulus constant and increasing instead the embedding degree. This has a big potential advantage in smart-card and embedded applications -- security can be scaled up while continuing to use the same sized calculations. For example a cryptographic co-processor which does 512-bit modular multiplications can be directly re-used in the higher security setting. Here we investigate the scaling-up issue in the context of prime characteristic non-supersingular elliptic curves. We also confirm the observation that at higher levels of security a slightly modified Weil pairing becomes more efficient than the Tate pairing.
##### BibTeX
@misc{eprint-2005-12475,
title={Scaling security in pairing-based protocols},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / Pairing-based cryptosystems},
url={http://eprint.iacr.org/2005/139},
note={ mike@computing.dcu.ie 13203 received 10 May 2005, last revised 24 Feb 2006},
author={Michael Scott},
year=2005
}