Avoiding full extension field arithmetic in pairing computations

The most costly operations encountered in pairing computations are those that take place in the full extension field Fpk . At high levels of security, the complexity of operations in Fpk dominates the complexity of the operations that occur in the lower degree subfields. Consequently, full extension field operations have the greatest effect on the runtime of Miller’s algorithm. Many recent optimizations in the literature have focussed on improving the overall operation count by presenting new explicit formulas that reduce the number of subfield operations encountered throughout an iteration of Miller’s algorithm. Unfortunately, almost all of these improvements tend to suffer for larger embedding degrees where the expensive extension field operations far outweigh the operations in the smaller subfields. In this paper, we propose a new way of carrying out Miller’s algorithm that involves new explicit formulas which reduce the number of full extension field operations that occur in an iteration of the Miller loop, resulting in significant speed ups in most practical situations of between 5 and 30 percent.

Faster pairing computations on curves with high-degree twists

Research on efficient pairing implementation has focussed on reducing the loop length and on using high-degree twists. Existence of twists of degree larger than 2 is a very restrictive criterion but luckily constructions for pairing-friendly elliptic curves with such twists exist. In fact, Freeman, Scott and Teske showed in their overview paper that often the best known methods of constructing pairing-friendly elliptic curves over fields of large prime characteristic produce curves that admit twists of degree 3, 4 or 6. A few papers have presented explicit formulas for the doubling and the addition step in Miller’s algorithm, but the optimizations were all done for the Tate pairing with degree-2 twists, so the main usage of the high- degree twists remained incompatible with more efficient formulas. In this paper we present efficient formulas for curves with twists of degree 2, 3, 4 or 6. These formulas are significantly faster than their predecessors. We show how these faster formulas can be applied to Tate and ate pairing variants, thereby speeding up all practical suggestions for efficient pairing implementations over fields of large characteristic.

Delaying mismatched field multiplications in pairing computations

Miller’s algorithm for computing pairings involves perform- ing multiplications between elements that belong to different finite fields. Namely, elements in the full extension field Fpk are multiplied by elements contained in proper subfields F pk/d , and by elements in the base field Fp . We show that significant speedups in pairing computations can be achieved by delaying these “mismatched” multiplications for an optimal number of iterations. Importantly, we show that our technique can be easily integrated into traditional pairing algorithms; implementers can exploit the computational savings herein by applying only minor changes to existing pairing code.

Fixed argument pairings

A common scenario in many pairing-based cryptographic protocols is that one argument in the pairing is fixed as a long term secret key or a constant parameter in the system. In these situations, the runtime of Miller's algorithm can be significantly reduced by storing precomputed values that depend on the fixed argument, prior to the input or existence of the second argument. In light of recent developments in pairing computation, we show that the computation of the Miller loop can be sped up by up to 37 if precomputation is employed, with our method being up to 19.5 faster than the previous precomputation techniques.

Fast formulas for computing cryptographic pairings

The most powerful known primitive in public-key cryptography is undoubtedly elliptic curve pairings. Upon their introduction just over ten years ago the computation of pairings was far too slow for them to be considered a practical option. This resulted in a vast amount of research from many mathematicians and computer scientists around the globe aiming to improve this computation speed. From the use of modern results in algebraic and arithmetic geometry to the application of foundational number theory that dates back to the days of Gauss and Euler, cryptographic pairings have since experienced a great deal of improvement. As a result, what was an extremely expensive computation that took several minutes is now a high-speed operation that takes less than a millisecond. This thesis presents a range of optimisations to the state-of-the-art in cryptographic pairing computation. Both through extending prior techniques, and introducing several novel ideas of our own, our work has contributed to recordbreaking pairing implementations.

Tips for generating a media release and media coverage : how the media ate up my research on Aussie horror movies

The focus of this paper is preparing research for dissemination by mainstream print, broadcast, and online media. While the rise of the blogosphere and social media is proving an effective way of reaching niche audiences, my own research reached such an audience through traditional media. The first major study of Australian horror cinema, my PhD thesis A Dark New World: Anatomy of Australian Horror Films, generated strong interest from horror movie fans, film scholars, and filmmakers. I worked closely with the Queensland University of Technology’s (QUT) public relations unit to write two separate media releases circulated on October 13, 2008 and October 14, 2009. This chapter reflects upon the process of working with the media and provides tips for reaching audiences, particularly in terms of strategically planning outcomes. It delves into the background of my study which would later influence my approach to the media, the process of drafting media releases, and key outcomes and benefits from popularising research. A key lesson from this experience is that redeveloping research for the media requires a sharp writing style, letting go of academic justification, catchy quotes, and an ability to distil complex details into easy-to-understand concepts. Although my study received strong media coverage, and I have since become a media commentator, my experiences also revealed a number of pitfalls that are likely to arise for other researchers keen on targeting media coverage.

Attractive subfamilies of BLS curves for implementing high-security pairings

Barreto-Lynn-Scott (BLS) curves are a stand-out candidate for implementing high-security pairings. This paper shows that particular choices of the pairing-friendly search parameter give rise to four subfami- lies of BLS curves, all of which offer highly efficient and implementation- friendly pairing instantiations. Curves from these particular subfamilies are defined over prime fields that support very efficient towering options for the full extension field. The coefficients for a specific curve and its correct twist are automat-ically determined without any computational effort. The choice of an extremely sparse search parameter is immediately reflected by a highly efficient optimal ate Miller loop and final exponentiation. As a resource for implementors, we give a list with examples of implementation-friendly BLS curves through several high-security levels.

Subcarrier pairing and relay assignment with improved user fairness in a multi-user cooperative OFDM system

We consider a joint relay selection and subcarrier allocation problem that minimizes the total system power for a multi-user, multi-relay and single source cooperative OFDM based two hop system. The system is constrained to all users having a specific subcarrier requirement (user fairness). However no specific fairness constraints for relays are considered. To ensure the optimum power allocation, the subcarriers in two hops are paired with each other. We obtain an optimal subcarrier allocation for the single user case using a similar method to what is described in [1] and modify the algorithm for multiuser scenario. Although the optimality is not achieved in multiuser case the probability of all users being served fairly is improved significantly with a relatively low cost trade off.

Philanthropy and sociology : a logical pairing

In philanthropic studies we hear about a growing academic discipline of ‘philanthropic psychology’ but arguably there is an equal role for ‘philanthropic sociology’, both from a research and a teaching perspective. This commentary begins by noting the early links between philanthropy and sociology. It then introduces a few Australian studies that show how sociology is enriching an understanding of philanthropy, its institutions and its place in society.

Analysis of bilinear pairing-based accumulator for identity escrowing

An accumulator based on bilinear pairings was proposed at CT-RSA'05. Here, it is first demonstrated that the security model proposed by Lan Nguyen does lead to a cryptographic accumulator that is not collision resistant. Secondly, it is shown that collision-resistance can be provided by updating the adversary model appropriately. Finally, an improvement on Nguyen's identity escrow scheme, with membership revocation based on the accumulator, by removing the trusted third party is proposed.

Some remarks on the symplectic pairing on the moduli space of representations of the fundamental group of surfaces

This work grew out of an attempt to understand a conjectural remark made by Professor Kyoji Saito to the author about a possible link between the Fox-calculus description of the symplectic structure on the moduli space of representations of the fundamental group of surfaces into a Lie group and pairs of mutually dual sets of generators of the fundamental group. In fact in his paper [3] , Prof. Kyoji Saito gives an explicit description of the system of dual generators of the fundamental group.

Watson-Crick pairing, the Heisenberg group and Milnor invariants

We study the secondary structure of RNA determined by Watson-Crick pairing without pseudo-knots using Milnor invariants of links. We focus on the first non-trivial invariant, which we call the Heisenber invariant. The Heisenberg invariant, which is an integer, can be interpreted in terms of the Heisenberg group as well as in terms of lattice paths. We show that the Heisenberg invariant gives a lower bound on the number of unpaired bases in an RNA secondary structure. We also show that the Heisenberg invariant can predict allosteric structures for RNA. Namely, if the Heisenberg invariant is large, then there are widely separated local maxima (i.e., allosteric structures) for the number of Watson-Crick pairs found.

The effect of radiation on the electron pairing in a multiband system

The possible occurrence of a generalized (1-wave) nonequilibrium superconducting state in a multiband system under certain conditions is studied. In the model the radiation field causes interband mixing, and phonons of an appropriate mode (branch) are involved in the interband scattering of electrons of two conduction bands of the system. The strength of the generalized 1-wave pairing interaction between quasiparticles belonging to new radiation admixed states depends on the density (n o/V) of quanta in the system. The coupling constant has the form Xl= AiB(n o/V)/[C + B(no/V)], where A1, B, and C are parameters. For C > B(n0/V), the transition temperature T1* increases with (no/V) in the initial stages. It levels off with higher power. With further increase of power, the transition temperature is expected to drop sharply due to heating effects which cause pair breaking. Estimates show that p-wave (triplet state) pairing may be possible under radiation-induced nonequilibrium situations in appropriate systems. Estimates for lifetimes of various processes quasiparticle, phonon, pair relaxation, and photon-induced mixing) show that the coherence required for the mixing and pairing effects will be maintained for the temperature range and photon density considered.

Hole Pairing In Antiferromagnetically Correlated Layered Oxides

We have considered a two-band Hubbard model having interlaced Cu-3d(x2−y2) and O-2p(x, y) orbitals representing the CuO2 square planes. Simple CuO2 -cluster calculation suggests that the additional holes created by doping stay mainly on oxygen. Motion of an oxygen hole interlacing with the antiferromagnetically correlated background of copper spins, creates a string of high energy spin configuration of finite length giving mass renormalization. Another hole of opposite spin can now anneal this string tension providing a triangular pairing potential for large pair momentum. The latter implies unusual Bose condensation of the wake-bound compact Bose-like pairs on a non-zero momentum shell. Effect of disorder favouring condensation at the mobility edge is pointed out.

Intra-band electron pairing in the presence of a radiation field

A semiconductor with almost overlapping conduction bands b and c is considered. It is found that an attractive interaction leading to superconductivity can be induced between electrons in the conduction band b by a strong radiation field of monochromatic photons whose energy differs slightly from the band gap Ebc. The mechanism is the exchange of a photon and a phonon between the interacting electrons and the interaction is found to be proportional to the photon density.