{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,15]],"date-time":"2026-01-15T08:49:16Z","timestamp":1768466956156,"version":"3.49.0"},"reference-count":51,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2006,5,1]],"date-time":"2006-05-01T00:00:00Z","timestamp":1146441600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Des Codes Crypt"],"published-print":{"date-parts":[[2006,5]]},"DOI":"10.1007\/s10623-005-3710-8","type":"journal-article","created":{"date-parts":[[2006,3,20]],"date-time":"2006-03-20T05:42:13Z","timestamp":1142833333000},"page":"253-273","source":"Crossref","is-referenced-by-count":49,"title":["Speeding up Exponentiation using an Untrusted Computational Resource"],"prefix":"10.1007","volume":"39","author":[{"given":"Marten","family":"Van Dijk","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dwaine","family":"Clarke","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Blaise","family":"Gassend","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"G. Edward","family":"Suh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Srinivas","family":"Devadas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"3710_CR1","unstructured":"L. M. Adleman and J. DeMarrais, A subexponential algorithm for discrete logarithms over all finite fields. In Advances in Cryptology\u2014Crypto \u201993 Proceedings, Vol. 773 of LNCS, Springer-Verlag (1994) pp. 147\u2013158."},{"issue":"15","key":"3710_CR2","doi-asserted-by":"crossref","first-page":"1473","DOI":"10.1049\/el:19920937","volume":"28","author":"R. J. Anderson","year":"1992","journal-title":"Electronic Letters"},{"key":"3710_CR3","doi-asserted-by":"crossref","unstructured":"P. B\u00e9guin and J-J. Quisquater, Secure acceleration of DSS signatures using insecure server. In Advances in Cryptology\u2014Asiacrypt \u201994 Proceedings, Vol. 917 of LNCS. (1994) Springer-Verlag.","DOI":"10.1007\/BFb0000439"},{"key":"3710_CR4","unstructured":"P. B\u00e9guin and J-J. Quisquater, Fast server-aided RSA signatures secure against active attacks. In Advances in Cryptology\u2014Crypto \u201995 Proceedings, Vol. 963 of LNCS, (1995) Springer-Verlag, pp. 57\u201369."},{"key":"3710_CR5","doi-asserted-by":"crossref","unstructured":"M. Blaze, High-bandwidth encryption with low-bandwidth smartcards. In Fast Software Encryption (FSE) \u201996, (1996) pp. 33\u201340.","DOI":"10.1007\/3-540-60865-6_40"},{"key":"3710_CR6","doi-asserted-by":"crossref","unstructured":"M. Blaze, J. Feigenbaum and M. Naor, A formal treatment of remotely keyed encryption. In Eurocrypt \u201998, (1998) pp. 251\u2013265.","DOI":"10.1007\/BFb0054131"},{"key":"3710_CR7","doi-asserted-by":"crossref","unstructured":"J. Bl\u00f8omer and A. May, A generalized wiener attack on RSA. In Public Key Cryptography (PKC) \u201904, (2004).","DOI":"10.1007\/978-3-540-24632-9_1"},{"key":"3710_CR8","doi-asserted-by":"crossref","unstructured":"M. Blum and S. Kannan, Designing programs that check their work. In Proceedings of the 21st Annual Symposium on Theory of Computing, ACM, (1989) pp. 86\u201397.","DOI":"10.1145\/73007.73015"},{"key":"3710_CR9","doi-asserted-by":"crossref","unstructured":"D. Boneh and G. Durfee, Cryptanalysis of RSA with private key d less than n0.292. In IEEE Transactions on Information Theory, Vol. 46 ISSUE 4, (2000) pp. 1339\u20131349.","DOI":"10.1109\/18.850673"},{"key":"3710_CR10","doi-asserted-by":"crossref","unstructured":"V. Boyko, M. Peinado and R. Venkatesan, Speeding up discrete log and factoring based schemes via precomputations. In Proc. of Eurocrypt \u201998, Vol. 1403 of LNCS, (1998) pp. 221\u2013232.","DOI":"10.1007\/BFb0054129"},{"key":"3710_CR11","unstructured":"Stefan Brands, (2002). http:\/\/www.credentica.com\/technology\/overview.pdf."},{"key":"3710_CR12","unstructured":"E. Brickell, D. M. Gordon, K. S. McCurley and D. Wilson, Fast exponentiation with precomputation. In Advances in Cryptology\u2014Eurocrypt \u201992 Proceedings, Vol. 658 of LNCS, (1993) Springer-Verlag, pp. 200\u2013207."},{"key":"3710_CR13","doi-asserted-by":"crossref","unstructured":"J. Burns and C. J. Mitchell, Parameter selection for server-aided RSA computation schemes. IEEE Transactions on Computers, Vol. 43, (1994).","DOI":"10.1109\/12.262121"},{"key":"3710_CR14","unstructured":"D. Chaum, Blind signatures for untraceable payments. In Advances in Cryptology\u2014Crypto \u201982 Proceedings, (1982) Plenum Press, pp. 199\u2013203."},{"key":"3710_CR15","doi-asserted-by":"crossref","unstructured":"D. Coppersmith, Fast evaluation of logarithms in fields of characteristic two. In IEEE Transactions Information Theory 30, (1984) pp. 587\u2013594.","DOI":"10.1109\/TIT.1984.1056941"},{"key":"3710_CR16","doi-asserted-by":"crossref","unstructured":"Y. Dodis and J. An, Concealment and its applications to authenticated encryption. In Eurocrypt \u201903, (2003) pp. 306\u2013323.","DOI":"10.1007\/3-540-39200-9_19"},{"key":"3710_CR17","unstructured":"G. Durfee and P. Nguyen, Cryptanalysis of the RSA Schemes with Short Secret Exponent from Asiacrypt \u201999. In Advances in Cryptology\u2014Asiacrypt 2000 Proceedings, Vol. 1976 of LNCS, (2000) Springer-Verlag, pp. 14\u201329."},{"key":"3710_CR18","doi-asserted-by":"crossref","unstructured":"T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms. In Advances in Cryptology\u2014Crypto \u201984 Proceedings, LNCS, (1985) Springer-Verlag, pp. 10\u201318.","DOI":"10.1007\/3-540-39568-7_2"},{"key":"3710_CR19","doi-asserted-by":"crossref","unstructured":"D. Gordon, Discrete logarithms in GF(p) using the number field sieve. In SIAM J. Discrete Math. 6, (1993) pp. 312\u2013323.","DOI":"10.1137\/0406010"},{"key":"3710_CR20","doi-asserted-by":"crossref","unstructured":"S. Hohenberger and A. Lysyanskaya, How to securely outsource cryptographic computations. In TOC 2005, (2005).","DOI":"10.1007\/978-3-540-30576-7_15"},{"key":"3710_CR21","doi-asserted-by":"crossref","unstructured":"S. Kawamura and A. Shimbo, Fast server-aided secret computation protocols for modular exponentiation. In IEEE Journal on Selected Areas of Communications, volume 11, 1993.","DOI":"10.1109\/49.223880"},{"key":"3710_CR22","doi-asserted-by":"crossref","unstructured":"Neal Koblitz, A Course in Number Theory and Cryptography, Second Edition. Springer, (1994).","DOI":"10.1007\/978-1-4419-8592-7"},{"key":"3710_CR23","unstructured":"C. H. Lim and P. J. Lee, More flexible exponentiation with precomputation. In Advances in Cryptology\u2014Crypto \u201994 Proceedings, Vol. 839 of LNCS, (1994) Springer-Verlag, pp. 95\u2013107."},{"key":"3710_CR24","unstructured":"C. H. Lim and P. J. Lee, Server(prover\/signer)-aided verification of identify proofs and signatures. In Advances in Cryptology\u2014EuroCrypt \u201995 Proceedings, Vol. 921 of LNCS, (1995) Springer-Verlag, pp. 64\u201378."},{"key":"3710_CR25","unstructured":"C. H. Lim and P. J. Lee, Security and performance of server-aided RSA computation protocols. In Advances in Cryptology\u2014Crypto \u201995 Proceedings, Vol. 963 of LNCS, (1995) Springer-Verlag, pp. 70\u201383."},{"key":"3710_CR26","doi-asserted-by":"crossref","unstructured":"S. Lucks, On the Security of remotely Keyed Encryption. In Fast Software Encryption (FSE) \u201997, (1997) pp. 219\u2013229.","DOI":"10.1007\/BFb0052349"},{"key":"3710_CR27","doi-asserted-by":"crossref","unstructured":"S. Lucks, Accelerated Remotely Keyed Encryption. In Fast Software Encryption (FSE) \u201999, (1999) pp. 112\u2013123.","DOI":"10.1007\/3-540-48519-8_9"},{"key":"3710_CR28","doi-asserted-by":"crossref","unstructured":"T. Matsumoto, H. Imai, C. S. Laih and S. M. Yen, On verifiable implicit asking protocols for RSA computation. In Proc. of Auscrypt \u201992, (1993) pp. 296\u2013307.","DOI":"10.1007\/3-540-57220-1_70"},{"key":"3710_CR29","unstructured":"T. Matsumoto, K. Kato and H. Imai, Speeding up secret computation with insecure auxiliary devices. In Advances in Cryptology\u2014Crypto \u201988 Proceedings, Vol. 403 of LNCS, (1989) Springer-Verlag, pp. 497\u2013506."},{"key":"3710_CR30","doi-asserted-by":"crossref","unstructured":"Alfred J. Menezes, Paul C. van Oorschot and Scott A, Vanstone. Handbook of Applied Cryptography. CRC Press, (1996).","DOI":"10.1201\/9781439821916"},{"key":"3710_CR31","unstructured":"N. Modadugu, D. Boneh and M. Kim, Generating RSA keys on a handheld using an untrusted server. In Cryptographer\u2019s Track RSA Conference, (2000)."},{"key":"3710_CR32","doi-asserted-by":"crossref","unstructured":"P. Q. Nguyen and I. E. Shparlinski, On the insecurity of a server-aided RSA protocol. In Proc. of Asiacrypt 2001, Vol. 2248 of LNCS, (2001) pp. 21\u201335.","DOI":"10.1007\/3-540-45682-1_2"},{"key":"3710_CR33","unstructured":"P. Q. Nguyen, I. E. Shparlinski and J. Stern, Distribution of modular sums and the security of server aided exponentiation. In Proceedings of the Workshop on Comp. Number Theory and Crypt., (1999) pp. 1\u201316."},{"key":"3710_CR34","unstructured":"P. Q. Nguyen and J. Stern, The B\u00e9guin-Quisquater Server-Aided RSA Protocol from Crypto \u201995 is not Secure. In Proc. of Asiacrypt \u201998, Vol. 1514 of LNCS, (1998) pp. 372\u2013379."},{"key":"3710_CR35","unstructured":"NIST. FIPS PUB 186: Digital Signature Standard, May 1994."},{"key":"3710_CR36","unstructured":"A. Odlyzko, Discrete logarithms: The past and the future. In Designs, Codes and Cryptography, 19, (2000) pp. 129\u2013145."},{"key":"3710_CR37","doi-asserted-by":"crossref","unstructured":"B. Pfitzmann and M. Waidner, Attacks on protocols for server-aided RSA computation. In Proc. of Eurocrypt \u201992, Vol. 658 of LNCS, (1993) pp. 153\u2013162.","DOI":"10.1007\/3-540-47555-9_13"},{"key":"3710_CR38","unstructured":"J. M. Pollard, Monte Carlo methods for index computation (mod p). In Mathematics of Computation. 32, (1978) pp. 918\u2013924."},{"key":"3710_CR39","unstructured":"J-J. Quisquater and M. De Soete, Speeding up smart card RSA computation with insecure coprocessors. In Proc. Smart Card 2000, (1991) pp. 191\u2013197."},{"key":"3710_CR40","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"R. Rivest","year":"1978","journal-title":"Communications of the ACM"},{"key":"3710_CR41","unstructured":"P. de Rooij, On the security of the Schnorr scheme using preprocessing. In Advances in Cryptology \u2013 Eurocrypt \u201991 Proceedings, Vol. 547 of LNCS, (1991) Springer-Verlag, pp. 71\u201380."},{"key":"3710_CR42","unstructured":"P. de Rooij, Efficient exponentiation using precomputation and vector addition chains. In Advances in Cryptology\u2014Eurocrypt \u201994 Proceedings, Vol. 950 of LNCS, (1995) Springer-Verlag, pp. 389\u2013399."},{"issue":"1","key":"3710_CR43","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s001459900016","volume":"10","author":"P. Rooij de","year":"1997","journal-title":"Journal of Cryptology"},{"key":"3710_CR44","unstructured":"K. Rubin and A. Silverberg, Torus-based cryptography. In Advances in Cryptology\u2014Crypto \u201903 Proceedings, Vol. 2729 of LNCS, (2003) Springer-Verlag, pp. 349\u2013365."},{"key":"3710_CR45","doi-asserted-by":"crossref","unstructured":"T. Sander and C. Tschudin, Towards mobile cryptography. In IEEE Symposium on Security and Privacy, (1998).","DOI":"10.1109\/SECPRI.1998.674837"},{"key":"3710_CR46","doi-asserted-by":"crossref","unstructured":"O. Schirokauer, D. Weber and Th. F. Denny. Discrete logarithms: the effectiveness of the index calculus method. In Proceedings ANTS II, Vol. 1122 of LNCS. (1996) Springer-Verlag.","DOI":"10.1007\/3-540-61581-4_66"},{"key":"3710_CR47","unstructured":"C. P. Schnorr, Efficient identification and signatures for smart cards. In Advances in Cryptology\u2014Crypto \u201989 Proceedings, Vol. 435 of LNCS, (1990) Springer-Verlag, pp. 239\u2013252."},{"issue":"3","key":"3710_CR48","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C. P. Schnorr","year":"1991","journal-title":"Journal of Cryptology"},{"issue":"5","key":"3710_CR49","doi-asserted-by":"crossref","first-page":"425","DOI":"10.1007\/s002000050082","volume":"8","author":"Eric R. Verheul","year":"1997","journal-title":"Applicable Algebra in Engineering, Communication and Computing"},{"key":"3710_CR50","unstructured":"A. Weimerskirch and C. Paar, Generalizations of the Karatsuba Algorithm for Efficient Implementations. (2003). http:\/\/www.crypto.rurh-uni-bochum.de\/Publikationen\/."},{"key":"3710_CR51","doi-asserted-by":"crossref","unstructured":"Michael J. Wiener, Cryptanalysis of short RSA secret exponents (abstract). In IEEE Transactions on Information Theory, Vol. 36, ISSUE 3 (1990) pp. 553\u2013558.","DOI":"10.1109\/18.54902"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-005-3710-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-005-3710-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-005-3710-8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,30]],"date-time":"2019-05-30T19:50:05Z","timestamp":1559245805000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-005-3710-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,5]]},"references-count":51,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2006,5]]}},"alternative-id":["3710"],"URL":"https:\/\/doi.org\/10.1007\/s10623-005-3710-8","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006,5]]}}}