Volume 8, Issue 4

This paper proposes the computation of the Tate pairing, Ate pairing and its variations on the special Jacobi quartic elliptic curve Y2=dX4+Z4$Y^{2}=dX^{4}+Z^{4}$. We improve the doubling and addition steps in Miller's algorithm to compute the Tate pairing. We use the birational equivalence between Jacobi quartic curves and Weierstrass curves, together with a specific point representation to obtain the best result to date among curves with quartic twists. For the doubling and addition steps in Miller's algorithm for the computation of the Tate pairing, we obtain a theoretical gain up to 27%$27\%$ and 39%$39\%$, depending on the embedding degree and the extension field arithmetic, with respect to Weierstrass curves and previous results on Jacobi quartic curves. Furthermore and for the first time, we compute and implement Ate, twisted Ate and optimal pairings on the Jacobi quartic curves. Our results are up to 27%$27\%$ more efficient compared to the case of Weierstrass curves with quartic twists.

We show the first deterministic construction of an unconditionally secure multiparty computation (MPC) protocol in the passive adversarial model over black-box non-Abelian groups which is both optimal (secure against an adversary who possesses any t<n2$t &lt; \frac{n}{2}$ inputs) and has subexponential complexity of construction based on coloring of planar graphs. More specifically, following the result of Desmedt et al. (2012) that the problem of MPC over non-Abelian groups can be reduced to finding a t -reliable n -coloring of planar graphs, we show the construction of such a graph which allows a path from the input nodes to the output nodes when any t -party subset is in the possession of the adversary. Unlike the deterministic constructions from Desmedt et al. (2012) our construction has subexponential complexity and is optimal at the same time, i.e., it is secure for any t<n2$t &lt; \frac{n}{2}$.

We describe an efficient quantum algorithm for computing discrete logarithms in semigroups using Shor's algorithms for period finding and the discrete logarithm problem as subroutines. Thus proposed cryptosystems based on the presumed hardness of discrete logarithms in semigroups are insecure against quantum attacks. In contrast, we show that some generalizations of the discrete logarithm problem are hard in semigroups despite being easy in groups. We relate a shifted version of the discrete logarithm problem in semigroups to the dihedral hidden subgroup problem, and we show that the constructive membership problem with respect to k ≥ 2 generators in a black-box abelian semigroup of order N requires Θ˜(N12-12k)$\tilde{\Theta }(N^{\frac{1}{2}-\frac{1}{2k}})$ quantum queries.

Let k=2mpn$k=2^mp^n$ for an odd prime p and integers m ≥ 0 and n ≥ 0. We obtain lower bounds for the ρ-values of cyclotomic families of pairing-friendly elliptic curves with embedding degree k and r(x)=Φk(x)$r(x)=\Phi _k(x)$. Our bounds imply that none of the families are ideal.