Faster Squaring in the Cyclotomic Subgroup of Sixth Degree Extensions

This paper describes an extremely efficient squaring operation in the so-called ‘cyclotomic subgroup’ of $\mathbb{F}_{q^6}$, for $q \equiv 1 \bmod{6}$. Our result arises from considering the Weil restriction of scalars of this group from $\mathbb{F}_{q^6}$ to $\mathbb{F}_{q^2}$, and provides efficiency improvements for both pairing-based and torus-based cryptographic protocols. In particular we argue that such fields are ideally suited for the latter when the field characteristic satisfies $p \equiv 1 \pmod{6}$, and since torus-based techniques can be applied to the former, we present a compelling argument for the adoption of a single approach to efficient field arithmetic for pairing-based cryptography.