The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Ces dernières années, les cadres de calcul multipartite (MPC) basés sur des schémas de partage de secrets répliqués (RSSS) ont attiré l'attention en tant que méthode permettant d'atteindre une efficacité élevée parmi les MPC connus. Cependant, les MPC basés sur RSSS sont encore inefficaces pour plusieurs calculs lourds comme les opérations algébriques, car ils nécessitent une grande quantité et un nombre de communications proportionnel au nombre de multiplications dans les opérations (ce qui n'est pas le cas avec d'autres MPC basés sur le partage de secrets). ). Dans cet article, nous proposons des protocoles de calcul tripartite basés sur RSSS pour l'exponentiation modulaire, qui est l'une des opérations algébriques les plus populaires, dans le cas où la base est publique et l'exposant est privé. Les schémas proposés sont simples et efficaces, tant au sens asymptotique que pratique. Concernant l’efficacité asymptotique, les schémas proposés nécessitent O(n)-bit de communication et O(1) tours, où n est la taille de la valeur secrète, dans le meilleur réglage, alors que le schéma précédent nécessite O(n2)-bit de communication et O(n) Les manches. Concernant l'efficacité pratique, nous montrons les performances de notre protocole par des expériences sur le scénario des signatures distribuées, ce qui est utile pour une gestion sécurisée des clés sur l'environnement distribué (par exemple, les registres distribués). Dans l'un des cas, notre implémentation effectue une exponentiation modulaire sur un groupe de journaux discrets de 3,072 256 bits et un exposant de 300 bits avec environ 128 ms, ce qui est un paramètre acceptable pour une sécurité de XNUMX bits, même dans le paramètre WAN.
Kazuma OHARA
the NEC corporation,the University of Electro-Communications
Yohei WATANABE
the University of Electro-Communications,National Institute of Advanced Industrial Science and Technology (AIST)
Mitsugu IWAMOTO
the University of Electro-Communications
Kazuo OHTA
the University of Electro-Communications
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Kazuma OHARA, Yohei WATANABE, Mitsugu IWAMOTO, Kazuo OHTA, "Multi-Party Computation for Modular Exponentiation Based on Replicated Secret Sharing" in IEICE TRANSACTIONS on Fundamentals,
vol. E102-A, no. 9, pp. 1079-1090, September 2019, doi: 10.1587/transfun.E102.A.1079.
Abstract: In recent years, multi-party computation (MPC) frameworks based on replicated secret sharing schemes (RSSS) have attracted the attention as a method to achieve high efficiency among known MPCs. However, the RSSS-based MPCs are still inefficient for several heavy computations like algebraic operations, as they require a large amount and number of communication proportional to the number of multiplications in the operations (which is not the case with other secret sharing-based MPCs). In this paper, we propose RSSS-based three-party computation protocols for modular exponentiation, which is one of the most popular algebraic operations, on the case where the base is public and the exponent is private. Our proposed schemes are simple and efficient in both of the asymptotic and practical sense. On the asymptotic efficiency, the proposed schemes require O(n)-bit communication and O(1) rounds,where n is the secret-value size, in the best setting, whereas the previous scheme requires O(n2)-bit communication and O(n) rounds. On the practical efficiency, we show the performance of our protocol by experiments on the scenario for distributed signatures, which is useful for secure key management on the distributed environment (e.g., distributed ledgers). As one of the cases, our implementation performs a modular exponentiation on a 3,072-bit discrete-log group and 256-bit exponent with roughly 300ms, which is an acceptable parameter for 128-bit security, even in the WAN setting.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E102.A.1079/_p
Copier
@ARTICLE{e102-a_9_1079,
author={Kazuma OHARA, Yohei WATANABE, Mitsugu IWAMOTO, Kazuo OHTA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Multi-Party Computation for Modular Exponentiation Based on Replicated Secret Sharing},
year={2019},
volume={E102-A},
number={9},
pages={1079-1090},
abstract={In recent years, multi-party computation (MPC) frameworks based on replicated secret sharing schemes (RSSS) have attracted the attention as a method to achieve high efficiency among known MPCs. However, the RSSS-based MPCs are still inefficient for several heavy computations like algebraic operations, as they require a large amount and number of communication proportional to the number of multiplications in the operations (which is not the case with other secret sharing-based MPCs). In this paper, we propose RSSS-based three-party computation protocols for modular exponentiation, which is one of the most popular algebraic operations, on the case where the base is public and the exponent is private. Our proposed schemes are simple and efficient in both of the asymptotic and practical sense. On the asymptotic efficiency, the proposed schemes require O(n)-bit communication and O(1) rounds,where n is the secret-value size, in the best setting, whereas the previous scheme requires O(n2)-bit communication and O(n) rounds. On the practical efficiency, we show the performance of our protocol by experiments on the scenario for distributed signatures, which is useful for secure key management on the distributed environment (e.g., distributed ledgers). As one of the cases, our implementation performs a modular exponentiation on a 3,072-bit discrete-log group and 256-bit exponent with roughly 300ms, which is an acceptable parameter for 128-bit security, even in the WAN setting.},
keywords={},
doi={10.1587/transfun.E102.A.1079},
ISSN={1745-1337},
month={September},}
Copier
TY - JOUR
TI - Multi-Party Computation for Modular Exponentiation Based on Replicated Secret Sharing
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1079
EP - 1090
AU - Kazuma OHARA
AU - Yohei WATANABE
AU - Mitsugu IWAMOTO
AU - Kazuo OHTA
PY - 2019
DO - 10.1587/transfun.E102.A.1079
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E102-A
IS - 9
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - September 2019
AB - In recent years, multi-party computation (MPC) frameworks based on replicated secret sharing schemes (RSSS) have attracted the attention as a method to achieve high efficiency among known MPCs. However, the RSSS-based MPCs are still inefficient for several heavy computations like algebraic operations, as they require a large amount and number of communication proportional to the number of multiplications in the operations (which is not the case with other secret sharing-based MPCs). In this paper, we propose RSSS-based three-party computation protocols for modular exponentiation, which is one of the most popular algebraic operations, on the case where the base is public and the exponent is private. Our proposed schemes are simple and efficient in both of the asymptotic and practical sense. On the asymptotic efficiency, the proposed schemes require O(n)-bit communication and O(1) rounds,where n is the secret-value size, in the best setting, whereas the previous scheme requires O(n2)-bit communication and O(n) rounds. On the practical efficiency, we show the performance of our protocol by experiments on the scenario for distributed signatures, which is useful for secure key management on the distributed environment (e.g., distributed ledgers). As one of the cases, our implementation performs a modular exponentiation on a 3,072-bit discrete-log group and 256-bit exponent with roughly 300ms, which is an acceptable parameter for 128-bit security, even in the WAN setting.
ER -