Cryptology ePrint Archive: Report 2016/309

Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions

Celine Chevalier and Fabien Laguillaumie and Damien Vergnaud

Abstract: We address the problem of speeding up group computations in cryptography using a single untrusted computational resource. We analyze the security of an efficient protocol for securely outsourcing multi-exponentiations proposed at ESORICS 2014. We show that this scheme does not achieve the claimed security guarantees and we present several practical polynomial-time attacks on the delegation protocol which allows the untrusted helper to recover part (or the whole) of the device secret inputs. We then provide simple constructions for outsourcing group exponentiations in different settings (e.g. public/secret, fixed/variable bases and public/secret exponents). Finally, we prove that our attacks on the ESORICS 2014 protocol are unavoidable if one wants to use a single untrusted computational resource and to limit the computational cost of the limited device to a constant number of (generic) group operations. In particular, we show that our constructions are actually optimal.

Category / Keywords: cryptographic protocols / Secure outsource computation, Cryptanalysis, Coppersmith methods, Protocols, Optimality results

Date: received 18 Mar 2016, last revised 23 Mar 2016

Contact author: celine chevalier at ens fr,fabien laguillaumie@ens-lyon fr,damien vergnaud@ens fr

Available format(s): PDF | BibTeX Citation

Version: 20160323:102924 (All versions of this report)

Short URL: ia.cr/2016/309

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]