Séminaire Protection de l'Information, Codage, Cryptographie

A brief overview on pairings attacks

by Dr Razvan Barbulescu

XR202 (XLim)



123 avenue Albert Thomas, Limoges
Pairings are a relatively new cryptographic tool which have been the object of many arithmetic works. In the last few years some of the pairings have become obsolete because of the progress on the underlying problem of discrete logarithm in finite fields. We propose ourselves to make a list of pairings constructions, to explain their advantages but also their weaknesses. The sporadic curves are vulnerable to the Logjam attack and have never been a popular choice. The small characteristic curves allow a very good arithmetic but are the target of a quasi-polynomial algorithm. The pairings where the characteristic has a low Hamming weight, which eliminate the cost of modular reductions, have been the object of special attacks. When the embedding degree is composite the one can use the tower field arithmetic but there are also tower field attacks. We will conclude by a list of safe pairings and the perspectives on their arithmetic performances.