Parallelizing optimal ate pairing on BLS-48 curve

摘要

A pairing is a bilinear map from two rational points on an elliptic curve to an element on a finite field. Pairing is necessary to construct the next generation cryptography including ID-based encryption, functional encryption etc. Many researchers have studied efficiency improvement for pairing computations to make it practical. Several pairing computation methods have been proposed and an optimal computation method is called optimal ate pairing. Also, the accelerating methods for pairing computations using parallel computation and precomputation are studied. Recently, Kim and Barbulescu proposed a new attack for pairings and so the security levels of pairings were reduced. Consequently, Kiyomura et al. and other researchers proposed new parameters against the attack. The speeding up of pairing computation for these new parameters are required. However, studies about the parallel computation are not enough. In this paper, we propose the parallel computation method for the optimal ate pairing with the new parameter proposed by Kiyomura et al. We also provide the theoretical estimation of the computational cost. Furthermore, we provide implementation results on Raspberry Pi 4.