#### Filter Results:

#### Publication Year

1996

2013

#### Co-author

#### Key Phrase

#### Publication Venue

Learn More

This paper discusses several Montgomery multiplication algorithms, two of which h a ve been proposed before. We describe three additional algorithms, and analyze in detail the space and time requirements of all ve methods. These algorithms have been implemented in C and in assembler. The analyses and actual performance results indicate that the Coarsely… (More)

We initiate a provable-security treatment of cryptographic agility. A primitive (for example PRFs, authenticated encryption schemes or digital signatures) is agile when multiple, individually secure schemes can securely share the same key. We provide a surprising connection between two seemingly unrelated but challenging questions. The first, new to this… (More)

This work introduces the most efficient universal accumula-tor known today. For the first time, we have an accumulator which does not depend on hidden order groups, does not require any exponentia-tions in the target group associated with the pairing function, and only requires two pairings to verify a proof-of-knowledge of a witness. We present… (More)

We present a new algorithm for computing a e where a 2 GF2 k and e is a positive integer. The proposed algorithm is more suitable for implementation in software , and relies on the Montgomery multiplication in GF2 k. The speed of the exponentiation algorithm largely depends on the availability of a fast method for multiplying two polynomials of length w… (More)

This paper introduces and formalizes homomorphic proofs that allow 'adding' proofs and proof statements to get a new proof of the 'sum' statement. Additionally, we introduce a construction of ho-momorphic proofs, and show an accumulator scheme with delegatable non-membership proofs (ADNMP) as one of its applications with prov-able security. Finally, the… (More)

We report on relative performance numbers for affine and projective pairings on a dual-core Cortex A9 ARM processor. Using a fast inversion in the base field and doing inversion in extension fields by using the norm map to reduce to inversions in smaller fields, we find a very low ratio of inversion-to-multiplication costs. In our implementation , this… (More)

Users frequently reuse their passwords when authenticating to various online services. Combined with the use of weak passwords or honeypot/phishing attacks, this brings high risks to the security of the user's account information. In this paper, we propose several protocols that can allow a user to use a single password to authenticate to multiple services… (More)

This note describes a Diffie-Hellman oracle, constructed using standard Trusted Platform Module (TPM) signature APIs. The oracle allows one to compute the ex-ponentiation of an arbitrary group element to a specified TPM-protected private key. By employing the oracle, the security provided by a group of order p is reduced by log k bits, provided k oracle… (More)