[ Log On ]
  • Home
  • Tst
  • Cha
  • Enc
  • Code
  • IP
  • Fun
  • Sub
  • DigF
  • Cis
  • Com
  • Db
  • About
  • Netsim
  • Big Data

Pair-based cryptography with MIRACL for \(e(aU,bV)=e(bU,aV)\)

[Back] With pair-based cryptography we have two cyclic groups (\(G_1\) and \(G_2\)), and which are of an order of a prime number (\(n\)). A pairing on \((G_1,G_2,G_T)\) defines the function \(e:G_1 \times G_2 \rightarrow G_T\), and where \(g_1\) is a generator for \(G_1\) and \(g_2\) is a generator for \(G_2\). If we have the points of \(U_1\) and \(U_2\) on \(G_1\) and \(V_1\) and \(V_2\) on \(G_2\), we get the bilinear mapping of:

\(e(U_1+U_2,V_1) =e(U_1,V_1) \times e(U_2,V_1)\)

\(e(U_1,V_1+V_2) =e(U_1,V_1) \times e(U_1,V_2)\)

If \(U\) is a point on \(G_1\), and \(V\) is a point on \(G_2\), we get:

\(e(aU,bV)=e(bU,aV)\)

In this example, we will prove these mappings for a pairing for \(e(aU,bV)=e(abU,V)\).

Parameters

a:

b:

Background

With key pairing we have two cyclic groups (\(G_1\) and \(G_2\)), and which are of an order of a prime number (\(n\)). A pairing on \((G_1,G_2,G_T)\) defines the function \(e:G_1 \times G_2 \rightarrow G_T\), and where \(g_1\) is the generator for \(G_1\) and \(g_2\) is the generator for \(G_2\). If we have the points of \(U_1\) and \(U_2\) on \(G_1\) and \(V_1\) and \(V_2\) on \(G_2\), we get the bilinear mapping of:

\(e(U_1+U_2,V_1) =e(U_1,V_1) \times e(U_2,V_1)\)

\(e(U_1,V_1+V_2) =e(U_1,V_1) \times e(U_1,V_2)\)

If \(U\) is a point on \(G_1\), and \(V\) is a point on \(G_2\), we get:

\(e(aU,bV) =e(U,V)^{ab}\)

If \(G_1\) and \(G_2\) are the same group, we get a symmetric grouping (\(G_1 = G_2 = G\)), and the following commutative property will apply:

\(e(U^a,V^b) = e(U^b,V^a) = e(U,V)^{ab} = = e(V,U)^{ab}\)

The computation of \(e\) should be efficient in computation time.

Coding

The outline coding using the library from the MIRACL library [here] is

package main

import (
	"os"
	"fmt"
	"github.com/miracl/core/go/core/BN254"
	"strconv"
)
func FP12toByte(F *BN254.FP12) []byte {

	const MFS int = int(BN254.MODBYTES)
	var t [12 * MFS]byte

	F.ToBytes(t[:])
	return(t[:])
}

func main() {

	argCount := len(os.Args[1:])
	a1:=5
	b1:=10

        if (argCount>0) {a1,_= strconv.Atoi(os.Args[1])}
        if (argCount>1) {b1,_= strconv.Atoi(os.Args[2])}


   	a := BN254.NewBIGint(a1)
   	b := BN254.NewBIGint(b1)

 
	U := BN254.ECP_generator()
	V := BN254.ECP2_generator()

	aval:=BN254.G1mul(U,a)
	bval:=BN254.G2mul(V,b)


	p1 := BN254.Ate(bval,aval)	
	p1 = BN254.Fexp(p1)

	aval2:=BN254.G1mul(U,b)
	bval2:=BN254.G2mul(V,a)


	p2 := BN254.Ate(bval2,aval2)	
	p2 = BN254.Fexp(p2)


	fmt.Printf("a=%d, b=%d\n",a1,b1)
	fmt.Printf("Pairing: e(aU,bV)=e(bU,aV)\n")

	fmt.Printf("\nPairing: %s\n",p1.ToString())
        fmt.Printf(" In Hex (first 20 bytes):\t0x%x\n",FP12toByte(p1)[:20])


	if p1.Equals(p2) { fmt.Printf("\nPairing 1 [e(aU,bV)] is equal to Pairing 2 [e(bU,aV)]")}	

    
}

A sample run:

a=100, b=50
Pairing: e(aU,bV)=e(bU,aV)

Pairing: [[[1f4487a386e21288f1546f907e07162498ab6f6eb82194b105b2de1727d1c53b,186b0bf996e607c41394bfb413d1146366786fe0f95340266905e51ba2a15e30],[0a0bcdad5c0079c6f650c0fed0ad725517ec1404fd1e30bfc872aa48f88206ea,11ff742c0c691fdcf7b1d57d2f52c39b28cedca757937394cdfb1468cd74a1e5]],[[11eb25bef995629d6007c4190d51328e03bb8d844d14f5da5d5769b9d29234fa,0e17a7f6e27dd7eeac95d9d0b1ef230517ccfd143fbb61d5c78915ffe4d2432e],[11056891396286c6eb5c7aef92105ca4a4bf13a0f75dfe5067472697cb64702b,04681bda2ff1f3b2d5a0a7e4b253e8048c0f015be66194a361a4231c2bc02fde]],[[156e7cd1cfc7017892ea924cbd91566a0ca33b6c7d789a126ee26ac7088c39e1,1ab684d3095ae5fb69a733641ce4edd93c4fa39ebee27b960a11078140b3ab64],[13c9e243700e4afba1f45cce0e34e29f8aba57e2a81e1ab2b111078d1539091a,0e99fb625f78c84a23da84513e6bb05ed0762163bdb868b132007521b6ad024e]]]
 In Hex (first 20 bytes):	0x1f4487a386e21288f1546f907e07162498ab6f6e

Pairing 1 [e(aU,bV)] is equal to Pairing 2 [e(bU,aV)]