Pairing Optimizations for Isogeny-Based Cryptosystems

IF 1.3 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security Pub Date : 2024-10-03 DOI:10.1049/2024/9631360

Shiping Cai, Kaizhan Lin, Chang-An Zhao

{"title":"Pairing Optimizations for Isogeny-Based Cryptosystems","authors":"Shiping Cai, Kaizhan Lin, Chang-An Zhao","doi":"10.1049/2024/9631360","DOIUrl":null,"url":null,"abstract":"<div>\n <p>In isogeny-based cryptography, bilinear pairings are regarded as a powerful tool in various applications, including key compression, public key validation, and torsion basis generation. However, in most isogeny-based protocols, the performance of pairing computations is unsatisfactory due to the high computational cost of the Miller function. Reducing the computational expense of the Miller function is crucial for enhancing the overall performance of pairing computations in isogeny-based cryptography. This paper addresses this efficiency bottleneck. To achieve this, we propose several techniques for a better implementation of pairings in isogeny-based cryptosystems. We use (modified) Jacobian coordinates and present new algorithms for Miller function computations to compute pairings of order 2<sup>∙</sup> and 3<sup>∙</sup>. For pairings of arbitrary order, which are crucial for key compression in some SIDH-based schemes (such as M-SIDH and binSIDH), we combine Miller doublings with Miller additions/subtractions, leading to a considerable speedup. Moreover, the optimizations for pairing applications in CSIDH-based protocols are also considered in this paper. In particular, our approach for supersingularity verification in CSIDH is 15.3% faster than Doliskani’s test, which is the state-of-the-art.</p>\n </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2024-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/9631360","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/2024/9631360","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In isogeny-based cryptography, bilinear pairings are regarded as a powerful tool in various applications, including key compression, public key validation, and torsion basis generation. However, in most isogeny-based protocols, the performance of pairing computations is unsatisfactory due to the high computational cost of the Miller function. Reducing the computational expense of the Miller function is crucial for enhancing the overall performance of pairing computations in isogeny-based cryptography. This paper addresses this efficiency bottleneck. To achieve this, we propose several techniques for a better implementation of pairings in isogeny-based cryptosystems. We use (modified) Jacobian coordinates and present new algorithms for Miller function computations to compute pairings of order 2^∙ and 3^∙. For pairings of arbitrary order, which are crucial for key compression in some SIDH-based schemes (such as M-SIDH and binSIDH), we combine Miller doublings with Miller additions/subtractions, leading to a considerable speedup. Moreover, the optimizations for pairing applications in CSIDH-based protocols are also considered in this paper. In particular, our approach for supersingularity verification in CSIDH is 15.3% faster than Doliskani’s test, which is the state-of-the-art.

查看原文本刊更多论文

基于同源密码系统的配对优化

在基于同源的密码学中，双线性配对被视为各种应用中的有力工具，包括密钥压缩、公钥验证和扭转基础生成。然而，在大多数基于同源的协议中，由于米勒函数的计算成本较高，配对计算的性能并不令人满意。降低米勒函数的计算成本对于提高基于同源密码学的配对计算的整体性能至关重要。本文旨在解决这一效率瓶颈。为此，我们提出了几种在基于同源密码系统中更好地实现配对的技术。我们使用（修正的）雅各布坐标，并提出了米勒函数计算的新算法，以计算 2 阶和 3 阶的配对。对于一些基于 SIDH 的方案（如 M-SIDH 和 binSIDH）中对密钥压缩至关重要的任意阶配对，我们将米勒加倍与米勒加减相结合，从而大大加快了速度。此外，本文还考虑了基于 CSIDH 协议的配对应用优化。特别是，我们在 CSIDH 中的超奇异性验证方法比最先进的 Doliskani 检验方法快 15.3%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IET Information Security 工程技术-计算机：理论方法

CiteScore

3.80

自引率

7.10%

发文量

审稿时长

8.6 months

期刊介绍： IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls. Scope: Access Control and Database Security Ad-Hoc Network Aspects Anonymity and E-Voting Authentication Block Ciphers and Hash Functions Blockchain, Bitcoin (Technical aspects only) Broadcast Encryption and Traitor Tracing Combinatorial Aspects Covert Channels and Information Flow Critical Infrastructures Cryptanalysis Dependability Digital Rights Management Digital Signature Schemes Digital Steganography Economic Aspects of Information Security Elliptic Curve Cryptography and Number Theory Embedded Systems Aspects Embedded Systems Security and Forensics Financial Cryptography Firewall Security Formal Methods and Security Verification Human Aspects Information Warfare and Survivability Intrusion Detection Java and XML Security Key Distribution Key Management Malware Multi-Party Computation and Threshold Cryptography Peer-to-peer Security PKIs Public-Key and Hybrid Encryption Quantum Cryptography Risks of using Computers Robust Networks Secret Sharing Secure Electronic Commerce Software Obfuscation Stream Ciphers Trust Models Watermarking and Fingerprinting Special Issues. Current Call for Papers: Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf