公开(公告)号：US20120131078A1

公开(公告)日：2012-05-24

申请号：US13361074

申请日：2012-01-30

申请人： Hideo Shimizu ,  Yuichi Komano ,  Koichi Fujisaki ,  Shinichi Kawamura

发明人： Hideo Shimizu ,  Yuichi Komano ,  Koichi Fujisaki ,  Shinichi Kawamura

IPC分类号： G06F7/523 ,  G06F7/50 ,  G06F5/01 ,  G06F7/48

CPC分类号： G06F7/728

摘要： According to one embodiment, a first shift amount calculation unit counts the number of continuous zeros from a less significant bit toward a more significant bit of an intermediate result of a computation of Montgomery multiplication result z and calculates a first shift amount. A second shift amount calculation unit counts the number of continuous zeros from a less significant bit toward a more significant bit of redundant-binary-represented integer x and calculates a second shift amount. An addition/subtraction unit calculates the intermediate result by adding/subtracting, with respect to the intermediate result which has been bit-shifted by the first shift amount, the integer p, and the integer y which has been bit-shifted by the second shift amount. An output unit outputs, as the Montgomery multiplication result z, the intermediate result when the sum of the first shift amounts is equal to the number of bits of the integer p.

摘要翻译： 根据一个实施例，第一移位量计算单元从蒙哥马利乘积结果z的计算的中间结果的较低有效位向更高有效位对连续零的数进行计数，并计算第一移位量。 第二移位量计算单元将来自冗余二进制表示的整数x的较低有效位朝向更高有效位的连续零的数目计数，并计算第二移位量。 加法/减法单元相对于已被移位了第一移位量的中间结果，整数p和已被位移第二移位的整数y加/减来计算中间结果 量。 当第一移位量的和等于整数p的位数时，输出单元输出作为蒙哥马利乘数结果z的中间结果。

公开(公告)号：US08909689B2

公开(公告)日：2014-12-09

申请号：US13361074

申请日：2012-01-30

申请人： Hideo Shimizu ,  Yuichi Komano ,  Koichi Fujisaki ,  Shinichi Kawamura

发明人： Hideo Shimizu ,  Yuichi Komano ,  Koichi Fujisaki ,  Shinichi Kawamura

IPC分类号： G06F7/72

CPC分类号： G06F7/728

摘要： According to one embodiment, a first shift amount calculation unit counts the number of continuous zeros from a less significant bit toward a more significant bit of an intermediate result of a computation of Montgomery multiplication result z and calculates a first shift amount. A second shift amount calculation unit counts the number of continuous zeros from a less significant bit toward a more significant bit of redundant-binary-represented integer x and calculates a second shift amount. An addition/subtraction unit calculates the intermediate result by adding/subtracting, with respect to the intermediate result which has been bit-shifted by the first shift amount, the integer p, and the integer y which has been bit-shifted by the second shift amount. An output unit outputs, as the Montgomery multiplication result z, the intermediate result when the sum of the first shift amounts is equal to the number of bits of the integer p.

摘要翻译： 根据一个实施例，第一移位量计算单元从蒙哥马利乘积结果z的计算的中间结果的较低有效位向更高有效位对连续零的数进行计数，并计算第一移位量。 第二移位量计算单元将来自冗余二进制表示的整数x的较低有效位朝向更高有效位的连续零的数目计数，并计算第二移位量。 加法/减法单元相对于已被移位了第一移位量的中间结果，整数p和已被位移第二移位的整数y加/减来计算中间结果 量。 当第一移位量的和等于整数p的位数时，输出单元输出作为蒙哥马利乘数结果z的中间结果。

公开(公告)号：US20120307997A1

公开(公告)日：2012-12-06

申请号：US13585391

申请日：2012-08-14

申请人： Tsukasa Endo ,  Yuichi Komano ,  Koichi Fujisaki ,  Hideo Shimizu ,  Hanae Ikeda ,  Atsushi Shimbo

发明人： Tsukasa Endo ,  Yuichi Komano ,  Koichi Fujisaki ,  Hideo Shimizu ,  Hanae Ikeda ,  Atsushi Shimbo

IPC分类号： H04L9/28

CPC分类号： H04L9/0631 ,  H04L9/003

摘要： According to an embodiment, an encryption device performs encryption processing using an encryption key and calculates encrypted data from plain data. The encryption device includes: a register; an input unit configured to receive plain data; a first partial encryption unit configured to calculate first intermediate data from the plain data; a second partial encryption unit configured to calculate (i+1)-th intermediate data based on i-th intermediate data and the encryption key; a first transform unit configured to: transform j-th intermediate data into j-th transformed data; and store the j-th transformed data in the register; and a second transform unit configured to transform the j-th transformed data into the j-th intermediate data; a third partial encryption unit configured to calculate encrypted data from the N-th intermediate data. The second partial encryption unit is configured to repeat processing to calculate (j+1)-th intermediate data while j is equal to from 1 to N−1.

摘要翻译： 根据实施例，加密装置使用加密密钥进行加密处理，并从普通数据计算加密数据。 加密装置包括：寄存器; 输入单元，被配置为接收普通数据; 第一部分加密单元，被配置为从所述普通数据计算第一中间数据; 第二部分加密单元，被配置为基于第i个中间数据和加密密钥计算第（i + 1）个中间数据; 第一变换单元，被配置为：将第j个中间数据变换为第j变换数据; 并将第j个变换数据存储在寄存器中; 以及第二变换单元，被配置为将第j个变换后的数据变换为第j个中间数据; 第三部分加密单元，被配置为从第N个中间数据计算加密数据。 第二部分加密单元被配置为重复处理以计算（j + 1）中间数据，而j等于从1到N-1。

公开(公告)号：US09288040B2

公开(公告)日：2016-03-15

申请号：US13585391

申请日：2012-08-14

申请人： Tsukasa Endo ,  Yuichi Komano ,  Koichi Fujisaki ,  Hideo Shimizu ,  Hanae Ikeda ,  Atsushi Shimbo

发明人： Tsukasa Endo ,  Yuichi Komano ,  Koichi Fujisaki ,  Hideo Shimizu ,  Hanae Ikeda ,  Atsushi Shimbo

IPC分类号： H04L9/06 ,  H04L9/00

CPC分类号： H04L9/0631 ,  H04L9/003

摘要： According to an embodiment, an encryption device performs encryption processing using an encryption key and calculates encrypted data from plain data. The encryption device includes: a register; an input unit configured to receive plain data; a first partial encryption unit configured to calculate first intermediate data from the plain data; a second partial encryption unit configured to calculate (i+1)-th intermediate data based on i-th intermediate data and the encryption key; a first transform unit configured to: transform j-th intermediate data into j-th transformed data; and store the j-th transformed data in the register; and a second transform unit configured to transform the j-th transformed data into the j-th intermediate data; a third partial encryption unit configured to calculate encrypted data from the N-th intermediate data. The second partial encryption unit is configured to repeat processing to calculate (j+1)-th intermediate data while j is equal to from 1 to N−1.

摘要翻译： 根据实施例，加密装置使用加密密钥进行加密处理，并从普通数据计算加密数据。 加密装置包括：寄存器; 输入单元，被配置为接收普通数据; 第一部分加密单元，被配置为从所述普通数据计算第一中间数据; 第二部分加密单元，被配置为基于第i个中间数据和加密密钥计算第（i + 1）个中间数据; 第一变换单元，被配置为：将第j个中间数据变换为第j变换数据; 并将第j个变换数据存储在寄存器中; 以及第二变换单元，被配置为将第j个变换后的数据变换为第j个中间数据; 第三部分加密单元，被配置为从第N个中间数据计算加密数据。 第二部分加密单元被配置为重复处理以计算（j + 1）中间数据，而j等于从1到N-1。

公开(公告)号：US08401180B2

公开(公告)日：2013-03-19

申请号：US12053143

申请日：2008-03-21

申请人： Yuichi Komano ,  Hideo Shimizu ,  Koichi Fujisaki ,  Hideyuki Miyake ,  Atsushi Shimbo

发明人： Yuichi Komano ,  Hideo Shimizu ,  Koichi Fujisaki ,  Hideyuki Miyake ,  Atsushi Shimbo

IPC分类号： H04K1/00

CPC分类号： H04L9/0618 ,  H04L9/003 ,  H04L2209/046 ,  H04L2209/08 ,  H04L2209/24

摘要： According to an aspect of the present invention, there is provided a non-linear data converter including: first to fourth converters that each performs a respective converting process on an input bit string to output respective output bit string; a generator that generates a random number bit string; and a selector that selects any one of the output bit strings from the first to fourth converters based on the random number bit string. Each of the converting processes is equivalent to performing a first mask process, a non-linear conversion predetermined for an encoding or a decoding and a second mask process.

摘要翻译： 根据本发明的一个方面，提供了一种非线性数据转换器，包括：第一至第四转换器，其对输入的比特串执行相应的转换处理，以输出相应的输出比特串; 产生随机数位串的发生器; 以及选择器，其基于随机数位串来选择来自第一至第四转换器的输出位串中的任何一个。 每个转换处理等效于执行第一掩码处理，为编码或解码预定的非线性转换和第二掩码处理。

公开(公告)号：US07496759B2

公开(公告)日：2009-02-24

申请号：US11037089

申请日：2005-01-19

申请人： Yuichi Komano ,  Kazuo Ohta ,  Shinichi Kawamura ,  Atsushi Shimbo

发明人： Yuichi Komano ,  Kazuo Ohta ,  Shinichi Kawamura ,  Atsushi Shimbo

IPC分类号： H04L9/00

CPC分类号： H04L9/3255 ,  H04L9/3249

摘要： According to embodiments of the present invention, in a case where a ground for security is laid in difficulty in executing an inverse function operation of a trapdoor one-way function, represented by an RSA problem, even when a signature order advances, an increase of a size of a key can be inhibited. For example, when the first partial data σi−1,L exceeding (k0+k1) bits when concatenating a random number ri of k0 bits is excluded from an input of binary operation on an input side of a signature generation function. Accordingly, a size of an operation result si of the binary operation is set to be constant at (k0+k2) bits, and, as a result, an input size (key length k bits) of an RSA signature generation function is set to be constant.

摘要翻译： 根据本发明的实施例，在由RSA问题所表示的陷阱单向功能的逆函数操作困难的情况下，即使在签名命令前进的情况下，增加 可以禁止键的大小。 例如，当从签名生成函数的输入侧的二进制操作的输入中排除连接k0个比特的随机数ri时超过（k0 + k1）比特的第一部分数据sigmai-1，L。 因此，二进制运算的运算结果si的大小在（k0 + k2）位被设定为恒定，结果，将RSA签名生成函数的输入大小（密钥长度k位）设定为 不变

公开(公告)号：US20050157871A1

公开(公告)日：2005-07-21

申请号：US10902815

申请日：2004-08-02

申请人： Yuichi Komano ,  Shinichi Kawamura ,  Atsushi Shimbo

发明人： Yuichi Komano ,  Shinichi Kawamura ,  Atsushi Shimbo

IPC分类号： H04L9/00 ,  H04L9/30 ,  H04L9/32

CPC分类号： H04L9/302 ,  H04L9/3247 ,  H04L2209/04 ,  H04L2209/08 ,  H04L2209/20

摘要： According to each embodiment of the present invention, random function operations less than three times and tight security can simultaneously be implemented. More specifically, a ciphertext y=c∥t or a signature σ=c′∥t is created as concatenated data of two data. The concatenated data is created by using a public key encryption scheme for only one (necessary part s) of the data. For this reason, tight security for the one-way characteristic of a trapdoor one-way function of the public key encryption scheme can be implemented. In addition, the output size of a first random function H′ is limited. Accordingly, a random function G for bit expansion in the conventional. OAEP++-ES scheme can be omitted. Hence, the number of times of use of random functions can be reduced to two.

摘要翻译： 根据本发明的每个实施例，可以同时实现小于三次的随机功能操作和紧密的安全性。 更具体地，将密文 y =c‖t或签名σ=c'‖t创建为两个数据的级联数据。 连接数据是通过仅使用一个（必需的部分