International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Revisiting cycles of pairing-friendly elliptic curves

Authors:
Marta Bellés Muñoz , Dusk Network, Pompeu Fabra University
Jorge Jiménez Urroz , Polytechnic University of Catalonia, Technical University of Madrid
Javier Silva , Dusk Network
Download:
DOI: 10.1007/978-3-031-38545-2_1 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2023
Abstract: A recent area of interest in cryptography is recursive composition of proof systems. One of the approaches to make recursive composition efficient involves cycles of pairing-friendly elliptic curves of prime order. However, known constructions have very low embedding degrees. This entails large parameter sizes, which makes the overall system inefficient. In this paper, we explore 2-cycles composed of curves from families parameterized by polynomials, and show that such cycles do not exist unless a strong condition holds. As a consequence, we prove that no 2-cycles can arise from the known families, except for those cycles already known. Additionally, we show some general properties about cycles, and provide a detailed computation on the density of pairing-friendly cycles among all cycles.
BibTeX
@inproceedings{crypto-2023-33076,
  title={Revisiting cycles of pairing-friendly elliptic curves},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-38545-2_1},
  author={Marta Bellés Muñoz and Jorge Jiménez Urroz and Javier Silva},
  year=2023
}