## CryptoDB

### Paper: Constructing Elliptic Curves with Prescribed Embedding Degrees

Authors: Paulo S. L. M. Barreto Ben Lynn Michael Scott URL: http://eprint.iacr.org/2002/088 Search ePrint Search Google Pairing-based cryptosystems depend on the existence of groups where the Decision Diffie-Hellman problem is easy to solve, but the Computational Diffie-Hellman problem is hard. Such is the case of elliptic curve groups whose embedding degree is large enough to maintain a good security level, but small enough for arithmetic operations to be feasible. However, the embedding degree is usually enormous, and the scarce previously known suitable elliptic groups had embedding degree $k \leqslant 6$. In this note, we examine criteria for curves with larger $k$ that generalize prior work by Miyaji et al. based on the properties of cyclotomic polynomials, and propose efficient representations for the underlying algebraic structures.
##### BibTeX
@misc{eprint-2002-11611,
title={Constructing Elliptic Curves with Prescribed Embedding Degrees},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / elliptic curve cryptosystem},
url={http://eprint.iacr.org/2002/088},
note={Accepted for presentation at SCN'02 (to be published in LNCS) pbarreto@larc.usp.br 12836 received 2 Jul 2002, last revised 22 Feb 2005},
author={Paulo S. L. M. Barreto and Ben Lynn and Michael Scott},
year=2002
}