International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Secure Delegation of Elliptic-Curve Pairing

Benoit Chevallier-Mames
Jean-S├ębastien Coron
Noel McCullagh
David Naccache
Michael Scott
Search ePrint
Search Google
Abstract: In this paper we describe a simple protocol for securely delegating elliptic-curve pairings. A computationally limited device (typically a smart-card) will delegate the computation of the pairing e(A,B) to a more powerful device (for example a PC), in such a way that: 1. the powerful device learns nothing about the points being paired (A and B), nor about the pairing?s result e(A,B), 2. and the limited device is able to detect when the powerful device is cheating. We also describe more efficient variants of our protocol when one of the points or both are already known, and further efficiency gains when constant points are used.
  title={Secure Delegation of Elliptic-Curve Pairing},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / Pairings, Smartcards},
  note={ 12929 received 24 May 2005, last revised 26 May 2005},
  author={Benoit Chevallier-Mames and Jean-S├ębastien Coron and Noel McCullagh and David Naccache and Michael Scott},