Cryptology ePrint Archive: Report 2016/309

Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions

Celine Chevalier and Fabien Laguillaumie and Damien Vergnaud

Abstract: We address the problem of speeding up group computations in cryptography using a single untrusted computational resource. We analyze the security of an efficient protocol for securely outsourcing multi-exponentiations proposed at ESORICS 2014. We show that this scheme does not achieve the claimed security guarantees and we present several practical polynomial-time attacks on the delegation protocol which allows the untrusted helper to recover part (or the whole) of the device secret inputs. We then provide simple constructions for outsourcing group exponentiations in different settings (e.g. public/secret, fixed/variable bases and public/secret exponents). Finally, we prove that our attacks on the ESORICS 2014 protocol are unavoidable if one wants to use a single untrusted computational resource and to limit the computational cost of the limited device to a constant number of (generic) group operations. In particular, we show that our constructions are actually optimal.

Category / Keywords: cryptographic protocols / Secure outsource computation, Cryptanalysis, Coppersmith methods, Protocols, Optimality results

Original Publication (in the same form): Algorithmica

Date: received 18 Mar 2016, last revised 16 Jul 2020

Contact author: celine chevalier at ens fr, fabien laguillaumie at ens-lyon fr, damien vergnaud at ens fr

Available format(s): PDF | BibTeX Citation

Version: 20200716:140458 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]