公开(公告)号：US08948388B2

公开(公告)日：2015-02-03

申请号：US13770533

申请日：2013-02-19

Applicant: Certicom Corp.

Inventor： Daniel Richard L. Brown ,  Scott Alexander Vanstone

IPC: H04L9/00 ,  H04L9/08 ,  G06F7/58 ,  H04L9/30 ,  H04L9/06 ,  G06F7/72

CPC classification number: H04L9/0869 ,  G06F7/582 ,  G06F7/588 ,  G06F7/725 ,  H04L9/0662 ,  H04L9/0816 ,  H04L9/0894 ,  H04L9/3066 ,  H04L2209/20 ,  H04L2209/24 ,  H04L2209/26

Abstract: An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.

Abstract translation: 椭圆曲线随机数发生器通过选择椭圆曲线上的点Q可以无限次地避免代管钥匙。 选择一个任意的字符串，并计算该字符串的散列。 然后将散列转换为所需场的场元素，将该场元素视为椭圆曲线上的点Q的x坐标，并且在期望的椭圆曲线上测试x坐标的有效性。 如果有效，则将x坐标解压缩到点Q，其中，从哈希值得出两个点的选择。 意向使用代管键可以提供备份功能。 P和Q之间的关系用作托管密钥，并由安全域存储。 管理员记录生成器的输出，用代管密钥重构随机数。

公开(公告)号：US20130152213A1

公开(公告)日：2013-06-13

申请号：US13758149

申请日：2013-02-04

Applicant: Research In Motion Limited ,  Certicom Corp.

Inventor： Scott Alexander Vanstone ,  Neil Patrick Adams

IPC: G06F21/60

CPC classification number: G06F21/60 ,  G06F21/31 ,  G06F21/6245 ,  G06F2221/2119

Abstract: A device and method are provided for a device that communicates security information to a user entering content into the device. In an aspect, the device may access content from a server over a connection through the network. The device displays the content on a user interface of the device. The device detects information entered into a field of the displayed content and evaluates a security state of the device. If the security state is below a security threshold and, if the entered information is identified as protected information based on stored criteria, the device displaying a visual indication on the user interface.

Abstract translation: 提供了一种用于将安全信息传送到将内容输入到设备中的用户的设备和方法。 在一方面，设备可以通过网络通过连接访问来自服务器的内容。 设备在设备的用户界面上显示内容。 设备检测输入到显示的内容的字段中的信息，并评估设备的安全状态。 如果安全状态低于安全阈值，并且如果输入的信息基于存储的标准被识别为受保护信息，则该设备在用户界面上显示可视指示。

公开(公告)号：US10284370B2

公开(公告)日：2019-05-07

申请号：US14318313

申请日：2014-06-27

Applicant: Certicom Corp.

Inventor： Marinus Struik ,  Daniel Richard L. Brown ,  Scott Alexander Vanstone ,  Robert Philip Gallant ,  Adrian Antipa ,  Robert John Lambert

IPC: H04L29/06 ,  H04L9/30 ,  G06F7/72 ,  H04L9/32

Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n)G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.

公开(公告)号：US08732467B2

公开(公告)日：2014-05-20

申请号：US13730440

申请日：2012-12-28

Applicant: Certicom Corp.

Inventor： Scott Alexander Vanstone ,  Donald B. Johnson ,  Minghua Qu

IPC: H04L9/00

CPC classification number: H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

Abstract: A method for creating and authenticating a digital signature is provided, including selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system, a recovered second signature component s′ is computed by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature.

Abstract translation: 提供了一种用于创建和认证数字签名的方法，包括选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用短期计算从第一数学函数导出的第一签名组件r 公开密钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件，并且发送 签名组件（s，r，c）作为屏蔽数字签名到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。

公开(公告)号：US20130145168A1

公开(公告)日：2013-06-06

申请号：US13730440

申请日：2012-12-28

Applicant: CERTICOM CORP.

Inventor： Scott Alexander Vanstone ,  Donald B. Johnson ,  Minghua Qu

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

Abstract: A method for creating and authenticating a digital signature is provided, including selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system, a recovered second signature component s′ is computed by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature.

Abstract translation: 提供了一种用于创建和认证数字签名的方法，包括选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用短期计算从第一数学函数导出的第一签名组件r 公开密钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件，并且发送 签名组件（s，r，c）作为屏蔽数字签名到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。