Dustin Moody, Rene C. Peralta, Ray A. Perlner, Andrew R. Regenscheid, Allen L. Roginsky, Lidong Chen
This report summarizes study results on pairing-based cryptography. The main purpose of the study is to form NISTs position on standardizing and recommending pairing-based cryptography schemes currently published in research literature and standardized in other standard bodies. The report reviews the mathematical background of pairings. This includes topics such as pairing friendly elliptic curves and how to compute various pairings. It includes a brief introduction on existing identity-based encryption (IBE) schemes and other cryptographic schemes using pairing technology. The report provides a complete study on the current status of standard activities on pairing-based cryptographic schemes. It explores different application scenarios for pairing-based cryptography schemes. As an important aspect of adopting pairing-based schemes, the report also considers the challenges inherent in CAVP and CMVP testing for FIPS 140 evaluation. Based on the study, the report suggests an approach for including pairing-based cryptography schemes in the NIST cryptographic toolkit. The report also outlines several questions that will require further study if this approach is followed.