-
1.发明申请MODULAR MULTIPLICATION METHOD WITH PRECOMPUTATION USING ONE KNOWN OPERAND 审中-公开使用一个已知操作进行预处理的模块化多路复用方法
公开(公告)号:WO2008057804A2
公开(公告)日:2008-05-15
申请号:PCT/US2007/082713
申请日:2007-10-26
发明人: DOUGUET, Michel , DUPAQUIS, Vincent
CPC分类号: G06F7/722
摘要: A modular multiplication method implemented in an electronic digital processing system takes advantage of the case where one of the operands W is known in advance or used multiple times with different second operands V to speed calculation. The operands V and W and the modulus M may be integers or polynomials over a variable X. A possible choice for the type of polynomials can be polynomials of the binary finite field GF (2 N ). Once operand W is loaded (30; 60) into a data storage (12) location, a value P = Lw-X n+δ /M J is pre- computed (32; 62) by the processing system (10). Then when a second operand V is loaded (34; 64), the quotient q Λ for the product V.W being reduced modulo M is quickly estimated (36; 66), q Λ = Lv-P/X n+δ J, optionally randomized (40; 70), q' = q Λ - E, and can be used to obtain (44; 74) the remainder r' = V.W - q'-M, which is congruent to (V.W) mod M. A final reduction (46; 76) can be carried out, and the later steps repeated (52; 82) with other second operands V.
摘要翻译: 在电子数字处理系统中实现的模乘法利用了预先知道操作数W之一或者用不同的第二操作数V多次使用以加速计算的情况。 操作数V和W以及模数M可以是变量X上的整数或多项式。多项式类型的可能选择可以是二进制有限域GF(2≤N>)的多项式。 一旦操作数W被加载(30; 60)到数据存储器(12)位置中,则通过处理(32; 62)预先计算值P = Lw-X> n + d / 系统(10)。 然后,当加载第二操作数V(34; 64)时,快速地估计产品VW减数M的商q(S)> SUP,(36; 66),q O > = Lv-P / X
d,J,任选随机化(40; 70),q'= q O - E,并且可以用于获得(44 ; 74)余数r'= VW-q'-M,其与(VW)mod M一致。可以执行最终减少(46; 76),并且后面的步骤与其他步骤重复(52; 82) 第二个操作数V. -
公开(公告)号:WO2007102898A2
公开(公告)日:2007-09-13
申请号:PCT/US2006/061165
申请日:2006-11-21
发明人: DUPAQUIS, Vincent , DOUGUET, Michel
IPC分类号: H04K1/00
CPC分类号: H04L9/0625 , H04L9/002 , H04L9/003 , H04L2209/043 , H04L2209/08 , H04L2209/24
摘要: A deterministic blinding method for cipher algorithms that employ key -mixing and substitution (S -box) operations uses a masking table (MASK[0] to MASK [63] ) constructed with a true mask (MASK[0] ) and a plurality of dummy masks corresponding to every possible S-box input. Each mask is applied in the key -mixing operation (e.g., bitwise XOR) to the cipher key (K) or to round subkeys (K1 to K16) to generate true and dummy keys or subkeys that are applied to the data blocks (DATA) within the overall cipher algorithm or within individual cipher rounds. The mask values prevent side-channel statistical analyses from determining the true from the dummy keys or subkeys. The true mask is identifiable to the cipher but not by external observers.
摘要翻译: 使用密钥混合和替代(S-box)操作的密码算法的确定性盲法使用由真实掩码(MASK [0])构成的掩蔽表(MASK [0]至MASK [63])和多个 对应于每个可能的S盒输入的虚拟掩码。 每个掩码在密钥混合操作(例如,按位XOR)中应用于密钥(K)或舍入子密钥(K1至K16)以生成应用于数据块(DATA)的真实密钥或虚拟密钥或子密钥, 在整个加密算法内或个别密码轮内。 掩码值可以防止侧信道统计分析从虚拟键或子键确定真。 真正的掩码是可识别的,而不是外部观察者。
-
公开(公告)号:WO2010126647A2
公开(公告)日:2010-11-04
申请号:PCT/US2010/025443
申请日:2010-02-25
发明人: DUPAQUIS, Vincent , DOUGUET, Michel
IPC分类号: H04L9/06
CPC分类号: H04L9/0631 , G09C1/00 , H04L2209/122 , H04L2209/24
摘要: A cryptographic system can include a register containing a key and a processor coupled to the register. The processor can be operable for performing a first encrypting operation, where the encrypting operation includes computing a key schedule using the register as a workspace. At the end of the first encrypting operation, the key is recovered from the register for use in a second encrypting operation.
摘要翻译: 加密系统可以包括包含密钥的寄存器和耦合到寄存器的处理器。 处理器可以用于执行第一加密操作,其中加密操作包括使用该寄存器作为工作空间来计算密钥调度。 在第一次加密操作结束时,该密钥从该寄存器中恢复以用于第二次加密操作。
-
4.发明申请MODULAR MULTIPLICATION METHOD WITH PRECOMPUTATION USING ONE KNOWN OPERAND 审中-公开使用一个已知的操作数的具有预定义的模乘法
公开(公告)号:WO2008057804A3
公开(公告)日:2008-07-31
申请号:PCT/US2007082713
申请日:2007-10-26
申请人: ATMEL CORP , DOUGUET MICHEL , DUPAQUIS VINCENT
发明人: DOUGUET MICHEL , DUPAQUIS VINCENT
IPC分类号: G06F7/44
CPC分类号: G06F7/722
摘要: A modular multiplication method implemented in an electronic digital processing system takes advantage of the case where one of the operands W is known in advance or used multiple times with different second operands V to speed calculation. The operands V and W and the modulus M may be integers or polynomials over a variable X. A possible choice for the type of polynomials can be polynomials of the binary finite field GF (2 N ). Once operand W is loaded (30; 60) into a data storage (12) location, a value P = Lw-X n+d /M J is pre- computed (32; 62) by the processing system (10). Then when a second operand V is loaded (34; 64), the quotient q ? for the product V.W being reduced modulo M is quickly estimated (36; 66), q ? = Lv-P/X n+d J, optionally randomized (40; 70), q' = q ? - E, and can be used to obtain (44; 74) the remainder r' = V.W - q'-M, which is congruent to (V.W) mod M. A final reduction (46; 76) can be carried out, and the later steps repeated (52; 82) with other second operands V.
摘要翻译: 在电子数字处理系统中实现的模乘算法利用事先知道操作数W中的一个或与不同的第二操作数V多次使用以加速计算的情况。 操作数V和W以及模数M可以是变量X上的整数或多项式。多项式类型的可能选择可以是二元有限域GF(2 N)的多项式。 一旦操作数W被加载(30; 60)到数据存储器(12)位置,通过处理预先计算值(32; 62)的值P = Lw-Xn + d / 系统(10)。 然后,当加载第二操作数V(34; 64)时,快速估计乘积M的模数M减的商q(SUP;θ),其中q ≥ = Lv-P / X n + d J,任选随机化(40; 70),q'= q SUP→E,并且可以用于获得(44 ; 74)剩余部分r'= VW-q'-M,其与(VW)mod M一致。可以执行最终减少(46; 76),并且随后的步骤与其他 第二操作数V.
-
公开(公告)号:WO2006124160A2
公开(公告)日:2006-11-23
申请号:PCT/US2006/013795
申请日:2006-04-12
发明人: DUPAQUIS, Vincent , DOUGUET, Michel
IPC分类号: H02P1/00
CPC分类号: G06F7/726 , G06F2207/7233
摘要: A cryptographically secure, computer hardware-implemented binary finite-field polynomial modular reduction method estimates (32) and randomizes (36) a polynomial quotient q' (x) used for computation of a polynomial remainder. The randomizing error E (x) injected into the approximate polynomial quotient q (x) is limited to a few bits, e.g. less than half a word. The computed (38) polynomial remainder r' (x) is congruent with but a small random multiple of the residue r (x), which can be found by a final strict binary field reduction by the modulus M (x). In addition to a computational unit (10) and operations sequencer (16), the computing hardware also includes a random or pseudo-random number generator (20) for producing the random polynomial error. The modular reduction method thus resists hardware cryptoanalysis attacks, such as timing and power analysis attacks.
摘要翻译: 一种加密安全的计算机硬件实现的二进制有限域多项式模块化缩减方法估计(32)并随机化(36)用于计算多项式余数的多项式q'(x)。 注入近似多项式q(x)的随机化误差E(x)被限制在几位,例如 不到半个字。 计算出的(38)多项式余数r'(x)与残差r(x)的小随机倍数是一致的,这可以通过模量M(x)的最终严格二进制字段减小来找到。 除了计算单元(10)和操作定序器(16)之外,计算硬件还包括用于产生随机多项式误差的随机或伪随机数发生器(20)。 因此,模块化还原方法抵御硬件加密分析攻击,如时序和功耗分析攻击。
-
公开(公告)号:WO2009102658A1
公开(公告)日:2009-08-20
申请号:PCT/US2009/033550
申请日:2009-02-09
IPC分类号: G06F12/14
CPC分类号: G06F12/1441
摘要: A microcontroller system, such as a system-on-a-chip integrated circuit, including a processor (e.g., a Von Neumann processor), memory, and a memory protection unit (MPU), where the MPU provides execute-only access rights for one or more protected areas of the memory. The MPU can allow instructions fetched from within a protected area to access data in the protected area while preventing instructions fetched from outside the protected area from accessing data in the protected area.
摘要翻译: 诸如片上系统集成电路的微控制器系统,包括处理器(例如,冯诺依曼处理器),存储器和存储器保护单元(MPU),其中MPU提供仅执行访问权限 存储器的一个或多个保护区域。 MPU可以允许从保护区域内取出的指令访问受保护区域中的数据,同时防止从保护区域外部取出的指令访问保护区域中的数据。
-
公开(公告)号:WO2009023595A1
公开(公告)日:2009-02-19
申请号:PCT/US2008/072697
申请日:2008-08-08
发明人: DUPAQUIS, Vincent , HOBSON, Russell
IPC分类号: G06F7/00
CPC分类号: G06F7/525
摘要: Methods, apparatus and systems for large number multiplication. A multiplication circuit is provided to compute the product of two operands (A and B), at least one of which is wider than a width associated with the multiplication circuit. Each of the operands includes contiguous ordered word-wide operand segments (Aj and Bi) characterized by specific weights j (integer from 0 to k) and i (integer from 0 to m). The multiplication circuit executes a matrix of word-wide operand segment pair multiplication operations. Multiplication operations are performed on a pair of rows at one time. For each pair of rows, a pair of corresponding Bi word-wide operand segments are read from a memory and word-wide operand segment pair multiplication operations (Aj*Bi) are iteratively performed for each of k+2 columns. For each column a maximum of two additional memory read operations and one memory write operation is required.
摘要翻译: 用于大数乘法的方法,装置和系统。 提供乘法电路以计算两个操作数(A和B)的乘积,其中至少一个比乘法电路相关的宽度宽。 每个操作数包括由特定权重j(从0到k的整数)和i(从0到m的整数)表征的连续排序的单字操作数段(Aj和Bi)。 乘法电路执行字宽操作数段对乘法运算的矩阵。 一次对一对行进行乘法运算。 对于每对行,从存储器读取一对对应的双字操作数段,并对k + 2列中的每一行迭代地执行字宽操作数段对乘法运算(Aj * Bi)。 对于每列,最多需要两个附加的存储器读操作和一个存储器写操作。
-
公开(公告)号:WO2008079524A3
公开(公告)日:2008-07-03
申请号:PCT/US2007/083426
申请日:2007-11-02
发明人: DOUGUET, Michel , DUPAQUIS, Vincent
IPC分类号: H04L9/00
摘要: A method of protecting secret key integrity in a hardware cryptographic system includes first obtaining an encryption result (13) and corresponding checksum (14) of known data using the secret key, saving those results, then masking the secret key (16, 17) and storing the masked key (18). When the masked key is to be used in a cryptographic application, the method checks key integrity against fault attacks by decrypting (19) the prior encryption results using the masked key. If upon comparison (20), the decryption result equals valid data (PASS), then the key's use in the cryptographic system can proceed. Otherwise (FAIL), all data relating to the masked key is wiped from the system and fault injection is flagged (21).
-
公开(公告)号:WO2008079524A2
公开(公告)日:2008-07-03
申请号:PCT/US2007083426
申请日:2007-11-02
申请人: ATMEL CORP , DOUGUET MICHEL , DUPAQUIS VINCENT
发明人: DOUGUET MICHEL , DUPAQUIS VINCENT
IPC分类号: H04L9/00
CPC分类号: H04L9/0662 , H04L9/004 , H04L9/3236 , H04L2209/046 , H04L2209/12 , H04L2209/34
摘要: A method of protecting secret key integrity in a hardware cryptographic system includes first obtaining an encryption result (13) and corresponding checksum (14) of known data using the secret key, saving those results, then masking the secret key (16, 17) and storing the masked key (18). When the masked key is to be used in a cryptographic application, the method checks key integrity against fault attacks by decrypting (19) the prior encryption results using the masked key. If upon comparison (20), the decryption result equals valid data (PASS), then the key's use in the cryptographic system can proceed. Otherwise (FAIL), all data relating to the masked key is wiped from the system and fault injection is flagged (21).
摘要翻译: 一种在硬件加密系统中保护密钥完整性的方法包括首先使用秘密密钥获得已知数据的加密结果(13)和相应的校验和(14),保存这些结果,然后掩蔽秘密密钥(16,17)和 存储被屏蔽的键(18)。 当在密码应用程序中使用被屏蔽的密钥时,该方法通过使用屏蔽的密钥解密(19)先前的加密结果来检查密钥完整性以防故障攻击。 如果比较(20),解密结果等于有效数据(PASS),则密钥在加密系统中的使用可以进行。 否则(FAIL),所有与屏蔽键相关的数据都从系统中擦除,故障注入被标记(21)。
-
公开(公告)号:WO2010126647A3
公开(公告)日:2010-12-29
申请号:PCT/US2010025443
申请日:2010-02-25
发明人: DUPAQUIS VINCENT , DOUGUET MICHEL
IPC分类号: H04L9/06
CPC分类号: H04L9/0631 , G09C1/00 , H04L2209/122 , H04L2209/24
摘要: A cryptographic system can include a register containing a key and a processor coupled to the register. The processor can be operable for performing a first encrypting operation, where the encrypting operation includes computing a key schedule using the register as a workspace. At the end of the first encrypting operation, the key is recovered from the register for use in a second encrypting operation.
摘要翻译: 密码系统可以包括包含密钥的寄存器和耦合到寄存器的处理器。 处理器可操作用于执行第一加密操作,其中加密操作包括使用寄存器作为工作空间来计算密钥调度。 在第一次加密操作结束时,密钥从寄存器中恢复,用于第二次加密操作。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.01 秒)
