T. Matsumoto, K. Kato, and H. Imai. Speeding up computation with insecure auxiliary devices. In Advances in Cryptology---CRYPTO '88 (Lecture Notes in Computer Science 403), pp. 497--506, 1989.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....generation protocols. Instead of adding expensive hardware based solutions for generating digital signatures, the mobile device lets a more powerful server perform the computationally expensive parts of signature generation, without giving away enough information to reconstruct the secret key [5]. The work on a formal trust model [1] greatly inspired the construction of trust based protocols, as introduced in the next section. Trust is defined as the particular level of the subjective probability with which an agent will perform a specific action; trust is propagated through a ....

T. Matsumoto, K. Kato, H. Imai, "Speeding up computation with insecure auxiliary devices ", in Advances in Cryptology, Proceedings of Crypto '88, Springer Lecture Notes in Computer Science vol. 403, pp. 497--506, 1989.

....cards this task can only be performed using specialized hardware, which significantly increases the costs. 1 On the other hand, in most applications the smart card is connected to a computational more powerful server (e.g. a point of sale terminal) while generating the signature. The idea of [13] is to let the server perform the main part of the computation, without giving it enough information to reconstruct the secret key. This general concept is called server aided secret computation and in the case of RSA signature generation the corresponding protocols are called server aided RSA ....

....and in the case of RSA signature generation the corresponding protocols are called server aided RSA protocols. 2 There have been several server aided RSA protocols proposed. The protocols in [17, 12, 3] are all variants of the protocols RSA S1 and RSA S2, proposed by Matsumoto, Kato and Imaih [13]. They use a random linear decomposition of the secret key, while the protocol in [6] is based on addition chains. In general, there are two kinds of attacks on server aided RSA protocols. Passive attacks only use the data obtained by the server during correct executions of the protocol. In ....

[Article contains additional citation context not shown here]

T. Matsumoto, K. Kato, and H. Imai. Speeding up computation with insecure auxiliary devices. In Advances in Cryptology - Proceedings of Crypto'88, volume 403 of LNCS, pages 497--506, Berlin, 1989. Springer Verlag.

....Server aided RSA Protocols Johannes Merkle and Ralph Werchner Universitat Frankfurt, 60054 Frankfurt, Germany email: merkle cs.uni frankfurt.de Abstract. In this paper we investigate the security of the server aided RSA protocols RSA S1 and RSA S1M proposed by Matsumoto, Kato and Imai ([MKI89]) and Matsumoto, Imai, Laih and Yen ( MILY93] respectively. In these protocols a smart card calculates an RSA signature with the aid of an untrusted powerful server. We focus on generic attacks, that is, passive attacks that do not exploit any special properties of the encoding of the group ....

....OE(n) p Gamma 1) q Gamma 1) and d; e be a pair of private public exponents. A smart card stores n and d, and signs a message x by computing y = x d mod n. This takes O(logn) multiplications modulo n, which is a heavy task for the card. The solution proposed by Matsumoto, Kato and Imai in [MKI89] is server aided secret computation (SASC) In their protocol RSA S1, the main part of the computation is done by a more powerful server. The RSA S1 Protocol. Initialization step. The card chooses an integer vector d = d 1 ; dm ) 2 Z m and a vector f = f 1 ; fm ) 2 f0; 1g m ....

T. Matsumoto, K. Kato, and H. Imai. Speeding up computation with insecure auxiliary devices. In Advances in Cryptology - Proceedings of Crypto'88, volume 403 of Lecture Notes in Computer Science, pages 497--506. Springer Verlag, 1989.

No context found.

T. Matsumoto, K. Kato, and H. Imai. Speeding up computation with insecure auxiliary devices. In Advances in Cryptology---CRYPTO '88 (Lecture Notes in Computer Science 403), pp. 497--506, 1989.

No context found.

Matsumoto T, Kato K, Imai H (1989) Speeding up computation with insecure auxiliary devices. In: Advances in cryptology -- CRYPTO '88, Santa Barbara, August 1989. Lecture notes in computer science, vol 403, Springer, Berlin Heidelberg New York, pp 497--506

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC