摘要:
An RSA decryption apparatus that is used in an IC card or the like counters a differential fault attack. The RSA decryption apparatus computes at high speed a public key used in data verification, without having to obtain the public key from an external source. The RSA decryption apparatus includes a remainder computation unit 412 that calculates dp=d mod (p−1), and an inverse computation unit 414 that finds an inverse of dp over a residue field with p−1 as a modulus. The RSA decryption apparatus verifies a decipher text with use of the inverse of dp as the public key. The reduced bit count in inverse computation compared to if the inverse of d is found as the public key increases computing speed.
摘要:
In an exponentiation device, a relatively large table is generated outside of a coprocessor so as to enable high-speed exponentiation to be performed using the small window method. The selection of data from the table and transfer of data to the coprocessor are conducted in parallel with a multiple-length arithmetic operation performed in the coprocessor. So as to avoid bottlenecks occurring in the data transfer between a CPU and the coprocessor, two data banks are provided in the coprocessor for storing the data to be used in the arithmetic operation. By providing two banks in the coprocessor, it is possible to use one for transferring data while data stored in the other is being used in the arithmetic operation. When the operation using the stored data has been completed, the banks are switched, and the arithmetic operation is then repeated using the newly transferred data while at the same time conducting data transfer in readiness for the following operation.
摘要:
A multi-word arithmetic device, capable of executing a variety of types of multi-word arithmetic required for elliptic curve cryptology, includes the following. A memory 40, formed from two dual-port memories 41 and 42, temporarily stores n-word integers on which calculation is performed, and a calculation result. An arithmetic unit 20 executes two or more types of calculation, including addition and multiplication, on each word, and outputs a one-word result. A memory input/output unit 30 supplies a maximum of three pieces of one-word data from the memory 40 to the arithmetic unit 20, while simultaneously storing a one-word calculation result from the arithmetic unit 20 in the memory 40. A control unit 10 controls the arithmetic unit 20 and the memory input/output unit 30 so as to have the arithmetic unit execute one of modular addition and Montgomery reduction on n words.
摘要:
Provided is an elliptic curve exponentiation apparatus that can counter the DFA when an elliptic curve exponentiation technique is used. A computation result verification unit 127 receives, as a computation result, an exponentiation-result-point (X, Y) from an elliptic curve computation unit 124. The computation result verification unit 127 computes X3+a×X+b, and computes Y2, and outputs the received exponentiation-result-point when judging that Y2=X3+a×X+b, and does not output the received exponentiation-result-point when not judging that Y2=X3+a×X+b.
摘要翻译:提供了当使用椭圆曲线求幂技术时可以对抗DFA的椭圆曲线求幂装置。 计算结果验证单元127从椭圆曲线计算单元124接收作为计算结果的求幂结果点(X,Y)。计算结果验证单元127计算X 3+ axx + b,并计算Y 2,并且当判定Y 2 = X 3 + axX + b时输出接收的求幂结果点 ,并且在不判断Y 2 = X 3 3 + ax X + b时不输出接收的求幂结果点。
摘要:
An exponent preprocessing unit preprocesses an n-bit exponent k and exponentiates a base A by the preprocessed exponent k. A bit string storing unit stores a bit string including a sign bit and the exponent k. A reading unit reads a bit pattern composed of the sign bit and a bit sequence made up of a predetermined number of bits. A bit pattern generating unit generates a new bit pattern from the read bit pattern. An operation pattern specifying unit specifies an operation pattern based on the read bit pattern. An operating unit performs an operation according to the specified operation pattern and writes the new bit pattern over the previous bit pattern. The reading unit reads a next bit sequence starting from a different bit in the bit string storing unit. A repeat controlling unit repeats these procedures n+1 times.
摘要:
The modular multiplication apparatus includes a residue calculating unit, a multiplier division unit, a partial product calculation unit, an accumulation unit, a correction unit, and a control unit. The residue calculating unit recurrently calculates intermediate values in sequence. The residue calculating unit obtains the multiplicand as the intermediate value first time, and at the second time and after, calculates residues or congruent values of the modulo P multiplication of the intermediate values being preceding intermediate values left-shifted s bits. The multiplier division unit divides the multiplier into a plurality of s-bit partial multipliers in order from lower bits. The partial product calculation unit calculates partial products of intermediate values and partial multipliers in sequence. The accumulation unit and the correction unit accumulate the partial products while correcting them under the control of the control unit. The residue calculating unit includes a table unit. The table unit prestores residues of modulo p multiplications of (m-bit value) *2k, where the m-bit values respectively correspond to values from decimal values 0 to 2m−1. The residue calculating unit refers to the table unit to read out a residue corresponding to higher m bits adjacent to the lower k bits of the left-shifted intermediate value. The residue calculating unit calculates a residue or a congruent value of modulo p multiplications of the left-shifted intermediate value by adding up the read-out residue and the lower k bits.
摘要:
An information security device receives an input of prime q, and generates prime N that is larger than prime q. In the information security device, a partial information setting unit generates number u such that 2×u×q+1≠0 mod Li (i=1, 2, . . . , n). A random number generating unit generates random number R′. A judgement target generating unit generates R=u+L1×L2× . . . ×Ln×R′ and N=2×R×q+1, using number u and random number R′. A primality judging unit judges the primality of number N, using numbers N and R generated by the judgement target generating unit.
摘要翻译:信息安全设备接收素数q的输入,并产生大于素数q的素数N. 在信息安全装置中,部分信息设定单元生成数字u,使得2xuxq + 1 <> 0 mod L i(i = 1,2,...,n)。 随机数生成单元生成随机数R'。 判断目标产生单元生成R = u + L 1 xL 2 x x。 。 。 xL xR'和N = 2xRxq + 1,使用数u和随机数R'。 原语判断单元使用由判断目标生成单元生成的数字N和R来判断数字N的原语。
摘要:
An information processing apparatus includes: a communication device communicating with an external device and a clock server; a first clock measuring a local time; a second clock measuring a time based on time information from the clock server; a storage device storing setting information; and a controller performing: when receiving the time information from the external device, judging whether a specified condition is met; when the specified condition is met, setting a time indicated by the time information to the first clock as the local time; when the specified condition is met, controlling the first clock to measure the local time, without the controller setting the time to the first clock as the local time; setting the time indicated by the time information to the second clock and setting a time determined based on the time of the second clock and the setting information to the first clock.
摘要:
An image forming apparatus, including: a display device; a coordinate detecting portion which detects a directed coordinate in a display area including a first area in which is displayed a hierarchy image including uppermost-level images and lower-level images; a first display control section; a second display control section to display at least one first button image; and a third display control section, the uppermost-level images including: a first image in which is displayed at least one second button image; a second image in which is displayed at least one third button image; and a third image, wherein, where the directed coordinate is one of coordinates corresponding to the first through third button images, the third control section displays a lower-level image corresponding to a button image corresponding to the directed coordinate, and wherein the first control section executes processing to display the one uppermost-level image so as to be changed.
摘要:
An image processor includes a display. The display displays a preset-setting-group selection screen containing a plurality of icons respectively corresponding to preset-setting groups such that one icon is displayed in a manner indicative of a selected state while at least one icon other than the one icon is displayed in a manner that is indicative of an unselected state. When any of set values of a preset-setting group corresponding to the one icon having been displayed in the manner indicative of the selected state, the display displays a preset-setting-group-updated screen containing the one icon displayed in the manner indicative of the selected state on the preset-setting-group selection screen and not containing the at least one icon in the manner indicative of the unselected state on the preset-setting-group selection screen.