Section: New Results
Hardware accelerators for pairing-based cryptography
Participants : Jérémie Detrey, Nicolas Estibals.
Together with J.-L. Beuchat, E. Okamoto (LCIS, University of Tsukuba,
Japan), and F. Rodríguez-Henríquez (CINVESTAV, IPN, Mexico), J. Detrey
and N. Estibals have proposed a new family of dedicated hardware
coprocessors for computing the Tate pairing over supersingular
elliptic curves in characteristic three. Designed following a
performance-oriented rationale and based upon a fully parallel
Karatsuba-like multiplier, these accelerators achieve the fastest
computation speeds in the open literature (for instance, under 17
s
for 109 bits of equivalent symmetric-key security). Moreover,
due to a carefully controlled adequation between arithmetic,
algorithms and architecture, these coprocessors also yield the best
publicly-known area–time tradeoffs.
This work was published at the CHES 2009 conference [8] , where it received a Best Paper Award. An extended version of this paper, also covering the case of characteristic two with further arithmetic and architectural advances, and similar or even better results than in characteristic three, was then submitted to a special issue of the IEEE Transactions on Computers [17] .
N. Estibals has also developed a flexible compiler for a wide family of generic finite-field arithmetic coprocessors during his Master project [20] . This compiler will be extremely useful in automating the achitectural exploration of hardware pairing accelerators.
