The review on elliptic curves as cryptographic pairing groups

Document Type : Original Article


Department of Mathematics, Islamic Azad university, Shahr-e-Qods Branch, Tehran, Iran.


Elliptic curve is a set of two variable points on polynomials of degree 3 over a field acted by an addition operation that forms a group structure. The motivation of this study is the mathematics behind that elliptic curve to the applicability within a cryptosystem. Nowadays, pairings bilinear maps on elliptic curves are popular to construct cryptographic protocol pairings that help to transform a discrete logarithm problem on an elliptic curve into a discrete logarithm problem in finite fields. The purpose of this paper is to introduce elliptic curves and bilinear pairings on elliptic curves based on pairing cryptography. Also, this investigation serves as a basis for guiding anyone interested to understand one of the applications of group theory in cryptosystems.


[1] G. Adj, O. Ahmadi, A. Menezes, On isogeny graphs of supersingular elliptic curves over finite fields, Finite Fields and Their Applications, 55 2019, 268-283.
[2] S. Akleylek, B.B. Kirlar, O. Sever and Z. Yuce, Pairing-based cryptography: A Survey, 3rd information security and cryptology conference, 2008.
[3] R. Balasubramanian, N. Koblitz, The improbability that an elliptic curve has subexponential discrete log problem under the Menezes-Dkamoto-Vanstone algorithm, Journal of cryptology, 11(2) 1998, 141-145.
[4] P. Barreto, B. Lynn, M. Scott, Efficient implemention of pairing-based cryptosystem, Journal of Cryptology, 17(4) 2004, 321-334.
[5] P.S.L.M. Barreto, M. Naehrig, Pairing-friendly elliptic curves of prime order, International Workshop on Selected Areas in Cryptography. Springer, Berlin, Heidelberg, 2005.
[6] B. Den Boer, Diffie-Hellman is as strong as discrete log for certain primes, Lecture Notes in Computer Science, 403 1996, 530-539.
[7] L. Chen, Z. Cheng, N. P. Smart, Identity-based key agreement protocols from pairings, International Journal of Information Security, 6(4) 2007, 213-241.
[8] C. Cocks, R.G.E. Pinch, Identity-based cryptosystems based on the Weil pairing, unpublished manuscript, 2001.
[9] W. Diffie, M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, 22(6) 1976.
[10] C. Costello , Pairing for beginners, A Note, 2013.
[11] P. Duan, S. Cui, C. Chan, Finding More Non-Supersingular Elliptic Curves for Pairing-Based Cryptosystems, Technology, 2(2) 2005, 157-163.
[12] A. Enge, J. Milan, Implementing cryptographic pairings at standard security levels, International Conference on Security, Privacy, and Applied Cryptography Engineering. Springer, Cham, 2014.
[13] D. Freeman, M. Scott, E. Teske, A taxonomy of pairing-friendly elliptic curves, Journal of cryptology, 23(2) 2010, 224-280.
[14] D. Freeman, Constructing pairing-friendly elliptic curves with embedding degree 10, International Algorithmic Number Theory Symposium, Springer, Berlin, Heidelberg, 2006.
[15] G. Frey, H. Ruck, A remark concerning m-advisibility and the discrete logarithm in the divisor class group of curves, Mathematics of computation, 62(206) 1994, 865-874.
[16] S.D. Galbraith, K. G. Paterson, P.N. Smart, Pairings for cryptographers, Discrete Applied Mathematics, 156(16) 2008, 3113-3121.
[17] S.D. Galbraith, F. Vercauteren, Computational problems in supersingular elliptic curve, Quantum Information Processing, 17(10) 2018, 1-22.
[18] S.D. Galbraith, K. Paterson, editors, Pairing Based Cryptography-Pairing 2008, Second International Conference, Egham, UK, September 1-3, 2008, Proceedings. Vol. 5209. Springer, 2008.
[19] F. Hess, Efficient Identity Based Signature Schemes Based on Pairings, Lecture Notes in Computer Science, 2595 2003, 310-324.
[20] F. Hess, N.P. Smart, F. Vercauteren, The eta pairing revisited, IEEE Transactions on Information Theory, 52(10) 2006, 4595-4602.
[21] A. Joux, A one round protocol for tripartite Diffie-Hellman, Journal of cryptology, 17(4) 2004, 263-276.
[22] A. Menezes, T. Okamoto, S. Vanstone, Reducing elliptic curve logarithms to logarithms in a  finite field, IEEE Transactions on Information Theory, 39(5) 1993, 1639-1646.
[23] V. Miller, The Weil pairing, and its efficient calculation, Journal of cryptology, 17(4) 2004, 235-261.
[24] A. Miyaji, M. Nakabayashi, S. Takano, New explicit conditions of elliptic curves traces for FR-reduction, IEICE transactions on fundamentals of electronics, communications and computer sciences, 84(5) 2001, 1234-1243.
[25] J. Pollard, Monte Carlo methods for index computation mod p, Mathematics of computation, 32(143)1978, 918-924.
[26] H. Shacham, New Paradigms in Signature Schemes, PhD thesis, Stanford, 2006.
[27] H. Silverman Joseph, The arithmetic of elliptic curves, Graduate texts in Mathematics, Springer Verlag , 2008.
[28] O. Uzunkol, M.S. Kiraz, Still wrong use of pairing in cryptography, Applied Mathematics and Computation, 333(C) 2018, 467-479.
[29] F. Vercauteren, Optimal pairings, IEEE Transactions on Information Theory, 56(1) 2009, 455-461.