公开(公告)号：US20190190714A1

公开(公告)日：2019-06-20

申请号：US15849334

申请日：2017-12-20

Applicant: NXP B.V.

Inventor： Marc JOYE ,  Fariborz SALEHI

IPC: H04L9/14 ,  H04L9/00 ,  G06F17/10 ,  G06K9/62

Abstract: A method for performing a secure evaluation of a decision tree, including: receiving, by a processor of a server, an encrypted feature vector x=(x1, . . . , xn) from a client; choosing a random mask μ0; calculating m0 and sending m0 to the client, wherein m0=xi0(0)−t0(0)+μ0 and t0(0) is a threshold value in the first node in the first level of a decision tree ′; performing a comparison protocol on m0 and μ0, wherein the server produces a comparison bit b0 and the client produces a comparison bit b0′; choosing a random bit s0∈{0,1} and when s0=1 switching a left and right subtrees of ′; sending b0⊕s0 to the client; and for each level =1, 2, . . . , d−1 of the decision tree ′, where d is the number of levels in the decision tree ′, perform the following steps: receiving from the client y0 where k=0, 1, . . . , −1; performing a comparison protocol on and , wherein is a random mask and is based upon, x, , yk, and and the server produces a comparison bit and the client produces a comparison bit ; choosing a random bit ∈{0,1} and when =1 switching all left and right subtrees at level of ′; and sending ⊕ to the client.

公开(公告)号：US20180359082A1

公开(公告)日：2018-12-13

申请号：US15617940

申请日：2017-06-08

Applicant: NXP B.V.

Inventor： Joppe Willem BOS ,  Jan HOOGERBRUGGE ,  Marc JOYE ,  Wilhelmus Petrus Adrianus Johannus MICHIELS

IPC: H04L9/06 ,  H04L9/30 ,  G09C1/00

CPC classification number: H04L9/0631 ,  G09C1/00 ,  H04L9/002 ,  H04L9/30 ,  H04L2209/12 ,  H04L2209/16

Abstract: A method for producing a white-box implementation of a cryptographic function using garbled circuits, including: producing, by a first party, a logic circuit implementing the cryptographic function using a plurality of logic gates and a plurality of wires; garbling the produced logic circuit, by the first party, including garbling the plurality of logic gates and assigning two garbled values for each of the plurality of wires; and providing a second party the garbled logic circuit and a first garbled circuit input value.

公开(公告)号：US20190132114A1

公开(公告)日：2019-05-02

申请号：US15795103

申请日：2017-10-26

Applicant: NXP B.V.

Inventor： Marc JOYE

IPC: H04L9/00 ,  H04L9/14 ,  H04L9/30

CPC classification number: H04L9/004 ,  H04L9/14 ,  H04L9/302 ,  H04L9/3066 ,  H04L2209/26

Abstract: A method for protecting against faults in a computation of a point multiplication Q=[k]P on an elliptic curve E defined over a prime field p, including: defining an integer r and a group ′={γ()|∈/r} represented with elements having a group law that coincides with a group law used in the representation for E(p) and isomorphic to an additive group (/r)+ through isomorphism γ; forming a combined group E(p)×′E(p)×(/r)+ which is isomorphic to a cross product of the groups E(p) and (/r)+; selecting an element in /r and defining an element P′=γ() in group ′; forming a combined element {circumflex over (P)}=CRT (P, P′) in the group E(p)×′; calculating {circumflex over (Q)}=[k]{circumflex over (P)} in the combined group E(p)×′; calculating k in /r; and checking whether {circumflex over (Q)}≡Q′ (mod r) where Q′=γ(k).

公开(公告)号：US20190007210A1

公开(公告)日：2019-01-03

申请号：US15636412

申请日：2017-06-28

Applicant: NXP B.V.

Inventor： Marc JOYE ,  Yan MICHALEVSKY

IPC: H04L9/30 ,  H04L9/06 ,  H04L9/08

CPC classification number: H04L9/3073 ,  H04L9/0618 ,  H04L9/0662 ,  H04L9/0869 ,  H04L9/3263

Abstract: A method for computing the distance between two encrypted data vectors using elliptic curve cryptography.

公开(公告)号：US20190319791A1

公开(公告)日：2019-10-17

申请号：US15951590

申请日：2018-04-12

Applicant: NXP B.V.

Inventor： Joppe Willem BOS ,  Marc JOYE

IPC: H04L9/30 ,  G09C1/00

Abstract: Various embodiments relate to a method of encrypting a message m using a Paillier cryptosystem, including: computing a ciphertext c based upon the message m, N, and r, where N is the product of two distinct primes p and q, and r is randomly chosen such that r∈[1, N); computing a first verification value based upon u and N, where u is randomly chosen such that u∈[1, N); computing a second verification value s based upon u, r, the ciphertext c, the verification value, and a hash function H.

公开(公告)号：US20190190694A1

公开(公告)日：2019-06-20

申请号：US15849420

申请日：2017-12-20

Applicant: NXP B.V.

Inventor： Marc JOYE ,  Fariborz SALEHI

IPC: H04L9/00 ,  H04L9/14

Abstract: A method for performing a secure comparison between a first secret data and a second secret data, including: receiving, by a processor of a first party, encrypted bits of the second secret data y from a second party, where is an integer; computing the Hamming weight h of first secret data x, wherein x has bits; computing the value of a first comparison bit δA such that δA=0 when h>└/2┘, δA=1 when h