-
公开(公告)号:US07936871B2
公开(公告)日:2011-05-03
申请号:US11849765
申请日:2007-09-04
申请人: Onur Aciicmez , Jean-Pierre Seifert , Xinwen Zhang
发明人: Onur Aciicmez , Jean-Pierre Seifert , Xinwen Zhang
CPC分类号: G06F7/723 , G06F2207/7242 , G06F2207/7252 , H04L9/002 , H04L9/302
摘要: In one embodiment, cryptographic transformation of a message is performed by first performing a table initiation phase. Then an exponentiation phase is performed, wherein the exponentiation phase includes two or more parsing steps, wherein each of the parsing steps includes parsing a part of a cryptographic key into a window of size n, wherein n is a difficult to predict number.
摘要翻译: 在一个实施例中,通过首先执行表起始阶段来执行消息的密码学变换。 然后执行取幂阶段,其中求幂阶段包括两个或多个解析步骤,其中每个解析步骤包括将密钥的一部分解析为大小为n的窗口,其中n是难以预测的数目。
-
2.发明申请公开(公告)号:US20100208883A1
公开(公告)日:2010-08-19
申请号:US11917347
申请日:2006-06-14
申请人: Yannick Teglia , Pierre-Yvan Liardet , Alain Pomet
发明人: Yannick Teglia , Pierre-Yvan Liardet , Alain Pomet
IPC分类号: H04L9/28
CPC分类号: G06F7/723 , G06F2207/7252 , H04L9/003
摘要: The invention concerns a method and a circuit for protecting a numerical quantity (d) contained in an integrated circuit (1) on a first number of bits (n), in a modular exponentiation computing of a data (M) by said numerical quantity, which consists in: selecting at least one second number (j) included between the unit and said first number minus two; dividing said numerical quantity into at least two parts, a first part (d(j−1, 0)) comprising, from the bit of rank null, a number of bits equal to said second number, a second part (d(n−1, j)) comprising the remaining bits; for each part of the quantity, computing a first modular exponentiation (23, 33) of said data by the part concerned and a second modular exponentiation (36, 34) of the result of the first by the FIG. 2 exponentiated to the power of the rank of the first bit of the part concerned; and computing (35) the product of the results of the first and second modular exponentiations.
摘要翻译: 本发明涉及一种方法和电路,用于通过数字量(M)的模幂运算来保护包含在第一位数(n)上的集成电路(1)中的数值(d) 其包括:选择包括在所述单元和所述第一数字之间的至少一个第二数字(j)减去两个; 将所述数值分成至少两部分,第一部分(d(j-1,0)),其包括从秩零的比特数等于所述第二数的比特数,第二部分(d(n- 1,j)); 对于数量的每个部分,由相关部分计算所述数据的第一模幂(23,33)和由图1的第一个结果的第二模幂(36,34)。 2指数与有关部分的第一位的等级的权力; 并计算(35)第一和第二模幂的结果的乘积。
-
公开(公告)号:US20090003607A1
公开(公告)日:2009-01-01
申请号:US11849765
申请日:2007-09-04
申请人: Onur Aciicmez , Jean-Pierre Seifert , Xinwen Zhang
发明人: Onur Aciicmez , Jean-Pierre Seifert , Xinwen Zhang
CPC分类号: G06F7/723 , G06F2207/7242 , G06F2207/7252 , H04L9/002 , H04L9/302
摘要: In one embodiment, cryptographic transformation of a message is performed by first performing a table initiation phase. Then an exponentiation phase is performed, wherein the exponentiation phase includes two or more parsing steps, wherein each of the parsing steps includes parsing a part of a cryptographic key into a window of size n, wherein n is a difficult to predict number.
摘要翻译: 在一个实施例中,通过首先执行表起始阶段来执行消息的密码学变换。 然后执行取幂阶段,其中求幂阶段包括两个或多个解析步骤,其中每个解析步骤包括将密钥的一部分解析为大小为n的窗口,其中n是难以预测的数目。
-
公开(公告)号:US20090003606A1
公开(公告)日:2009-01-01
申请号:US11849757
申请日:2007-09-04
申请人: Onur Aciicmez , Jean-Pierre Seifert , Xinwen Zhang
发明人: Onur Aciicmez , Jean-Pierre Seifert , Xinwen Zhang
CPC分类号: G06F7/723 , G06F2207/7252 , H04L9/002 , H04L9/302
摘要: In one embodiment, cryptographic transformation of a message is performed by first performing a table initiation phase. This may be accomplished by creating a permutation of an order of powers and then performing a table initiation phase using a part of a key and the permuted order of powers to populate a data structure.
摘要翻译: 在一个实施例中,通过首先执行表起始阶段来执行消息的密码学变换。 这可以通过创建功率顺序的排列,然后使用键的一部分和排列的功率顺序来填充数据结构来执行表初始化阶段来实现。
-
公开(公告)号:US20020166057A1
公开(公告)日:2002-11-07
申请号:US09940985
申请日:2001-08-29
发明人: Masahiro Kaminaga , Takashi Endo , Takashi Watanabe , Masaru Ohki
IPC分类号: G06F012/14 , H04L009/00
CPC分类号: G06F7/723 , G06F9/3001 , G06F9/30181 , G06F2207/7252 , H04L9/003 , H04L9/302 , H04L2209/08 , H04L2209/127
摘要: The subject of the disclosed technology is, when a crypto-processing is performed utilizing an information processing device buried in an IC card, etc., to decrease the relationship between the waveform of the consumption current and the contents of the crypto-processing as a countermeasure against a tamper which observes the waveform of a consumption current. A solution means is shown in the following. When a decryption processing of an RSA cryptogram is performed according to CRT, in step 608, for every unit bit block of XP a modular exponentiation calculation is performed, and the partial result of CP up to the calculated bit block is stored in a memory. In step 609, for every unit bit block of XQ a modular exponentiation calculation is performed and the partial result of CQ up to the calculated bit block is stored in a memory. In step 606, a random number is generated, and in step 607, it is decided that step 608 is to be executed or step 609 is to be executed corresponding to the value of the random number.
摘要翻译: 所公开的技术的主题是,当利用埋在IC卡等中的信息处理装置进行密码处理时,将消耗电流的波形与密码处理的内容之间的关系降低为 针对观察消耗电流波形的篡改的对策。 解决方案如下所示。 当根据CRT执行RSA密码的解密处理时,在步骤608中,对于XP的每个单位比特块进行模幂运算,并将CP的部分结果存储到存储器中。 在步骤609中,对于XQ的每个单位比特块,执行模幂运算,并将CQ的部分结果存储到存储器中。 在步骤606中,产生随机数,并且在步骤607中,确定要执行步骤608或者对应于随机数的值来执行步骤609。
-
公开(公告)号:US20150026481A1
公开(公告)日:2015-01-22
申请号:US14382026
申请日:2013-02-26
发明人: Helmut Koglmeier
CPC分类号: H04L9/002 , G06F7/00 , G06F21/60 , G06F2207/7252 , H04L9/004 , H04L9/0625
摘要: The invention provides a method for executing a cryptographic computation comprising a plurality of blocks while employing secret data in a processor, said executing being protected against spying out of secret data. To achieve a computational result of the computation, there is executed a multiple computation in which the computation is executed several times, at least twice. Within the multiple computation, blocks of the several, at least two, executions of the computation are executed in interlaced order.
摘要翻译: 本发明提供了一种用于在处理器中采用秘密数据的同时执行包括多个块的密码计算的方法,所述执行被保护以防止秘密数据的间谍。 为了实现计算的计算结果,执行多次计算,其中计算被执行多次,至少两次。 在多次计算中,计算的几个,至少两个执行的块以隔行顺序执行。
-
公开(公告)号:US20120008780A1
公开(公告)日:2012-01-12
申请号:US13215078
申请日:2011-08-22
申请人: TURKI F. AL-SOMANI , ALAAELDIN AMIN
发明人: TURKI F. AL-SOMANI , ALAAELDIN AMIN
IPC分类号: H04K1/00
CPC分类号: H04L9/3066 , G06F7/725 , G06F2207/7252 , H04L9/003 , H04L2209/08 , H04L2209/125
摘要: The method for elliptic curve scalar multiplication may provide several countermeasures to protect scalar multiplication of a private key k by a point P to produce the product kP from power analysis attacks. First, the private key, k, is partitioned into a plurality of key partitions, which are processed in a random order, the resulting points being accumulated to produce the scalar product kP. Second, in each partition, the encoding is randomly selected to occur in binary form or in Non-Adjacent Form (NAF), with the direction of bit inspection being randomly assigned between most-to-least and least-to-most. Third, in each partition, each zero in the key may randomly perform a dummy point addition operation in addition to the doubling operation. The method may be implemented in software, smart cards, circuits, processors, or application specific integrated circuits (ASICs) designed to carry out the method.
摘要翻译: 用于椭圆曲线标量乘法的方法可以提供若干对策,以保护私钥k的点乘以点P以产生功率分析攻击的乘积kP。 首先,将私钥k划分成多个按照随机顺序处理的密钥分区,生成的积分积以产生标量积kP。 第二,在每个分区中,随机选择编码以二进制形式或非相邻格式(NAF)进行编码,其中位检查的方向是随机分配的,从最小到最小。 第三,在每个分区中,除了加倍操作之外,密钥中的每个零都可以随机地执行虚拟加法运算。 该方法可以在设计用于执行该方法的软件,智能卡,电路,处理器或专用集成电路(ASIC)中实现。
-
公开(公告)号:US20110246789A1
公开(公告)日:2011-10-06
申请号:US12750953
申请日:2010-03-31
CPC分类号: G06F21/75 , G06F7/723 , G06F2207/7252 , G09C1/00 , H04L9/003 , H04L2209/08 , H04L2209/12
摘要: An integrated circuit including a multiplication function configured to execute a multiplication operation of two binary words x and y including a plurality of basic multiplication steps of components xi of word x by components yj of word y is described. The multiplication function of the integrated circuit is configured to execute two successive multiplications by modifying, in a random or pseudo-random manner, an order in which the basic multiplication steps of components xi by components yj are executed.
摘要翻译: 描述了包括乘法函数的集成电路,其被配置为通过词y的分量yj执行包括单词x的分量xi的多个基本乘法步长的两个二进制字x和y的乘法运算。 集成电路的乘法功能被配置为通过以随机或伪随机方式修改由分量yj执行分量xi的基本乘法步骤的顺序来执行两个连续乘法。
-
公开(公告)号:US20090214023A1
公开(公告)日:2009-08-27
申请号:US12071779
申请日:2008-02-26
申请人: Turki F. Al-Somani , Alaaeldin Amin
发明人: Turki F. Al-Somani , Alaaeldin Amin
IPC分类号: H04L9/28
CPC分类号: G06F7/725 , G06F2207/7252 , H04L9/003 , H04L9/3066 , H04L2209/08
摘要: The method for elliptic curve scalar multiplication may provide several countermeasures to protect scalar multiplication of a private key k by a point P to produce the product kP from power analysis attacks. First, the private key, k, is partitioned into a plurality of key partitions, which are processed in a random order, the resulting points being accumulated to produce the scalar product kP. Second, in each partition, the encoding is randomly selected to occur in binary form or in Non-Adjacent Form (NAF), with the direction of bit inspection being randomly assigned between most-to-least and least-to-most. Third, in each partition, each zero in the key may randomly perform a dummy point addition operation in addition to the doubling operation. The method may be implemented in software, smart cards, circuits, processors, or application specific integrated circuits (ASICs) designed to carry out the method.
摘要翻译: 用于椭圆曲线标量乘法的方法可以提供若干对策,以保护私钥k的点乘以点P以产生功率分析攻击的乘积kP。 首先,将私钥k划分成多个按照随机顺序处理的密钥分区,生成的积分积以产生标量积kP。 第二,在每个分区中,随机选择编码以二进制形式或非相邻格式(NAF)进行编码,其中位检查的方向是随机分配的,从最小到最小。 第三,在每个分区中,除了加倍操作之外,密钥中的每个零都可以随机地执行虚拟加法运算。 该方法可以在设计用于执行该方法的软件,智能卡,电路,处理器或专用集成电路(ASIC)中实现。
-
公开(公告)号:US07254718B2
公开(公告)日:2007-08-07
申请号:US09940985
申请日:2001-08-29
申请人: Masahiro Kaminaga , Takashi Endo , Takashi Watanabe , Masaru Ohki
发明人: Masahiro Kaminaga , Takashi Endo , Takashi Watanabe , Masaru Ohki
CPC分类号: G06F7/723 , G06F9/3001 , G06F9/30181 , G06F2207/7252 , H04L9/003 , H04L9/302 , H04L2209/08 , H04L2209/127
摘要: The subject of the disclosed technology is, when a crypto-processing is performed utilizing an information processing device buried in an IC card, etc., to decrease the relationship between the waveform of the consumption current and the contents of the crypto-processing as a countermeasure against a tamper which observes the waveform of a consumption current.A solution means is shown in the following. When a decryption processing of an RSA cryptogram is performed according to CRT, in step 608, for every unit bit block of XP a modular exponentiation calculation is performed, and the partial result of CP up to the calculated bit block is stored in a memory. In step 609, for every unit bit block of XQ a modular exponentiation calculation is performed and the partial result of CQ up to the calculated bit block is stored in a memory. In step 606, a random number is generated, and in step 607, it is decided that step 608 is to be executed or step 609 is to be executed corresponding to the value of the random number.
摘要翻译: 所公开的技术的主题是,当利用埋在IC卡等中的信息处理装置进行密码处理时,将消耗电流的波形与密码处理的内容之间的关系降低为 针对观察消耗电流波形的篡改的对策。 解决方案如下所示。 当根据CRT执行RSA密码的解密处理时,在步骤608中,对于XP的每个单位比特块进行模幂运算,并将CP的部分结果存储到存储器中。 在步骤609中,对于XQ的每个单位比特块,执行模幂运算,并将CQ的部分结果存储到存储器中。 在步骤606中,产生随机数,并且在步骤607中,确定要执行步骤608或者对应于随机数的值来执行步骤609。
-
-
-
-
-
-
-
-
-
搜索结果
44 条记录 (耗时 0.016 秒)