The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Speeding Up Secret Computations with Insecure Auxiliary Devices
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Efficient Identification and Signatures for Smart Cards
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The Béguin-Quisquater Server-Aided RSA Protocol from Crypto '95 is not Secure
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
On the Insecurity of a Server-Aided RSA Protocol
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Attacks on protocols for server-aided RSA computation
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Fast exponentiation with precomputation
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Server(prover/signer)-aided verification of identity proofs and signatures
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
How to securely outsource cryptographic computations
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Server-Aided Verification Signatures: Definitions and New Constructions
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Provably secure server-aided verification signatures
Computers & Mathematics with Applications
Server-aided signatures verification secure against collusion attack
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Security analysis of a server-aided RSA key generation protocol
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
A pre-computable signature scheme with efficient verification for RFID
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Server-aided signatures verification secure against collusion attack
Information Security Tech. Report
On the implementation of a pairing-based cryptographic protocol in a constrained device
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Server-aided identity-based anonymous broadcast encryption
International Journal of Security and Networks
| Hi-index | 0.00 |
We introduce the server-aided verification (SAV) concept, which consists in speeding up the verification step of an authentication/signature scheme, by delegating a substantial part of computations to a powerful (but possibly untrusted) server. After giving some motivations for designing SAV protocols, we provide a simple but realistic model, which captures most situations one can meet in practice (note that this model is much more general than the one recently proposed by Hohenberger and Lysyanskaya, who require the server to be made of two softwares which do not communicate with each other [14]). Then, we analyze and prove in this model the security of two existing SAV protocols, namely the Lim-Lee [15] modification of Schnorr scheme [28] and the Girault-Quisquater variant [10] of GPS scheme [7,24]. Finally, we propose a generic method for designing SAV versions of schemes based on bilinear maps, which can be applied to the Boneh-Boyen signature schemes [3], the Zhang-Safavi-Naini-Susilo [32] signature scheme and the Shao-Lu-Cao identification scheme [30].