Paper 2024/1790
Revisiting subgroup membership testing on pairing-friendly curves via the Tate pairing
Abstract
In 2023, Koshelev introduced an efficient method of subgroup membership testing for a list of non-pairing-friendly curves, using at most two small Tate pairings. In fact, this technique can also be applied to certain pairing-friendly curves, e.g., from the BLS and BW13 families. In this paper, we revisit Koshelev's method and propose simplified formulas for computing the two Tate pairings. Compared to the original formulas, ours reduce both the number of Miller's iterations and the storage requirements. Furthermore, we provide a high-speed software implementation on a 64-bit processor. Our experimental results show that the new method outperforms the state-of-the-art one by up to
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- pairing-friendly curvessubgroup membership testingTate pairing
- Contact author(s)
-
eccdaiy39 @ gmail com
hedebiao @ whu edu cn
dimitri koshelev @ gmail com
cpeng @ whu edu cn
zjyang math @ whu edu cn - History
- 2025-03-09: last of 2 revisions
- 2024-11-02: received
- See all versions
- Short URL
- https://ia.cr/2024/1790
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1790,
author = {Yu Dai and Debiao He and Dmitri Koshelev and Cong Peng and Zhijian Yang},
title = {Revisiting subgroup membership testing on pairing-friendly curves via the Tate pairing},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1790},
year = {2024},
url = {https://eprint.iacr.org/2024/1790}
}
