公开(公告)号：US20020044649A1

公开(公告)日：2002-04-18

申请号：US09885959

申请日：2001-06-22

Applicant: CERTICOM CORP.

Inventor： Robert Gallant ,  Robert Lambert ,  Scott A. Vanstone

IPC: H04L009/30 ,  G06F007/49

CPC classification number: G06F7/725

Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism null, where null(Q)nullnull.Q for all points Q(x,y) on the elliptic curve: and using smaller representations ki of the scalar k in combination with the mapping null to compute the scalar multiple of the elliptic curve point Q.

Abstract translation: 本发明提供了一种用于加速椭圆曲线点Q（x，y）乘以标量k的方法，所述方法包括以下步骤：在有限域Fq上选择椭圆曲线，其中q是素数，使得存在 对于椭圆曲线上的所有点Q（x，y），其中＆PSgr;（Q）= lambd.Q;并且使用标量k的较小表示ki与映射＆PSgr的组合; 以计算椭圆曲线点Q的标量倍数。

公开(公告)号：US20010008013A1

公开(公告)日：2001-07-12

申请号：US09773665

申请日：2001-02-02

Applicant: Certicom Corp.

Inventor： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Ou

IPC: H04L009/30

CPC classification number: H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

Abstract: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as nullsmart cardsnull. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s' by combining a third signature component with the second signature component to derive signature components (snull, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.