8. Pairing Based Cryptography

Jake Kim·2024년 8월 5일

PSE2024

목록 보기

11/17

Introduction to Pairing-Based Cryptography

Pairing-based cryptography is a rapidly growing field that leverages bilinear pairings on elliptic curves to enable advanced cryptographic protocols. These protocols include identity-based encryption, attribute-based encryption, short signatures, and more. The concept of pairing, particularly bilinear pairing, is central to these applications, allowing for operations that are not possible with traditional public-key cryptography.

What is a Bilinear Pairing?

A bilinear pairing is a mathematical map that takes two points from two elliptic curve groups and outputs an element in a third group, usually within a finite field. The most commonly used pairings are of the form:

$e: G_{1} \times G_{2} \rightarrow G_{T}$

where:

$G_{1}$ and $G_{2}$ are groups generated by points on elliptic curves.
$G_{T}$ is a multiplicative group of a finite field.
The groups $G_{1}$ and $G_{2}$ can either be the same (symmetric pairing) or different (asymmetric pairing).

Key Properties of Pairings

A bilinear pairing must satisfy three key properties:

Bilinearity:

A pairing $e$ is bilinear if for all $P \in G_{1}$ , $Q \in G_{2}$ , and integers $a, b$ :

$e(aP, bQ) = e(P, Q)^{ab}$

This property enables operations such as the aggregation of signatures or proofs in cryptographic protocols.
Non-degeneracy:

A pairing $e$ is non-degenerate if $e(P, Q) \neq 1$ for some $P \in G_{1}$ and $Q \in G_{2}$ . This ensures that the pairing has meaningful results.
Computability:

The pairing $e(P, Q)$ must be efficiently computable, which is crucial for the practicality of pairing-based cryptography.

Applications of Pairing-Based Cryptography

Pairing-based cryptography has numerous applications in various fields, including:

Identity-Based Encryption (IBE)

In IBE, the public key of a user can be derived from an arbitrary string, such as an email address. The secret key corresponding to this public key is generated by a trusted authority (Key Generation Center, or KGC).
Attribute-Based Encryption (ABE)

ABE allows users to encrypt and decrypt data based on attributes (e.g., roles, permissions).
BLS Signatures

BLS signatures are short signature schemes that benefit from the bilinearity of pairings.
zk-SNARKs

Pairings are also essential in constructing zk-SNARKs, which are cryptographic proofs that allow one to prove knowledge of a solution to a problem without revealing the solution itself.

Example: How Pairings Work in BLS Signatures

Let's go through a concrete example of using pairings in the context of BLS signatures:

Setup:
- Choose a cyclic group $G_{1}$ generated by $P$ with order $r$ .
- The public key is $pk = sk \cdot P$ , where $sk$ is the private key.
Signing:
- Given a message $m$ , hash the message to a point on the curve $H(m)$ .
- The signature is $\sigma = sk \cdot H(m)$ .
Verification:
- To verify the signature, the verifier computes two pairings:
  $e(\sigma, P)\quad\text{and}\quad e(H(m), pk)$
- The signature is valid if: $e(\sigma, P) = e(H(m), pk)$

Summary

Pairing-based cryptography leverages bilinear pairings on elliptic curves to enable advanced cryptographic protocols that are not possible with traditional public-key cryptography. These protocols have numerous applications in various fields, including identity-based encryption, attribute-based encryption, short signatures, and more. Pairing-based cryptography is becoming increasingly important due to its potential for secure communication systems and blockchain technologies.

Jake Kim

세일즈 출신 개발자 제이크입니다.

이전 포스트

7. BLS signature (BLS12-391)

다음 포스트