Hashing Solutions Instead of Generating Problems : On the Interactive Certification of RSA Moduli. / Auerbach, Benedikt; Poettering, Bertram.

2018. 403-430 Paper presented at PKC 2018, .

Research output: Contribution to conferencePaperpeer-review

Published

Standard

Hashing Solutions Instead of Generating Problems : On the Interactive Certification of RSA Moduli. / Auerbach, Benedikt; Poettering, Bertram.

2018. 403-430 Paper presented at PKC 2018, .

Research output: Contribution to conferencePaperpeer-review

Harvard

APA

Vancouver

Author

BibTeX

@conference{acd9bb387f614664a5f0595ac56f4f37,
title = "Hashing Solutions Instead of Generating Problems: On the Interactive Certification of RSA Moduli",
abstract = "Certain RSA-based protocols, for instance in the domain of group signatures, require a prover to convince a verifier that a set of RSA parameters is well-structured (e.g., that the modulus is the product of two distinct primes and that the exponent is co-prime to the group order). Various corresponding proof systems have been proposed in the past, with different levels of generality, efficiency, and interactivity.This paper proposes two new proof systems for a wide set of properties that RSA and related moduli might have. The protocols are particularly efficient: The necessary computations are simple, the communication is restricted to only one round, and the exchanged messages are short. While the first protocol is based on prior work (improving on it by reducing the number of message passes from four to two), the second protocol is novel. Both protocols require a random oracle.",
author = "Benedikt Auerbach and Bertram Poettering",
year = "2018",
doi = "10.1007/978-3-319-76581-5_14",
language = "English",
pages = "403--430",
note = "PKC 2018 ; Conference date: 25-03-2018 Through 28-03-2018",

}

RIS

TY - CONF

T1 - Hashing Solutions Instead of Generating Problems

T2 - PKC 2018

AU - Auerbach, Benedikt

AU - Poettering, Bertram

PY - 2018

Y1 - 2018

N2 - Certain RSA-based protocols, for instance in the domain of group signatures, require a prover to convince a verifier that a set of RSA parameters is well-structured (e.g., that the modulus is the product of two distinct primes and that the exponent is co-prime to the group order). Various corresponding proof systems have been proposed in the past, with different levels of generality, efficiency, and interactivity.This paper proposes two new proof systems for a wide set of properties that RSA and related moduli might have. The protocols are particularly efficient: The necessary computations are simple, the communication is restricted to only one round, and the exchanged messages are short. While the first protocol is based on prior work (improving on it by reducing the number of message passes from four to two), the second protocol is novel. Both protocols require a random oracle.

AB - Certain RSA-based protocols, for instance in the domain of group signatures, require a prover to convince a verifier that a set of RSA parameters is well-structured (e.g., that the modulus is the product of two distinct primes and that the exponent is co-prime to the group order). Various corresponding proof systems have been proposed in the past, with different levels of generality, efficiency, and interactivity.This paper proposes two new proof systems for a wide set of properties that RSA and related moduli might have. The protocols are particularly efficient: The necessary computations are simple, the communication is restricted to only one round, and the exchanged messages are short. While the first protocol is based on prior work (improving on it by reducing the number of message passes from four to two), the second protocol is novel. Both protocols require a random oracle.

UR - https://eprint.iacr.org/2018/013

U2 - 10.1007/978-3-319-76581-5_14

DO - 10.1007/978-3-319-76581-5_14

M3 - Paper

SP - 403

EP - 430

Y2 - 25 March 2018 through 28 March 2018

ER -