| 摘要 |
A pairing arithmetic device is provided with a CPU which calculates pairing e(S,Q), with F as a rational function calculated using S?G1,Q?G2, a predetermined integer variable as ?, and an algorithm (MMA) of a mirror with respect to multi-pairing as F. The order r, the trace t of the Frobenius endomorphism map/image ?p are specified using the integer variable ? according to the degree of embedding k. The CPU carries out the arithmetic operation by means of: an inputting means which inputs the aforementioned integer variable ?, the rational point S, and the rational point Q into their respective predetermined registers; a calculating means which calculates F; a calculating means which calculates values at a rational point Q(xQ,yQ) on a straight line which passes through predetermined rational points; a calculating means which calculates f'?,s(Q) using F and the aforementioned value; and a calculating means which uses f'?,s(Q) to calculate the pairing e(S,Q) as a [83]. |
