Speeding up secure sessions establishment on the internet

Authors:
Yaron Sella
Affiliations:
The Hebrew University of Jerusalem, School of Computer Science and Engineering, Givat Ram, Jerusalem, Israel
Venue:
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Year:
2002

Citing 10
Cited 0

Multi-round passive attacks on server-aided RSA protocols

Proceedings of the 7th ACM conference on Computer and communications security
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Computers and Intractability: A Guide to the Theory of NP-Completeness

Computers and Intractability: A Guide to the Theory of NP-Completeness
Speeding Up Secret Computations with Insecure Auxiliary Devices

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Security and Performance of Server-Aided RSA Computation Protocols

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Fast Server-Aided RSA Signatures Secure Against Active Attacks

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
On Verifiable Implicit Asking Protocols for RSA Computation

ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
The Decision Diffie-Hellman Problem

ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a method for speeding up secure sessions establishment between clients and servers on the Internet, which is applicable for both RSA and DH. In the case of RSA, the method effectively offloads computational work from a heavily-loaded server to its clients. In the case of DH, the improved performance is obtained at the price of extended certificates. Our method is built upon a scheme called simultaneous multiple exponentiation, and basically splits the work of simultaneous multiple exponentiation between two entities. The challenge is to do so without leaking secret bits of the secret exponent, and still improve the performance. We prove that these two tasks can be achieved simultaneously.