公开(公告)号：US07308096B2

公开(公告)日：2007-12-11

申请号：US10196508

申请日：2002-07-17

申请人： Katsuyuki Okeya ,  Shinichiro Harano

发明人： Katsuyuki Okeya ,  Shinichiro Harano

IPC分类号： H04L9/00 ,  H04K1/00

CPC分类号： G06F7/725 ,  G06F2207/7228

摘要： In scalar multiplication method in which a point on an elliptic curve is randomized, but yet scalar multiplication can be calculated by the computational cost as much as that without randomization, an operation is carried out upon a point randomized and a point not randomized in a scalar multiplication method to calculate a scalar-multiplied point from a scalar value and a point on an elliptic curve. The result of the operation is randomized while the computational cost becomes as much as that without randomization.

摘要翻译： 在椭圆曲线上的点被随机化的标量乘法中，可以通过与没有随机化的计算成本一样的计算成本来计算标量乘法，在随机化的点和不随机化的点中进行操作 乘法方法从标量值和椭圆曲线上的点计算标量相乘点。 操作的结果是随机化的，而计算成本变得与随机化一样多。

公开(公告)号：US07478432B2

公开(公告)日：2009-01-13

申请号：US10066713

申请日：2002-02-06

申请人： Isao Echizen ,  Hiroshi Yoshiura ,  Kunihiko Miyazaki ,  Kousuke Anzai ,  Jun'ichi Taguchi ,  Kazunori Nakano ,  Katsuyuki Okeya

发明人： Isao Echizen ,  Hiroshi Yoshiura ,  Kunihiko Miyazaki ,  Kousuke Anzai ,  Jun'ichi Taguchi ,  Kazunori Nakano ,  Katsuyuki Okeya

IPC分类号： G06F7/04 ,  G06F12/14 ,  H04N7/16 ,  H04L9/00

CPC分类号： H04L63/0428

摘要： A contents control method for controlling a process on the receiving side which is applied to contents transmitted from the transmitting side to the receiving side, includes a step of adding, when a predetermined block of the transmitted contents is an area where control information for controlling the process substance on the receiving side which is applied to the contents is added, the control information to the block. The method also includes a step of receiving a process designation concerning the transmitted contents, and a step of applying, when user information stored in a receiving side apparatus which receives the transmitted contents, or information concerning the receiving side apparatus satisfies conditions corresponding to the received process designation in the control information added to the block of the contents, a process corresponding to the process designation to the received block.

公开(公告)号：US06816594B1

公开(公告)日：2004-11-09

申请号：US09622231

申请日：2000-08-15

申请人： Katsuyuki Okeya

发明人： Katsuyuki Okeya

IPC分类号： H04N7167

CPC分类号： G06F7/725

摘要： It is an object of the present invention to provide a method and an apparatus for generating a safe normal form elliptic curve transformable to a Montgomery type elliptic curve as well as to provide an elliptic curve cryptosystem and a storage medium therefor. To achieve the above object, conditions concerning a curve order are extracted from criteria for transformability of a normal form elliptic curve to a Montgomery type elliptic curve and are given in a curve parameter generator incorporating a transformability judgement unit. Furthermore, to generate a curve having a cofactor of 4, the condition whether a curve order is divisible by 8 is given.

摘要翻译： 本发明的目的是提供一种用于生成可转换为蒙哥马利椭圆曲线的安全法线形椭圆曲线以及提供椭圆曲线密码系统及其存储介质的方法和装置。为了实现上述目的 从正态椭圆曲线的变形性标准向蒙哥马利椭圆曲线提取曲线顺序的条件，并且在包含变形性判断单元的曲线参数发生器中给出。 此外，为了产生具有辅助因子4的曲线，给出曲线顺序是否可被8整除的条件。

公开(公告)号：US20090245507A1

公开(公告)日：2009-10-01

申请号：US12366679

申请日：2009-02-06

申请人： Camille VUILLAUME ,  Katsuyuki Okeya ,  Masayuki Yoshino

发明人： Camille VUILLAUME ,  Katsuyuki Okeya ,  Masayuki Yoshino

IPC分类号： H04L9/28

CPC分类号： G06F7/72 ,  G06F2207/7204 ,  H04L9/3033 ,  H04L2209/20 ,  H04L2209/56

摘要： A technique which contributes to materialization of efficient encryption even with devices such as smartcards restricted in memory resource is provided. The system for generating cryptographic keys includes: a calculation unit for reconstructing a large number of small primes, a sieving unit for checking the divisibility of an integer by small primes, a recoding unit for changing the representation of an integer, a primality testing unit. First, the sieving unit eliminates “bad” candidates by checking their divisibility by small primes reconstructed by the calculation unit. After that, the primality of the remaining candidates is tested using the primality testing unit. The primality testing unit uses the recoding unit to change the representation of prime candidates. The primality testing unit performs a primality test using the representation after change. Thus, the number of operations for the primality test can be decreased without further memory requirements.

摘要翻译： 提供了即使在存储器资源中限制的诸如智能卡之类的设备的情况下有助于实现有效加密的技术。 用于生成加密密钥的系统包括：用于重建大量小素数的计算单元，用于通过小素数检查整数的可分性的筛选单元，用于改变整数表示的记录单元，原始检测单元。 首先，筛选单位通过由计算单元重建的小素数来检查其可分性，从而消除“不良”候选者。 之后，使用原始性测试单元测试剩余候选人的原始性。 原始测试单元使用记录单元来改变主要候选者的表示。 原始测试单元使用改变后的表示执行原始测试。 因此，可以在没有进一步的存储器要求的情况下减少用于原色测试的操作的数量。

公开(公告)号：US20070245147A1

公开(公告)日：2007-10-18

申请号：US11734807

申请日：2007-04-13

申请人： Katsuyuki Okeya

发明人： Katsuyuki Okeya

IPC分类号： H04L9/00

CPC分类号： H04L9/0643 ,  H04L9/3242 ,  H04L2209/20 ,  H04L2209/38

摘要： A message authentication technology capable of securing against side channel attack is provided. In a message authentication code generating device for calculating a message authentication code for a message from the message, a process in which disturbance information is generated from a temporary use numerical value, a process in which a conversion message is calculated from the message; and a process in which the message authentication code is calculated from the disturbance information and the conversion message are performed. In the process of calculating the message authentication code, process information is disturbed or concealed by the disturbance information. Therefore, the message authentication which is secure against side channel attack can be realized.

摘要翻译： 提供了能够防止侧向信道攻击的消息认证技术。 在用于从消息中计算消息的消息认证码的消息认证码生成装置中，从临时使用数值生成干扰信息的处理，从消息计算转换消息的处理; 并且执行从干扰信息计算消息认证码和转换消息的处理。 在计算消息认证码的过程中，过程信息被干扰信息干扰或隐藏。 因此，可以实现针对侧信道攻击的安全的消息认证。

公开(公告)号：US20110161390A1

公开(公告)日：2011-06-30

申请号：US13041604

申请日：2011-03-07

申请人： Masayuki Yoshino ,  Katsuyuki Okeya ,  Camille Vuillaume

发明人： Masayuki Yoshino ,  Katsuyuki Okeya ,  Camille Vuillaume

IPC分类号： G06F7/72

CPC分类号： G06F7/728

摘要： A modular multiplication processing apparatus is provided that can process modular multiplication of data exceeding a bit length which a coprocessor can readily process, by using the coprocessor based upon Montgomery multiplication In the modular multiplication processing apparatus, data to be subjected to modular multiplication is decomposed, and the decomposed data elements are transformed into a form suitable for Montgomery multiplication, respectively. Further, after respective data elements are transformed to have sizes that can be inputted into a coprocessor, Montgomery multiplication is repeatedly performed in the coprocessor. A remainder of Montgomery multiplication of an original bit length is restored from the obtained remainder.

摘要翻译： 通过使用基于蒙哥马利乘法的协处理器，可以处理超过协处理器可以容易地处理的比特长度的数据的模数乘法的模乘乘处理装置。在模乘乘处理装置中，要进行模乘的数据被分解， 并且分解的数据元素分别被转换成适合于蒙哥马利乘法的形式。 此外，在将各个数据元素变换为具有能够输入协处理器的大小之后，在协处理器中重复执行蒙哥马利乘法。 从获得的余数中恢复原始位长度的蒙哥马利乘数的剩余部分。

公开(公告)号：US07512231B2

公开(公告)日：2009-03-31

申请号：US10893523

申请日：2004-07-19

申请人： Katsuyuki Okeya ,  Tsuyoshi Takagi

发明人： Katsuyuki Okeya ,  Tsuyoshi Takagi

IPC分类号： H04L9/28

CPC分类号： G06F7/723 ,  G06F2207/7233

摘要： A decryption method of decrypting a plaintext m from a secret exponent d, a public key n, and a ciphertext c includes steps of converting the ciphertext c into a randomized ciphertext t, a step of converting the randomized ciphertext t into a randomized plaintext u, and steps of converting the randomized plaintext u into the plaintext m.

摘要翻译： 从秘密指数d，公钥n和密文c解密明文m的解密方法包括将密文c转换为随机密文t的步骤，将随机化密文t转换成随机化明文u的步骤， 以及将随机化明文u转换为明文m的步骤。

公开(公告)号：US08374345B2

公开(公告)日：2013-02-12

申请号：US12366679

申请日：2009-02-06

申请人： Camille Vuillaume ,  Katsuyuki Okeya ,  Masayuki Yoshino

发明人： Camille Vuillaume ,  Katsuyuki Okeya ,  Masayuki Yoshino

IPC分类号： G06F21/00

CPC分类号： G06F7/72 ,  G06F2207/7204 ,  H04L9/3033 ,  H04L2209/20 ,  H04L2209/56

摘要： A technique for efficient encryption for use with devices such as smartcards restricted in memory resource, including a calculation unit for reconstructing a large number of small primes, a sieving unit for checking the divisibility of an integer by small primes, a recoding unit for changing the representation of an integer, and a primality testing unit. The sieving unit eliminates “bad” candidates by checking their divisibility by small primes reconstructed by the calculation unit. The primality of the remaining candidates is tested using the primality testing unit. The primality testing unit uses the recoding unit to change the representation of prime candidates. The primality testing unit performs a primality test using the representation after change.

摘要翻译： 一种用于高效加密的技术，用于诸如限制在存储器资源中的智能卡之类的设备，包括用于重建大量小素数的计算单元，用于通过小素数检查整数的可分性的筛选单元，用于改变 一个整数的表示，以及一个原始测试单元。 筛选单位通过由计算单元重建的小素数检查其可分性来消除不良候选者。 使用原始性测试单元测试剩余候选人的原始性。 原始测试单元使用记录单元来改变主要候选者的表示。 原始测试单元使用改变后的表示执行原始测试。

公开(公告)号：US08291229B2

公开(公告)日：2012-10-16

申请号：US12335683

申请日：2008-12-16

申请人： Camille Vuillaume ,  Katsuyuki Okeya ,  Erik Dahmen

发明人： Camille Vuillaume ,  Katsuyuki Okeya ,  Erik Dahmen

IPC分类号： H04L9/34 ,  H04L29/06 ,  H04L9/28

CPC分类号： H04L63/0853 ,  G06F21/33 ,  G06F21/34 ,  H04L9/3226 ,  H04L9/3247 ,  H04L9/3271 ,  H04L2209/30 ,  H04L2209/38 ,  H04L2209/805

摘要： A system and method for authentication and digital signatures on memory-only supports, comprising a read-once memory unit storing secret arrays, whose contents are destroyed upon reading, a standard memory unit storing encrypted arrays, tree data authenticating the encrypted arrays to one single public key, and a certificate of the public key issued by a certificate authority. The memory support sends its public key and certificate to a verifier, receives a challenge which is signed by elements from secret arrays in the read-once memory. The verifier system checks the authenticity of the data revealed from the read-once memory by encrypting it and comparing the result to one of the encrypted arrays, and verifies that the encrypted array authenticates to the public key using tree data. Finally, the verifier checks the authenticity of the public key using the certificate.

摘要翻译： 一种用于仅存储器支持上的认证和数字签名的系统和方法，包括存储秘密阵列的一读存储器单元，其内容在读取时被破坏，存储加密阵列的标准存储器单元，将加密阵列认证为单个 公开密钥和证书颁发机构颁发的公钥证书。 内存支持将其公钥和证书发送给验证者，接收由一次读取内存中的秘密阵列的元素签名的挑战。 验证者系统通过对其进行加密来检查从一次读取的存储器中显示的数据的真实性，并将该结果与一个加密阵列进行比较，并使用树形数据验证加密阵列对公开密钥进行认证。 最后，验证者使用证书检查公钥的真实性。

公开(公告)号：US20080095360A1

公开(公告)日：2008-04-24

申请号：US11848386

申请日：2007-08-31

申请人： Camille Vuillaume ,  Katsuyuki Okeya ,  Masayuki Yoshino

发明人： Camille Vuillaume ,  Katsuyuki Okeya ,  Masayuki Yoshino

IPC分类号： H04L9/30 ,  H04L9/28

CPC分类号： H04L9/3236 ,  H04L9/0863 ,  H04L9/0897 ,  H04L9/3247 ,  H04L2209/30 ,  H04L2209/38

摘要： A signature system in which size of data to be transmitted is small and data can be processed efficiently in a Merkle signature system having high security. A processing part 112 of a smartcard 110 divides a message to be signed into groups of specific numbers of bits, starting from the first bit of the message. Then, respective partial one-time signatures of the groups are generated by encrypting each group by a one-way function processing part 112c. The partial one-time signatures are sequentially outputted to a verification apparatus through a interface part 113.

摘要翻译： 其中要发送的数据的大小小并且可以在具有高安全性的Merkle签名系统中有效地处理数据的签名系统。 智能卡110的处理部分112从消息的第一位开始，将要签名的消息划分成特定位数的组。 然后，通过单向函数处理部分112c对每个组进行加密来生成组的相应部分一次签名。 部分一次性签名通过接口部113依次输出到验证装置。