公开(公告)号：US20250097048A1

公开(公告)日：2025-03-20

申请号：US18366384

申请日：2023-08-07

Applicant: NXP B.V.

Inventor： Joost Roland Renes ,  Tobias Schneider ,  Melissa Azouaoui ,  Mohamed ElGhamrawy

IPC: H04L9/32 ,  H04L9/08

Abstract: A method of performing a Dilithium signature operation on a message M using a secret key sk, including: calculating a value {tilde over (r)} based upon w0, c, and s2, where w0 and c are calculated as part of the Dilithium signature operation and s2 is part of the secret key sk; performing a bound check on {tilde over (r)} based upon γ2 and β, where γ2 and β are parameters of the Dilithium signature operation; calculating a hint h based on the value {tilde over (r)} and deleting the value {tilde over (r)} in a memory; regenerating a value y using an ExpandMask function; calculating z based upon y, c, and s1, where s1 is part of the secret key sk and replacing y with z in the memory; performing a bound check on z based on γ1 and β, where γ1 is a parameter of the Dilithium signature operation; and returning a digital signature of the message M where the digital signature includes z and h.

公开(公告)号：US20250080342A1

公开(公告)日：2025-03-06

申请号：US18461831

申请日：2023-09-06

Applicant: NXP B.V.

Inventor： Melissa Azouaoui ,  Mohamed ElGhamrawy ,  Joost Roland Renes ,  Tobias Schneider

IPC: H04L9/08 ,  H04L9/32

Abstract: A method of performing a Dilithium signature operation on a message M using a secret key sk, including: generating a polynomial y using an ExpandMask function; calculating a polynomial z based upon y, c, and s1; performing a bound check on z based upon γ1 and β; performing a bound check on ct0 based upon γ2; calculating a polynomial {tilde over (r)} based upon A, z, c, t, α, and w1; performing a bound check on {tilde over (r)} based upon γ2 and β; calculating a hint polynomial h based on the {tilde over (r)}; and returning a digital signature of the message M where the digital signature includes z and h.