-
公开(公告)号:US6125445A
公开(公告)日:2000-09-26
申请号:US76818
申请日:1998-05-13
申请人: David Arditti , Henri Gilbert , Jacques Stern , David Pointcheval
发明人: David Arditti , Henri Gilbert , Jacques Stern , David Pointcheval
CPC分类号: H04L9/3236 , H04L9/3218
摘要: A process for the identification of a claimant by a verifier. The process is of the public key type, where the public exponent is equal to 3. The claimant draws at random a first exponent .alpha., calculates r=g.sup..alpha. mod n and transmits R=r.sup.3. The verifier draws at random a second exponent .beta., calculates t=g.sup..beta. mod n, calculates T=t.sup.3 mod n and h=H.sub.1 (Z), where H.sub.1 is a hash function, and calculates Z=R.sup.3 mod n. The verifier transmits to the claimant the numbers T and h. The claimant calculates Y=T.sup..alpha. mod n, verifies the result H.sub.1 (Y), calculates H=H.sub.2 (Y), where H.sub.2 is another hash function, calculates z=rS mod n, and transmits z and H. The claimant also has a secret number S equal to the modulo n cubic root of a number I deduced from its identity so that the number S verifies S.sup.3 =I mod n. The verifier verifies that H received is equal to H.sub.2 (Z) and that z.sup.3 is equal to RI mod n.
摘要翻译: 验证者识别索赔人的过程。 该过程是公钥类型,其中公共指数等于3.索赔人随机抽取第一指数α,计算r = g alpha mod n并发送R = r3。 验证者随机抽取第二指数β,计算t = g beta mod n,计算T = t3 mod n和h = H1(Z),其中H1是散列函数,并计算Z = R3 mod n。 验证者向索赔人传送号码T和h。 索赔人计算Y = Tαmod n,验证结果H1(Y),计算H = H2(Y),其中H2是另一个哈希函数,计算z = rS mod n,并发送z和H.索赔人也有 秘密数S等于从其身份推断的数字的模n立方根,使得数S验证S3 = I mod n。 验证者验证H接收等于H2(Z),并且z3等于RI mod n。
-
公开(公告)号:US5581615A
公开(公告)日:1996-12-03
申请号:US366455
申请日:1994-12-30
申请人: Jacques Stern
发明人: Jacques Stern
CPC分类号: H04L9/302 , G06Q20/3674 , H04L9/3218 , H04L2209/56
摘要: A new procedure for authentication of at least one prover by a verifier, the authentication being based on public and secret key cryptographic techniques and making use of a zero-knowledge protocol. In addition, this protocol is established using the problem of constrained linear equations and finds applications in cryptography. This procedure uses a published matrix M of dimension m.times.n where coefficients are chosen at random from the integers from 0 to d-1, where d is generally a prime number close the square of a number c. The "prover" authenticates itself to a "verifier" by performing hashing functions based on a randomly chosen vector U of dimension m and a randomly chosen vector V of dimension n, the results of which are called commitments and are sent to the prover. The prover then chooses one of several predefined functions and requests that the verifier perform this one predefined function. When the verifier receives a result of the predefined function, it compares the result with the commitments to determine if the prover has provided a correct set of responses. The procedure also can be repeated for other random vectors U and V for increased security.
摘要翻译: 用于由验证者认证至少一个证明者的新过程,该认证基于公共和秘密密钥加密技术并利用零知识协议。 此外,该协议是使用约束线性方程的问题建立的,并在密码学中得到应用。 该过程使用尺度为mxn的已发布矩阵M,其中从0到d-1的整数随机选择系数,其中d通常是数字c的平方附近的素数。 “验证者”通过基于随机选择的维度向量U和维数n的随机选择向量V执行散列函数,将其自身认证为“验证者”,其结果称为承诺,并发送给证明者。 证明者然后选择几个预定义的功能之一,并请求验证者执行这一个预定义的功能。 当验证者接收到预定义功能的结果时,将结果与承诺进行比较,以确定证明者是否提供了一组正确的响应。 对于其他随机向量U和V也可以重复该过程以提高安全性。
-
3.发明授权
公开(公告)号:US5825882A
公开(公告)日:1998-10-20
申请号:US446644
申请日:1995-07-31
申请人: Jacek Kowalski , Michel Martin , Jacques Stern , Antoine Joux
发明人: Jacek Kowalski , Michel Martin , Jacques Stern , Antoine Joux
CPC分类号: G07F7/1008 , G06F12/1408 , G06Q20/341 , G06Q20/3674 , G06Q20/40975 , G07F7/0866
摘要: Encryption circuits and methods, in particular for smart cards, are disclosed. Smart cards without microprocessors may be authenticated very simply by using encryption with a secret card data table on which recursive cycles are executed. During each cycle, a word is read out of the table, said word being at an address that is at least partially defined by the word read out in the previous cycle. The new address preferably consists of several bits from the previous word and a bit from internal card data, external data supplied by a card reader, or a register containing a partial encryption result.
摘要翻译: PCT No.PCT / FR93 / 01140 Sec。 371日期1995年7月31日 102(e)日期1995年7月31日PCT 1993年11月19日PCT公布。 第WO94 / 11829号公报 日期1994年5月26日公开了加密电路和方法,特别是智能卡。 没有微处理器的智能卡可以非常简单地通过使用具有执行递归周期的秘密卡数据表的加密来进行认证。 在每个周期期间,从表中读出一个字,所述字位于至少部分地由在前一周期读出的单词所定义的地址。 新地址优选地包括来自前一个字的几个位和来自内部卡数据的一些位,由读卡器提供的外部数据或包含部分加密结果的寄存器。
-
4.发明授权Method for processing a digital signal in a so-called secure communication system and use of this method for access control and/or binary signature 失效用于在所谓的安全通信系统中处理数字信号的方法,以及使用该方法进行访问控制和/或二进制签名
公开(公告)号:US5764771A
公开(公告)日:1998-06-09
申请号:US662625
申请日:1996-06-13
CPC分类号: H04L9/0643 , H04L9/0662 , H04L2209/34
摘要: The present invention relates to a method of processing a digital signal of dimension k, in a so-called secure communication system, such that the digital signal (y) at output cannot be deduced from the digital signal (x) at input, consisting in dispatching the digital signal (x) to a device effecting a one-way function. The method includes the following steps: the digital signal (x) at the input is dispatched to a circuit C (1, 2) which gives as output a digital signal (x") of dimension n acceptable to the one-way function; the signal (x") from the circuit C (1, 2) is dispatched to the circuit effecting the one-way function giving as output the digital signal (y). The invention applies in particular to so-called secure communication systems.
摘要翻译: 本发明涉及一种在所谓的安全通信系统中处理尺寸k的数字信号的方法,使得输出处的数字信号(y)不能从输入处的数字信号(x)推导出,包括 将数字信号(x)调度到实现单向功能的设备。 该方法包括以下步骤:将输入端的数字信号(x)分配给电路C(1,2),该电路给出单向功能可接受的维数n的数字信号(x“)作为输出; 来自电路C(1,2)的信号(x“)被调度到执行单向功能的电路,作为数字信号(y)的输出。 本发明特别适用于所谓的安全通信系统。
-
5.发明授权Authentication process for at least one identification device using a verification device and a device embodying the process 失效使用验证设备和体现该过程的设备的至少一个识别设备的认证过程
公开(公告)号:US5483597A
公开(公告)日:1996-01-09
申请号:US175721
申请日:1993-12-30
申请人: Jacques Stern
发明人: Jacques Stern
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/3674 , G06Q20/40975 , H04L9/3218 , H04L9/3236
摘要: A a process for the authentication of at least one identification device by a verification device. In this process, authentication is done by a zero knowledge input protocol based on the decoding by syndrome problem. The process consists of setting up a secret vector s with a Hamming weight d, a known matrix M with dimensions n.times.k and a public vector K such that K=Ms, the production of a random vector y and a random permutation p in the identification device, a commitment on parameters dependent on y and/or p and/or s based on use of the cryptographic hashing function H and the matrix M, an exchange of information concerning y, p, s in order to answer questions asked by the verification device without directly or indirectly revealing s to the verification device, and a verification of validity of the hashed commitments using K and/or previously transmitted information.
摘要翻译: 一种用于由验证设备认证至少一个识别设备的过程。 在此过程中,通过基于综合征问题解码的零知识输入协议进行认证。 该过程包括建立具有汉明权重d的秘密向量s,具有尺寸为nxk的公知矩阵M和公共向量K,使得K = Ms,在识别装置中产生随机向量y和随机置换p 基于使用加密哈希函数H和矩阵M的关于y和/或p和/或s的参数的承诺,关于y,p,s的信息交换以便回答由验证设备询问的问题 而不直接或间接地向验证设备显示s,以及使用K和/或先前传输的信息验证散列承诺的有效性。
-
公开(公告)号:US5946397A
公开(公告)日:1999-08-31
申请号:US860832
申请日:1997-09-24
申请人: David M'Raihi , David Naccache , Jacques Stern , Serge Vaudenay
发明人: David M'Raihi , David Naccache , Jacques Stern , Serge Vaudenay
CPC分类号: H04L9/3013 , H04L9/3247
摘要: Method of public key cryptography based on the discrete logarithm that makes use of the computation of the variable r=g.sup.k modp where p is a prime number called a modulus, the exponent k is a random number usually with a length of N bits and g is an integer called a base, wherein an entity E carries out operations of authentication and/or of signature, including exchanges of signals with another entity in which this variable comes into play.
摘要翻译: PCT No.PCT / FR96 / 01546 Sec。 371日期:1997年9月24日 102(e)1997年9月24日PCT PCT 1996年10月3日PCT公布。 公开号WO97 / 13342 日期1997年04月10日基于使用变量r = gk modp的计算的离散对数的公钥密码学方法,其中p是称为模数的质数,指数k是通常具有长度为 N位,g是称为基数的整数,其中实体E执行认证和/或签名的操作,包括与该变量发挥作用的另一实体的信号交换。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.018 秒)
