公开(公告)号：US20220337398A1

公开(公告)日：2022-10-20

申请号：US17226770

申请日：2021-04-09

Applicant: NXP B.V.

Inventor： Tobias Schneider ,  Joppe Willem Bos ,  Björn Fay ,  Marc Gourjon ,  Joost Roland Renes ,  Christine van Vredendaal

IPC: H04L9/08 ,  H04L9/30 ,  G06F7/02 ,  G06F7/76

Abstract: Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset δ from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient ai of the polynomial a to produce Boolean shares âi that encode the same secret value ai; and performing in parallel for all coefficients a shared binary search to determine which of coefficients ai are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.

公开(公告)号：US11595195B2

公开(公告)日：2023-02-28

申请号：US17226770

申请日：2021-04-09

Applicant: NXP B.V.

Inventor： Tobias Schneider ,  Joppe Willem Bos ,  Björn Fay ,  Marc Gourjon ,  Joost Roland Renes ,  Christine van Vredendaal

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  G06F7/76 ,  G06F7/02

Abstract: Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset δ from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient ai of the polynomial a to produce Boolean shares âi that encode the same secret value ai; and performing in parallel for all coefficients a shared binary search to determine which of coefficients ai are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.

公开(公告)号：US11528124B2

公开(公告)日：2022-12-13

申请号：US17224359

申请日：2021-04-07

Applicant: NXP B.V.

Inventor： Marc Gourjon ,  Joppe Willem Bos ,  Joost Roland Renes ,  Tobias Schneider ,  Christine van Vredendaal

IPC: H04L9/00 ,  H04L9/30

Abstract: Various embodiments relate to a method for securely comparing a first polynomial represented by a plurality of arithmetic shares and a second compressed polynomial represented by a bitstring where the bits in the bitstring correspond to coefficients of the second polynomial, including: performing a first masked shift of the shares of the coefficients of the first polynomial based upon the start of the interval corresponding to the compressed coefficient of the second polynomial and a modulus value; performing a second masked shift of the shares of the coefficients of the first polynomial based upon the end of the interval corresponding to the compressed coefficient of the second polynomial; bitslicing the most significant bit of the first masked shift of the shares coefficients of the first polynomial; bitslicing the most significant bit of the second masked shift of the shares coefficients of the first polynomial; and combining the first bitsliced bits and the second bitsliced bits using an AND function to produce an output including a plurality of shares indicating that the first polynomial would compress to a bitstream matching the bitstream representing the second compressed polynomial.