Secure and Efficient Delegation of Elliptic-Curve Pairing

Delaram Kahrobaei; Giovanni Di Crescenzo; Matluba Khodjaeva; Vladimir Shpilrain

Secure and Efficient Delegation of Elliptic-Curve Pairing

Delaram Kahrobaei, Giovanni Di Crescenzo, Matluba Khodjaeva, Vladimir Shpilrain

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Many public-key cryptosystems and, more generally, cryp-
tographic protocols, use pairings as important primitive operations. To
expand the applicability of these solutions to computationally weaker
devices, it has been advocated that a computationally weaker client del-
egates such primitive operations to a computationally stronger server.
Important requirements for such delegation protocols include privacy of
the client's pairing inputs and security of the client's output, in the sense
of detecting, except for very small probability, any malicious server's at-
tempt to convince the client of an incorrect pairing result.
In this paper we show that the computation of bilinear pairings in all
known pairing-based cryptographic protocols can be eciently, privately
and securely delegated to a single, possibly malicious, server. Our tech-
niques provides eciency improvements over past work in all input sce-
narios, regardless on whether inputs are available to the parties in an
oine phase or only in the online phase, and on whether they are public
or have privacy requirements. The client's online runtime improvement is,
for some of our protocols almost 1 order of magnitude, no matter which
practical elliptic curve, among recently recommended ones, is used for
the pairing realization.

Original language	English
Title of host publication	ACNS 2020, Applied Cryptography and Network Security
Publisher	Springer
Number of pages	20
Publication status	Published - 2020

Publication series

Name	Lecture Notes in Computer Science

Bibliographical note

This is an author-produced version of the published paper. Uploaded in accordance with the publisher’s self-archiving policy. Further copying may not be permitted; contact the publisher for details.

Access to Document

acns2020dkks-cameraready
This is an author-produced version of the published paper. Uploaded in accordance with the publisher’s self-archiving policy. Further copying may not be permitted; contact the publisher for details.
Accepted author manuscript, 328 KB

Cite this

@inproceedings{5e38781baedd4573bbfd547d3d55e06d,

title = "Secure and Efficient Delegation of Elliptic-Curve Pairing",

abstract = "Many public-key cryptosystems and, more generally, cryp-tographic protocols, use pairings as important primitive operations. Toexpand the applicability of these solutions to computationally weakerdevices, it has been advocated that a computationally weaker client del-egates such primitive operations to a computationally stronger server.Important requirements for such delegation protocols include privacy ofthe client's pairing inputs and security of the client's output, in the senseof detecting, except for very small probability, any malicious server's at-tempt to convince the client of an incorrect pairing result.In this paper we show that the computation of bilinear pairings in allknown pairing-based cryptographic protocols can be eciently, privatelyand securely delegated to a single, possibly malicious, server. Our tech-niques provides eciency improvements over past work in all input sce-narios, regardless on whether inputs are available to the parties in anoine phase or only in the online phase, and on whether they are publicor have privacy requirements. The client's online runtime improvement is,for some of our protocols almost 1 order of magnitude, no matter whichpractical elliptic curve, among recently recommended ones, is used forthe pairing realization.",

author = "Delaram Kahrobaei and {Di Crescenzo}, Giovanni and Matluba Khodjaeva and Vladimir Shpilrain",

note = "This is an author-produced version of the published paper. Uploaded in accordance with the publisher{\textquoteright}s self-archiving policy. Further copying may not be permitted; contact the publisher for details.",

year = "2020",

language = "English",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

booktitle = "ACNS 2020, Applied Cryptography and Network Security",

address = "Germany",

}

TY - GEN

T1 - Secure and Efficient Delegation of Elliptic-Curve Pairing

AU - Kahrobaei, Delaram

AU - Di Crescenzo, Giovanni

AU - Khodjaeva, Matluba

AU - Shpilrain, Vladimir

N1 - This is an author-produced version of the published paper. Uploaded in accordance with the publisher’s self-archiving policy. Further copying may not be permitted; contact the publisher for details.

PY - 2020

Y1 - 2020

N2 - Many public-key cryptosystems and, more generally, cryp-tographic protocols, use pairings as important primitive operations. Toexpand the applicability of these solutions to computationally weakerdevices, it has been advocated that a computationally weaker client del-egates such primitive operations to a computationally stronger server.Important requirements for such delegation protocols include privacy ofthe client's pairing inputs and security of the client's output, in the senseof detecting, except for very small probability, any malicious server's at-tempt to convince the client of an incorrect pairing result.In this paper we show that the computation of bilinear pairings in allknown pairing-based cryptographic protocols can be eciently, privatelyand securely delegated to a single, possibly malicious, server. Our tech-niques provides eciency improvements over past work in all input sce-narios, regardless on whether inputs are available to the parties in anoine phase or only in the online phase, and on whether they are publicor have privacy requirements. The client's online runtime improvement is,for some of our protocols almost 1 order of magnitude, no matter whichpractical elliptic curve, among recently recommended ones, is used forthe pairing realization.

AB - Many public-key cryptosystems and, more generally, cryp-tographic protocols, use pairings as important primitive operations. Toexpand the applicability of these solutions to computationally weakerdevices, it has been advocated that a computationally weaker client del-egates such primitive operations to a computationally stronger server.Important requirements for such delegation protocols include privacy ofthe client's pairing inputs and security of the client's output, in the senseof detecting, except for very small probability, any malicious server's at-tempt to convince the client of an incorrect pairing result.In this paper we show that the computation of bilinear pairings in allknown pairing-based cryptographic protocols can be eciently, privatelyand securely delegated to a single, possibly malicious, server. Our tech-niques provides eciency improvements over past work in all input sce-narios, regardless on whether inputs are available to the parties in anoine phase or only in the online phase, and on whether they are publicor have privacy requirements. The client's online runtime improvement is,for some of our protocols almost 1 order of magnitude, no matter whichpractical elliptic curve, among recently recommended ones, is used forthe pairing realization.

M3 - Conference contribution

T3 - Lecture Notes in Computer Science

BT - ACNS 2020, Applied Cryptography and Network Security

PB - Springer

ER -