Abstract
Small units like chip cards have the possibility of computing, storing and protecting data. Today such chip cards have limited computing power, then some cryptoprotocols are too slow. Some new chip cards with secure fast coprocessors are coming but are not very reliable at the moment and a little bit expensive for some applications. In banking applications there are few servers (ATM) relative to many small units: it is a better strategy to put the computing power into few large servers than into the not-very-often used cards.
A possible solution is to use the computing power of the (insecure) server to help the chip card. But it remains an open question whether it is possible to accelerate significantly RSA signatures using an insecure server with the possibility of active attacks: that is, when the server returns false values to get some part of secret from the card.
In this paper, we propose a new efficient protocol for accelerating RSA signatures, resistant against all known active and passive attacks. This protocol does not use expensive precomputations; the computation done by the card, the used RAM and the data transfers between the card and the server are small. With current chip cards it is thus possible to implement efficiently this protocol.
Part of this work was done while the author was visiting the Laboratoire de Microélectronique, Université Catholique de Louvain, Belgium.
Supported by the Centre National de la Recherche Scientifique URA 1327.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Aho, A. V., Hopcroft, J. E., Ullman, J. D.: The design and analysis of computer algorithms. Addison-Wesley, Reading, Mass. (1974).
Anderson, R. J.: Attack on server-assisted authentication protocols. Electronic Letters (1992) p. 1473.
Béguin, P., Quisquater, J.-J.: Secure acceleration of DSS signatures using insecure server. In Proceedings of Asiacrypt’ 94 (To appear).
Brickell, E., Gordon, D. M., McCurley, K. S., Wilson, D.: Fast exponentiation with precomputation. In Advances in Cryptology — Proceedings of Eurocrypt’ 92 (1993) Lecture Notes in Computer Science vol. 658 Springer-Verlag pp. 200–207.
Burns, J., Mitchell, C. J.: Parameter selection for server-aided RSA computation schemes. IEEE Transactions on computers 43 (1994) pp. 163–174.
Kawamura, S., Shimbo, A.: Fast server-aided secret computation protocols for modular exponentiation. IEEE Journal on selected areas communications 11 (1993).
Lenstra, A. K., Lenstra, H. W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261 (1982), pp. 515–534.
Lim, C. H., Lee, P. J.: More flexible exponentiation with precomputation. In Advances in Cryptology — Proceedings of Crypto’ 94 (1994) vol. Lecture Notes in Computer Science 839 Springer-Verlag pp. 95–107.
Lim, C. H., Lee, P. J.: Security and performance of server-aided rsa computation protocols. In this Proceedings.
Matsumoto, T., Imai, H., Laih, C.-S., Yen, S.-M.: On verifiable implicit asking protocols for RSA computation. In Advances in Cryptology — Proceedings of Auscrypt’ 92 (1993) Lecture Notes in Computer Science vol. 718 Springer-Verlag pp. 296–307.
Matsumoto, T., Kato, K., Imai, H.: Speeding up secret computation with insecure auxiliary devices. In Advances in Cryptology — Proceedings of Crypto’ 88 (1989) Lecture Notes in Computer Science vol. 403 Springer-Verlag pp. 497–506.
NIST: FIPS 186 for Digital Signature Standard (DSS).
Pfitzmann, B., Waidner, M.: Attacks on protocols for server-aided RSA computation. In Advances in Cryptology — Proceedings of Eurocrypt’ 92 (1993) Lecture Notes in Computer Science vol. 658 Springer-Verlag pp. 153–162.
Quisquater, J.-J., De Soete, M.: Speeding up smart card RSA computation with insecure coprocessors. In Proceedings of Smart Cards 2000 (1989) pp. 191–197.
Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21 (1978) pp. 120–126.
Yen, S.-M., Laih, C.-S.: More about the active attack on the server-aided secret computation protocol. Electronic Letters (1992) p. 2250.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Béguin, P., Quisquater, JJ. (1995). Fast Server-Aided RSA Signatures Secure Against Active Attacks. In: Coppersmith, D. (eds) Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, vol 963. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44750-4_5
Download citation
DOI: https://doi.org/10.1007/3-540-44750-4_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60221-7
Online ISBN: 978-3-540-44750-4
eBook Packages: Springer Book Archive