Abstract
We present two contributions in this paper. First, we give a quantitative analysis of the scarcity of pairing-friendly genus 2 curves. This result is an improvement relative to prior work which estimated the density of pairing-friendly genus 2 curves heuristically. Second, we present a method for generating pairing-friendly parameters for which \({\rho\approx 8}\) , where ρ is a measure of efficiency in pairing-based cryptography. This method works by solving a system of equations given in terms of coefficients of the Frobenius element. The algorithm is easy to understand and implement.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Balakrishnan J., Belding J., Chisholm S., Eisenträger K., Stange K., Teske E.: Pairings on hyperelliptic curves. http://arxiv.org/PS_cache/arxiv/pdf/0908/0908.3731v2.pdf.
Balasubramanian R., Koblitz N.: The improbability that an elliptic curve has subexponential discrete log problem under the Menezes–Okamoto–Vanstone algorithm. J. Cryptol. 11(2), 141–145 (1998)
Bosma W., Cannon J., Playoust C.: The MAGMA algebra system I: the user language. J. Symb. Comput. 24(3–4), 235–265 (1997)
Cardona G., Quer J.: Field of moduli and field of definition for curves of genus 2. In: Shaska, T. (ed.) Computational Aspects of Algebraic Curves, vol. 13, pp. 71–83. World Scientific Publications, Hackensack (2005)
Eisenträger K., Lauter K.: A CRT algorithm for constructing genus 2 curves over finite fields. In: Arithmetic, Geometry and Coding Theory AGCT-10 (2005), Séminaires et Congrés 21, pp. 161–176. Société Mathématique de France, Paris (2009).
Freeman D.: Constructing pairing-friendly genus 2 curves over prime fields with ordinary Jacobians. In: Proceedings of Pairing-Based Cryptography (Pairing 2007), vol. 4575 of LNCS, pp. 152–176. Springer, Heidelberg (2007).
Freeman D.: A generalized Brezing-Weng algorithm for constructing pairing-friendly ordinary abelian varieties. In: Galbraith, S, Paterson, K (eds) Pairing-Based Cryptography—Pairing 2008, vol. 5209 of Lecture Notes in Computer Science, pp. 146–163. Springer, Berlin (2008)
Freeman D., Stevenhagen P., Streng M.: Abelian varieties with prescribed embedding degree. In: Algorithmic Number Theory VIII, pp. 60–73. Springer, Heidelberg (2008).
Freeman D., Scott M., Teske E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptol. 23, 224–280 (2010)
Freeman D.M., Satoh T.: Constructing pairing-friendly hyperelliptic curves using Weil restriction. J. Number Theory 131(5), 959–983 (2011)
Furukawa E., Kawazoe M., Takahashi T.: Counting points for hyperelliptic curves of type y 2 = x 5 + ax over finite prime fields. In: Matsui, M, Zuccherato, R (eds) Selected Areas in Cryptography, vol. 3006 of Lecture Notes in Computer Science, pp. 26–41. Springer, Berlin (2004)
Galbraith S.D., McKee J.F., Valenca P.C.: Ordinary abelian varieties having small embedding degree. Finite Fields Appl. 13(4), 800–814 (2007)
Gaudry P., Harley R.: Counting points on hyperelliptic curves over finite fields. In: Bosma, W (ed.) Algorithmic Number Theory, vol. 1838 of Lecture Notes in Computer Science, pp. 313–332. Springer, Berlin (2000)
Gaudry P., Houtmann T., Kohel D., Ritzenthaler C., Weng A.: The 2-adic CM method for genus 2 curves with application to cryptography. In: Lai, X, Chen, K (eds.) Advances in Cryptology ASIACRYPT 2006, vol. 4284 of Lecture Notes in Computer Science, pp. 114–129. Springer, Berlin (2006)
Hitt L.: Families of genus 2 curves with small embedding degree. J. Math. Cryptol. 3(1), 19–36 (2009)
Huxley M.N.: On the difference between consecutive primes. Invent. Math. 15, 164–170 (1972)
Kawazoe M., Takahashi T.: Pairing-friendly hyperelliptic curves with ordinary Jacobians of type y 2 = x 5 + ax. In: Galbraith, S, Paterson, K (eds.) Pairing-Based Cryptography—Pairing 2008, vol. 5209 of Lecture Notes in Computer Science, pp. 164–177. Springer, Berlin (2008)
Lenstra H.W. Jr., Pila J., Pomerance C.: A hyperelliptic smoothness test, II. Proc. Lond. Math. Soc. 84(1), 105–146 (2002)
Mestre J.-F.: Construction de courbes de genre 2 à à partir de leurs modules (Construction of genus 2 curves starting from their moduli). In: Effective Methods in Algebraic Geometry, Proceedings of Symposium on Castiglioncello/Italy 1990, Progress in Mathematics, vol. 94, pp. 313–334. Birkhäuser, Basel (1991).
Pohlig S., Hellman M.: An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans. Inf. Theory 24, 106–110 (1978)
Rubin K., Silverberg A.: Supersingular abelian varieties in cryptology. In: Yung, M (ed.) Advances in Cryptology—CRYPTO 2002, vol. 2442 of Lecture Notes in Computer Science, pp. 336–353. Springer, Berlin (2002)
Shang N.: Low genus algebraic curves in cryptography. PhD thesis, Purdue University, West Lafayette, USA, January 2009. https://www.cerias.purdue.edu/assets/pdf/bibtex_archive/2009-07.pdf.
Van Wamelen P.: Examples of genus two CM curves defined over the rationals. Math. Comput. 68(225), 307–320 (1999)
Weil A.: Variétés Abéliennes et Courbes Algébriques. Hermann, Paris (1948)
Weng A.: Constructing hyperelliptic curves of genus 2 suitable for cryptography. Math. Comput. 72(241), 435–458 (2002)
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by A. Enge.
Rights and permissions
About this article
Cite this article
Lauter, K., Shang, N. Generating pairing-friendly parameters for the CM construction of genus 2 curves over prime fields. Des. Codes Cryptogr. 67, 341–355 (2013). https://doi.org/10.1007/s10623-012-9611-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-012-9611-8