The Pairing-Based Cryptography Library

News Archive 11

Mailing List Created

Hovav Shacham and I created a mailing list to discuss the development of the PBC library.

From now, if you have any PBC-related questions please send them to pbc-devel at googlegroups dot com.

pbc-0.3.9 Released

I spent most of my time since the last release on a new test program confusingly named pbc. It allows interactive testing of the library. During the development I felt I may have been better off working on performance improvements instead of squandering time on a hand-written parser and interpreter, but now that it works, I’m pleased with the results. I have yet to document it. The following session shows how it can be used:

\$ test/pbc
Pairing-Based Calculator
> a=rnd(G1)
> b=rnd(G2)
> c=pairing(a,b,A)
> c
[8123908995412397222629407861526403178767561618899656268507645810910469570940171
354920981464587606639849486738202862428348258236992210185732214124221043399 1895
53814264885989040711088624722149213923285853653986751240825585711288561007379288
8682665226785064897799276077038762941403815137279201878124496544381814]
> r=rand(Zr)
> c^r
[3657835355267111517147932281225731429445945576520458069770856379924948048294629
981309298603543337841873858888814047590238596753897868865331802933313743255 5062
40043246682709738369359568183546905789682883656306401246404807118581570274256476
4691903194225678537056515561674449527079685938158385917551215894965196]
> ar=a^r
> pairing(ar, b)
expect three arguments
runtime error (error code = 0)
> pairing(ar,b,A)
[3657835355267111517147932281225731429445945576520458069770856379924948048294629
981309298603543337841873858888814047590238596753897868865331802933313743255 5062
40043246682709738369359568183546905789682883656306401246404807118581570274256476
4691903194225678537056515561674449527079685938158385917551215894965196]
> br=b^r
> pairing(a,br,A)
[3657835355267111517147932281225731429445945576520458069770856379924948048294629
981309298603543337841873858888814047590238596753897868865331802933313743255 5062
40043246682709738369359568183546905789682883656306401246404807118581570274256476
4691903194225678537056515561674449527079685938158385917551215894965196]

There are actually no prompts. I edited them in afterwards to show exactly what I was typing.

I made a couple of minor fixes so that mingw can compile PBC. The resulting binaries for Windows are on the download page.

I generally get worse times with the Windows binaries, and they seem to vary more from run to run.

pbc-0.3.8 Released

I rewrote element_vfprintf() so it does not use GNU C extensions. PBC should now compile under mingw, though I have to test this.

pbc-0.3.7 Released

I implemented finite fields using Montgomery representation. Multiplication is faster, though inversion slows down a little. This improves the running time of all pairings except E (this pairing type isn’t useful anyway).

I enjoyed the challenge of writing it, but I can’t help feel that there ought be an implementation of integer mod rings in GMP. After all, GMP already has Montgomery reduction in its mpz_powm() function, and it has modular inversion routines too. With a little more coding they could easily get a fast integer mod ring library. I would much rather focus on elliptic curves.

There are some changes which may break compatibility with previous releases. I had forgotten to write element_sgn for the new finite fields code (which broke a few things). I have now fixed this, but I have changed the way it works. This means compressed elements from earlier PBC versions will be incompatible.

Also, there are minor change in the element_from_hash() functions, and they behave differently now.

pbc-0.3.6 Released

Besides minor bugfixes and cleanup, finite fields are now much faster, which benefits all pairings. I also added some optimizations for type F pairings in particular. I eliminated memset() calls (see previous post) in several places by introducing a flag.

I have also included a CMakeLists.txt file which allows the PBC to be built using CMake. I prefer CMake because it is faster and does not increase the package size [more on this].

Wed Sep 27 17:18:05 PDT 2006

News: 0 1 2 3 4 5 6 7 8 9 10 11 12 13