Speeding up Exponentiation using an Untrusted Computational Resource (Part 1) Author: M. Van Dijk, D. Clarke, B. Gassend, G.E. Suh and S. Devadas Source:

Slides:

Advertisements

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Advertisements

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Universal Communication Brendan Juba (MIT) With: Madhu Sudan (MIT)

Digital Signatures and Hash Functions. Digital Signatures.

Software Certification and Attestation Rajat Moona Director General, C-DAC.

Offline Untrusted Storage with Immediate Detection of Forking and Replay Attacks Marten van Dijk, Jonathan Rhodes, Luis Sarmenta Srini Devadas MIT Computer.

1 How to securely outsource cryptographic computations Susan Hohenberger and Anna Lysyanskaya TCC2005.

Private Information Retrieval Benny Chor, Oded Goldreich, Eyal Kushilevitz and Madhu Sudan Journal of ACM Vol.45 No Reporter : Chen, Chun-Hua Date.

Efficient Moving Object Segmentation Algorithm Using Background Registration Technique Shao-Yi Chien, Shyh-Yih Ma, and Liang-Gee Chen, Fellow, IEEE Hsin-Hua.

Oblivious Transfer based on the McEliece Assumptions

Statistical Inference Chapter 12/13. COMP 5340/6340 Statistical Inference2 Statistical Inference Given a sample of observations from a population, the.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

1 Secure Failure Detection in TrustedPals Felix Freiling University of Mannheim San Sebastian Aachen Mannheim Joint Work with: Marjan Ghajar-Azadanlou.

On-The-Fly Verification of Rateless Erasure Codes Max Krohn (MIT CSAIL) Michael Freedman and David Mazières (NYU)

Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人：陳昱升.

Properties of Logarithms

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Secure Steganography in Audio using Inactive Frames of VoIP Streams

Towers of Hanoi. Introduction This problem is discussed in many maths texts, And in computer science an AI as an illustration of recursion and problem.

Authors: Sheng-Po Kuo, Yu-Chee Tseng, Fang-Jing Wu, and Chun-Yu Lin

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

A New Algorithm for Improving the Remote Sensing Data Transmission over the LEO Satellite Channels Ali Payandeh and Mohammad Reza Aref Applied Science.

Hardening Digital Signatures against Untrusted Signature Software 姓名：謝宏偉學號： M99G0219 Digital Information Management, ICDIM '07. 2nd International.

The Program Development Cycle

An Introduction to Programming and Algorithms. Course Objectives A basic understanding of engineering problem solving process. A basic understanding of.

Trust-Aware Optimal Crowdsourcing With Budget Constraint Xiangyang Liu 1, He He 2, and John S. Baras 1 1 Institute for Systems Research and Department.

Implementing EFECT Easy Fast Efficient Certification Technique Ivan Nestlerode Bell Labs Lucent Technologies Based on EFECT paper by: Phil MacKenzie, Bell.

1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,

Probabilistic Coverage in Wireless Sensor Networks Authors : Nadeem Ahmed, Salil S. Kanhere, Sanjay Jha Presenter : Hyeon, Seung-Il.

A. Haeberlen Fault Tolerance and the Five-Second Rule 1 HotOS XV (May 18, 2015) Ang Chen Hanjun Xiao Andreas Haeberlen Linh Thi Xuan Phan Department of.

O PTIMAL SERVICE TASK PARTITION AND DISTRIBUTION IN GRID SYSTEM WITH STAR TOPOLOGY G REGORY L EVITIN, Y UAN -S HUN D AI Adviser: Frank, Yeong-Sung Lin.

Secure Conjunctive Keyword Search Over Encrypted Data Philippe Golle Jessica Staddon Palo Alto Research Center Brent Waters Princeton University.

Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.

Analysing current generation cryptographic techniques in securing a tamper correcting application Wayne Gartner 3 rd September 2010.

An Improved Efficient Secret Handshakes Scheme with Unlinkability Author: Jie Gu and Zhi Xue Source: IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi.

A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,

Privacy Preserving Payments in Credit Networks By: Moreno-Sanchez et al from Saarland University Presented By: Cody Watson Some Slides Borrowed From NDSS’15.

Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.

NTRU Key Exchange based on a posting of Lars Luthman on the Cryptography mailinglist on 05/17/2014 The search for a Post-Quantum Diffie-Hellman replacement.

Interleaving and Collusion Attacks on a Dynamic Group Key Agreement Scheme for Low-Power Mobile Devices * Junghyun Nam 1, Juryon Paik 2, Jeeyeon Kim 2,

Lecture 9 Elliptic Curves. In 1984, Hendrik Lenstra described an ingenious algorithm for factoring integers that relies on properties of elliptic curves.

Notes Over 7.6 Solving a Simple Radical Equation Solve the equation. Check your solution.

多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date： Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,

Secure untraceable off-line electronic cash system Sharif University of Technology Scientia Iranica Volume 20, Issue 3, Pp. 637–646, June 2013 Baseri,

Client-Server applications Introduction to Java Applets Client-server architectures Why do Applets exist? What can an Applet do?

A Load-Balanced Guiding Navigation Protocol in Wireless Sensor Networks Wen-Tsuen Chen Department of Computer Science National Tsing Hua University Po-Yu.

György Kálmán, Josef Noll Mobile and Wireless Communications Summit, th IST 1-5, July 2007 Speaker : 黃韋綸 Right Management Infrastructure for Home.

COM 5336 Lecture 8 Digital Signatures

Multi-Task Assignment for CrowdSensing in Mobile Social Network Mingjun Xiao ∗, Jie Wu†, Liusheng Huang ∗, Yunsheng Wang‡, and Cong Liu§

Key Generation Protocol in IBC Author ： Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.

Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication Jeon, Seung.

多媒體網路安全實驗室 Variations of Diffie-Hellman Problem Proceedings of ICICS 2003, LNCS 2836, Springer-Verlag, 2003, pp. 301–312 Feng Bao, Robert H. Deng, Huafei.

A Collapsed Variational Bayesian Inference Algorithm for Latent Dirichlet Allocation Yee W. Teh, David Newman and Max Welling Published on NIPS 2006 Discussion.

An Efficient Routing Protocol for Green Communications in Vehicular Ad-hoc Networks Jamal Toutouh, Enritue Alba GECCO’ 11, July Presented by 劉美妙.

Presented by Edith Ngai MPhil Term 3 Presentation

Identity-based deniable authentication protocol

The “Untrusted” Computer Problem

ورود اطلاعات بصورت غيربرخط

Computer Architecture Group U.S.C.

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Kriti shreshtha.

Exponential and Logarithmic Functions

Title Introduction: Discussion & Conclusion: Methods & Results:

Security, Devices and Automation Research in Oxygen

Title First name, last name, university, city, country

Presentation transcript:

Speeding up Exponentiation using an Untrusted Computational Resource (Part 1) Author: M. Van Dijk, D. Clarke, B. Gassend, G.E. Suh and S. Devadas Source: Designs, Codes and Cryptography (IF:0.825), 39, ,2006. (7 citations) Presenter: Yu-Chi Chen

Outline Introduction and model The protocols Conclusions 2

Introduction spiderman Compute g x rely HTC Desire HD rely Server Untrusted Computational Resource 3

Introduction Compute g x HTC Desire HD rely Server Untrusted Computational Resource Correctness-checking and get g x 4

Model Tim: – a trusted device – wants to solve a problem P. – relies on a more powerful device to solve. Ursula: – a powerful device – possibly untrusted. 5

Model Requirements and properties: – Efficiency: Relying on Ursula is better than Tim’s computing directly. – Completeness: Tim can obtain the correct solution from Ursula’s help. – Soundness: Tim must be with sufficiently high probability to get the correct solution and detect that Ursula is being dishonest. 6

Model A method is desirable to hide problem P or parts of P for Ursula. Assumption: – Tim can perform Off-line tasks, when Ursula is doing something. – The off-line tasks only perform less or simple computations. – Communication bandwidth is good. 7

Model We only consider the computation cost (not the communication cost). This kind of methods is not applied in smartcards, because of no off-line task. 8

Outline Introduction and model The protocols Conclusions 9

Fixed Base-Variable Exponent Exponentiation (FBVE) Assume the cyclic group G and the factorization of the order of the cyclic group n are known. Set the security parameter s (s ≤ n) and the derived parameters w s and q s (n=w s q s, w s ≤ s, q s > s). Notice w s increases as s increases. 10

FBVE (In the paper) assume Ursula may know the inputs g and a and parameters Maybe it is just a case which does not affect the proposed protocol, since Ursula only know the base g in the protocol. 11

FBVE protocol 12 g, e, em+r x, y This protocol is done.

13 g, e, em+r x, y Pre-compute

Performance analysis Tim’s online cost: 14

Outline Introduction and model The protocols Conclusions 15