Conclusions

• PDM unencumbered (to our knowledge)

• performance is “good enough” at the client

• performance much better at the server than any other proposals

  • half as much work, if same size modulus
  • but smaller modulus almost certainly secure enough, saving even more CPU for server
  • and server can be stateless. Two msg protocol.

Previous slide

Back to first slide

View graphic version