On “Practical and secure outsourcing algorithms for solving quadratic congruences in IoTs” from IEEE IoT journal

Abstract

Secure outsourced computation enables IoT devices to offload resource-intensive computations to a more resourceful server while keeping the inputs secret to the server. Recently, Zhang et al. put forth two outsourcing algorithms for solving quadratic congruences (Zhang et al., 2020). We observe that both the algorithms do not achieve the claimed security guarantees: a polynomial-time attack reveals the secret inputs to a passive adversary. As a consequence of the insecure outsourcing, the factorization of the RSA modulus is also revealed and hence leads to the total compromise of the security of the underlying scheme which makes use of the Zhang et al. outsourcing algorithms for solving quadratic congruences. Interestingly, we propose corrective measures for the Zhang et al. algorithm and prove that the resulting algorithm enables secure and verifiable delegation of solving quadratic congruences in IoTs. © 2021 Elsevier B.V.