-
-
2.
公开(公告)号:EP4268218A1
公开(公告)日:2023-11-01
申请号:EP21839931.9
申请日:2021-12-15
-
3.
公开(公告)号:EP4422126A1
公开(公告)日:2024-08-28
申请号:EP23305221.6
申请日:2023-02-21
CPC分类号: H04L9/3247 , H04L9/3093 , H04L2209/04620130101
摘要: The present invention relates to a method method for optimizing the execution of the generation of a Crystals-Dilithium post-quantum digital signature σ = (c̃, z, h) of a message M with a secret key sk = (ρ, K, tr, s1, s2, t0) where ρ, K, tr are 256 bits binary values, s1 and s2 are vectors of length l, respectively k, of elements of the ring Rq whose coefficients are lower than a first predetermined value η, and t0 is a polynomial vector of length k with k, l, n and q integers, said Crystals-Dilithium post-quantum digital signature generation comprising :
a) generating (S1) a masking vector y, of length l, of polynomials with coefficients less than a second predetermined value γ1,
b) computing (S2) a first vector of polynomials, of length k, w = Ay, where A is a k × l matrix each of whose entries is a polynomial in the ring Rq = Zq[X]/(Xn + 1),
c) determining (S3) a second vector of polynomials w1 and a third vector of polynomials w0, both of length k, where every polynomial coefficient wi in Ay, with i in 0, ..., k-1, is written as wi = w1i · 2γ2 + w0i where |w0i| ≤ γ2 with γ2 a third predetermined value,
d) generating (S4) a challenge c based on the message and the second vector of polynomials w1,
e) performing rejection tests (S5) comprising testing if test vectors generated from said vectors, said challenge and said secret key fulfill predetermined conditions, and when said conditions are not fulfilled, restarting the signature generation from step a), else generating said signature, the steps a), b), c), d), and e) being repeated until the conditions are satisfied,
wherein performing rejection tests (S5) comprises :
- following said determination of said third vector of polynomials w0, generating a first test vector r0 as w0-cs2, and checking whether said first test vector r0 fulfills a first condition,
- when said first condition is met, generating a second test vector z= y + cs1, and checking whether said second test vector z fulfills a second condition, and wherein, when said second condition is met, said signature is generated from said second test vector.-
-
-
公开(公告)号:EP4268219A1
公开(公告)日:2023-11-01
申请号:EP21844997.3
申请日:2021-12-22
-
公开(公告)号:EP4195582A1
公开(公告)日:2023-06-14
申请号:EP21306726.7
申请日:2021-12-08
IPC分类号: H04L9/08
摘要: The invention relates to a method for correcting an erroneous fuzzy data key, and computing system. The method according to the invention comprises the steps of providing an integrated circuit and an initial fuzzy data key (K) with n bits; providing an encoding helper data algorithm (HDA); splitting the initial fuzzy data key into a first key subset(KeyA) and a second key subset (KeyB); calculating helper data (HKeyA) from the first key subset (KeyA) using the encoding helper data algorithm (HDA); calculating a masked error correction helper data (MHKey) as a combination of the helper data (HKeyA) and of the second key subset (KeyB); registering the masked error correction helper data in a memory (NVM); providing an erroneous fuzzy data key comprising a first erroneous key subset (KeyA') and a second erroneous key subset (KeyB') and comprising at least one erroneous bit in its first erroneous key subset (KeyA') and/or in its second erroneous key subset (KeyB'); unmasking the masked error correction helper data (MHKey) registered in the memory (NVM) using the second erroneous key subset (KeyB'); and correcting the erroneous fuzzy data key using the unmasked helper data (HKeyA'). The method according to the invention is implemented in Physical Unclonable Functions applications.
-
-
-
-
-
-