• Simpler and Faster Pairings fr...

Treffer: Simpler and Faster Pairings from the Montgomery Ladder

Title:
Simpler and Faster Pairings from the Montgomery Ladder
Authors:
Giacomo Pope, Krijn Reijnders, Damien Robert, Alessandro Sferlazza, Benjamin Smith
Contributors:
Smith, Benjamin
Source:
IACR Communications in Cryptology. 2
Publisher Information:
International Association for Cryptologic Research, 2025.
Publication Year:
2025
Subject Terms:
pairings, isogenies, cubical arithmetic, Elliptic curves arithmetic, Montgomery ladder, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR], [MATH.MATH-NT] Mathematics [math]/Number Theory [math.NT]
Document Type:
Fachzeitschrift Article
File Description:
application/pdf
Language:
English
ISSN:
3006-5496
DOI:
10.62056/ah2i893y6
Access URL:
https://inria.hal.science/hal-05142445v1/document
https://doi.org/10.62056/ah2i893y6
https://inria.hal.science/hal-05142445v1
Rights:
CC BY
Accession Number:
edsair.doi.dedup.....18815629bc7d2e902a1d7acd4b9d0cc1
Database:
OpenAIRE

Weitere Informationen

We show that Montgomery ladders compute pairings as a by-product, and explain how a small adjustment to the ladder results in simple and efficient algorithms for the Weil and Tate pairing on elliptic curves using cubical arithmetic. We demonstrate the efficiency of the resulting cubical pairings in several applications from isogeny-based cryptography. Cubical pairings are simpler and more performant than pairings computed using Miller's algorithm: we get a speed-up of over 40 per cent for use-cases in SQIsign, and a speed-up of about 7 per cent for use-cases in CSIDH. While these results arise from a deep connection to biextensions and cubical arithmetic, in this article we keep things as concrete (and digestible) as possible. We provide a concise and complete introduction to cubical arithmetic as an appendix.