Abstract
Many tasks in cryptography (e.g., digital signature verification) call for verification of a basic operation like modular exponentiation in some group: given (g, x, y) check that gx = y. This is typically done by re-computing gx and checking we get y. We would like to do it differently, and faster.
The approach we use is batching. Focusing first on the basic modular exponentiation operation, we provide some probabilistic batch verifiers, or tests, that verify a sequence of modular exponentiations significantly faster than the naive re-computation method. This yields speedups for several verification tasks that involve modular exponentiations.
Focusing specifically on digital signatures, we then suggest a weaker notion of (batch) verification which we call “screening.” It seems useful for many usages of signatures, and has the advantage that it can be done very fast; in particular, we show how to screen a sequence of RSA signatures at the cost of one RSA verification plus hashing.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Bellare, J. Garay and T. Rabin. Distributed pseudo-random bit generators— a new way to speed-up shared coin tossing. Proceedings Fifteenth Annual Symposium on Principles of Distributed Computing, ACM, 1996.
M. Bellare, J. Garay and T. Rabin. Fast batch verification for modular expo-nentiation and digital signatures. Full version of this paper, available via http:// www-cse.ucsd.edu/users/mihir, 1998.
M. Bellare, J. Garay and T. Rabin. Batch verification with applications to cryptography and checking (Invited Paper), Latin American Theoretical INfor-matics 98 (LATIN '98) Proceedings, LNCS Vol. 1830, C. Lucchesi and A. Moura eds., Springer-Verlag, 1998.
M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. First ACM Conference on Computer and Communi-cations Security, ACM, 1994.
M. Bellare and P. Rogaway. The exact security of digital signatures: How to sign with RSA and Rabin. Advances in Cryptology — Eurocrypt 96 Proceedings, LNCS Vol. 1070, U. Maurer ed., Springer-Verlag, 1996.
M. Beller and Y. Yacobi. Batch Diffie-Hellman key agreement systems and their application to portable communications. Advances in Cryptology — Euro-crypt 92 Proceedings, LNCS Vol. 658, R. Rueppel ed., Springer-Verlag, 1992.
M. Blum and S. Kannan. Designing programs that check their work. Proceed-ings of the 21st Annual Symposium on the Theory of Computing, ACM, 1989.
J. Bos and M. Coster. Addition chain heuristics. Advances in Cryptology — Crypto 89 Proceedings, LNCS Vol. 435, G. Brassard ed., Springer-Verlag, 1989.
B. Brickell, D. Gordon, K. McCurley and D. Wilson. Fast exponentiation with precomputation. Advances in Cryptology — Eurocrypt 92 Proceedings, LNCS Vol. 658, R. Rueppel ed., Springer-Verlag, 1992.
E. Brickell, P. Lee and Y. Yacobi. Secure audio teleconference. Advances in Cryptology — Crypto 87 Proceedings, LNCS Vol. 293, C. Pomerance ed., Springer-Verlag, 1987.
A. Fiat. Batch RSA. Journal of Cryptology, Vol. 10, No. 2, 1997, pp. 75–88.
National Institute for Standards and Technology. Digital Signature Standard (DSS). Federal Register, Vol. 56, No. 169, August 30, 1991.
C. Lim and P. Lee. More flexible exponentiation with precomputation. Advances in Cryptology — Crypto 94 Proceedings, LNCS Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994.
D. M'RaÏhi and D. Naccache. Batch exponentiation — A fast DLP based signa-ture generation strategy. 3rd ACM Conference on Computer and Communications Security, ACM, 1996.
D. Naccache, D. M'RaÏhi, S. Vaudenay and D. Raphaeli. Can D.S.A be improved? Complexity trade-offs with the digital signature standard. Advances in Cryptology — Eurocrypt 94 Proceedings, LNCS Vol. 950, A. De Santis ed., Springer-Verlag, 1994.
P. de Rooij. Efficient exponentiation using precomputation and vector addi-tion chains. Advances in Cryptology — Eurocrypt 94 Proceedings, LNCS Vol. 950, A. De Santis ed., Springer-Verlag, 1994.
R. Rubinfeld. Batch Checking with applications to linear functions. Information Processing Letters, Vol 42, 1992, pp. 77–80.
J. Sauerbrey and A. Dietel. Resource requirements for the application of ad-dition chains modulo exponentiation. Advances in Cryptology — Eurocrypt 92 Proceedings, LNCS Vol. 658, R. Rueppel ed., Springer-Verlag, 1992.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bellare, M., Garay, J.A., Rabin, T. (1998). Fast batch verification for modular exponentiation and digital signatures. In: Nyberg, K. (eds) Advances in Cryptology — EUROCRYPT'98. EUROCRYPT 1998. Lecture Notes in Computer Science, vol 1403. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054130
Download citation
DOI: https://doi.org/10.1007/BFb0054130
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64518-4
Online ISBN: 978-3-540-69795-4
eBook Packages: Springer Book Archive