Abstract
In this paper we present the Elliptic curve Arithmetic GPU-based Library (EAGL), a self-contained GPU library, to support parallel computing of bilinear pairings based on the Compute Unified Device Architecture (CUDA) programming model. It implements parallelized point arithmetic, arithmetic functions in the 1-2-4-12 tower of extension fields. EAGL takes full advantage of the parallel processing power of GPU, with no shared memory bank conflict and minimal synchronization and global memory accesses, to compute some most expensive computational steps, especially the conventional-Montgomery-based multi-precision multiplications. At the 128-bit security level, EAGL can perform 3350.9 R-ate pairings/sec on one GTX-680 controlled by one CPU thread. Extensive experiments suggest that performance tradeoffs between utilization of GPU pipeline vs. memory access latency are highly complex for parallelization of pairing computations. Overall, on-chip memory is the main performance bottleneck for pairing computations on the tested GPU device, and the lazy reduction in \( \mathbb{F}_{q^{2}} \) gives the best performance. Increasing the size of on-chip memory, together with caching and memory prefetching modules are expected to offer substantial performance improvement for GPU-based pairing computations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ahmadi, O., Hankerson, D., Menezes, A.: Software Implementation of arithmetic in GF(3m). In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 85–102. Springer, Heidelberg (2007)
Antão, S., Bajard, J.C., Sousa, L.: RNS-based Elliptic Curve Point Multiplication for Massive Parallel Architectures. In the Computer Journal 55(5), 629–647 (2012)
Aranha, D.F., Karabina, K., Longa, P., Gebotys, C.H., López, J.: Faster explicit formulas for computing pairings over ordinary curves. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 48–68. Springer, Heidelberg (2011)
Aranha, D.F., Fuentes-Castañeda, L., Knapp, E., Menezes, A., Rodríguez-Henríquez, F.: Implementing pairings at the 192-bit security level. In: Abdalla, M., Lange, T. (eds.) Pairing 2012. LNCS, vol. 7708, pp. 177–195. Springer, Heidelberg (2013)
Arene, C., Lange, T., Naehrig, M., Ritzenthaler, C.: Faster Computation of the Tate Pairing. Journal of Number Theory 131(5), 842–857 (2011)
Babich, R., Clark, M.A., Joo, B., Shi, G., Brower, R.C., Gottlieb, S.: Scaling Lattice QCD beyond 100 GPUs. In: SC 2011 (2011)
Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A Quasi-polynomial Algorithm for Discrete Logarithm in Finite Fields of Small Characteristic. In: IACR Cryptology ePrint Archive 2013:400
Bajard, J.C., Didier, L.S., Kornerup, P.: An RNS Montgomery Modular Multiplication Algorithm. IEEE Transaction on Computers 47(7), 766–776 (1998)
Bajard, J.C., Didier, L.S.: Modular Multiplication and Base Extensions in Residue Number Systems. In: IEEE Symposium on Computer Arithmetic, pp. 59–65 (2001)
Barreto, P.S.L.M., Galbraith, S., ÓhÉigeartaigh, C., Scott, M.: Efficient Pairing Computation on Supersingular Abelian Varieties. Designs, Codes and Cryptography 42(3), 239–271 (2007)
Barreto, P.S.L.M., Naehrig, M.: Pairing-Friendly Elliptic Curves of Prime Order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)
Benger, N., Scott, M.: Constructing Tower Extensions of Finite Fields for Implementation of Pairing-Based Cryptography. Cryptology ePrint Archive (2009), http://eprint.iacr.org/2009/556.pdf
Bernstein, D.J., Lange, T.: Faster Addition and Doubling on Elliptic Curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)
Bernstein, D.J., Chen, T.-R., Cheng, C.-M., Lange, T., Yang, B.-Y.: ECM on Graphics Cards. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 483–501. Springer, Heidelberg (2009)
Beuchat, J.-L., González-Díaz, J.E., Mitsunari, S., Okamoto, E., Rodríguez-Henríquez, F., Teruya, T.: High-speed software implementation of the optimal ate pairing over barreto–naehrig curves. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 21–39. Springer, Heidelberg (2010)
Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography. Cambridge University Press (1999)
Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Boxall, J., El Mrabet, N., Laguillaumie, F., Le, D.-P.: A variant of miller’s formula and algorithm. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 417–434. Springer, Heidelberg (2010)
De Caro, A., Iovino, V., Persiano, G.: Fully secure anonymous HIBE and secret-key anonymous IBE with short ciphertexts. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 347–366. Springer, Heidelberg (2010)
Cheung, R.C.C., Duquesne, S., Fan, J., Guillermin, N., Verbauwhede, I., Yao, G.X.: FPGA implementation of pairings using residue number system and lazy reduction. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 421–441. Springer, Heidelberg (2011)
Chung, J., Hasan, M.A.: Asymmetric Squaring Formulae. In: ARITH 2007, pp. 113–122 (2007)
Costello, C., Lange, T., Naehrig, M.: Faster pairing computations on curves with high-degree twists. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 224–242. Springer, Heidelberg (2010)
Devegili, A.J., Scott, M., Dahab, R.: Implementing cryptographic pairings over barreto-naehrig curves. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 197–207. Springer, Heidelberg (2007)
Duan, P.: Oblivious Handshakes and Computing of Shared Secrets: Pairwise Privacy-preserving Protocols for Internet Applications. Ph.D. Dissertation, https://repositories.tdl.org/tdl-ir/handle/1969.1/ETD-TAMU-2011-05-9445
Duursma, I.M., Lee, H.-S.: Tate Pairing Implementation for Hyperelliptic Curves y 2 = x p − x + d. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 111–123. Springer, Heidelberg (2003)
Freeman, D., Scott, M., Teske, E.: A Taxonomy of Pairing-friendly Elliptic Curves. Journal of Cryptology 23, 224–280 (2010)
Freeman, D.M.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 44–61. Springer, Heidelberg (2010)
Frey, G., Rück, H.G.: A Remark Concerning m-divisibility and the Discrete Logarithm in the Divisor Class Group of Curves. Math. Comp. 62(206), 865–874 (1994)
Fiore, D., Gennaro, R., Smart, N.P.: Constructing certificateless encryption and ID-based encryption from ID-based key agreement. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 167–186. Springer, Heidelberg (2010)
Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 518–535. Springer, Heidelberg (2009)
Granger, R., Hess, F., Oyono, R., Thériault, N., Vercauteren, F.: Ate pairing on hyperelliptic curves. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 430–447. Springer, Heidelberg (2007)
Granger, R., Scott, M.: Faster squaring in the cyclotomic subgroup of sixth degree extensions. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 209–223. Springer, Heidelberg (2010)
Hess, F., Smart, N.P., Vercauteren, F.: The Eta Pairing Revisited. IEEE Trans. on Inform. Theory 52, 4595–4602 (2006)
Huang, Q., Wong, D.S., Susilo, W.: A new construction of designated confirmer signature and its application to optimistic fair exchange. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 41–61. Springer, Heidelberg (2010)
Katoh, Y., Huang, Y.J., Cheng, C.M., Takagi, T.: Efficient Implementation of the eta Pairing on GPU. Cryptology ePrint Archive, http://eprint.iacr.org/2011/540.pdf
Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008)
Koblitz, N., Menezes, A.: Pairing-based cryptography at high security levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)
Koblitz, N.: A Security Weakness in Composite-Order Pairing-Based Protocols with Embedding Degree k > 2. Cryptology ePrint Archive, http://eprint.iacr.org/2010/227.ps
Lee, J., Lakshminarayana, N.B., Kim, H., Vuduc, R.: Many-Thread Aware Prefetching Mechanisms for GPGPU Applications. In: MICRO 2010, pp. 213-224 (2010)
Lee, E.J., Lee, H.S., Park, C.M.: Efficient and Generalized Pairing Computation on Abelian Varieties. IEEE Transactions on Information Theory 55(4), 1793–1803 (2009)
Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (Hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)
Longa, P., Gebotys, C.: Analysis of Efficient Techniques for Fast Elliptic Curve Cryptography on x86-64 based Processors. IACR Cryptology ePrint Archive, 335, 1–34 (2010)
Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006)
Matsuda, S., Kanayama, N., Hess, F., Okamoto, E.: Optimised versions of the ate and twisted ate pairings. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 302–312. Springer, Heidelberg (2007)
Meiklejohn, S., Shacham, H., Freeman, D.M.: Limitations on transformations from composite-order to prime-order groups: The case of round-optimal blind signatures. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 519–538. Springer, Heidelberg (2010)
MIRACL: Multiprecision Integer and Rational Arithmetic Cryptographic Library, http://www.certivox.com/miracl
Mitsunari, S.: A Fast Implementation of the Optimal Ate Pairing over BN curve on Intel Haswell Processor. In: IACR eprint archive 2013: 362
Montgomery, P.L.: Modular Multiplication without Trial Division. Mathematics of Computation 44(1985), 519–521 (1985)
Naehrig, M., Niederhagen, R., Schwabe, P.: New software speed records for cryptographic pairings. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 109–123. Springer, Heidelberg (2010)
Nakanishi, T., Hira, Y., Funabiki, N.: Forward-secure group signatures from pairings. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 171–186. Springer, Heidelberg (2009)
Pecarina, J., Pu, S., Liu, J.C.: SAPPHIRE: Anonymity for Enhanced Control and Private Collaboration in Healthcare Clouds. In: CloundCom 2012, pp. 99–106 (2012)
Pereira, G.C.C.F., Simplcio Jr., M.A., Naehrig, M., Barreto, P.S.L.M.: A Family of Implementation-Friendly BN Elliptic Curves. Journal of Systems and Software 84(8), 1319–1326 (2011)
Raya, M., Hubaux, J.P.: Securing Vehicular Ad Hoc Networks. Journal of Computer Security 15, 39–68 (2007)
Scott, M.: Implementing Cryptographic Pairings. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 177–196. Springer, Heidelberg (2007)
Scott, M.: Faster pairings using an elliptic curve with an efficient endomorphism. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 258–269. Springer, Heidelberg (2005)
Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L.J., Kachisa, E.J.: On the final exponentiation for calculating pairings on ordinary elliptic curves. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 78–88. Springer, Heidelberg (2009)
Scott, M.: A Note on Twists for Pairing Friendly Curves, ftp://ftp.computing.dcu.ie/pub/crypto/twists.pdf
Scott, M., Barreto, P.S.L.M.: Compressed pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004)
Smart, N.P., Warinschi, B.: Identity based group signatures from hierarchical identity-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 150–170. Springer, Heidelberg (2009)
Stam, M., Lenstra, A.K.: Efficient Subgroup Exponentiation in Quadratic and Sixth Degree Extensions. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 318–332. Springer, Heidelberg (2003)
Szerwinski, R., Güneysu, T.: Exploiting the Power of GPUs for Asymmetric Cryptography. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 79–99. Springer, Heidelberg (2008)
Vercauteren, F.: Optimal Pairings. IEEE Transaction of Information Theory 56(1), 455–461 (2010)
Wang, L., Wang, L., Mambo, M., Okamoto, E.: New identity-based proxy re-encryption schemes to prevent collusion attacks. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 327–346. Springer, Heidelberg (2010)
Wei, L., Liu, J.: Shorter verifier-local revocation group signature with backward unlinkability. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 136–146. Springer, Heidelberg (2010)
Yoneyama, K.: Strongly Secure Two-Pass Attribute-Based Authenticated Key Exchange. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 147–166. Springer, Heidelberg (2010)
Zhang, Y., Xue, C.J., Wong, D.S., Mamoulis, N., Yiu, S.M.: Acceleration of Composite Order Bilinear Pairing on Graphics Hardware. Cryptology ePrint Archive, http://eprint.iacr.org/2011/196.pdf
Zhao, C.A., Zhang, F., Huang, J.: A Note on the Ate Pairing. International Journal of Information Security 6(7), 379–382 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Pu, S., Liu, JC. (2014). EAGL: An Elliptic Curve Arithmetic GPU-Based Library for Bilinear Pairing. In: Cao, Z., Zhang, F. (eds) Pairing-Based Cryptography – Pairing 2013. Pairing 2013. Lecture Notes in Computer Science, vol 8365. Springer, Cham. https://doi.org/10.1007/978-3-319-04873-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-04873-4_1
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-04872-7
Online ISBN: 978-3-319-04873-4
eBook Packages: Computer ScienceComputer Science (R0)