Experimental analysis of cheon’s algorithm against pairing-friendly curves

Tetsuya Izu; Masahiko Takenaka; Masaya Yasuda

doi:10.2197/ipsjjip.19.441

Experimental analysis of cheon’s algorithm against pairing-friendly curves

Tetsuya Izu, Masahiko Takenaka, Masaya Yasuda

Research output: Contribution to journal › Article › peer-review

2 Citations (Scopus)

Abstract

Let G be an additive group generated by an element G of prime order r. The discrete logarithm problem with auxiliary input (DLPwAI) is a problem to find α on inputs G, αG, α^dG ∈ G for a positive integer d dividing r − 1. The infeasibility of DLPwAI ensures the security of some pairing-based cryptographic schemes. In 2006, Cheon proposed an algorithm for solving DLPwAI which works better than conventional algorithms. In this paper, we report our experimental results of Cheon’s algorithm on a pairing-friendly elliptic curve defined over GF(3¹²⁷). Moreover, based on our experimental results, we estimate the required cost of Cheon’s algorithm to solve DLPwAI on some pairing-friendly elliptic curves over a finite field of characteristic 3. Our estimation implies that DLPwAI on a part of pairing-friendly curves can be solved at reasonable cost when the optimal parameter d is chosen.

Original language	English
Pages (from-to)	441-450
Number of pages	10
Journal	Journal of information processing
Volume	19
DOIs	https://doi.org/10.2197/ipsjjip.19.441
Publication status	Published - 2011
Externally published	Yes

All Science Journal Classification (ASJC) codes

Computer Science(all)

Access to Document

10.2197/ipsjjip.19.441

Cite this

@article{f8a40009649a4ee2a7ad08bb2ef2fb15,

title = "Experimental analysis of cheon{\textquoteright}s algorithm against pairing-friendly curves",

abstract = "Let G be an additive group generated by an element G of prime order r. The discrete logarithm problem with auxiliary input (DLPwAI) is a problem to find α on inputs G, αG, αdG ∈ G for a positive integer d dividing r − 1. The infeasibility of DLPwAI ensures the security of some pairing-based cryptographic schemes. In 2006, Cheon proposed an algorithm for solving DLPwAI which works better than conventional algorithms. In this paper, we report our experimental results of Cheon{\textquoteright}s algorithm on a pairing-friendly elliptic curve defined over GF(3127). Moreover, based on our experimental results, we estimate the required cost of Cheon{\textquoteright}s algorithm to solve DLPwAI on some pairing-friendly elliptic curves over a finite field of characteristic 3. Our estimation implies that DLPwAI on a part of pairing-friendly curves can be solved at reasonable cost when the optimal parameter d is chosen.",

author = "Tetsuya Izu and Masahiko Takenaka and Masaya Yasuda",

note = "Publisher Copyright: {\textcopyright} 2011 Information Processing Society of Japan.",

year = "2011",

doi = "10.2197/ipsjjip.19.441",

language = "English",

volume = "19",

pages = "441--450",

journal = "Journal of information processing",

issn = "0387-5806",

publisher = "Information Processing Society of Japan",

}

TY - JOUR

T1 - Experimental analysis of cheon’s algorithm against pairing-friendly curves

AU - Izu, Tetsuya

AU - Takenaka, Masahiko

AU - Yasuda, Masaya

PY - 2011

Y1 - 2011

N2 - Let G be an additive group generated by an element G of prime order r. The discrete logarithm problem with auxiliary input (DLPwAI) is a problem to find α on inputs G, αG, αdG ∈ G for a positive integer d dividing r − 1. The infeasibility of DLPwAI ensures the security of some pairing-based cryptographic schemes. In 2006, Cheon proposed an algorithm for solving DLPwAI which works better than conventional algorithms. In this paper, we report our experimental results of Cheon’s algorithm on a pairing-friendly elliptic curve defined over GF(3127). Moreover, based on our experimental results, we estimate the required cost of Cheon’s algorithm to solve DLPwAI on some pairing-friendly elliptic curves over a finite field of characteristic 3. Our estimation implies that DLPwAI on a part of pairing-friendly curves can be solved at reasonable cost when the optimal parameter d is chosen.

AB - Let G be an additive group generated by an element G of prime order r. The discrete logarithm problem with auxiliary input (DLPwAI) is a problem to find α on inputs G, αG, αdG ∈ G for a positive integer d dividing r − 1. The infeasibility of DLPwAI ensures the security of some pairing-based cryptographic schemes. In 2006, Cheon proposed an algorithm for solving DLPwAI which works better than conventional algorithms. In this paper, we report our experimental results of Cheon’s algorithm on a pairing-friendly elliptic curve defined over GF(3127). Moreover, based on our experimental results, we estimate the required cost of Cheon’s algorithm to solve DLPwAI on some pairing-friendly elliptic curves over a finite field of characteristic 3. Our estimation implies that DLPwAI on a part of pairing-friendly curves can be solved at reasonable cost when the optimal parameter d is chosen.

UR - http://www.scopus.com/inward/record.url?scp=84861656520&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84861656520&partnerID=8YFLogxK

U2 - 10.2197/ipsjjip.19.441

DO - 10.2197/ipsjjip.19.441

M3 - Article

AN - SCOPUS:84861656520

SN - 0387-5806

VL - 19

SP - 441

EP - 450

JO - Journal of information processing

JF - Journal of information processing

ER -

Experimental analysis of cheon’s algorithm against pairing-friendly curves

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this