On Rangasamy's outsourcing algorithm for solving quadratic congruence equations

TL;DR

This paper critically examines Rangasamy's proposed outsourcing algorithm for quadratic congruence equations in IoT, revealing flaws and security vulnerabilities that challenge its claimed correctness and security.

Contribution

It identifies a flaw in Rangasamy's modified algorithm and introduces additional attacks that compromise its security, advancing understanding of secure outsourcing in IoT.

Findings

Rangasamy's algorithm has a correctness flaw.

Security claims of the algorithm are broken by new attacks.

The paper highlights the need for more secure outsourcing schemes.

Abstract

Outsourcing computation is a desired approach for IoT (Internet of Things) devices to transfer their burdens of heavy computations to those nearby, resource-abundant cloud servers. Recently, Rangasamy presented a passive attack against two outsourcing algorithms proposed by Zhang et al. for solving quadratic congruence equations, which is widely used in IoT applications. Furthermore, he also proposed a modified algorithm to fix these schemes and claimed that his algorithm was correct and enabled secure and verifiable delegation of solving quadratic congruence equations in IoTs. However, we show that Rangasamy's modified algorithm has a flaw which makes it incorrect and also propose some further attacks to break the security claim, even when the flaw has been corrected.