Abstract. An explicit construction of pairing-friendly hyperelliptic curves with ordinary Jacobians was firstly given by D. Freeman. In this paper, we give other explicit constructions of pairing-friendly hyperelliptic curves. Our methods are based on the closed formulae for the order of the Jacobian of a hyperelliptic curve of type y 2 = x 5 + ax over a finite prime field Fp which are given by E. Furukawa, M. Haneda, M. Kawazoe and T. Takahashi. We present two methods in this paper. One is an analogue of the Cocks-Pinch method and the other is a cyclotomic method. Our methods construct a pairing-friendly hyperelliptic curve y 2 = x 5 + ax over Fp whose Jacobian has a prescribed embedding degree with respect to some prime number ℓ. Curves constructed by the analogue of the Cocks-Pinch method satisfy p ≈ ℓ 2, whereas p ≈ ℓ 4 in Freeman’s construction. Moreover, for the case of embedding degree 24, we can construct a cyclotomic family with p ≈ ℓ 3/2.

We survey recent research on pairings on hyperelliptic curves and present a comparison of the performance characteristics of pairings on elliptic curves and hyperelliptic curves. Our analysis indicates that hyperelliptic curves are not more efficient than elliptic curves for general pairing applications.

Abstract. We give an algorithm that produces families of Weil numbers for ordinary abelian varieties over finite fields with prescribed embedding degree. The algorithm uses the ideas of Freeman, Stevenhagen, and Streng to generalize the Brezing-Weng construction of pairing-friendly elliptic curves. We discuss how CM methods can be used to construct these varieties, and we use our algorithm to give examples of pairing-friendly ordinary abelian varieties of dimension 2 and 3 that are absolutely simple and have smaller ρ-values than any previous such example.

Abstract. Pairings on the Jacobians of (hyper-)elliptic curves have received considerable attention not only as a tool to attack curve based cryptosystems but also as a building block for constructing cryptographic schemes with new and novel properties. Motivated by the work of Scott [34], we investigate how to use efficiently computable automorphisms to speed up pairing computations on two families of non-supersingular genus 2 hyperelliptic curves over prime fields. Our findings lead to new variants of Miller’s algorithm in which the length of the main loop can be up to 4 times shorter than that of the original Miller’s algorithm in the best case. We also implement the calculation of the Tate pairing on both a supersingular and a non-supersingular genus 2 curve with the same embedding degree of k = 4. Combining the new algorithm with known optimization techniques, we show that pairing computations on non-supersingular genus 2 curves over primes fields use up to 56.2 % fewer field operations and run about 10 % faster than supersingular genus 2 curves for the same security level. Keywords: Genus 2 non-supersingular hyperelliptic curves, Tate pairing, Miller’s algorithm, Automorphism, Efficient implementation.

Abstract. In this paper we show that the twisted Ate pairing on elliptic curves can be generalized to hyperelliptic curves, we also give a series of variations of the hyperelliptic Ate and twisted Ate pairings. Using the hyperelliptic Ate pairing and twisted Ate pairing, we propose a new approach to speed up the Weil pairing computation, and obtain an interested result: For some hyperelliptic curves with high degree twist, using this approach to compute Weil pairing will be faster than Tate pairing, Ate pairing etc. all known pairings.

Abstract. We construct Weil numbers corresponding to genus-2 curves with p-rank 1 over the finite field Fp2 of p2 elements. The corresponding curves can be constructed using explicit CM constructions. In one of our algorithms, the group of Fp2-valued points of the Jacobian has prime order, while another allows for a prescribed embedding degree with respect to a subgroup of prescribed order. The curves are defined over Fp2 out of necessity: we show that curves of p-rank 1 over Fp for large p cannot be efficiently constructed using explicit CM constructions. 1.

Abstract. In recent years there has been much interest in the development and the fast computation of bilinear pairings due to their practical and myriad applications in cryptography. Well known efficient examples are the Weil and Tate pairings and their variants such as the Eta and Ate pairings on the Jacobians of (hyper-)elliptic curves. In this paper, we consider the use of projective coordinates for pairing computations on genus 2 hyperelliptic curves over prime fields. We generalize Chatterjee et. al.’s idea of encapsulating the computation of the line function with the group operations to genus 2 hyperelliptic curves, and derive new explicit formulae for the group operations in projective and new coordinates in the context of pairing computations. When applying the encapsulated explicit formulae to pairing computations on supersingular genus 2 curves over prime fields, theoretical analysis shows that our algorithm is faster than previously best known algorithms whenever a field inversion is more expensive than about seventeen field multiplications. We also investigate pairing computations on non-supersingular genus 2 curves over prime fields based on the new formulae, and detail the various techniques required for efficient implementation.