rheitjoh
commented
3 years ago I updated the security parameter for the BN pairing some time ago.
We have also removed factories, so you just need to specify a security parameter. This makes the API very simple for the user.
Not sure how viable allowing the user to be more specific with the parameter specification would be. Or whether it is even worth it. For proper performance evaluation you would be using a wrapper class like Mcl, and Mcl does not allow for changing its parameters.
There is no way to easily view curve parameters without looking at the code, however. That might be worth adding. For example as part of the documentation page.
(This issue has been imported from the Gitlab repository because it seems to not have been addressed yet)
Original Text (Issue 181)
As it turns out, people have to select concrete security parameters for their schemes when using the BilinearGroupFactoryFactory. The rough guideline was that security parameter x corresponds roughly to DLOG being as hard as AES with key length x.
However, there are probably better measures out there to judge how secure an elliptic curve is. I'd like the user to be able to easily see some basic measures (q, r, embedding degree, GT structure) that he can compare to values he sees on the internet.
So this ticket is threefold:
This makes it easier for performance evaluation and easier for peoeple to judge what security level they actually get (if they're experts). I do not want to remove the current "just give me an AES-like security parameter" mechanism (but better explain it perhaps).