Ancient History

Uses (generalized) Karatsuba polynomial multiplication for degree 3, 6 polynomials giving a slight speedup. Commented out Sakai-Kasahara Schnorr identity-based signature scheme due to patent issues.

Various optimizations, e.g. removed gross inefficiencies in polynomial multiplication that were somehow overlooked.

More cleanup. Every source file is in a subdirectory now. Formatted manual in DocBook. Changed output of listmnt. Can see progress of Hilbert polynomial computation. Renamed testmnt to gencparam.

Fixed problems with MNT curve generation.

Started organizing source files into subdirectories. Added Cha-Cheon and Sakai-Kasahara-Schnorr identity-based signatures. Matt Steiner’s broadcast encryption code is now included.

Added BGN curves i.e. type A curves of any given order.

Changed the way compressed points work. Incompatible with last version.

Added wrapper functions for reading/writing compressed/x-coordinate-only points.

Type F pairings implemented: these use curves with embedding degree 12.

Sliding windows for exponentiations in finite fields (due to Hovav Shacham). Fixed problem which prevented previous version from compiling.

Code cleanup. Type A pairings use projective coordinates. Minor type C pairing optimization.

Plugged a memory leak.

When possible, generated curves have group orders whose length in bits match the desired length exactly. Before it could be a off by one. Generated new sample A and E pairing parameters. Type E pairing optimized.

A few more optimizations.

Minor optimizations, bugfixes and cleanup.

Cleaned up code, plugged a memory leak. Implemented one type of singular curve.

New makefile from Hovav. Now creates the library libpbc.a. More documentation. API changes, pairings can be initialized with parameters from different types of curves.

Fixed a bug that caused element_from_bytes for field extensions to fail in some situations. Applied patch due to Hovav Shacham: new Makefile, code cleanup, multiexponentiation, bugfix.

Fixed curve parameter output bugs.

Plugged a memory leak.

Tate exponentiation optimization for MNT k=6 curves. The pairing is now over twice as fast for this case.

Optimizations e.g. denominator elimination for even embedding degrees by using twist curves. Bug fixes, e.g. length_in_bytes() for some fields.

Plugged memory leaks, some pairing optimizations (Solinas-prime-specific Miller’s algorithm, improved Tate exponentiation for degree 2 extensions). Bumped up minor version number rather than patch level to reflect increased confidence in the library for real applications.

Code cleanup, implemented k=2 supersingular curves.

Minor bugfix, BBS group signatures demo.

Implemented serialization for points.

Added different ways of generating random numbers. e.g. can call random_set_file("/dev/urandom") to use /dev/urandom as the source of random bits.

Wrote basic serialization/deserialization routines for some data types. Example Boneh-Lynn-Shacham and Boneh-Boyen signature libraries included, though eventually I intend to have a separate library for these.

Introduced the ‘pairing_t’ data type, to make it easier to write programs using pairings. IBE, short signature demo programs.

Routines for MNT curve generation, pairing computation.