公开(公告)号：EP2932372A1

公开(公告)日：2015-10-21

申请号：EP13818569.9

申请日：2013-12-12

申请人： Microsoft Technology Licensing, LLC

发明人： CHEN, Zhimin ,  FULLER, Jay Scott

IPC分类号： G06F7/72 ,  H04L9/06

CPC分类号： H04L9/28 ,  G06F7/724 ,  G06F7/726 ,  G06F2207/7233 ,  H04L9/003 ,  H04L9/0631 ,  H04L2209/046 ,  H04L2209/08 ,  H04L2209/24

摘要： A non-linear transformation including a plurality of non-linear logical operations is masked to a second or higher order. The masking includes receiving a set of random bits, and machine-masking two or more of the plurality of non-linear logical operations with a same random bit from the set of random bits.

摘要翻译： 包括多个非线性逻辑运算的非线性变换被掩蔽到第二或更高阶。 掩蔽包括接收一组随机比特，并且利用来自该组随机比特的相同随机比特对多个非线性逻辑运算中的两个或更多个机器进行掩蔽。

公开(公告)号：EP1553720B1

公开(公告)日：2009-10-28

申请号：EP04016352.9

申请日：2004-07-12

申请人： Hitachi, Ltd.

发明人： Okeya, Katsuyuki ,  Takagi, Tsuyoshi

IPC分类号： H04L9/30 ,  G06F7/72

CPC分类号： G06F7/723 ,  G06F2207/7233

公开(公告)号：EP1648111A4

公开(公告)日：2008-03-19

申请号：EP03741543

申请日：2003-07-22

申请人： FUJITSU LTD

发明人： ITOH KOUICHI ,  IZU TETSUYA ,  TAKENAKA MASAHIKO ,  TORII NAOYA

IPC分类号： H04L9/10 ,  G06F7/72 ,  G09C1/00 ,  H04L9/06 ,  H04L9/30

CPC分类号： G06F7/725 ,  G06F7/723 ,  G06F2207/7223 ,  G06F2207/7228 ,  G06F2207/7233 ,  G06F2207/7238 ,  G06F2207/7261 ,  H04L9/003 ,  H04L9/3066 ,  H04L2209/08 ,  H04L2209/127

摘要： An encryption device (10) for performing elliptic curve encryption by using an individual key includes randomization means (16) for setting a point R on the elliptic curve generated according to a random number to be an initial point V0, calculation means (20) based on a bit sequence of a scalar value d for the elliptic curve encryption for executing addition of the initial point V0 and an input point A on the elliptical curve multiplied by a scalar, i.e., V1 = V0 + dA, randomization release means (22) for executing subtraction of the initial point V0 from the sum V1 obtained from the calculation, i.e., V = V1 - V0, and means (24) for supplying the point V obtained by the randomization release means as an output.

公开(公告)号：EP1280037A3

公开(公告)日：2005-04-13

申请号：EP02021466.4

申请日：1999-05-14

申请人： Infineon Technologies AG

发明人： Sedlak, Holger ,  Wallstab, Stefan ,  Söhne, Peter ,  Smola, Michael

IPC分类号： G06F1/00

CPC分类号： G06F7/00 ,  G06F7/723 ,  G06F21/75 ,  G06F21/755 ,  G06F2207/7223 ,  G06F2207/7233 ,  G06F2207/7266 ,  G06F2211/008 ,  G06F2221/2107

摘要： Es ist ein Datenverarbeitungsverfahren vorgesehen, bei dem in einer Verarbeitungseinheit (1,2) zugeführte Daten verarbeitet werden, und zum Betreiben ein Strom zugeführt wird, wobei ein Teil des zugeführten Stromes zufallsgesteuert einer Hilfsschaltung zugeführt wird.

公开(公告)号：EP2401734A1

公开(公告)日：2012-01-04

申请号：EP10745753.3

申请日：2010-02-18

申请人： Certicom Corp.

发明人： EBEID, Nevine Maurice Nassif ,  LAMBERT, Robert John

IPC分类号： G09C5/00 ,  G06F7/72 ,  H04L9/28

CPC分类号： G06F7/723 ,  G06F2207/7233 ,  G06F2207/7247 ,  G06F2207/7257 ,  H04L9/004 ,  H04L9/3249

摘要： There are disclosed systems and methods for computing an exponentiated message. In one embodiment blinding is maintained during the application of a Chinese Remainder Theorem (CRT) algorithm and then removed subsequent to the completion of the CRT algorithm. In another embodiment, fault injection attacks, such as the gcd attack, can be inhibited by applying and retaining blinding during the application of the CRT algorithm to yield a blinded exponentiation value, and then subsequently removing the blinding in a manner that causes an error injected into the CRT computation to cascade into the exponent of the value used to unblind the blinded exponentiated value.

公开(公告)号：EP1553490A3

公开(公告)日：2009-03-04

申请号：EP05250047.7

申请日：2005-01-07

申请人： SAMSUNG ELECTRONICS CO., LTD.

发明人： Baek, Yoo-jin

IPC分类号： G06F7/58 ,  G06F7/00

CPC分类号： G06F7/00 ,  G06F2207/7233 ,  H04L9/003

摘要： A cryptographic apparatus, a cryptographic method, and a computer readable storage medium provide for conversion between Boolean-masked data and arithmetic-masked data in a manner that allows for a reduction in computational overhead and hardware overhead. The cryptographic apparatus comprises: a first masking circuit which receives a first random number and data and outputs first-masked data; and a second masking circuit which receives a second random number and the first-masked data output from the first masking circuit, and outputs second-masked data. The second masking circuit comprises: an AND circuit which performs an AND operation between the first-masked data and the second random number; a shift circuit which receives the output signal of the AND circuit, and shifts the received output signal in a predetermined direction by predetermined bits; and a subtractor which receives the first-masked data and the output signal of the shift circuit, performs arithmetic subtraction of the output of the shift circuit form the first-masked data, and outputs second-masked data. The first-masked data is Boolean-masked data and the second-masked data is arithmetic-masked data.

公开(公告)号：EP1899803A2

公开(公告)日：2008-03-19

申请号：EP06765837.7

申请日：2006-06-23

申请人： Koninklijke Philips Electronics N.V.

发明人： HUBERT, Gerardus T.M., Philips IP & Standards GmbH

IPC分类号： G06F7/72

CPC分类号： G06F7/723 ,  G06F7/728 ,  G06F2207/7233 ,  G06F2207/7238

摘要： In order to further develop an arrangement for as well as a method of protecting at least one data processing device, in particular at least one embedded system, for example at least one chip card or smart card, against at least one attack, in particular against at least one side-channel attack, for example against at least one current trace analysis, the data processing device, in particular at least one integrated circuit of the data processing device, carrying out calculations, in particular cryptographic operations wherein an attack, for example an E[lectro]M[agnetic] radiation attack, or an analysis, for example a D[ifferential]P[ower]A[nalysis], such attack or such analysis in particular targeted on finding out a private key, is to be securely averted, it is proposed to blind all intermediate results of the calculations by at least one random variable.

公开(公告)号：EP1044533A1

公开(公告)日：2000-10-18

申请号：EP99948819.0

申请日：1999-09-17

申请人： Koninklijke Philips Electronics N.V. ,  Philips Corporate Intellectual Property GmbH

发明人： PHILIPP, Stefan

IPC分类号： H04L9/06

CPC分类号： G06F7/00 ,  G06F2207/7233 ,  H04L9/003 ,  H04L2209/08

摘要： The invention relates to an encoding method and an encoding device. At least one partial cryptographic operation yi=fi(xi, ki) is carried out by data xi, ki which are digitally stored as data bit words and the result or intermediate results yi are digitally stored or temporarily stored as data bit words. At least one of the data xi, ki and/or the result or at least intermediate result yi is optionally complemented or not bit by bit to æi, ki and/or yi, in accordance with a control signal ri based on random numbers.

公开(公告)号：EP1648111B1

公开(公告)日：2014-01-15

申请号：EP03741543.7

申请日：2003-07-22

申请人： FUJITSU LIMITED

发明人： ITOH, Kouichi, Fujitsu Limited ,  IZU, Tetsuya, Fujitsu Limited ,  TAKENAKA, Masahiko, Fujitsu Limited ,  TORII, Naoya, Fujitsu Limited

IPC分类号： G06F7/72 ,  H04L9/30

CPC分类号： G06F7/725 ,  G06F7/723 ,  G06F2207/7223 ,  G06F2207/7228 ,  G06F2207/7233 ,  G06F2207/7238 ,  G06F2207/7261 ,  H04L9/003 ,  H04L9/3066 ,  H04L2209/08 ,  H04L2209/127

公开(公告)号：EP1596278A1

公开(公告)日：2005-11-16

申请号：EP04291204.8

申请日：2004-05-11

申请人： Axalto SA

发明人： Courtois, Nicolas

IPC分类号： G06F7/72

CPC分类号： H04L9/0631 ,  G06F7/726 ,  G06F2207/7233 ,  H04L9/003 ,  H04L2209/046

摘要： La présente invention concerne un procédé de protection d'un ensemble mettant en oeuvre un processus de calcul cryptographique qui utilise une fonction homographique f du type :

f(z)= (az+b) / (cz+d) quand (cz+d) n'est pas égal à 0 et
f(-d/c)=a/c
la fonction f opérant sur des variables masquées caractérisé en ce que, pour tout k, si x est une entrée et y = f(x+k) une sortie de la fonction f, pour passer directement d'une valeur masquée x+m_i (masquage additif de type XOR) à une valeur masquée y+m_j, le procédé consiste à réaliser cette opération à l'aide d'une composition de plusieurs transformations opérant sur GF(2^k) avec l'adjonction de l'infini, définies sous forme (ax+b)/(cx+d), et de transformations qui échangent deux points.

摘要翻译： 该方法包括：对于所有秘密密钥（k），如果x是输入，并且y等于f（x + k），则直接从掩蔽值x + mi（XOR类型加法器 掩蔽）到掩蔽值y + m i。 输出变化使用在GF（2 k>）上运行的多次转换的组合，以（ax + b）/（cx + d）形式定义的无穷大的加法以及交换两点的变换来执行。 还包括以下独立权利要求：（A）包括密码计算处理存储单元和加密计算处理处理单元（B）的电子系统，该计算机程序包括用于执行执行的密码算法的步骤的程序代码指令 电子组装保护方法。