Batch Diffie-Hellmam key agreement systems and their application to portable communications

  • Authors:

  • Michael J. Beller;Yacov Yacobi

  • Affiliations:

  • Bellcore, New Jersey;Bellcore, New Jersey

  • Venue:
  • EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
  • Year:
  • 1992

Quantified Score

Hi-index 0.00

Visualization

Abstract

RSA (Rivest, Shamir and Adleman) is today's most popular public key encryption scheme. Batch-RSA (due to Fiat) is a method to compute many (n/log22(n), where n is the security parameter) RSA decryption operations at a computational cost approaching that of one normal decryption. It requires that all the operations use the same modulus, but distinct, relatively prime in pairs, short, public exponents. A star-like key agreement scheme could use such a system to slash computational complexity at the center. We show a real life example of such a system - secure portable telephony. Unfortunately, in this system Batch-RSA cannot be employed effectively, due to a delay component which arises from the nature of RSA key exchange. We show that mathematical ideas similar to Fiat's can lead to a Batch-Diffie-Hellman key agreement scheme, that does not suffer such delay and is comparable in efficiency to Batch-RSA. We prove that with some precautions, this system is as hard to break as RSA with short public exponent. In practice our method improves processing time at the center by a factor of 6 to 17 when compared to (non-batch) Diffie-Hellman schemes with full-size exponents and moduli in the practical range. Smaller improvements (on the order of 1.6 to 3) are obtainable when compared to a Diffie-Hellman scheme employing abbreviated exponents.