公开(公告)号：US20240313963A1

公开(公告)日：2024-09-19

申请号：US18183310

申请日：2023-03-14

Applicant: NXP B.V.

Inventor： Christine van Vredendaal ,  Björn Fay ,  Mario Lamberger

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0894 ,  H04L9/0891 ,  H04L9/3263

Abstract: A method for provisioning a plurality of IC devices, the method including: providing, by a first entity, the plurality of IC devices; storing, by the first entity, in one of the plurality of IC devices used as a provisioning device, one or more keys, and a public key, wherein the one or more keys include a reprovisioning key for reprovisioning the remaining IC devices; installing, by the first entity, provisioning software in the provisioning device; signing, by the first entity, provisioning software using a private key, the private key corresponding to the public key; provisioning the remaining IC devices by the provisioning device including providing cryptographic assets to the remaining IC devices, wherein the cryptographic assets include cryptographic code and keys; and reserving space in the remaining IC devices for reprovisioning the remaining IC devices with updated cryptographic assets.

公开(公告)号：US20220376892A1

公开(公告)日：2022-11-24

申请号：US17243058

申请日：2021-04-28

Applicant: NXP B.V.

Inventor： Joppe Willem Bos ,  Mario Lamberger ,  Joost Roland Renes ,  Tobias Schneider ,  Christine van Vredendaal

IPC: H04L9/06 ,  H04L9/32

Abstract: Various embodiments relate to a hardware device configured to compute a plurality of chained hash functions in parallel, including: a processor implementing p hash functions configured to operate on a small input, where p is an integer; a data unit connected to the plurality of hash functions, configured to store the outputs of plurality of hash functions that are then used as the input to a next round of computing the hash function, wherein the processor receives a single instruction and p small data inputs, and wherein each of the p hash functions are used to perform a chained hash function operation on a respective small input of the p small inputs.

公开(公告)号：US11126404B2

公开(公告)日：2021-09-21

申请号：US16416417

申请日：2019-05-20

Applicant: NXP B.V.

Inventor： Bruce Murray ,  Mario Lamberger

IPC: G06F7/58

Abstract: A device for providing a random number generator is provided. The device may include a true random number generator, at least one deterministic random number generator, and an exclusive OR logic function. The TRNG has an output and the at least one DRNG has an output. The exclusive OR logic function has a first input coupled to the output of the TRNG and a second input coupled to the output of the at least one DRNG, and an output for providing a random number. The TRNG and the at least one DRNG may include separate and independent entropy sources. A method for generating a random number is also provided.

公开(公告)号：US12047491B2

公开(公告)日：2024-07-23

申请号：US17243058

申请日：2021-04-28

Applicant: NXP B.V.

Inventor： Joppe Willem Bos ,  Mario Lamberger ,  Joost Roland Renes ,  Tobias Schneider ,  Christine van Vredendaal

IPC: H04L9/06 ,  H04L9/32 ,  H04L9/00

CPC classification number: H04L9/0643 ,  H04L9/3236 ,  H04L9/50

Abstract: Various embodiments relate to a hardware device configured to compute a plurality of chained hash functions in parallel, including: a processor implementing p hash functions configured to operate on a small input, where p is an integer; a data unit connected to the plurality of hash functions, configured to store the outputs of plurality of hash functions that are then used as the input to a next round of computing the hash function, wherein the processor receives a single instruction and p small data inputs, and wherein each of the p hash functions are used to perform a chained hash function operation on a respective small input of the p small inputs.

公开(公告)号：US20240195620A1

公开(公告)日：2024-06-13

申请号：US18065396

申请日：2022-12-13

Applicant: NXP B.V.

Inventor： Bruce Murray ,  Mario Lamberger

IPC: H04L9/30 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/3066 ,  H04L9/0841 ,  H04L9/3271

Abstract: Various embodiments relate to a data processing system comprising instructions embodied in a non-transitory computer readable medium, the instructions for an elliptic curve cryptography authentication method based on an elliptic curve in a processor, the instructions, comprising: generating, by a verifier, a random challenge r; multiplying, by the verifier, the random challenge r by a basepoint G to produce R; sending an x coordinate of R to a prover; receiving an x-coordinate of a first point P1 and a second point P2 from the prover, wherein P1 is based on a random share q1 of the private key q of the prover and R, and wherein P2 is based on a random share q2 of the private key q and R; where q=q1−q2; finding a point P1′ on the elliptic curve having an x-coordinate of the first point P1; finding a point P2′ on the elliptic curve having an x-coordinate of the second point P2; and authenticating the prover when an x-coordinate of one of (P1′+P2′) and (P1′−P2′) matches an x-coordinate of r·Q, wherein Q is a public key of the prover.

公开(公告)号：US20250030543A1

公开(公告)日：2025-01-23

申请号：US18356403

申请日：2023-07-21

Applicant: NXP B.V.

Inventor： Mario Lamberger ,  Bruce Murray

IPC: H04L9/30

Abstract: An elliptic curve point validation method, comprising: receiving a standard projective X and Z coordinate on an elliptic curve; computing X·Z; inverting X·Z to get (XZ)−1; multiplying Z2, (XZ)−1, and a constant √{square root over (b)} resulting in √{square root over (b)}·x−1, where b is a constant of the elliptic curve; multiplying X2 and (XZ)−1 resulting in x; computing Tr(x) and checking that it has a value of 1, where Tr(⋅) is a trace of Frobenius map that maps an input to a value of 0 or 1; computing Tr(√{square root over (b)}x−1) and checking that it has a value of 0; and outputting x and a PointOnCurve value, where the PointOnCurve value indicates whether x is on the elliptic curve.

公开(公告)号：US12021973B2

公开(公告)日：2024-06-25

申请号：US17587868

申请日：2022-01-28

Applicant: NXP B.V.

Inventor： Mario Lamberger ,  Christine Van Vredendaal ,  Markus Hinkelmann ,  Hauke Meyn ,  Alexander Vogt

IPC: H04L9/08

CPC classification number: H04L9/0825 ,  H04L9/0891

Abstract: Various embodiments relate to a system for provisioning a cryptographic device, including: a memory; a processor coupled to the memory, wherein the processor is further configured to: determine a maximum PQC private key size, maximum PQC public key size, and maximum PQC updater size of a plurality of post quantum cryptography algorithms; provision memory in the cryptographic device to store a PQC-update non-PQC private key, a secret PQC-update non-PQC public key, PQC private key, PQC public key, and PQC updater based upon the determined maximum PQC private key size, maximum PQC public key size, and maximum updater size; and provision the cryptographic device with the PQC-update non-PQC private key, the secret PQC-update non-PQC public key, a non-PQC secret key, a non-PQC public key, and non-PQC algorithm code configured to carry out non-PQC cryptographic algorithms.

公开(公告)号：US11651354B2

公开(公告)日：2023-05-16

申请号：US16567626

申请日：2019-09-11

Applicant: NXP B.V.

Inventor： Marcel Medwed ,  Mario Lamberger

IPC: G06Q20/36 ,  G06Q20/06 ,  G06Q20/38

CPC classification number: G06Q20/3678 ,  G06Q20/0655 ,  G06Q20/383 ,  G06Q20/3825

Abstract: A method for managing an anonymous e-cash transaction includes receiving a request to withdraw a payment coin, generating a combination of random attributes for the payment coin, creating the payment coin based on the combination of attributes, and issuing the payment coin in exchange for a first asset. Each attribute of the combination of attributes may represent a different portion of a total value of the payment coin. A partially spent value of the payment coin may be based on a revealed subset of the combination of attributes. The method further includes



creating a refund coin based on the combination of attributes and spending the refund coin to issue a refund having a value corresponding to an unspent portion of the payment coin. Each attribute of the combination of attributes of the refund coin may represent a different portion of a total value of the refund coin.

公开(公告)号：US20250070972A1

公开(公告)日：2025-02-27

申请号：US18449355

申请日：2023-08-14

Applicant: NXP B.V.

Inventor： Mario Lamberger ,  Laurie Genelle

IPC: H04L9/30

Abstract: A method for carrying out an elliptic curve based cryptographic operation using a cryptographic processor with a first elliptic curve and α fixed interface, including: converting a second point on a second elliptic curve to a first point on the first elliptic curve using a first function interface of the cryptographic processor and a second function interface of the cryptographic processor; performing a point multiplication on the first point to produce a third point on the first elliptic curve using a point multiplication interface of the cryptographic processor; and converting the third point on the first elliptic curve to a fourth point on the second elliptic curve using the first function interface of the cryptographic processor and the second function interface of the cryptographic processor, wherein the first function interface of the cryptographic processor computes r+h·d mod n and the second function interface of the cryptographic processor computes x−1 mod n.

公开(公告)号：US12177338B2

公开(公告)日：2024-12-24

申请号：US17587903

申请日：2022-01-28

Applicant: NXP B.V.

Inventor： Christine Van Vredendaal ,  Mario Lamberger ,  Markus Hinkelmann ,  Hauke Meyn ,  Alexander Vogt

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/40

Abstract: Various embodiments relate to a system for provisioning a cryptographic device, including: a memory; a processor coupled to the memory, wherein the processor is further configured to: determine the maximum key generation seed size, maximum PQC private key size, maximum PQC public key size, and maximum PQC updater size of a plurality of post quantum cryptography algorithms; provision memory in the cryptographic device to store a key generation seed, PQC private key, PQC public key, and PQC updater based upon the determined maximum key generation seed size, maximum PQC private key size, maximum PQC public key size, and maximum PQC updater size; and provision the cryptographic device with a non-PQC secret key, a non-PQC public key, and non-PQC algorithm code configured to carry out non-PQC cryptographic algorithms.