Batch RSA

Amos Fiat

doi:10.1007/0-387-34805-0_17

Batch RSA

Amos Fiat^*

^*Corresponding author for this work

School of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

86 Scopus citations

Abstract

Number theoretic cryptographic algorithms are all based upon modular mul-tiplication modulo some composite or prime. Some security parameter n is set (the length of the composite or prime). Cryptographic functions such as digi-tal signature or key exchange require O(n) or O(√n) modular multiplications ([DH, RSA, R, E, GMR, FS], etc.). This paper proposes a variant of the RSA scheme which requires only polylog(n) (O(log²n)) modular multiplications per RSA operation. Inherent to the scheme is the idea of batching, i.e., performing several encryption or signature operations simultaneously. In practice, the new variant effectively performs several modular exponentiations at the cost of a single modular ex-ponentiation. This leads to a very fast RSA-like scheme whenever RSA is to be performed at some central site or when pure-RSA encryption (vs. hybrid encryption) is to be performed. An important feature of the new scheme is a practical scheme that isolates the private key from the system, irrespective of the size of the system, the number of sites, or the number of private operations that need be performed.

Original language	English
Title of host publication	Advances in Cryptology — CRYPTO 1989, Proceedings
Editors	Gilles Brassard
Publisher	Springer Verlag
Pages	175-185
Number of pages	11
ISBN (Print)	9780387973173
DOIs	https://doi.org/10.1007/0-387-34805-0_17
State	Published - 1990
Event	Conference on the Theory and Applications of Cryptology, CRYPTO 1989 - Santa Barbara, United States Duration: 20 Aug 1989 → 24 Aug 1989

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	435 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	Conference on the Theory and Applications of Cryptology, CRYPTO 1989
Country/Territory	United States
City	Santa Barbara
Period	20/08/89 → 24/08/89

Access to Document

10.1007/0-387-34805-0_17

Cite this

@inproceedings{2b10c18305534854933388d966503465,

title = "Batch RSA",

abstract = "Number theoretic cryptographic algorithms are all based upon modular mul-tiplication modulo some composite or prime. Some security parameter n is set (the length of the composite or prime). Cryptographic functions such as digi-tal signature or key exchange require O(n) or O(√n) modular multiplications ([DH, RSA, R, E, GMR, FS], etc.). This paper proposes a variant of the RSA scheme which requires only polylog(n) (O(log2n)) modular multiplications per RSA operation. Inherent to the scheme is the idea of batching, i.e., performing several encryption or signature operations simultaneously. In practice, the new variant effectively performs several modular exponentiations at the cost of a single modular ex-ponentiation. This leads to a very fast RSA-like scheme whenever RSA is to be performed at some central site or when pure-RSA encryption (vs. hybrid encryption) is to be performed. An important feature of the new scheme is a practical scheme that isolates the private key from the system, irrespective of the size of the system, the number of sites, or the number of private operations that need be performed.",

author = "Amos Fiat",

note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 1990.; Conference on the Theory and Applications of Cryptology, CRYPTO 1989 ; Conference date: 20-08-1989 Through 24-08-1989",

year = "1990",

doi = "10.1007/0-387-34805-0_17",

language = "אנגלית",

isbn = "9780387973173",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "175--185",

editor = "Gilles Brassard",

booktitle = "Advances in Cryptology — CRYPTO 1989, Proceedings",

address = "גרמניה",

}

Fiat, A 1990, Batch RSA. in G Brassard (ed.), Advances in Cryptology — CRYPTO 1989, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 435 LNCS, Springer Verlag, pp. 175-185, Conference on the Theory and Applications of Cryptology, CRYPTO 1989, Santa Barbara, United States, 20/08/89. https://doi.org/10.1007/0-387-34805-0_17

Batch RSA. / Fiat, Amos.
Advances in Cryptology — CRYPTO 1989, Proceedings. ed. / Gilles Brassard. Springer Verlag, 1990. p. 175-185 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 435 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Batch RSA

AU - Fiat, Amos

N1 - Publisher Copyright: © Springer-Verlag Berlin Heidelberg 1990.

PY - 1990

Y1 - 1990

N2 - Number theoretic cryptographic algorithms are all based upon modular mul-tiplication modulo some composite or prime. Some security parameter n is set (the length of the composite or prime). Cryptographic functions such as digi-tal signature or key exchange require O(n) or O(√n) modular multiplications ([DH, RSA, R, E, GMR, FS], etc.). This paper proposes a variant of the RSA scheme which requires only polylog(n) (O(log2n)) modular multiplications per RSA operation. Inherent to the scheme is the idea of batching, i.e., performing several encryption or signature operations simultaneously. In practice, the new variant effectively performs several modular exponentiations at the cost of a single modular ex-ponentiation. This leads to a very fast RSA-like scheme whenever RSA is to be performed at some central site or when pure-RSA encryption (vs. hybrid encryption) is to be performed. An important feature of the new scheme is a practical scheme that isolates the private key from the system, irrespective of the size of the system, the number of sites, or the number of private operations that need be performed.

AB - Number theoretic cryptographic algorithms are all based upon modular mul-tiplication modulo some composite or prime. Some security parameter n is set (the length of the composite or prime). Cryptographic functions such as digi-tal signature or key exchange require O(n) or O(√n) modular multiplications ([DH, RSA, R, E, GMR, FS], etc.). This paper proposes a variant of the RSA scheme which requires only polylog(n) (O(log2n)) modular multiplications per RSA operation. Inherent to the scheme is the idea of batching, i.e., performing several encryption or signature operations simultaneously. In practice, the new variant effectively performs several modular exponentiations at the cost of a single modular ex-ponentiation. This leads to a very fast RSA-like scheme whenever RSA is to be performed at some central site or when pure-RSA encryption (vs. hybrid encryption) is to be performed. An important feature of the new scheme is a practical scheme that isolates the private key from the system, irrespective of the size of the system, the number of sites, or the number of private operations that need be performed.

UR - http://www.scopus.com/inward/record.url?scp=84921021973&partnerID=8YFLogxK

U2 - 10.1007/0-387-34805-0_17

DO - 10.1007/0-387-34805-0_17

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:84921021973

SN - 9780387973173

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 175

EP - 185

BT - Advances in Cryptology — CRYPTO 1989, Proceedings

A2 - Brassard, Gilles

PB - Springer Verlag

T2 - Conference on the Theory and Applications of Cryptology, CRYPTO 1989

Y2 - 20 August 1989 through 24 August 1989

ER -

Batch RSA

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this