Mitchell, C. J. and Burns, J. (1994) Parameter Selection for Server-Aided RSA Computation Schemes. IEEE Transactions on Computers, 43 (2).
Full text access: Open
The security, complexity, and application of two schemes for using an untrusted auxiliary processor to aid smart card RSA signature computations are reviewed, including detailed analysis of possible methods of attack. Guidance is given on practical, secure use of these schemes.
This is a Published version This version's date is: 02/1994 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/82916fe7-91a9-969b-ecc9-6cc80410a0a1/1/
Deposited by () on 23-Dec-2009 in Royal Holloway Research Online.Last modified on 23-Dec-2009
© 1994 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
[1] D. Gollmann, private communication, Jan. 1991. [2] J. Hastad, "On using RSA with low exponent in a public key network," inAdvances in Cryptology-CRYPTO '85 Proc., Santa Barbara, CA, 1986, pp. 403-408. [3] D. E. Knuth,The Art of Computer Programming, Vol. 2, Seminumerical Algorithms. Reading, MA: Addison-Wesley, 1981. [4] T. Matsumoto, K. Kato, and H. Imai, "Speeding up secret computations with insecure auxiliary devices," inAdvances in Cryptology: CRYPTO '88, Proc., Santa Barbara, CA, 1990, pp. 497-506. [5] J-J. Quisquater and C. Couvreur, "Fast decipherment algorithm for RSA public-key cryptosystem,"Electronics Letters, vol. 18, pp. 905-907, 1982. [6] J-J. Quisquater and M. De Soete, "Speeding up smart card RSA computations with insecure coprocessors," inSmart Card 2000, D. Chaum, Ed. Amsterdam: North-Holland, 1991, pp. 191-197. [7] A. Shimbo and S. Kawamura, "Factorization attack on certain server-aided computation protocols for the RSA secret transformation,"Electronics Letters, vol. 26, pp. 1387-1388, 1990. [8] M. J. Wiener, "Cryptanalysis of short RSA secretexponents,"IEEE Trans. Information Theory, vol. IT-36, pp. 553-558, 1990.