Institute for Theoretical Information Technology

Research - Cryptography

Our research in cryptography focuses on the following topics:

• Implementation of Elliptic and Hyperelliptic Curves

  Elliptic and hyperelliptic curves provide efficient tools for constructing and analyzing crypto systems. Applications of elliptic curves in cryptography comprise public key schemes based on the discrete logarithm problem, digital signatures and key establishment. These systems guarantee high security while providing short keys. For a short introduction see: Certicom ECC tutorial.
  Such cryptosystems demand for an efficient and secure implementation of the underlying mathematical structures. Because of the short keys, elliptic curve cryptography (ECC) and hyperelliptic curve cryptography (HECC) are suitable for restricted hardware, such hardware (like smartcards or other mobile devices) often requires special implementations.
  

• Construction of Pairing-friendly Elliptic Curves

  Pairings are certain bilinear maps which first have been used in cryptanalysis for attacking public key crypto systems based on elliptic curves. Recent developements show that pairings are of valuable importance in constructive cryptography such as protocol design and efficient implementations. Possible Applications of pairings are among others:

  • one round protocol for tripartite key agreement
  • identity based encryption
  • identity based hierarchical crypto systems
  • short signatures

  See Paulo Barreto's Pairing-Based Crypto Lounge.
  
  Pairing-based crypto systems as described above need special elliptic curves to make implementations practical. This means the curves must have a reasonably small embedding degree. Since a randomly chosen elliptic curve usually has a very large embedding degree we need a special construction to find useful parameters. Once suitable parameters are found the corresponding curves can be constructed via the complex multiplication method. For parameters of BN-curves (curves of prime order and embedding degree 12) have a look at our database.
  
  

• Pairing computation on BN curves

  bnpairings is an implementation of different cryptographic pairings on a 256 bit BN curve.
  In order to build it, you need the GMP library with header files, for Debian (Lenny) systems it can be installed with
  --------------------------------------------------
  aptitude install libgmp3-dev libgmp3c2
  --------------------------------------------------
  For speed measurement we include cpucycles written by D. J. Bernstein.
  
  To build bnpairings, do the following:
  -----------------------------------------------------------------------------
  wget http://cryptojedi.org/downloads/data/bnpairings.tar.bz2
  tar xjvf bnpairings.tar.bz2
  cd bnpairings
  make
  -----------------------------------------------------------------------------
  After the build process has finished you find a binary called bnpairings in the bin/ directory, whose usage should be self-explanatory. From the corresponding source file src/bnpairings.c you can see how to call the functions for pairing computation.
  We note, that the generation of random points is based on the GMP functions for random number generation and must not be used for cryptographic purposes.
  Large parts of the code have been developed in the Smart Card Processors for Pairing-based Cryprography, Current versions of the implementation can also be found at cryptojedi.org.