Abstract

A cycle of elliptic curves is a list of elliptic curves over finite fields such that the number of points on one curve is equal to the size of the field of definition of the next, in a cyclic way. We study cycles of elliptic curves in which every curve is pairing-friendly. These have recently found notable applications in pairing-based cryptography, for instance, in improving the scalability of distributed ledger technologies. We construct a new cycle of length 4 consisting of MNT curves, and characterize all the possibilities for cycles consisting of MNT curves. We rule out cycles of length 2 for particular choices of small embedding degrees. We show that long cycles cannot be constructed from families of curves with the same complex multiplication discriminant, and that cycles of composite order elliptic curves cannot exist. We show that there are no cycles consisting of curves from only the Freeman or Barreto--Naehrig families.

Keywords

  1. elliptic curves
  2. Weil pairing
  3. cryptography

MSC codes

  1. 14H52
  2. 14G50
  3. 11T71

Get full access to this article

View all available purchase options and get full access to this article.

References

1.
L. Babinkostova, K. M. Bombardier, M. M. Cole, T. A. Morrell, and C. B. Scott, Elliptic Reciprocity, preprint, https://arxiv.org/abs/1212.1983, 2012.
2.
P. S. Barreto, B. Lynn, and M. Scott, Constructing elliptic curves with prescribed embedding degrees, in International Conference on Security in Communication Networks, Springer-Verlag, Berlin, Heidelberg, 2002, pp. 257--267.
3.
P. S. Barreto and M. Naehrig, Pairing-friendly elliptic curves of prime order, in International Workshop on Selected Areas in Cryptography, Springer-Verlag, Berlin, Heidelberg, 2005, pp. 319--331.
4.
E. Ben-Sasson, A. Chiesa, E. Tromer, and M. Virza, Scalable zero knowledge via cycles of elliptic curves, in Proceedings of the 34th Annual International Cryptology Conference, CRYPTO '14, 2014, pp. 276--294; extended version available at http://eprint.iacr.org/2014/595.
5.
D. J. Bernstein, P. Birkner, M. Joye, T. Lange, and C. Peters, Twisted Edwards curves, in Proceedings of the 1st International Conference on Cryptology in Africa, AFRICACRYPT' 08, Springer-Verlag, Berlin, Heidelberg, 2008, pp. 389--405.
6.
D. J. Bernstein, N. Duif, T. Lange, P. Schwabe, and B.-Y. Yang, High-speed high-security signatures, in Proceedings of the 13th International Conference on Cryptographic Hardware and Embedded Systems, CHES '11, Springer, Berlin, Heidelberg, 2011, pp. 124--142.
7.
D. J. Bernstein and T. Lange, Faster addition and doubling on elliptic curves, in Proceedings of the 13th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT '07, Springer, Berlin, Heidelberg, 2007, pp. 29--50.
8.
D. Boneh and M. K. Franklin, Identity-based encryption from the Weil pairing, SIAM J. Comput., 32 (2003), pp. 586--615, https://doi.org/10.1137/S0097539701398521.
9.
W. Bosma, J. Cannon, and C. Playoust, The Magma algebra system. I. The user language, J. Symbolic Comput., 24 (1997), pp. 235--265, https://doi.org/10.1006/jsco.1996.0125.
11.
F. Brezing and A. Weng, Elliptic curves suitable for pairing based cryptography, Des. Codes Cryptogr., 37 (2005), pp. 133--141.
12.
C. Cocks and R. Pinch, Identity-based cryptosystems based on the Weil pairing, unpublished manuscript, 2001.
13.
Coda, Coda cryptocurrency protocol, https://codaprotocol.com/, 2018.
14.
M. Deuring, Die Typen der Multiplikatorenringe elliptischer Funktionenkörper, Abh. Math. Sem. Hansischen Univ., 14 (1941), pp. 197--272.
15.
R. Dupont, A. Enge, and F. Morain, Building curves with arbitrary small MOV degree over finite prime fields, J. Cryptology, 18 (2005), pp. 79--89.
16.
H. M. Edwards, A normal form for elliptic curves, Bull. Amer. Math. Soc. (N.S.), 44 (2007), pp. 393--422.
17.
D. Freeman, Constructing pairing-friendly elliptic curves with embedding degree \textup10, in Algorithmic Number Theory, Lecture Notes in Comput. Sci. 4076, Springer, Berlin, 2006, pp. 452--465.
18.
D. Freeman, M. Scott, and E. Teske, A taxonomy of pairing-friendly elliptic curves, J. Cryptology, 23 (2010), pp. 224--280.
19.
G. Frey and H. Rück, A remark concerning $m$-divisibility and the discrete logarithm in the divisor class group of curves, Math. Comp., 62 (1994), pp. 865--874, https://doi.org/10.2307/2153546.
20.
N. Jones, Elliptic aliquot cycles of fixed length, Pacific J. Math., 263 (2013), pp. 353--371, https://doi.org/10.2140/pjm.2013.263.353.
21.
A. Joux, A one round protocol for tripartite Diffie--Hellman, J. Cryptology, 17 (2004), pp. 263--276.
22.
K. Karabina and E. Teske, On prime-order elliptic curves with embedding degrees k=3, 4, and 6, in Algorithmic Number Theory, A. J. van der Poorten and A. Stein, eds., Lecture Notes in Comput. Sci. 5011, Springer, Berlin, Heidelberg, 2008, pp. 102--117.
23.
S. Lang, Fundamentals of Diophantine Geometry, Springer-Verlag, New York, 1983, https://doi.org/10.1007/978-1-4757-1810-2.
24.
A. J. Menezes, T. Okamoto, and S. A. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field, IEEE Trans. Inform. Theory, 39 (1993), pp. 1639--1646, https://doi.org/10.1109/18.259647.
25.
P. Mihǎilescu, Cyclotomy of Rings & Primality Testing, Ph.D. thesis, ETH Zürich, Zürich, Switzerland, 1997.
26.
P. Mihǎilescu, Dual Elliptic Primes and Applications to Cyclotomy Primality Proving, preprint, https://arxiv.org/abs/0709.4113, 2007.
27.
A. Miyaji, M. Nakabayashi, and S. Takano, New explicit conditions of elliptic curve traces for FR-reduction, IEICE Trans. Fundam., 84 (2001), pp. 1234--1243.
28.
J. Parks, Amicable pairs and aliquot cycles on average, Int. J. Number Theory, 11 (2015), pp. 1751--1790, https://doi.org/10.1142/S1793042115500761.
29.
J. Parks, An asymptotic for the average number of amicable pairs for elliptic curves, Math. Proc. Cambridge Philos. Soc., 166 (2019), pp. 33--59, https://doi.org/10.1017/S0305004117000688.
30.
T. Satoh and K. Araki, Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves, Comment. Math. Univ. St. Paul., 47 (1998), pp. 81--92, https://ci.nii.ac.jp/naid/110007696197/en/.
31.
I. A. Semaev, Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p, Math. Comp., 67 (1998), pp. 353--356, https://doi.org/10.1090/S0025-5718-98-00887-4.
32.
J. H. Silverman, The Arithmetic of Elliptic Curves, Grad. Texts in Math. 106, Springer, Dordrecht, 2009.
33.
J. H. Silverman and K. E. Stange, Amicable pairs and aliquot cycles for elliptic curves, Exp. Math., 20 (2011), pp. 329--357.
34.
N. P. Smart, The discrete logarithm problem on elliptic curves of trace one, J. Cryptology, 12 (1999), pp. 193--196, https://doi.org/10.1007/s001459900052.
35.
A. V. Sutherland, Accelerating the CM method, LMS J. Comput. Math., 15 (2012), pp. 172--204, https://doi.org/10.1112/S1461157012001015.
36.
The Sage Developers, SageMath, the Sage Mathematics Software System (Version \textup7.5.1), 2017, http://www.sagemath.org.
37.
L. C. Washington, Introduction to Cyclotomic Fields, Grad. Texts in Math. 83, Springer-Verlag, New York, 1997.

Information & Authors

Information

Published In

cover image SIAM Journal on Applied Algebra and Geometry
SIAM Journal on Applied Algebra and Geometry
Pages: 175 - 192
ISSN (online): 2470-6566

History

Submitted: 5 March 2018
Accepted: 29 January 2019
Published online: 2 April 2019

Keywords

  1. elliptic curves
  2. Weil pairing
  3. cryptography

MSC codes

  1. 14H52
  2. 14G50
  3. 11T71

Authors

Affiliations

Funding Information

University of California Berkeley https://doi.org/10.13039/100006978

Metrics & Citations

Metrics

Citations

If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.

Cited By

There are no citations for this item

View Options

View options

PDF

View PDF

Media

Figures

Other

Tables

Share

Share

Copy the content Link

Share with email

Email a colleague

Share on social media