Multi-round passive attacks on server-aided RSA protocols
Proceedings of the 7th ACM conference on Computer and communications security
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Speeding Up Secret Computations with Insecure Auxiliary Devices
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Security and Performance of Server-Aided RSA Computation Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Fast Server-Aided RSA Signatures Secure Against Active Attacks
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
On Verifiable Implicit Asking Protocols for RSA Computation
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Hi-index | 0.00 |
We propose a method for speeding up secure sessions establishment between clients and servers on the Internet, which is applicable for both RSA and DH. In the case of RSA, the method effectively offloads computational work from a heavily-loaded server to its clients. In the case of DH, the improved performance is obtained at the price of extended certificates. Our method is built upon a scheme called simultaneous multiple exponentiation, and basically splits the work of simultaneous multiple exponentiation between two entities. The challenge is to do so without leaking secret bits of the secret exponent, and still improve the performance. We prove that these two tasks can be achieved simultaneously.