On Software Parallel Implementation of Cryptographic Pairings

@inproceedings{Grabher2008OnSP,
  title={On Software Parallel Implementation of Cryptographic Pairings},
  author={Philipp Grabher and Johann Gro{\ss}sch{\"a}dl and Dan Page},
  booktitle={IACR Cryptol. ePrint Arch.},
  year={2008}
}
A significant amount of research has focused on methods to improve the efficiency of cryptographic pairings; in part this work is motivated by the wide range of applications for such primitives. Although numerous hardware accelerators for pairing evaluation have used parallelism within extension field arithmetic to improve efficiency, thus far less emphasis has been placed on software exploitation of similar. In this paper we focus on parallelism within one pairing evaluation (intra-pairing… 
FPGA Implementation of Pairings Using Residue Number System and Lazy Reduction
TLDR
This paper presents two FPGA-based high speed pairing designs using the Residue Number System and lazy reduction, and shows that by combining RNS, which is naturally suitable for parallel architectures, and lazy Reduction, the speed of pairing computation in hardware can be largely increased.
High-Speed Parallel Software Implementation of the ηT Pairing
TLDR
A new parallelization of Miller's Algorithm to compute pairings is devised, providing an algorithm for pairing computation without increasing storage costs significantly and establishing a new state-of-the-art implementation of this pairing instantiation in this platform.
Use of SIMD Features to Speed up Eta Pairing
TLDR
This paper reports several of the implementations of eta pairing over finite fields of characteristics two and three, and exploits SIMD features available in Intel processors to speed up eta-pairing computations.
New Software Speed Records for Cryptographic Pairings
TLDR
An implementation which computes the optimal ate pairing on a 257- bit Barreto-Naehrig curve in only 4,470,408 cycles on one core of an Intel Core 2 Quad Q6600 processor is presented.
Software implementation of binary elliptic curves: impact of the carry-less multiplier on scalar multiplication
TLDR
Experimental results improving the state-of-the-art performance of halving and doubling-based scalar multiplication on NIST curves at the 112- and 192-bit security levels, and a new speed record for side-channel resistant scalarmultiplication in a random curve at the 128- bit security level are illustrated.
Efficient Hardware Implementation of Fp-Arithmetic for Pairing-Friendly Curves
TLDR
A new method to speed up IFp-arithmetic in hardware for pairing-friendly curves, such as the well-known Barreto-Naehrig (BN) curves, using Montgomery reduction in a polynomial ring combined with a coefficient reduction phase using a pseudo-Mersenne number is described.
Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves
TLDR
This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves), and facilitates programming of the proposed ASIP by providing a C compiler.
High-Throughput Elliptic Curve Cryptography Using AVX2 Vector Instructions
TLDR
It is argued in this paper that many real-world applications, such as server-side SSL/TLS handshake processing, would benefit more from throughput-optimized implementations than latencyoptimized ones.
Faster Pairing Coprocessor Architecture
TLDR
A high-speed pairing coprocessor using Residue Number System (RNS) which is intrinsically suitable for parallel computation and which outperforms all reported hardware and software designs.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 41 REFERENCES
Parallel cryptographic arithmetic using a redundant Montgomery representation
  • D. Page, N. Smart
  • Computer Science, Mathematics
    IEEE Transactions on Computers
  • 2004
TLDR
It is shown that an SIMD parallel implementation of RSA can be around twice as fast as traditional sequential code, especially useful given the larger 2,048 bit RSA keys which are now being proposed for standard security levels.
Fast Elliptic Curve Multiplications with SIMD Operations
  • T. Izu, T. Takagi
  • Computer Science
    IEICE Trans. Fundam. Electron. Commun. Comput. Sci.
  • 2004
TLDR
This paper proposes efficient algorithms for assembling an elliptic curve addition (ECADD), doubling (ECDBL), and k-iterated ECDBL (k-ECDBL) with SIMD operations and proposes two fast parallelized scalar multiplication algorithms withSIMD resistant against side channel attacks.
Efficient Hardware for the Tate Pairing Calculation in Characteristic Three
TLDR
An architecture for the hardware implementation of the Tate pairing calculation based on a modified Duursma-Lee algorithm is proposed, leading to a similar calculation time in hardware as for operations over the base field GF(3m).
Elliptic curve cryptography on embedded multicore systems
TLDR
This paper implements Elliptic Curve Cryptography (ECC) on an embedded multicore system, and proposes an instruction scheduling method that utilizes all the cores to perform one modular operation in parallel and a scheduling method combining these two types of parallelism.
On Computing Products of Pairings
TLDR
Evaluated methods for the Weil, Tate and Ate pairing algorithms for ordinary elliptic curves at various security levels allow implementors to make optimal algorithm choices for given scenarios, in which the number of pairings in the product, the security level, and the embedding degree are factors under consideration.
Performance Analysis and Parallel Implementation of Dedicated Hash Functions
TLDR
To the best knowledge, this paper gives the first detailed measured performance analysis of SHA-256, SHA-512 and Whirlpool, which fully cover currently used and future promising hashing algorithms.
Vector microprocessors for cryptography
TLDR
This thesis is the first attempt to implement embedded cryptography using vector processing techniques, and indicates that for vector versions of AES, RSA and ECC the performance improves in O(log(r).
High Security Pairing-Based Cryptography Revisited
TLDR
The Tate pairing is more efficient than the Weil pairing for all such security levels by using efficient exponentiation techniques in the cyclotomic subgroup backed by efficient squaring routines within the same subgroup.
Implementing Cryptographic Pairings over Barreto-Naehrig Curves
In this paper we describe an efficient implementation of the Tate and Ate pairings using Barreto-Naehrig pairing-friendly curves, on both a standard PC and on a 32-bit smartcard. First we introduce a
Efficient galois field arithmetic on SIMD architectures
SIMD architectures, such as the AltiVec extension to PowerPC[4], are employed to obtain high speed implementations in a variety of areas where data parallelism is encountered, such as audio and video
...
1
2
3
4
5
...