-
公开(公告)号:US06738478B1
公开(公告)日:2004-05-18
申请号:US09582499
申请日:2000-09-05
IPC分类号: G06F1730
CPC分类号: G06F7/725 , G06F2207/7261
摘要: This invention provides a method of computing a multiple k of a point P on an elliptic curve defined over a field, the method including the steps of representing the number k as binary vector k1, forming an ordered pair of point P1 and P2, wherein the points P1 and P2 differ at most by P, and selecting each of the bits ki in sequence, and for each of the ki, upon ki being a 0, computing a new set of points P1′, P2′ by doubling the first point P1 to generate the point P1′ and adding the points P1 and P2 to generate the point P2′ or upon ki being a 1, computing a new set of points P1′, P2′ by doubling the second point P2 to generate the point P2′ and adding the points P1 and P2 to produce the point P1′, whereby the doubles or adds are always performed in the same order for each of the bits bi, thereby minimizing a timing attack on the method. An embodiment of the invention applies to both multiplicative and additive groups.
摘要翻译: 本发明提供了一种计算在场上定义的椭圆曲线上的点P的多个k的方法,该方法包括将数字k表示为二进制向量k1的步骤,形成点P1和P2的有序对,其中 点P1和P2最多彼此不同,并且顺序地选择每个比特ki,并且对于ki中的每一个,当k i为0时,通过将第一点P1加倍来计算新的一组点P1',P2' 以产生点P1'并且将点P1和P2相加以产生点P2',或者当ki为1时,通过将第二点P2加倍以产生点P2'来计算新的点P1',P2',并且 添加点P1和P2以产生点P1',由此对于每个位bi始终以相同的顺序执行双精度或相加,从而最小化该方法的定时攻击。 本发明的实施例适用于乘法和加法组。
-
公开(公告)号:US08634562B2
公开(公告)日:2014-01-21
申请号:US13618451
申请日:2012-09-14
IPC分类号: G06F21/00
CPC分类号: G06F21/00 , H04L9/0841
摘要: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.
摘要翻译: 静态Diffie-Hellman(DH)私钥的不正确使用可能会泄漏关键字的信息。 通过密钥导出功能(KDF)来防止泄漏,但是标准对密钥导出函数并不一致。 用于执行DH私钥操作的模块必须以某种方式支持多种不同的KDF标准。 本发明提供了一种中间方法,既不试图实现所有可能的KDF操作,也不提供对原始DH私钥操作的不受保护的访问。 相反,模块将执行KDF操作的部分,如使用该模块的应用程序所示。 这样可以节省模块实现所需的每个KDF的整个KDF。 相反,该模块只能实现大多数KDF常用的可重复使用的部件。 此外,当需要新的KDF时,如果模块构建在模块实现的部件上,则模块可能能够支持它们。
-
公开(公告)号:US06430690B1
公开(公告)日:2002-08-06
申请号:US09628045
申请日:2000-07-28
IPC分类号: G06F124
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , H04L9/3263 , H04L9/3271 , H04L9/3273
摘要: A protocol for authenticating at least one of a pair of first and second correspondents C and T in a data communication system, the method comprising the steps or storing a public key in the first correspondent C; computing a shared secret by the second correspondent T incorporating the public key C; storing the shared secret in the first correspondent C: the second correspondent T generating a challenge value a; the first correspondent C transmitting to the second correspondent T information including the stored public key C; the second correspondent T computing a test shared secret from the received public key C; the first and second correspondents computing response signals using the challenge value z and the shared secret in a one-way function fr; and the first correspondent C transmitting the computed response signal to the second correspondent T whereby the second correspondent verifies the first correspondent.
摘要翻译: 一种用于在数据通信系统中验证一对第一和第二通信对象C和T中的至少一个的协议,所述方法包括以下步骤或在第一对应C中存储公共密钥; 由包含公共密钥C的第二记者T计算共享秘密; 将共享秘密存储在第一通信对象C中:生成询问值a的第二通信对象T; 第一通讯员C发送到包括存储的公开密钥C的第二通讯员T信息; 第二通讯员T从所接收的公钥C计算测试共享秘密; 第一和第二记者使用挑战值z和单向函数fr中的共享秘密来计算响应信号; 并且第一通信对象C将计算出的响应信号发送到第二通信对象T,由此第二对方验证第一通信对方。
-
公开(公告)号:US08335317B2
公开(公告)日:2012-12-18
申请号:US11272151
申请日:2005-11-14
IPC分类号: G06F21/00
CPC分类号: G06F21/00 , H04L9/0841
摘要: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.
摘要翻译: 静态Diffie-Hellman(DH)私钥的不正确使用可能会泄漏关键字的信息。 通过密钥导出功能(KDF)来防止泄漏,但是标准对密钥导出函数并不一致。 用于执行DH私钥操作的模块必须以某种方式支持多种不同的KDF标准。 本发明提供了一种中间方法,既不试图实现所有可能的KDF操作,也不提供对原始DH私钥操作的不受保护的访问。 相反,模块将执行KDF操作的部分,如使用该模块的应用程序所示。 这样可以节省模块实现所需的每个KDF的整个KDF。 相反,该模块只能实现大多数KDF常用的可重复使用的部件。 此外,当需要新的KDF时,如果模块构建在模块实现的部件上,则模块可能能够支持它们。
-
公开(公告)号:US20110268270A1
公开(公告)日:2011-11-03
申请号:US13181184
申请日:2011-07-12
申请人: Scott A. Vanstone , Ashok Vadekar , Robert J. Lambert , Robert P. Gallant , Daniel R. Brown , Alfred Menezes
发明人: Scott A. Vanstone , Ashok Vadekar , Robert J. Lambert , Robert P. Gallant , Daniel R. Brown , Alfred Menezes
CPC分类号: H04L9/0869 , H04L2209/26 , H04L2209/46
摘要: A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.
摘要翻译: 通过选择密钥并将其与系统参数进行比较来避免私钥生成中的潜在偏差。 如果达到预定条件,则被接受。 如果不是,则被拒绝并生成新的密钥。
-
公开(公告)号:US07372961B2
公开(公告)日:2008-05-13
申请号:US10025924
申请日:2001-12-26
申请人: Scott A. Vanstone , Ashok Vadekar , Robert J. Lambert , Robert P. Gallant , Daniel R. Brown , Alfred Menezes
发明人: Scott A. Vanstone , Ashok Vadekar , Robert J. Lambert , Robert P. Gallant , Daniel R. Brown , Alfred Menezes
CPC分类号: H04L9/0869 , H04L2209/26 , H04L2209/46
摘要: A potential bias in the generation or a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.
摘要翻译: 通过选择密钥并将其与系统参数进行比较来避免生成中的潜在偏差或私钥。 如果达到预定条件,则被接受。 如果不是,则被拒绝并生成新的密钥。
-
17.发明授权Control of ethylene on alkyl aluminum chain growth processes using calorimetry 失效使用量热法控制烷基铝链生长过程中的乙烯
公开(公告)号:US5518932A
公开(公告)日:1996-05-21
申请号:US79470
申请日:1993-06-21
申请人: Robert P. Gallant , Isaac L. Smith , Joseph B. Tedder, Jr. , Lloyd T. Crasto , George A. Daniels
发明人: Robert P. Gallant , Isaac L. Smith , Joseph B. Tedder, Jr. , Lloyd T. Crasto , George A. Daniels
CPC分类号: G01N25/4873 , C07C2/88 , Y10T436/21
摘要: The process of preparing higher aluminum alkyls by olefin chain growth on alkyl aluminum is improved by using on-line flow-through calorimetry to determine the aluminum concentration of a process stream, such as the aluminum alkyl feed stream, by reacting a sample portion of the process stream with a molar excess of alcohol and measuring the change in temperature. The aluminum concentration of the stream can then be adjusted as required to maintain it within a selected range.
摘要翻译: 通过使用在线流通量热法来确定工艺流如铝烷基进料流的铝浓度,通过使烷基铝的样品部分反应来改善在烷基铝上通过烯烃链生长制备高级烷基铝的方法 过程流与摩尔过量的醇并测量温度的变化。 然后可以根据需要调节流的铝浓度以将其保持在选定的范围内。
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.021 秒)
