scholarly journals Proving in Zero-Knowledge that a Number is the Product of Two Safe Primes

1998 ◽  
Vol 5 (29) ◽  
Author(s):  
Jan Camenisch ◽  
Markus Michels
Keyword(s):  
Polynomial Equation ◽  
Building Blocks ◽  
Modular Exponentiation ◽  
Modular Multiplication ◽  
Multivariate Polynomial ◽  
Zero Knowledge ◽  
Large Order ◽  
Proofs Of Knowledge ◽  
Other Information ◽  
Safe Primes

<p>This paper presents the first efficient statistical zero-knowledge protocols to prove statements such as:<br />A committed number is a pseudo-prime.<br />A committed (or revealed) number is the product of two safe primes, i.e., primes p and q such that (p - 1)=2 and (q - 1)=2 are primes as well.<br />A given value is of large order modulo a composite number that consists of two safe prime factors.</p><p>So far, no methods other than inefficient circuit-based proofs are known for proving such properties. Proving the second property is for instance necessary in many recent cryptographic schemes that rely on both the hardness of computing discrete logarithms and of difficulty computing roots modulo a composite.<br />The main building blocks of our protocols are statistical zero-knowledge proofs that are of independent interest. Mainly, we show how to prove the correct computation of a modular addition, a modular multiplication, or a modular exponentiation, where all values including the modulus are committed but not<br />publicly known. Apart from the validity of the computation, no other information about the modulus (e.g., a generator which order equals the modulus) or any other operand is given. Our technique can be generalized to prove in zeroknowledge<br />that any multivariate polynomial equation modulo a certain modulus is satisfied, where only commitments to the variables of the polynomial and a commitment to the modulus must be known. This improves previous results,<br />where the modulus is publicly known.<br />We show how a prover can use these building blocks to convince a verifier that a committed number is prime. This finally leads to efficient protocols for proving that a committed (or revealed) number is the product of two safe primes. As a consequence, it can be shown that a given value is of large order modulo a<br />given number that is a product of two safe primes.</p><p> </p><p>Keywords. RSA-based protocols, zero-knowledge proofs of knowledge, primality tests.</p>

scholarly journals Timing attacks and local timing attacks against Barrett’s modular multiplication algorithm

2021 ◽  
Author(s):  
Johannes Mittmann ◽  
Werner Schindler
Keyword(s):  
Side Channel ◽  
Modular Exponentiation ◽  
Modular Multiplication ◽  
Multiplication Algorithm ◽  
Diffie Hellman ◽  
Mathematical Difficulties ◽  
Execution Times ◽  
Stochastic Properties ◽  
Timing Attacks ◽  
Theoretical Results

AbstractMontgomery’s and Barrett’s modular multiplication algorithms are widely used in modular exponentiation algorithms, e.g. to compute RSA or ECC operations. While Montgomery’s multiplication algorithm has been studied extensively in the literature and many side-channel attacks have been detected, to our best knowledge no thorough analysis exists for Barrett’s multiplication algorithm. This article closes this gap. For both Montgomery’s and Barrett’s multiplication algorithm, differences of the execution times are caused by conditional integer subtractions, so-called extra reductions. Barrett’s multiplication algorithm allows even two extra reductions, and this feature increases the mathematical difficulties significantly. We formulate and analyse a two-dimensional Markov process, from which we deduce relevant stochastic properties of Barrett’s multiplication algorithm within modular exponentiation algorithms. This allows to transfer the timing attacks and local timing attacks (where a second side-channel attack exhibits the execution times of the particular modular squarings and multiplications) on Montgomery’s multiplication algorithm to attacks on Barrett’s algorithm. However, there are also differences. Barrett’s multiplication algorithm requires additional attack substeps, and the attack efficiency is much more sensitive to variations of the parameters. We treat timing attacks on RSA with CRT, on RSA without CRT, and on Diffie–Hellman, as well as local timing attacks against these algorithms in the presence of basis blinding. Experiments confirm our theoretical results.

scholarly journals Big Data Analytic Framework for Organizational Leverage

2021 ◽  
Vol 11 (5) ◽  
pp. 2340
Author(s):  
Sanjay Mathrani ◽  
Xusheng Lai
Keyword(s):  
Big Data ◽  
Web Sites ◽  
Big Data Analytics ◽  
Building Blocks ◽  
Application Service ◽  
Data Application ◽  
Other Information ◽  
Big Data Application ◽  
Diverse Data ◽  
Framework System

Web data have grown exponentially to reach zettabyte scales. Mountains of data come from several online applications, such as e-commerce, social media, web and sensor-based devices, business web sites, and other information types posted by users. Big data analytics (BDA) can help to derive new insights from this huge and fast-growing data source. The core advantage of BDA technology is in its ability to mine these data and provide information on underlying trends. BDA, however, faces innate difficulty in optimizing the process and capabilities that require merging of diverse data assets to generate viable information. This paper explores the BDA process and capabilities in leveraging data via three case studies who are prime users of BDA tools. Findings emphasize four key components of the BDA process framework: system coordination, data sourcing, big data application service, and end users. Further building blocks are data security, privacy, and management that represent services for providing functionality to the four components of the BDA process across information and technology value chains.

On constant-round zero-knowledge proofs of knowledge for NP-relations

2010 ◽  
Vol 53 (4) ◽  
pp. 788-799 ◽  
Author(s):  
HongDa Li ◽  
HaiXia Xu ◽  
Bao Li ◽  
DengGuo Feng
Keyword(s):  
Zero Knowledge ◽  
Proofs Of Knowledge

scholarly journals An Efficient Zero-Knowledge Proof Based Identification Scheme for Securing Software Defined Network

2019 ◽  
Vol 20 (1) ◽  
pp. 181-189
Author(s):  
Hamza Mutaher Alshameri ◽  
Pradeep Kumar
Keyword(s):  
Software Defined Network ◽  
Control Plane ◽  
Zero Knowledge ◽  
Identification Scheme ◽  
Security Issues ◽  
Other Information ◽  
And Control ◽  
Network Device ◽  
Sdn Controller ◽  
Zero Knowledge Proof

Software Defined Networking (SDN) is being extensively adopted by researchers and enterprise networks due to its feature of decoupling data and control planes from network device which enables them to implement new networking ideas. Communication between data and control planes faces various security issues where many users in data plane approach controller device in control plane to gain networking policies. In this paper, we proposed an efficient Zero-knowledge proof based identification scheme for securing SDN controller during data and control plane communication. This scheme ensures that only users who prove their knowledge about secrecy without revealing actual secret or any other information about it can communicate with controller. The computation cost was calculated to validate efficiency of the proposed work and compared with scheme that works in the basis of Kerberos authentication protocol.

Efficient PSoC Implementation of Modular Multiplication and Exponentiation Based on Serial-Parallel Combination

2019 ◽  
Vol 28 (13) ◽  
pp. 1950229 ◽  
Author(s):  
M. Issad ◽  
B. Boudraa ◽  
M. Anane ◽  
A. M. Bellemou
Keyword(s):  
Input Data ◽  
Public Key Cryptography ◽  
Modular Exponentiation ◽  
Modular Multiplication ◽  
Montgomery Modular Multiplication ◽  
Implementation Approach ◽  
Security Levels ◽  
Data Bus ◽  
On Chip ◽  
Data Length

This paper presents an FPGA implementation of the most critical operations of Public Key Cryptography (PKC), namely the Modular Exponentiation (ME) and the Modular Multiplication (MM). Both operations are integrated as Programmable System on Chip (PSoC) where the processor Microblaze of Xilinx is used for flexibility. Our objective is to achieve a best trade-off between time execution, occupied area and flexibility. The implementation of these operations on such environment requires taking into account several criteria. Indeed, the Hardware (HW) architectures data bus should be smaller than the input data length. The design must be scalable to support different security levels. The implementation achieves optimums execution time and HW resources number. In order to satisfy these constraints, Montgomery Power Ladder (MPL) and Montgomery Modular Multiplication (MMM) algorithms are utilized for the ME and the MM implementations as HW accelerators, respectively. Our implementation approach is based on the digit-serial method for performing the basic arithmetic operations. Efficient parallel and pipeline strategies are developed at the digit level for the optimization of the execution times. The application for 1024-bits data length shows that the MMM run in 6.24[Formula: see text][Formula: see text]s and requires 647 slices. The ME is executed in 6.75[Formula: see text]ms using 2881 slices.

Sign in / Sign up

Export Citation Format

Share Document