Cryptanalysis of Modular Exponentiation Outsourcing Protocols. (31st May 2021)
- Record Type:
- Journal Article
- Title:
- Cryptanalysis of Modular Exponentiation Outsourcing Protocols. (31st May 2021)
- Main Title:
- Cryptanalysis of Modular Exponentiation Outsourcing Protocols
- Authors:
- Bouillaguet, Charles
Martinez, Florette
Vergnaud, Damien - Abstract:
- Abstract: Public-key cryptographic primitives are time consuming for resource-constrained devices. A classical problem is to securely offload group exponentiations from a (comparatively) weak device—the client—to an untrusted more powerful device—the server. A delegation protocol must usually meet two security objectives: privacy —the exponent or the base should not be revealed to a passive adversary—and verifiability —a malicious server should not be able to make the client accept an invalid value as the result of the delegated computation. Most proposed protocols relies on a secret splitting of the exponent and the base, and a considerable amount of literature has been devoted to their analysis. Recently, Su et al . (Su, Q., Zhang, R. and Xue, R. (2020) Secure outsourcing algorithms for composite modular exponentiation based on single untrusted cloud. Comput. J., 63, 1271.) and Rangasamy and Kuppusamy (Rangasamy, J. and Kuppusamy, L. (2018) Revisiting Single-Server Algorithms for Outsourcing Modular Exponentiation. In Chakraborty, D. and Iwata, T. (eds), Progress in Cryptology - INDOCRYPT 2018: 19th International Conference in Cryptology in India, New Delhi, India, December 912, Vol. 11356, Lecture Notes in Computer Science. Springer, Heidelberg, Germany, pp. 320. proposed outsourcing protocols for modular exponentiations. They claim that their protocols achieve security (privacy and verifiability). We show that these claims are flawed and that their schemes are brokenAbstract: Public-key cryptographic primitives are time consuming for resource-constrained devices. A classical problem is to securely offload group exponentiations from a (comparatively) weak device—the client—to an untrusted more powerful device—the server. A delegation protocol must usually meet two security objectives: privacy —the exponent or the base should not be revealed to a passive adversary—and verifiability —a malicious server should not be able to make the client accept an invalid value as the result of the delegated computation. Most proposed protocols relies on a secret splitting of the exponent and the base, and a considerable amount of literature has been devoted to their analysis. Recently, Su et al . (Su, Q., Zhang, R. and Xue, R. (2020) Secure outsourcing algorithms for composite modular exponentiation based on single untrusted cloud. Comput. J., 63, 1271.) and Rangasamy and Kuppusamy (Rangasamy, J. and Kuppusamy, L. (2018) Revisiting Single-Server Algorithms for Outsourcing Modular Exponentiation. In Chakraborty, D. and Iwata, T. (eds), Progress in Cryptology - INDOCRYPT 2018: 19th International Conference in Cryptology in India, New Delhi, India, December 912, Vol. 11356, Lecture Notes in Computer Science. Springer, Heidelberg, Germany, pp. 320. proposed outsourcing protocols for modular exponentiations. They claim that their protocols achieve security (privacy and verifiability). We show that these claims are flawed and that their schemes are broken beyond repair. They remain insecure even if one increases significantly the proposed parameters (and consequently the protocols computational and communication complexities). Our attacks rely on standard lattice-based cryptanalytic techniques, namely the Coppersmith methods to find small integer zeroes of modular multivariate polynomials and simultaneous Diophantine approximation methods for the so-called approximate greatest common divisor problem . … (more)
- Is Part Of:
- Computer journal. Volume 65:Number 9(2022)
- Journal:
- Computer journal
- Issue:
- Volume 65:Number 9(2022)
- Issue Display:
- Volume 65, Issue 9 (2022)
- Year:
- 2022
- Volume:
- 65
- Issue:
- 9
- Issue Sort Value:
- 2022-0065-0009-0000
- Page Start:
- 2299
- Page End:
- 2314
- Publication Date:
- 2021-05-31
- Subjects:
- secure outsourcing -- modular exponentiation -- privacy -- verifiability -- cryptanalysis
Computers -- Periodicals
005.1 - Journal URLs:
- http://comjnl.oxfordjournals.org/ ↗
http://ukcatalogue.oup.com/ ↗ - DOI:
- 10.1093/comjnl/bxab066 ↗
- Languages:
- English
- ISSNs:
- 0010-4620
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.060000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24231.xml