Francisco Rodríguez-Henríquez

High-speed software implementation of the optimal ate pairing over Barreto-Naehrig curves

This paper describes the design of a fast software library for the computation of the optimal ate pairing on a Barreto-Naehrig elliptic curve. Our library is able to compute the optimal ate pairing over a 254-bit prime field Fp, in just 2.33 million of clock cycles on a single core of an Intel Core i7 2.8GHz processor, which implies that the pairing computation takes 0.832msec. We are able to achieve this performance by a careful implementation of the base field arithmetic through the usage of the customary Montgomery multiplier for prime fields. The prime field is constructed via the Barreto-Naehrig polynomial parametrization of the prime p given as, p = 36t4 + 36t3 + 24t2 + 6t + 1, with t = 262 - 254 + 244. This selection of t allows us to obtain important savings for both the Miller loop as well as the final exponentiation steps of the optimal ate pairing.

A parallel architecture for fast computation of elliptic curve scalar multiplication over GF(2/sup m/)

Summary form only given. We present a generic parallel architecture for fast elliptic curve scalar multiplication over binary extension fields. We show how the parallel strategy followed in this work leads to high performance designs. We also implemented the proposed architecture on reconfigurable hardware devices where the predicted expeditious performance figures were actually obtained. The results achieved show that our proposed design is able to compute GF(2/sup 191/) elliptic curve scalar multiplication operations in 56.44 /spl mu/Secs.

A fast parallel implementation of elliptic curve point multiplication over GF(2m)

Abstract A fast parallel architecture for the implementation of elliptic curve scalar multiplication over binary fields is presented. The proposed architecture is implemented on a single-chip FPGA device using parallel strategies that trades area requirements for timing performance. The results achieved show that our proposed design is able to compute GF(2191) elliptic curve scalar multiplication operations in 63 μs.

Multi-core Implementation of the Tate Pairing over Supersingular Elliptic Curves

This paper describes the design of a fast multi-core library for the cryptographic Tate pairing over supersingular elliptic curves. For the computation of the reduced modified Tate pairing over

Implementing pairings at the 192-bit security level

\mathbb{F}_{3^{509}}

Speeding scalar multiplication over binary elliptic curves using the new carry-less multiplication instruction

, we report calculation times of just 2.94 ms and 1.87 ms on the Intel Core2 and Intel Core i7 architectures, respectively. We also try to answer one important design question that arises: how many cores should be utilized for a given application?

Faster implementation of scalar multiplication on koblitz curves

We implement asymmetric pairings derived from Kachisa-Schaefer-Scott (KSS), Barreto-Naehrig (BN), and Barreto-Lynn-Scott (BLS) elliptic curves at the 192-bit security level. Somewhat surprisingly, we find pairings derived from BLS curves with embedding degree 12 to be the fastest for our serial as well as our parallel implementations. Our serial implementations provide a factor-3 speedup over the previous state-of-the-art, demonstrating that pairing computation at the 192-bit security level is not as expensive as previously thought. We also present a general framework for deriving a Weil-type pairing that is well-suited for computing a single pairing on a multi-processor machine.

Faster hashing to G 2

The availability of a new carry-less multiplication instruction in the latest Intel desktop processors significantly accelerates multiplication in binary fields and hence presents the opportunity for reevaluating algorithms for binary field arithmetic and scalar multiplication over elliptic curves. We describe how to best employ this instruction in field multiplication and the effect on performance of doubling and halving operations. Alternate strategies for implementing inversion and half-trace are examined to restore most of their competitiveness relative to the new multiplier. These improvements in field arithmetic are complemented by a study on serial and parallel approaches for Koblitz and random curves, where parallelization strategies are implemented and compared. The contributions are illustrated with experimental results improving the state-of-the-art performance of halving and doubling-based scalar multiplication on NIST curves at the 112- and 192-bit security levels and a new speed record for side-channel-resistant scalar multiplication in a random curve at the 128-bit security level. The algorithms presented in this work were implemented on Westmere and Sandy Bridge processors, the latest generation Intel microarchitectures.

A fast implementation of multiplicative inversion over GF(2/sup m/)

We design a state-of-the-art software implementation of field and elliptic curve arithmetic in standard Koblitz curves at the 128-bit security level. Field arithmetic is carefully crafted by using the best formulae and implementation strategies available, and the increasingly common native support to binary field arithmetic in modern desktop computing platforms. The i-th power of the Frobenius automorphism on Koblitz curves is exploited to obtain new and faster interleaved versions of the well-known τNAF scalar multiplication algorithm. The usage of the

Lambda coordinates for binary elliptic curves

\tau^{\lfloor m/3 \rfloor}