A new appraoch to server-aided secret computation

Server-Aided Secret Computation(SASC) protocol enables the client(smart card) to borrow the computing power from the server(un trusted auxiliary device like ATM) without revealing the secret information of the client. The previous approach is to decompose the client's secret information into many pieces and to reveal some of them to the server. It signiicantly accelerates the secret computation, however there are some problems. Firstly, many pieces that have linear relation enable an attacker to probabilistic active attack, and it causes the performance degradation of SASC protocol. Secondly, the amount of communication and the server's computation is very large and proportional to security parameters. In this paper, we investigate a new approach to SASC protocol for RSA signature generation. Our approach is to blind the client's secret information by using a series of random numbers rather than to decompose it. The proposed protocol is secure against all known attacks including the probabilistic active attack, and the number of modular multiplications required at the client is just half of those in the previous ones. Moreover, the time required at the server and the amount of communication are very small and irrespective of security parameters. Consequently, the total time required to generate RSA signature is expected to be less than half of that required in the previous protocols in any environment.