Fast Server-Aided Secret Computation Protocols for Modular Exponentiation

Four efficient server-aided computation protocols for the modular exponentiation operation are proposed. The server-aided computation protocol is a two-party protocol between the client and the server. This protocol has two objectives. The first is to allow the client to borrow the computational power from the server to reduce the computation time. Note that the server is powerful, but restricted to polynomial time. The second objective is to keep the client's exponent secret from the server. Efficient and secure protocols which disclose no knowledge about the secret exponent are proposed. The protocols are based on efficient exponentiation algorithms. The computation time depends on the server's power and the speed of the channel between the client and the server. The normalized computation time is introduced and used to evaluate the protocols. It is shown that, for typical parameters, the protocol is the most efficient one ever proposed to provide the highest security level. >

[1]  Martín Abadi,et al.  On Hiding Information from an Oracle , 1987, Proceeding Structure in Complexity Theory.

[2]  Sung-Ming Yen,et al.  Two Efficient Server-Aided Secret Computation Protocols Based on the Addition Sequence , 1991, ASIACRYPT.

[3]  S. Kawamura,et al.  Factorisation attack on certain server-aided computation protocols for the RSA secret transformation , 1990 .

[4]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[5]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[9]  Andrew Chi-Chih Yao,et al.  On the Evaluation of Powers , 1976, SIAM J. Comput..

[10]  Joan Feigenbaum,et al.  A Note On One-Prover, Instance-Hiding Zero-Knowledge Proof Systems , 1991, ASIACRYPT.

[11]  Joan Feigenbaum,et al.  Encrypting Problem Instances: Or ..., Can You Take Advantage of Someone Without Having to Trust Him? , 1985, CRYPTO.

[12]  Joan Feigenbaum,et al.  Hiding Instances in Multioracle Queries , 1990, STACS.

[13]  J. Quisquater,et al.  Fast decipherment algorithm for RSA public-key cryptosystem , 1982 .

[14]  Atsushi Shimbo,et al.  Performance Analysis of Server-Aided Secret Computation Protocols for the RSA Cryptosystem , 1990 .

[15]  M. J. Coster,et al.  Some algorithms on addition chains and their complexity , 1990 .

[16]  Birgit Pfitzmann,et al.  Attacks on Protocols for Server-Aided RSA Computation , 1992, EUROCRYPT.

[17]  Hideki Imai,et al.  Speeding Up Secret Computations with Insecure Auxiliary Devices , 1988, CRYPTO.