---

Michael Naehrig

I am a researcher in the Cryptography Research group at Microsoft Research in Redmond. Here is my MSR web page.

Previously, I was a postdoc in the coding and crypto group in the Eindhoven Institute for the Protection of Systems and Information at Eindhoven University of Technology. And before that, I was a postdoc researcher in the Cryptography Research group at Microsoft Research.

Contact:
mnaehrig@microsoft.com
michael@cryptojedi.org
GPG-Key: 5BFDD3D9

Google scholar page

---

Publications

• Thore Graepel, Kristin Lauter, Michael Naehrig: ML Confidential: Machine Learning on Encrypted Data
  International Conference on Information Security and Cryptology – ICISC 2012, Lecture Notes in Computer Science, Springer-Verlag (2013), to appear.
  Cryptology ePrint Archive, Report 2012/323.
  
• Tolga Acar, Kristin Lauter, Michael Naehrig, Daniel Shumow: Affine Pairings on ARM.
  Pairing-Based Cryptography – Pairing 2012, Lecture Notes in Computer Science 7708, Springer-Verlag (2013), pp 203–209.
  Date: 2012-06-27 [pdf], Cryptology ePrint Archive, Report 2011/243
  
• Craig Costello, Kristin Lauter, Michael Naehrig: Attractive Subfamilies of BLS Curves for Implementing High-Security Pairings.
  Progress in Cryptology – INDOCRYPT 2011, Lecture Notes in Computer Science 7107, Springer-Verlag (2011), pp 320–342.
  Date: 2011-10-18 [pdf], supersedes 2011-10-05 [pdf]
  
• Kristin Lauter, Michael Naehrig, Vinod Vaikuntanathan: Can homomorphic encryption be practical?
  ACM Cloud Computing Security Workshop – CCSW 2011.
  Date: 2011-09-01 [pdf]
  
• Geovandro C. C. F. Pereira, Marcos A. Simplício Jr, Michael Naehrig, Paulo S. L. M. Barreto: A Family of Implementation-Friendly BN Elliptic Curves.
  Journal of Systems and Software, Volume 84, Issue 8, Elsevier (2011), pp 1319–1326.
  Date: 2011-06-03 [pdf] [bibtex]
• Kristin Lauter, Peter L. Montgomery, Michael Naehrig: An Analysis of Affine Coordinates for Pairing Computation.
  Pairing-Based Cryptography – Pairing 2010, Lecture Notes in Computer Science 6487, Springer-Verlag (2010), pp 1–20.
  Date: 2010-10-12 [pdf] [bibtex]
• Michael Naehrig, Ruben Niederhagen, and Peter Schwabe: New software speed records for cryptographic pairings.
  Progress in Cryptology – LATINCRYPT 2010, Lecture Notes in Computer Science 6212, Springer-Verlag (2010), pp 109–123.
  Date: 2010-07-14 [pdf] [bibtex] [more]
  Supersedes: 2010-05-28 [pdf], supersedes: 2010-04-06 [pdf]
  Caution: The software as described in versions 2010-05-28 and 2010-04-06 of the paper has a bug related to the choice of curve parameters. This also affects the version in the Latincrypt 2010 proceedings. A corrected version of the software is available and the bug is corrected from version 2010-07-14 of the paper.
• Craig Costello, Tanja Lange, Michael Naehrig: Faster Pairing Computations on Curves with High-Degree Twists.
  Public Key Cryptography – PKC 2010, Lecture Notes in Computer Science 6056, Springer-Verlag (2010), pp 224–242.
  Date: 2010-06-14 [pdf] [bibtex]
• Christophe Arène, Tanja Lange, Michael Naehrig, Christophe Ritzenthaler: Faster computation of the Tate pairing.
  Journal of Number Theory, Volume 131, Issue 5, Elliptic Curve Cryptography, Elsevier (2011), pp 842–857.
  Date: 2010-05-20 [pdf] [bibtex]
• Laura Hitt O'Connor, Gary McGuire, Michael Naehrig, Marco Streng: A CM construction for curves of genus 2 with p-rank 1.
  Journal of Number Theory, Volume 131, Issue 5, Elliptic Curve Cryptography Elsevier (2011), pp 920–935.
  Date: 2010-05-11 [pdf] [bibtex]
• Michael Naehrig, Paulo S. L. M. Barreto and Peter Schwabe: On compressible pairings and their computation.
  Progress in Cryptology – AFRICACRYPT 2008, Lecture Notes in Computer Science 5023, Springer-Verlag (2008), pp 371–388.
  [pdf] [bibtex] [more]
• Paulo S. L. M. Barreto, Michael Naehrig: Pairing-Friendly Elliptic Curves of Prime Order.
  Selected Areas in Cryptography – SAC 2005, Lecture Notes in Computer Science 3897, Springer-Verlag (2006), pp 319–331.
  [pdf] [bibtex] Preliminary version: Cryptology ePrint Archive, Report 2005/133.

---

Technical Reports

• Joppe W. Bos, Kristin Lauter, Jake Loftus, Michael Naehrig: Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme
  Cryptology ePrint Archive, Report 2013/075.
  

---

Program committees: SAC 2013, CANS 2012, Pairing 2012, Indocrypt 2011, Africacrypt 2010.

I was involved in the organization of Pairing 2012 in Cologne, Germany, 16–18 May 2012.

---

Talks

• Homomorphic Encryption from RLWE — Schemes and Parameters, talk at the MSR Privacy Workshop, Microsoft Research, Redmond, WA, USA, 2012-10-23.
• ML Confidential — Machine Learning on Encrypted Data, [pdf slides], talk at crypto group lunch, Microsoft Research, Redmond, WA, USA, 2012-07-27.
• Homomorphic Encryption from Ring Learning with Errors, [pdf slides], Microsoft Research, Cambridge, United Kingdom, 2012-01-10.
• Pairings at High Security Levels, [pdf slides], invited talk at the European Postdoctoral Day of Excellence in Cryptography, Darmstadt, Germany, 2011-11-21.
• Can homomorphic encryption be practical?, [pdf slides], Cryptography Working Group, Utrecht, The Netherlands, 2011-09-30.
• An Analysis of Affine Coordinates for Pairing Computation, [pdf slides], Pairing 2010, Yamanaka Hot Spring, Ishikawa, Japan, 2010-12-13.
• Pairings on elliptic curves — parameter selection and efficient computation, [pdf slides], invited talk at the Workshop on Elliptic Curves and Computation (ECC 2010), Microsoft Research, Redmond, WA, USA, 2010-10-19.
• How fast are pairings?, talk at crypto group lunch, Microsoft Research, Redmond, WA, USA, 2010-08-12.
• New software speed records for cryptographic pairings [pdf slides], invited talk at the workshop on Computer Security and Cryptography at CRM, Montreal, Canada, 2010-04-13.
• Pairings for Cryptographic Applications, European Microsoft Innovation Center (EMIC), Aachen, Germany, 2010-03-22.
• Choosing curves, coordinates and algorithms for computing cryptographic pairings, Microsoft Research, Redmond, WA, USA, 2010-03-02.
• Pairings for Cryptography [pdf slides], invited talk at the seminar of the Digital Security Group, Radboud Universiteit Nijmegen, The Netherlands, 2009-12-11.
• BN curves revisited [pdf slides], invited talk at the Mini-Workshop on Computational aspects of elliptic and hyperelliptic curves, K.U. Leuven, Belgium, 2009-10-28.
• Efficient Computation of Pairings on Elliptic Curves [pdf slides], EIDMA/DIAMANT Cryptography Working Group, Utrecht, The Netherlands, 2009-10-02.
• Pairings on Edward's curves [pdf slides], talk at the Rump Session of ECC 2009, University of Calgary, Canada, 2009-08-24.
• A Quick Guide to Efficient Pairing Computation, Microsoft Research, Redmond, WA, USA, 2009-08-12.
• Computing Pairings on Elliptic Curves [pdf slides], talk at crypto group lunch, Microsoft Research, Redmond, WA, USA, 2009-07-17.
• Constructive and Computational Aspects of Cryptographic Pairings [pdf slides], short presentation during my PhD defense, Eindhoven University of Technology, The Netherlands, 2009-05-07.
• Pairings on Edwards curves [pdf slides], invited talk at the Workshop on Pairings in Arithmetic Geometry and Cryptography, IEM, University of Duisburg-Essen, Essen, Germany, 2009-05-05.
• Pairings II [pdf slides], DIAMANT Summer School on Elliptic and Hyperelliptic Curve Cryptography, Eindhoven, The Netherlands, 2008-09-19.
• Pairings I [pdf slides], DIAMANT Summer School on Elliptic and Hyperelliptic Curve Cryptography, Eindhoven, The Netherlands, 2008-09-18.
• On compressible pairings and their computation [pdf slides], AfricaCrypt 2008, Casablanca, Morocco, 2008-06-13.
• How to construct pairing-friendly curves [pdf slides], seminar talk, LARC, University of São Paulo, Brazil, 2007-09-28.
• Pairing-friendly elliptic curves of prime order [pdf slides], seminar talk, Computer Security group, b-it Bonn, Germany, 2006-01-12.
• Pairing-friendly elliptic curves of prime order [pdf slides], Selected Areas in Cryptography — SAC 2005, Queen's University, Kingston, Canada, 2005-08-12.

---

Theses

In May 2009, I completed my PhD at Eindhoven University of Technology in the coding and crypto group under the supervision of Tanja Lange.

• PhD thesis: Constructive and Computational Aspects of Cryptographic Pairings, Eindhoven University of Technology, The Netherlands, 2009.
  Updated version (2009-05-13, corrected some typos and mistakes): [pdf]
  Cover of the printed version: [pdf]
  Statements: [pdf]

In 2002, I finished my diploma in mathematics at RWTH Aachen University at Lehrstuhl D für Mathematik under the supervision of Gerhard Hiss.

• Diploma thesis: Die Brauer-Bäume des Monsters M in Charakteristik 29, RWTH Aachen University, Germany, 2002. [pdf]

---

Misc

• www.die-naehrigs.de
• Alice and Bob in Cipherspace, an article by Brian Hayes in American Scientist on homomorphic encryption mentioning our work.
• A Cloud that Can't Leak, an article by Tom Simonite in the MIT Technology Review featuring work on homomorphic encryption with Kristin Lauter and Vinod Vaikuntanathan.
• Video abstract for the paper Faster computation of the Tate pairing with Christophe Arène, Tanja Lange, and Christophe Ritzenthaler on the Journal of Number Theory YouTube channel, featuring Lukas, Julius, and Linus.
• Slides from the joint "talk" Secure Cloud Computing for Medical Data with Daniel J.Bernstein, Carl Ellison, Tanja Lange, Kristin Lauter, Victor Miller, and Eran Tromer given at the rump session of Crypto 2009 (2009-08-17).
  Invited paper submitted to the Journal of Craptology. [pdf]
  Here is a video of the corresponding part of the Crypto 2009 rump session (our talk is at the very end).
• Redmond 2009
• Slides from the joint talk "A brief look at the 56 SHA-3 submissions" with Christiane Peters and Peter Schwabe, given at the rump session of Eurocrypt 2009 (2009-04-28). See also the Lyrics with guitar chords and the video on YouTube.
  Invited paper in the Journal of Craptology, volume 7 . [pdf] [bibtex]
• A web interface to get parameters for BN curves.