International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: New software speed records for cryptographic pairings

Michael Naehrig
Ruben Niederhagen
Peter Schwabe
Search ePrint
Search Google
Abstract: This paper presents new software speed records for the computation of cryptographic pairings. More specifically, we present details of an implementation which computes the optimal ate pairing on a 256-bit Barreto-Naehrig curve in only 4,379,912 cycles on one core of an Intel Core 2 Quad Q9550 processor. This speed is achieved by combining 1.) state-of-the-art high-level optimization techniques, 2.) a new representation of elements in the underlying finite fields which makes use of the special modulus arising from the Barreto-Naehrig curve construction, and 3.) implementing arithmetic in this representation using the double-precision floating-point SIMD instructions of the AMD64 architecture.
  title={New software speed records for cryptographic pairings},
  booktitle={IACR Eprint archive},
  keywords={implementation / Pairings, Barreto-Naehrig curves, ate pairing, amd64 architecture, modular arithmetic, SIMD floating-point instructions},
  note={,, 14804 received 6 Apr 2010, last revised 14 Jul 2010},
  author={Michael Naehrig and Ruben Niederhagen and Peter Schwabe},