A taxonomy of pairings, their security, their complexity
| hal.structure.identifier | Institut de Mathématiques de Bordeaux [IMB] | |
| hal.structure.identifier | Lithe and fast algorithmic number theory [LFANT] | |
| hal.structure.identifier | Analyse cryptographique et arithmétique [CANARI] | |
| dc.contributor.author | BARBULESCU, Razvan | |
| hal.structure.identifier | École des Mines de Saint-Étienne [Mines Saint-Étienne MSE] | |
| dc.contributor.author | EL MRABET, Nadia | |
| hal.structure.identifier | École des Mines de Saint-Étienne [Mines Saint-Étienne MSE] | |
| dc.contributor.author | GHAMMAM, Loubna | |
| dc.date.accessioned | 2024-04-04T02:47:27Z | |
| dc.date.available | 2024-04-04T02:47:27Z | |
| dc.date.created | 2020-08-31 | |
| dc.identifier.uri | https://oskar-bordeaux.fr/handle/20.500.12278/191641 | |
| dc.description.abstractEn | A recent NFS attack against pairings made it necessary to increase the key sizes of the most popular families of pairings : BN, BLS12, KSS16, KSS18 and BLS24. The attack applies to other families of pairings but not to all. In this paper we compute the key sizes required for more than 150 families of pairings to verify if there are any other families which are better than BN. The security estimation is not straightforward because it is not a mathematical formula, but rather one has to instantiate the Kim-Barbulescu attack by proposing polynomials and parameters for each pairing friendly elliptic curve. After estimating the practical security of an extensive list of families, we compute the complexity of the optimal Ate pairing at 128, 192 and 256 bits of security. For some of the families the optimal Ate has never been studied before. We show that a number of families of embedding degree 9, 10, 14 and 15 are very competitive with BN , BLS12 and KSS16 at 128 bits of security. We identify a set of candidates for 192 bits and 256 bits of security. | |
| dc.language.iso | en | |
| dc.subject.en | Pairings | |
| dc.subject.en | Elliptic Curves | |
| dc.subject.en | Number Field Sieve | |
| dc.subject.en | Discrete Logarithm Problem | |
| dc.title.en | A taxonomy of pairings, their security, their complexity | |
| dc.type | Document de travail - Pré-publication | |
| dc.subject.hal | Informatique [cs]/Cryptographie et sécurité [cs.CR] | |
| bordeaux.hal.laboratories | Institut de Mathématiques de Bordeaux (IMB) - UMR 5251 | * |
| bordeaux.institution | Université de Bordeaux | |
| bordeaux.institution | Bordeaux INP | |
| bordeaux.institution | CNRS | |
| hal.identifier | hal-02129868 | |
| hal.version | 1 | |
| hal.origin.link | https://hal.archives-ouvertes.fr//hal-02129868v1 | |
| bordeaux.COinS | ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.au=BARBULESCU,%20Razvan&EL%20MRABET,%20Nadia&GHAMMAM,%20Loubna&rft.genre=preprint |
Fichier(s) constituant ce document
| Fichiers | Taille | Format | Vue |
|---|---|---|---|
|
Il n'y a pas de fichiers associés à ce document. |
|||