Efficient and Secure Outsourcing Scheme for RSA Decryption in Internet of Things

Abstract

Rivest-Shamir-Adleman (RSA) is one of the widely deployed public-key algorithms. Yet, its decryption facet is very time consuming for resource-constrained Internet-of-Thing (IoT) devices, as it is based on the modular exponentiation of a large number. Although several variants of RSA have been designed to accelerate decryption, the outcomes have been far from satisfactory. Therefore, it is of imminent importance to investigate how to securely outsource RSA decryption to computational powerful parties as an alternative solution. In this article, we introduce the first efficient and secure outsourcing scheme for RSA decryption in IoT. Though RSA decryption is achieved via modular exponentiation, existing secure outsourcing schemes for modular exponentiation either assume the modulus to be prime and are not applicable to RSA or incur massive computation costs and are heavy laden in practice. To address these issues, we have designed our scheme based on the Chinese remainder theorem (CRT). In our scheme, the private keys (including the exponent and the modulus) and the plaintext are concealed concurrently, and the proposed scheme is highly efficient for both client and cloud. In addition, our scheme enables the client to detect any misbehavior of the cloud server with a probability of 99.17%. To validate the effectiveness of our proposed scheme, we provide rigorous proofs of security and verifiability, as well as efficiency analysis. The effectiveness and efficiency of our scheme are further confirmed based on experimental results.