1

Complexity and Fast Algorithms for Multiexponentiations

Source: IEEE Transactions on Computers

Vol. 49 pp.141-147 2000

Author: Vassil S. Dimitrov, Graham A. Jullien, and William C. Miller

Speaker: Lai, Yi-Peng

Date: 04/25/2002

2

Authentication Symmetric verifier 知 the secret (secret key)

or an image of the secret (password)

Asymmetric verifier 知 a public key

3

Symmetric Authentication One-way function without challenge 1981 1st round: Image = fk (r),

input i = fk-1 (r), compute f(i), verify f(i) ?= image, replace image with i. … … n-th round: Image = fk-n+1 (r) input i = fk-n (r), compute f(i), verify f(i) ?= image, replace image with i.

Dynamic authentication

4

Asymmetric Authentication Static :

Dynamic :

5

Dynamic Asymmetric Authentication generic equation: GQv=1 mod n public number deduced from id:

G public verification key: (v,n) private number: Q non-zero random number: r

6

Dynamic Asymmetric GQ1

)(mod?

nDGR vd

verifier claimantVerification key: (v, n)

idFormat Mechanism

G

d{0,1,…,v-1}

r{1,2,…,n-1}R=rv mod n

d

Secret QD=rQd mod n

注 : 因為於 id 訂定時已藏入相關於該 id 對應的 public number G 並算出符合 generic equation(GQv=1 mod n) 的 secret Q

7

Dynamic Asymmetric GQ2

)(mod...11

?2 nGGRD md

md

verifier claimantVerification key: (v, n), where v=2k

idFormat Mechanism

G1, G2,…, Gm

d1 ~ dm {0,1,…,2k-1 –1}

r{1,2,…,n-1}R=rv mod n

d1 ~ dm

Secret g1, g2,…, gm

注 : Gi = gi2 mod n, where i= 1~m

)(mod...11

12 nggrD mk d

md

8

Conclusion Computation 引入中國餘數定理 NetWare 4.11 and 5.0 based on GQ1

challenge 32bits v=216+1 Smart card (ST 16601 3.57MHz): (1)14sec for RSA – 512bits, CRT, n=p1p2p3

(2)14sec for GQ1 – 768bits, v=216+1 (3)1 sec for GQ2 –

512bits,k=5,m=3,n=p1p2p3