New Algorithms for Secure Outsourcing of Modular Exponentiations

Xiaofeng Chen, Jin Li, Jianfeng Ma, Qiang Tang, Wenjing Lou
2014 IEEE Transactions on Parallel and Distributed Systems  
Modular exponentiations have been considered the most expensive operation in discrete-logarithm based cryptographic protocols. In this paper, we propose a new secure outsourcing algorithm for exponentiation modular a prime in the one-malicious model. Compared with the state-of-the-art algorithm [33] , the proposed algorithm is superior in both efficiency and checkability. We then utilize this algorithm as a subroutine to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures.
more » ... esides, we propose the first outsource-secure and efficient algorithm for simultaneous modular exponentiations. Moreover, we prove that both the algorithms can achieve the desired security notions. Despite the tremendous benefits, outsourcing computation also inevitably involves in some new security concerns and challenges. Firstly, the cloud servers are not (fully) trusted. Actually, it is impossible to find a trusted server for all outsourcers in cloud paradigm. On the other hand, the computation tasks often contain some sensitive information that should not be exposed to the cloud servers. Therefore, the first security challenge is the secrecy of the outsourcing computation: the cloud servers should not learn anything about what it is actually computing (including the secret inputs and the outputs). We argue that the encryption can only provide a partial solution to this problem since it is very difficult to perform meaningful computations over the encrypted data. Secondly, the semi-trusted cloud servers may return an invalid result. For example, the servers might contain a software bug that will fail on a constant number of invocation. Moreover, the servers might decrease the amount of the computation due to financial incentives and then return a computationally indistinguishable (invalid) result. Therefore, the second security challenge is the checkability of the outsourcing computation: the outsourcer should have the ability to detect any failures if the cloud servers misbehave. Trivially, the test procedure should never be involved in some other complicated computations since the computationally limited devices such as RFID tags or smartcard may be incapable to accomplish the test. At the very least, it must be far more efficient than accomplishing the computation task itself (recall the motivation for outsourcing computations). The problem of secure outsourcing expensive computations has been well studied in the cryptography community. Chaum and Pedersen [17] firstly introduced the idea of "wallets with observers" that allows a piece of hardware installed on the client's device to carry out some computations for each transaction. Golle and Mironov [31] first introduced the concept of ringers to elegantly solve the problem of verifying computation completion for the "inversion of one-way function" class of outsourcing computations. Hohenberger and Lysyanskaya [33] presented the security model for outsourcing cryptographic computations, and proposed the first outsource-secure algorithm for modular exponentiations. Our Contribution. In this paper, we propose a new secure outsourcing algorithm of modular exponentiation in the one-malicious model. To the best of our knowledge, it seems that the proposed algorithm is the second one for exponentiation modular a prime. Compared with the state-of-the-art algorithm [33], the proposed algorithm is superior in both efficiency and checkability. Similar to [33] , we also utilize this algorithm as a subroutine to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures. Another main contribution of this paper is the first outsource-secure and efficient algorithm for simultaneous modular exponentiations, which efficiency is (surprisingly) comparable to that of outsourcing only one modular exponentiation in [33] .
doi:10.1109/tpds.2013.180 fatcat:vx4bvj7q25d55kmkb7iopnuxhu