Two efficient server-aided secret computation protocols based on the addition sequence
A server-aided secret computation protocol (SASC) is a method that allows a client (e.g. smart card) to compute a function efficiently with the aid of a powerful server (e.g. computer) without revealing the client's secrets to the server. Matsumoto et al. proposed a solution to the problem which is suitable for the RSA cryptosystem. Kawamura et al. have shown that a client, with a 105 times more powerful server's aid, can compute an RSA signature 50 times faster than the case without a server if the communication cost can be ignored. In this paper, we propose two SASC protocols based on the addition sequence to improve the efficiency. In the first protocol, since the addition sequence is determined by the server, it can improve the computational efficiency of the server only and it is suitable for the low speed communication link (e.g. 9.6 Kbps). It is expected that a client, with an 8982 times more powerful server's aid, can compute an RSA signature 50 times faster than the case without a server. In the second protocol, since the addition sequence is determined by the client, it can improve the computational efficiency of the client and server simultaneously but takes more communication time and it is suitable for the high speed communication link (e.g. above 10 Mbps). It is expected that a client, with a 3760 times more powerful server's aid, can compute an RSA signature 200 times faster than the case without a server.
Unable to display preview. Download preview PDF.
- T.Matsumoto and H. Imai, “How to use servers without releasing Privacy-Making IC cards more powerful,” IEICE Technical Report, Rep. ISEC88-33. (May, 1988).Google Scholar
- T.Matsumoto and H. Imai, “Speeding up secret computations with insecure auxiliary devices,” Proc. of CRYPTO'88, pp.497–506, 1988.Google Scholar
- S. Kawamura and A. Shimbo, “Computation methods for RSA with the aid of powerful terminals,” 1989 Sym.on Cryptography & Inf. Security, Gotemba, Japan (Feb. 2–4 1989).Google Scholar
- S. Kawamura and A. Shimbo, “A method for computing an RSA signature with the aid of an auxiliary termimal,” 1989 IEICE Autumn Natl. Conv. Rec. A-105.Google Scholar
- J.J. Quisquater and M. De Soete, “Speeding up smard card RSA computations with insecure coprocessors,” Proc. SMART CARD 2000. Amsterdam (Oct. 1989).Google Scholar
- S. Kawamura and A. Shimbo, “Performance analysis of Server-Aided Secret Computation protocols for the RSA cryptosystem,” The Trans. of the IEICE, vol. E73, No. 7, pp. 1073–1080, Jul. 1990.Google Scholar
- J.J. Quisquater and C. Couvreuer, “Fast decipherment algorithm for RSA public-key cryptosystem,” Electron. Lett. 18, 21. pp. 905–907 (Oct. 1982).Google Scholar
- D.E. Knuth, The art of computer programming, Vol. II: Seminumerical algorithms. Reading, Addison Wesley, 1969.Google Scholar
- Andrew Yao, “On the evaluation of powers,” Siam. J. Comput. 5, (1976).Google Scholar