Delegation of pairings from a computationally weaker client to a computationally stronger server has been advocated to expand the applicability of pairing-based cryptographic protocols to computation paradigms with resource-constrained devices. Important requirements for such delegation protocols include privacy of the client’s inputs and security of the client’s output, in the sense of detecting, with high probability, any malicious server’s attempt to convince the client of an incorrect pairing result. In this research direction we show that pairings with inputs only available in the online phase can be efficiently, privately, and securely delegated to a single, possibly malicious, server. We present new protocols in 2 different scenarios: (1) the two pairing inputs are publicly known; (2) privacy of both pairing inputs needs to be. In both cases, we improve the online-phase client’s runtime with respect to previous work. In the latter case, we show the first protocol where the client’s online phase runtime is faster than non-delegated computation for all the most practical known curves. In previous work, the client’s runtime was worse, especially for one of the most practical elliptic curves underlying the pairing function.
Secure and Efficient Delegation of Pairings with Online Inputs
Matluba Khodjaeva, CUNY John Jay College of Criminal JusticeAuthors: G. Di Crescenzo, M. Khodjaeva, D. Kahrobaei, V. Shpilrain
2022 AWM Research Symposium
Mathematical Aspects of Cryptography