Skip to main content
SUPERVISOR
عمران احمدی درویشوند (استاد مشاور) رضا رضائیان فراشاهی (استاد راهنما)
 
STUDENT
Marjan Amini Azadani
مرجان امینی آزادانی

FACULTY - DEPARTMENT

دانشکده ریاضی
DEGREE
Master of Science (MSc)
YEAR
1392

TITLE

Efficient pairing computation on elliptic Curves
This thesis is an extension (and generalization) of the work(s) done by Christophe Arenea, Tanja Lange, Michael Naehrig, Christophe Ritzenthaler [10]. Until the late 1970’s, all cryptographic message transmission was by symmetric key. This means that someone who has enough information to encrypt messages also has enough information to decipher messages. As a result, any two users of the system who want to communicate secretly must have exchanged keys in a safe way, perhaps using a trusted courier. The arena for applying mathematics to cryptography expanded dramatically when Diffe and Hellman invented an entirely new type of cryptography, called public key .The heart of this concept is the idea of using a one-way function for encryption. Some of the purposes for which public-key cryptography has been applied are: confidential message identification systems, authentication, nonrepudiation, key establishment, electronic cash mechanisms, electronic voting schemes. In 1985, Koblitz and Miller independently proposed using the group of points on an elliptic curve defined over a finite field in discrete log cryptosystems. The primary advantage that elliptic curve systems have over systems based on the multiplicative group of a finite field (and also over systems based on the intractability of integer factorization) is the absence of a subexponential-time algorithm (such as those of index calculus type) that could find discrete logs in these groups. Consequently, one can use the elliptic curve group that is smaller in size while maintaining the same level of security. The result is potentially smaller key sizes, bandwidth savings, and faster implementations, features which are especially attractive for security applications where computational power and integrated circuit space are limited, such as smart cards and wireless devices. All this flexibility comes at a price: pairings are notoriously expensive in implementation complexity and processing time (and/or storage occupation, in a trade-off between time and space requirements). This imposes a very careful choice of algorithms and curves to make them really practical. The pioneering approach by Miller showed that pairings could be computed in polynomial time, but there is a large gap from there to a truly efficient implementation approach. So far two papers have attempted to compute pairings efficiently on Edwards curves: Das and Sarkar use the birational equivalence to Weierstrass curves to map the points on the Edwards curve to a Weierstrass curve on which the usual line functions are then evaluated. This approach comes at a huge performance penalty as these implicit pairing formulas need many field operations to evaluate them. Das and Sarkar then focus on supersingular curves with embedding degree k = 2 and develop explicit formulas for that case. Ionica and Joux use a different map to a curve of degree 3 and compute the 4-th power of the Tate pairing. The latter poses no problem for usage in protocols as long as all participating parties perform the same type of pairing computation. Their results are significantly faster than Das and Sarkar’s but they are still much slower than pairings on Weierstrass curves.
میلرو کوبلیتز استفاده از نقاط روی یک خم بیضوی را برای استفاده در سیستم های رمزنگاری بر پایه لگاریتم گسسته پیشنهاد کردند. اولین کاربرد زو جسازی ها با طراحی الگوریتم های حمله روی سیستم های رمز بر پایه لگاریتم گسسته بیان شد. خم های بیضوی با درجه نشاندن کوچک وزیرگروه با مرتبه اول بزرگ، در پیاده سازی سیستم های رمزنگاری بر اساس زوج سازی ها به کار از سال 2000 از زوج سازی به عنوان پایه های طراحی در رمزنگاری استفاده گردید و از آن پس زوج سازی مورد توجه زیادی قرار گرفت و دانشمندان زیادی روی سیستم های رمزنگاری بر اساس زوج سازی مطالعه کردند. در سال 200? میلر الگوریتمی به منظور محاسبه زوج سازی معرفی کرد که به الگوریتم میلر معروف است. در این پایان نامه با معرفی فرمول های جدیدی برای محاسبات موجود در الگوریتم میلر روی خم های وایراشتراس و ادوارز، سرعت محاسبات افزایش و هزینه های مربوطه کاهش می یابد.

ارتقاء امنیت وب با وف بومی