Speeding up Exponentiation using an Untrusted Computational Resource

Authors:
Marten Dijk;Dwaine Clarke;Blaise Gassend;G. Edward Suh;Srinivas Devadas
Affiliations:
MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, USA 02139;MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, USA 02139;MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, USA 02139;MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, USA 02139;MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, USA 02139
Venue:
Designs, Codes and Cryptography
Year:
2006

Citing 24
Cited 4

A public key cryptosystem and a signature scheme based on discrete logarithms

Proceedings of CRYPTO 84 on Advances in cryptology
A course in number theory and cryptography

A course in number theory and cryptography
Designing programs that check their work

STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Discrete logarithms in GF(P) using the number field sieve

SIAM Journal on Discrete Mathematics
A formal treatment of remotely keyed encryption

Proceedings of the tenth annual ACM-SIAM symposium on Discrete algorithms
Discrete Logarithms: The Past and the Future

Designs, Codes and Cryptography - Special issue on towards a quarter-century of public key cryptography
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Parameter Selection for Server-Aided RSA Computation Schemes

IEEE Transactions on Computers
Speeding Up Secret Computations with Insecure Auxiliary Devices

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Efficient Identification and Signatures for Smart Cards

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
A Subexponential Algorithm for Discrete Logarithms over All Finite Fields

CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Security and Performance of Server-Aided RSA Computation Protocols

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Fast Server-Aided RSA Signatures Secure Against Active Attacks

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
On Verifiable Implicit Asking Protocols for RSA Computation

ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Secure Acceleration of DSS Signatures Using Insecure Server

ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
High-Bandwidth Encryption with Low-Bandwidth Smartcards

Proceedings of the Third International Workshop on Fast Software Encryption
On the Security of Remotely Keyed Encryption

FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Discrete Logarithms: The Effectiveness of the Index Calculus Method

ANTS-II Proceedings of the Second International Symposium on Algorithmic Number Theory
Server(prover/signer)-aided verification of identity proofs and signatures

EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Concealment and its applications to authenticated encryption

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
How to securely outsource cryptographic computations

TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Cryptanalysis of RSA with private key d less than N0.292

IEEE Transactions on Information Theory

Grid's confidential outsourcing of string matching

SEPADS'07 Proceedings of the 6th WSEAS International Conference on Software Engineering, Parallel and Distributed Systems
Low-cost client puzzles based on modular exponentiation

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Secure mobile communication via identity-based cryptography and server-aided computations

The Journal of Supercomputing
Secure outsourced computation of iris matching

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present protocols for speeding up fixed-base variable-exponent exponentiation and variable-base fixed-exponent exponentiation using an untrusted computational resource. In the fixed-base protocols, the exponent may be blinded. In the variable-base protocols, the base may be blinded. The protocols are described for exponentiation in a cyclic group. We describe how to extend them to exponentiation modulo an integer where the modulus is the product of primes with single multiplicity. The protocols provide a speedup of $$\frac{3}{2}((\log k)-1)$$ over the square-and-multiply algorithm, where k is the bitlength of the exponent.One application of the protocols is to speed up exponentiation-based verification in discrete log-based signature and credential schemes. The protocols also allow signature verifiers to dynamically choose, for each message, the amount of work it would like to perform to verify the signature. This results in a work-security tradeoff. We introduce a fifth protocol to perform variable-base variable- exponent exponentiation, which also has this feature.Our model allows the trusted resource to perform computations in its idle time. The protocols facilitate the offloading of work to the offline stage, such that the work the trusted resource performs when it has to do an exponentiation is smaller. Our protocols are unconditionally secure.