Abstract
Four server-aided secret computation protocols, Protocols 1, 2, 3, and 4, for modular exponentiation were proposed by Kawamura and Shimbo in 1993. By these protocols, the client can easily compute the modular exponentiation Md mod N with the help of a powerful server, where N is the product of two large primes. To enhance the security, the client was suggested to use a verification scheme and a slight modification on each proposed protocol. In this paper, we propose two new active attacks to break Protocols 3 and 4, respectively. Even if Protocols 3 and 4 have included the slight modification and verification, the untrusted server can still obtain the secret data d. The client cannot detect these attacks by the proposed verification. To adopt these new attacks, the difficulty of finding the value of the secret data d will be decreased drastically.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Kawamura, S. and Shimbo, A. (1993): “Fast Sever-Aided Secret Computation Protocols for Modular Exponentiation,” IEEE Journal on Selected Areas in Communications, Vol. 11, No. 5, 1993, pp. 778–784.
Knuth, D. E. (1981): “The Art of Computer Programming Vol 2: Seminumerical Algorithms,” 2nd Ed., Addition-Wesley, Reading, MA, 1981, pp. 451.
Laih, C. S. and Yen, S. M. (1992): “Secure Addition Sequence and Its Application on the Server Aided Secret Computation Protocols,” AUSCRYPT '92, Gold Coast, Australia, Dec. 1992, pp. 6.1–6.7.
Laih, C. S., Yen, S. M. and Harn, L. (1991): “Two Efficient Server-Aided Secret Computation Protocols based on the Addition Sequence,” ASIACRYPT '91, Fuijyoshida, Japan, Nov. 1991, pp. 270–274.
Matsumoto, T., Kato, K. and Imai, H. (1988): “Speed up Secret Computations with Insecure Auxiliary Devices,” Advances in Crytpology-CRYPTO '88, Springer Verlag, New York, 1990, pp. 497–506.
Pfitzmann, B. and Waidner, M. (1992): “Attacks on Protocols for Server-Aided RSA Computation,” EUROCRYPT '92, Balatonfured, Hugary, 1992, pp. 139–146.
Quisquater, J.-J., and Soete, M. De (1989): “Speeding up Smart Card RSA Computation with Insecure Coprocessors,” Proc. SMART CARD 2000, Amsterdam, North-Holland, Oct. 1989, pp. 191–197.
Rivest, R. L., Shamir, A. and Adleman, L. (1978): “A Method for Obtaining Digital Signatures and Public Key Cryptosystems,” Communications of ACM, Vol. 21, No. 2, 1978, pp. 120–126.
Shimbo, A. and Kawamura, S. (1990): “A Factorization Attack on Certain Server-aided Computation Protocols fro RSA Secret Transformation,” Electronic Letters, Vol. 26, No. 17, 1990, pp. 1387–1388.
Yao, A. C. (1976): “On the Evaluation of Powers,” SIAM J. Comput., Vol. 5, No. 1, 1976, pp. 100–103.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hwang, SJ., Chang, CC., Yang, WP. (1996). Some active attacks on fast server-aided secret computation protocols for modular exponentiation. In: Dawson, E., Golić, J. (eds) Cryptography: Policy and Algorithms. CPA 1995. Lecture Notes in Computer Science, vol 1029. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0032360
Download citation
DOI: https://doi.org/10.1007/BFb0032360
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60759-5
Online ISBN: 978-3-540-49363-1
eBook Packages: Springer Book Archive