Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
fast distributed rsa key generation for fast distributed

FAST DISTRIBUTED RSA KEY GENERATION FOR FAST DISTRIBUTED RSA KEY - PowerPoint PPT Presentation

Oct 05, 2023 •192 likes •460 views

Making malicious security orders of magnitude more efficient than previous efficient than previous FAST DISTRIBUTED RSA KEY GENERATION FOR FAST DISTRIBUTED RSA KEY GENERATION FOR semi-honest SEMI-HONEST AND MALICIOUS ADVERSARIES Tore

  1. Making malicious security orders of magnitude more efficient than previous efficient than previous FAST DISTRIBUTED RSA KEY GENERATION FOR FAST DISTRIBUTED RSA KEY GENERATION FOR semi-honest SEMI-HONEST AND MALICIOUS ADVERSARIES Tore Frederiksen 3 , Yehuda Lindell 1,2 , Valery Osheter 2 , Benny Pinkas 1 15 min vs. 41 sec 15 min vs. 41 sec 3: 1: 2:

  2. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 2

  3. INTRODUCTION – PUBLIC KEY ENCRYPTION m m 06-10-2018 Page 3

  4. INTRODUCTION – DISTRIBUTED PKE m 06-10-2018 Page 4

  5. INTRODUCTION – MOTIVATION • Sometimes it can also be used for distributed signature schemes schemes – Which is an end in itself • Relevant for MPC protocols – CDN01, semi-homomorphic PKE – DPSZ12, somewhat-homomorphic PKE – DPSZ12, somewhat-homomorphic PKE • Cloud based key management – – 06-10-2018 Page 5

  6. INTRODUCTION – RSA • 06-10-2018 Page 6

  7. INTRODUCTION – DISTRIBUTED RSA • 06-10-2018 Page 7

  8. INTRODUCTION – DISTRIBUTED RSA • 06-10-2018 Page 8

  9. INTRODUCTION – INTUITION Candidate generation Candidate generation Construct modulus Verify modulus Construct keys 06-10-2018 Page 9

  10. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 10

  11. SEMI-HONEST – CANDIDATE GENERATION • 06-10-2018 Page 11

  12. SEMI-HONEST – CONSTRUCT MODULUS • 06-10-2018 Page 12

  13. SEMI-HONEST – VERIFY MODULUS • Biprimality test [BF01] False positive positive prob ½ Repeat 06-10-2018 Page 14

  14. SEMI-HONEST – CONSTRUCT KEYS • 06-10-2018 Page 16

  15. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 17

  16. MALICIOUS – IDEA • Allow adversary to fail good candidates • Accepted key must be “good” without leakage • Accepted key must be “good” without leakage • Selective failure prevention • Input consistency • Correctness of biprimality • Correctness of biprimality 06-10-2018 Page 18

  17. MALICIOUS – STEPS • Selective failure prevention – Do OT on random, linear encoding – Do OT on random, linear encoding – Use linearity to obtain correct product – Randomness ensures leakage on encoding does not leak on input • Input consistency – Commitments based on AES encryption – Zero-knowledge of correct encryption – Very efficient commit-many-open-few – Very efficient commit-many-open-few • Correctness of biprimality (zero-knowledge) – Almost standard proof-of-knowledge of discrete log – Few “commitments” on top to ensure composability 06-10-2018 Page 19

  18. MALICIOUS – CONSISTENCY • “Commitment” by encrypting using AES • Efficient commit-many-open-few 06-10-2018 Page 21

  19. MALICIOUS – VERIFY MODULUS 06-10-2018 Page 22

  20. MALICIOUS – VERIFY MODULUS Zero-knowledge 06-10-2018 Page 23

  21. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 24

  22. EFFICIENCY – IMPLEMENTATION 2048 RSA • 06-10-2018 Page 26

  23. IMPLEMENTATION – EXPERIMENTS Malicious! • Azure using multi-threaded Xeon machine • Single-thread min 56, max 598, average 182 seconds • 8-thread, average 41 seconds • Best previous 15 minutes for semi-honest [HMR+12] Phase Percentage Candidate generation 10 Construct modulus Construct modulus 55 55 Verify modulus 6 Zero-knowledge 16* Other 13 06-10-2018 Page 27

  24. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 28

  25. CONCLUSION • New protocol for malicious distributed RSA generation – Malicious security almost for free – Malicious security almost for free – No specific number theoretic assumptions – Implementation • New efficient commit-many-open-few protocol • Effective selective failure prevention for multiplication using OT 06-10-2018 Page 29

  26. Thank you for your attention! Tore Frederiksen Cryptography Engineer tore.frederiksen@alexandra.dk Cutting-edge IT research and technology

Recommend

RSA RSA RSA in OpenSSL RSA in Python Cryptography School of Engineering and Technology

RSA RSA RSA in OpenSSL RSA in Python Cryptography School of Engineering and Technology

Cryptography RSA RSA Algorithm Analysis of RSA Implementations of RSA RSA RSA in OpenSSL RSA in Python Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, rsa.tex, r1799

871 views • 29 slides
RSA Implementations of RSA RSA in OpenSSL RSA in Python Cryptography School of Engineering

RSA Implementations of RSA RSA in OpenSSL RSA in Python Cryptography School of Engineering

Cryptography RSA RSA Algorithm Analysis of RSA RSA Implementations of RSA RSA in OpenSSL RSA in Python Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, rsa.tex, r1799 1

528 views • 29 slides
RSA-PSS Provable Secure RSA Signatures and their Implementation Overview What is RSA-PSS?

RSA-PSS Provable Secure RSA Signatures and their Implementation Overview What is RSA-PSS?

RSA-PSS Provable Secure RSA Signatures and their Implementation Overview What is RSA-PSS? Why RSA-PSS? Comparing original and standardized PSS Status of Protocols, Standards and Imple- mentations RSA-PSS in X.509

724 views • 19 slides
Outline Review of RSA 1 CPSC 418/MATH 318 Introduction to Cryptography More on RSA,

Outline Review of RSA 1 CPSC 418/MATH 318 Introduction to Cryptography More on RSA,

Outline Review of RSA 1 CPSC 418/MATH 318 Introduction to Cryptography More on RSA, Probabilistic Encryption, Provable Security Against Efficiency of RSA 2 Passive Attacks Security of RSA 3 Mathematical Security of RSA Renate Scheidler

411 views • 7 slides
RSA and Fermat. RSA: Key Generation: (Alice) Primes: p , q . N = pq . Encryption Key: e , where

RSA and Fermat. RSA: Key Generation: (Alice) Primes: p , q . N = pq . Encryption Key: e , where

RSA and Fermat. RSA: Key Generation: (Alice) Primes: p , q . N = pq . Encryption Key: e , where gcd ( e , ( p 1 )( q 1 ))) = 1 Decryption Key: d = e 1 ( mod ( p 1 )( q 1 )) Message: m Encryption (Bob): y = E ( m ) = m e ( mod

473 views • 7 slides
RSA and Fermat. RSA: Key Generation: (Alice) Primes: p , q . N = pq . Encryption Key: e , where

RSA and Fermat. RSA: Key Generation: (Alice) Primes: p , q . N = pq . Encryption Key: e , where

RSA and Fermat. RSA: Key Generation: (Alice) Primes: p , q . N = pq . Encryption Key: e , where gcd ( e , ( p 1 )( q 1 ))) = 1 Decryption Key: d = e 1 ( mod ( p 1 )( q 1 )) Message: m Encryption (Bob): y = E ( m ) = m e ( mod

1.12k views • 75 slides
RSA PARTNER CENTRAL A step-by-step guide for RSA SecurWorld partners 1 BEFORE YOU BEGIN

RSA PARTNER CENTRAL A step-by-step guide for RSA SecurWorld partners 1 BEFORE YOU BEGIN

REGISTERING FOR RSA PARTNER CENTRAL A step-by-step guide for RSA SecurWorld partners 1 BEFORE YOU BEGIN This guide is intended for existing RSA SecurWorld Partners. You will not be able to access RSA Partner Central until you have

284 views • 16 slides
Cryptanalysis of RSA Variants and Implicit Factorization Santanu Sarkar August 20, 2013 Outline

Cryptanalysis of RSA Variants and Implicit Factorization Santanu Sarkar August 20, 2013 Outline

Cryptanalysis of RSA Variants and Implicit Factorization Santanu Sarkar August 20, 2013 Outline of the Talk RSA Cryptosystem Lattice based Root Finding of Polynomials Common Prime RSA Dual RSA Prime Power RSA Implicit Factorization

774 views • 54 slides
Public Key (RSA) Encryption Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech

Public Key (RSA) Encryption Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech

Overview Needed Theorems RSA Encryption Public Key (RSA) Encryption Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech University, College of Engineering and Science Public Key (RSA) Encryption Overview Needed Theorems RSA

1.62k views • 137 slides
Tutorial on Public Key Cryptography RSA Eli Biham - May 3, 2005 c 386 Tutorial on Public

Tutorial on Public Key Cryptography RSA Eli Biham - May 3, 2005 c 386 Tutorial on Public

Tutorial on Public Key Cryptography RSA Eli Biham - May 3, 2005 c 386 Tutorial on Public Key Cryptography RSA (14) RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p = 11 and q = 13. 2.

260 views • 22 slides
Outline Public key crypto RSA Essentials Computer Security: Public Key Crypto Public Key Crypto

Outline Public key crypto RSA Essentials Computer Security: Public Key Crypto Public Key Crypto

Public key crypto Public key crypto RSA Essentials RSA Essentials Public Key Crypto in Java Public Key Crypto in Java Radboud University Nijmegen Radboud University Nijmegen Public key protocols Public key protocols Diffie-Hellman and El

453 views • 16 slides
The RSA Cryptosystem February 27, 2008 Introducing PS4: RSA encryption Problem set 4 is about

The RSA Cryptosystem February 27, 2008 Introducing PS4: RSA encryption Problem set 4 is about

The RSA Cryptosystem February 27, 2008 Introducing PS4: RSA encryption Problem set 4 is about implementing a famous public key cryptosystem, RSA. Administrative Details: Posted by tomorrow. Due Friday March 7, at Noon. My office hours will be

613 views • 23 slides
Outline Public key crypto Computer Security: Public Key Crypto RSA Essentials Bart Jacobs

Outline Public key crypto Computer Security: Public Key Crypto RSA Essentials Bart Jacobs

Public key crypto Public key crypto RSA Essentials RSA Essentials Public key protocols Radboud University Nijmegen Public key protocols Radboud University Nijmegen Diffie-Hellman and El Gamal Diffie-Hellman and El Gamal Outline Public key

329 views • 10 slides
RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of encryption Wednesday, but none of these is good enough to be used in actual situations. Today well talk about one method, RSA Encryption, which is

1.01k views • 59 slides
Post-quantum RSA We built a great, great 1-terabyte RSA wall, and we had the university pay for

Post-quantum RSA We built a great, great 1-terabyte RSA wall, and we had the university pay for

Post-quantum RSA We built a great, great 1-terabyte RSA wall, and we had the university pay for the electricity Daniel J. Bernstein Joint work with: Nadia Heninger Paul Lou Luke Valenta Post-quantum RSA Daniel J. Bernstein, Nadia Heninger,

790 views • 50 slides
C.b) RSA with Applications W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.31 RSA The

C.b) RSA with Applications W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.31 RSA The

1 C.b) RSA with Applications W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.31 RSA The RSA algorithm was introduced by Rivest, Shamir and Adleman in 1977. p,q large primes (to be kept secret) n := pq modulus (publicly

859 views • 69 slides
Parallelism, Multicore, and Synchronization Hakim Weatherspoon CS 3410 Computer Science

Parallelism, Multicore, and Synchronization Hakim Weatherspoon CS 3410 Computer Science

Parallelism, Multicore, and Synchronization Hakim Weatherspoon CS 3410 Computer Science Cornell University [Weatherspoon, Bala, Bracy, McKee, and Sirer, Roth, Martin] Announcements P4-Buffer Overflow is due today Due Tuesday, April

1.41k views • 114 slides
Identifying Frequent Items in Sliding Windows over On-Line Packet Streams Alejandro Lpez-Ortiz

Identifying Frequent Items in Sliding Windows over On-Line Packet Streams Alejandro Lpez-Ortiz

Identifying Frequent Items in Sliding Windows over On-Line Packet Streams Alejandro Lpez-Ortiz School of Computer Science University of Waterloo Joint work with Lukasz Golab (Waterloo), David DeHaan (Waterloo), Erik Demaine (MIT), and J.

673 views • 12 slides
Lab 4 preview Hung-Wei Tseng In Lab 4... You will be extending the datapath and control unit

Lab 4 preview Hung-Wei Tseng In Lab 4... You will be extending the datapath and control unit

Lab 4 preview Hung-Wei Tseng In Lab 4... You will be extending the datapath and control unit to support branch instructions! The processor already support lw, sw, add, addi, sub, and, or nor, xor We need to support beq, bne,

256 views • 13 slides
Galatians: week 2 Galatians 2:15-21 And count the patience of our Lord as salvation, just as our

Galatians: week 2 Galatians 2:15-21 And count the patience of our Lord as salvation, just as our

Galatians: week 2 Galatians 2:15-21 And count the patience of our Lord as salvation, just as our beloved brother Paul also wrote to you according to the wisdom given him, as he does in all his letters when he speaks in them of these matters.

490 views • 30 slides
MULTI PB USER DATA MIGRATION MARCH 2019 I MARTIN LISCHEWSKI (JSC) RESEARCH AND DEVELOPMENT on

MULTI PB USER DATA MIGRATION MARCH 2019 I MARTIN LISCHEWSKI (JSC) RESEARCH AND DEVELOPMENT on

NEW HPC USAGE MODEL @ JLICH MULTI PB USER DATA MIGRATION MARCH 2019 I MARTIN LISCHEWSKI (JSC) RESEARCH AND DEVELOPMENT on 2.2 Square Kilometres March 2019 Page 2 AT A GLANCE Facts and Figures 1956 11 609.3 5,914 867 Shareholders

429 views • 24 slides
Kensuke Kakiuchi (Nagoya Univ./ The Univ. of Tokyo) Collaborators: Takeru K. Suzuki (The Univ. of

Kensuke Kakiuchi (Nagoya Univ./ The Univ. of Tokyo) Collaborators: Takeru K. Suzuki (The Univ. of

Dec.22, 2017 @Kagoshima Univ. Kensuke Kakiuchi (Nagoya Univ./ The Univ. of Tokyo) Collaborators: Takeru K. Suzuki (The Univ. of Tokyo/ Nagoya Univ.), Yasuo Fukui(Nagoya Univ.), Kazufumi Torii(NRO), Mami Machida(Kyusyu Univ.), Ryoji Matsumoto

718 views • 26 slides
FUGIN ; Cloud-cloud collisions with the FUGIN data Kazufumi Torii

FUGIN ; Cloud-cloud collisions with the FUGIN data Kazufumi Torii

FUGIN ; Cloud-cloud collisions with the FUGIN data Kazufumi Torii NAOJ/NRO Fujita, S, Kohno, M., Nishimura, A., Fukui, Y. (Nagoya Univ.), Kuno, N.(Univ. of Tsukuba), Matsuo, M., Umemoto,T., Minamidani, T.

856 views • 39 slides
Muonium Hyperne Structure Measurement in a Zero/High Magnetic Field at J-PARC

Muonium Hyperne Structure Measurement in a Zero/High Magnetic Field at J-PARC

Muonium Hyperne Structure Measurement in a Zero/High Magnetic Field at J-PARC Shoichiro Nishimura / KEK IMSS for the MuSEUM Collaboration MuSEUM Collaboration MuSEUM | Mu onium S pectroscopy E xperiment U sing M icrowave M. Abe, Y.

209 views • 20 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.