公开(公告)号：US20140344579A1

公开(公告)日：2014-11-20

申请号：US14318313

申请日：2014-06-27

申请人： Certicom Corp.

发明人： Marinus STRUIK ,  Daniel Richard L. BROWN ,  Scott Alexander VANSTONE ,  Robert Philip GALLANT ,  Adrian ANTIPA ,  Robert John LAMBERT

IPC分类号： H04L9/30 ,  H04L9/32

CPC分类号： H04L9/3066 ,  G06F7/725 ,  H04L9/30 ,  H04L9/3252

摘要： Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n)+wQ=O with z and w of reduced bit length This is beneficial in digital signature verification where increased verification can be attained.

摘要翻译： 通过将至少一个操作数布置成具有相对较小的比特长度来提供有限域中的组操作的组合的加速计算。 在椭圆曲线组中，验证表示点R的值对应于两个其他点uG和vG的和是通过导出减小位长度的整数w，z以及v = w / z获得的。 然后，验证等式R = uG + vQ可以被计算为-zR +（uz mod n）+ wQ = 0，其中z和w为减少的比特长度这对于可以获得增加的验证的数字签名验证是有益的。

公开(公告)号：US20140298033A1

公开(公告)日：2014-10-02

申请号：US14307299

申请日：2014-06-17

申请人： Certicom Corp. ,  Pitney Bowes Inc.

发明人： Scott Alexander VANSTONE ,  Robert Philip GALLANT ,  Robert John LAMBERT ,  Leon A. PINTSOV ,  Frederick W. RYAN, JR. ,  Ari SINGER

IPC分类号： H04L9/32

CPC分类号： H04L9/3247 ,  H04L9/3252

摘要： A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.

摘要翻译： 提供一种签名方案，其中消息被分成隐藏的第一部分，并且在验证期间被恢复，并且第二部分是可见的并且被要求作为验证算法的输入。 通过单独加密第一部分来产生第一签名组件。 通过组合第一组件和可见部分并对其进行密码散列来形成中间组件。 然后使用中间部件形成第二签名部件，并且签名包括具有可见部分的第一和第二部件。 签名的验证将仅从消息的隐藏部分导出的第一组件与可见部分组合，并产生组合的散列。 所计算的散列与公开可用的信息一起使用以产生对应于隐藏部分的位串。

公开(公告)号：US20190190711A1

公开(公告)日：2019-06-20

申请号：US16277017

申请日：2019-02-15

申请人： Certicom Corp.

发明人： Daniel Richard L. BROWN ,  Scott Alexander VANSTONE

IPC分类号： H04L9/08 ,  H04L9/06 ,  G06F7/58 ,  H04L9/30

CPC分类号： H04L9/0869 ,  G06F7/582 ,  G06F7/588 ,  G06F7/725 ,  H04L9/0662 ,  H04L9/0816 ,  H04L9/0894 ,  H04L9/3066 ,  H04L2209/20 ,  H04L2209/24 ,  H04L2209/26

摘要： An elliptic curve random number generator avoids escrow keys by choosing a point on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point , wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.