公开(公告)号：US20150063563A1

公开(公告)日：2015-03-05

申请号：US14018707

申请日：2013-09-05

申请人： Xerox Corporation

发明人： Shailesh Vaya

IPC分类号： H04L9/30 ,  G06F7/72

CPC分类号： G06F7/72 ,  H04L9/008 ,  H04L9/302

摘要： A product of prime numbers and a quadratic non-residue of one of the prime numbers are received as a public key from a first party. The product of prime numbers comprises a first group and the prime numbers respectively comprise a first sub-group and a second sub-group of the first group. Data of the first party is automatically encrypted bit-wise using a computerized device by encrypting first bit values of the data of the first party as quadratic residue and encrypting second bit values of the data of the first party as quadratic non-residue to produce a first intermediate number. The first intermediate number is automatically multiplied by the quadratic non-residue of the public key using the computerized device to complete encryption of the data of the first party. A square root of a value is received from a second party. The second party does not have the quadratic residue and the quadratic non-residue. A single bit of the data of the first party is automatically decrypted for the second party by factoring the product of prime numbers to evaluate whether the single bit has a square root in the first sub-group or the second sub-group based on the square root of the value from the second party.

摘要翻译： 素数的乘积和素数之一的二次非残差作为公钥从第一方接收。 素数的乘积包括第一组，素数分别包括第一组的第一子组和第二子组。 使用计算机化设备通过将第一方的数据的第一位值加密为二次残差并将第一方的数据的第二位值加密为二次非残差来自动加密第一方的数据，以产生 第一中间号码 使用计算机化设备将第一个中间号码自动乘以公钥的二次非残差，以完成对第一方数据的加密。 从第二方接收值的平方根。 第二方不具有二次残差和二次非残差。 通过将素数的乘积进行分解来评估第一方的数据的单个位自动解密，以评估基于正方形的第一子组或第二子组中的单个位是否具有平方根 从第二方的价值的根源。

公开(公告)号：US20140355758A1

公开(公告)日：2014-12-04

申请号：US14365899

申请日：2012-12-12

申请人： INSIDE SECURE

发明人： Benoît Feix ,  Christophe Clavier ,  Pascal Paillier ,  Loïc Thierry

IPC分类号： H04L9/08

CPC分类号： H04L9/0869 ,  G06F7/58 ,  G06F7/72 ,  G06F17/11 ,  G06F2207/7204 ,  H04L9/0816 ,  H04L2209/24

摘要： The invention relates to a method for generating a prime number, implemented in an electronic device, the method including steps of calculating a candidate prime number having a number of bits, using the formula: Pr=2P·R+1, where P is a prime number and R is an integer, applying the Pocklington primality test to the candidate prime number, rejecting the candidate prime number if it fails the Pocklington test, generating the integer from an invertible number belonging to a set of invertible elements modulo the product of numbers belonging to a group of small prime numbers greater than 2, so that the candidate prime number is not divisible by any number of the group, the prime number P having a number of bits equal, to within one bit, to half or a third of the number of bits of the candidate prime number.

摘要翻译： 本发明涉及一种在电子设备中实现的素数生成方法，该方法包括以下步骤：使用下式计算具有多个比特数的候选素数：Pr = 2P·R + 1，其中P为 素数，R是整数，将Pocklington原语测试应用于候选素数，如果Pocklington测试失败，则拒绝候选素数，从属于一组可逆元素的可逆数生成整数，该可逆元素模数为数字乘积 属于大于2的小素数的组，使得候选质数不能被组的任何数量整除，素数P的位数相等，在一位内的一半或三分之一 候选素数的比特数。

公开(公告)号：US08862651B2

公开(公告)日：2014-10-14

申请号：US12609772

申请日：2009-10-30

申请人： Robert John Lambert

发明人： Robert John Lambert

IPC分类号： G06F7/38 ,  G06F7/72 ,  H04L9/32 ,  H04L9/30

CPC分类号： H04L9/3066 ,  G06F7/72 ,  G06F7/727 ,  G06F7/728 ,  H04L9/3252 ,  H04L2209/043 ,  H04L2209/12

摘要： A modulo reduction is performed on a value a represented as an ordered sequence of computer readable words. The lowest order words are eliminated by substituting an equivalent value represented by higher order words for each of the lower order words. The lowest order words are eliminated until the sequence has a word length corresponding to the modulus. Carries and borrows resulting from the substitution are propagated from lower order words to higher order words. Further reduction is performed to maintain the word length of the sequence to that of the modulus. The further reduction may be determined by examination of a carryover bit or may be performed a predetermined number of times without examination.

摘要翻译： 对表示为计算机可读字的有序序列的值a执行模减数。 通过用较低阶单词表示的等价值代替每个低阶单词来排除最低阶单词。 消除最低阶字，直到序列具有对应于模数的字长。 由替代产生的携带和借款从低位词传播到高阶词。 执行进一步的减少以将序列的字长保持为模数的字长。 可以通过检查携带位来确定进一步的减少，或者可以在不进行检查的情况下执行预定次数。

公开(公告)号：US20140286488A1

公开(公告)日：2014-09-25

申请号：US14354254

申请日：2012-10-25

申请人： GIESECKE & DEVRIENT GMBH

发明人： Jurgen Pulkus

IPC分类号： H04L9/14

CPC分类号： H04L9/14 ,  G06F7/72 ,  G06F7/728 ,  G06F2207/7204 ,  H04L9/3033

摘要： A device and/or computer program uses a method including determining the division remainder of a first value (b) modulo a second value (p′) and executing a first Montgomery multiplication with the first value (b) as one of the factors and the second value (p′) as a module. A correction factor is determined, and a second Montgomery multiplication is executed with the result of the first Montgomery multiplication as one of the factors and the correction factor as the other factor and the second value (p′) as a module. A method for ascertaining prime number candidates includes determining a base value (b) for a sieve, and several sieve iterations are executed, in which respectively one marking value (p′) is ascertained and multiples of the marking value (p′) in the sieve are marked as composite numbers.

摘要翻译： 设备和/或计算机程序使用包括确定第二值（p'）的第一值（b）的除法余数并且执行与第一值（b）的第一蒙哥马利乘法作为因素之一的方法，并且 第二个值（p'）作为模块。 确定校正因子，并且执行第二蒙哥马利乘法，其中第一蒙哥马利乘法的结果作为因素之一，校正因子作为另一因素，第二值（p'）作为模块。 用于确定素数候选的方法包括确定筛子的基值（b），并且执行几个筛选迭代，其中分别确定一个标记值（p'），并且确定标记值（p'）的倍数 筛子被标记为复合数字。

公开(公告)号：US08744072B2

公开(公告)日：2014-06-03

申请号：US13138584

申请日：2010-03-01

申请人： Marc Joye

发明人： Marc Joye

IPC分类号： H04K1/00 ,  H04L9/00 ,  H04L9/28 ,  H04L9/30 ,  G06F7/72 ,  G06F7/38

CPC分类号： H04L9/002 ,  G06F7/38 ,  G06F7/72 ,  G06F7/723 ,  G06F7/724 ,  G06F7/728 ,  G06F2207/7261 ,  H04L9/003 ,  H04L9/004 ,  H04L9/30 ,  H04L9/3066

摘要： An exponentiation method resistant against side-channel attacks and safe-error attacks. Input to the method is g in a multiplicatively written group G and a /-digit exponent d with a radix m>1 and output is z=gd-1·(d−1) is expressed as a series of (/−1) non-zero digits, d*0 . . . d*I-2, in the set {m−1, . . . , 2m−2} and an extra digit d*I-1 that is equal to dI-1−1, where dI-1 represents the most significant radix-m digit of d, and gd-1 is evaluated through a m-ary exponentiation algorithm on input g and (d−1) represented by d*0 . . . d*I-1. Also provided are an apparatus and a computer program product.

摘要翻译： 一种抗侧向攻击和安全错误攻击的取幂方法。 该方法的输入为g，乘法编写的组G和a / -digit指数d，基数m> 1，输出为z = gd-1·（d-1）表示为一系列（/ -1） 非零数字，d * 0。 。 。 d * I-2，在集合{m-1，。 。 。 ，2m-2}和等于dI-1-1的额外数字d * I-1，其中dI-1表示d的最显着的rad-m数字，并且gd-1通过m-ar 由d * 0表示的输入g和（d-1）的求幂算法。 。 。 d * I-1。 还提供了一种装置和计算机程序产品。

公开(公告)号：US08706788B2

公开(公告)日：2014-04-22

申请号：US13241778

申请日：2011-09-23

申请人： Jong Hoon Shin ,  Kyoung Moon Ahn ,  Young Sik Kim ,  Sun-Soo Shin ,  Ji-Su Kang

发明人： Jong Hoon Shin ,  Kyoung Moon Ahn ,  Young Sik Kim ,  Sun-Soo Shin ,  Ji-Su Kang

IPC分类号： G06F7/72

CPC分类号： G06F7/72

摘要： A modular calculator and a method of performing a modular calculation are provided. The modular calculator includes a first register to receive and to store a first integer, a second register to receive and to store a second integer, a calculator connected to an output terminal of the first register and an output terminal of the second register, and a controller to determine an arithmetic operation of the calculator by referring to a sign of the first integer and a sign of the second integer and to control the calculator to perform the determined arithmetic operation on one of an addition and a subtraction of the first integer and the second integer and a modulus value.

摘要翻译： 提供了一种模块化计算器和一种执行模数计算的方法。 模块化计算器包括：第一寄存器，用于接收和存储第一整数;第二寄存器，用于接收和存储第二整数;连接到第一寄存器的输出端的计算器和第二寄存器的输出端，以及 控制器通过参考第一整数的符号和第二整数的符号来确定计算器的算术运算，并且控制计算器对第一整数的加法和减法之一执行所确定的算术运算， 第二整数和模​​数值。

公开(公告)号：USRE44697E1

公开(公告)日：2014-01-07

申请号：US13603137

申请日：2012-09-04

申请人： David E. Jones ,  Cormac M. O'Connell

发明人： David E. Jones ,  Cormac M. O'Connell

IPC分类号： G06F21/00

CPC分类号： G06F7/5324 ,  G06F7/49931 ,  G06F7/5052 ,  G06F7/72 ,  G06F7/722 ,  G06F2207/382 ,  G06F2207/3828 ,  H04L9/14 ,  H04L2209/125

摘要： An encryption chip is programmable to process a variety of secret key and public key encryption algorithms. The chip includes a pipeline of processing elements, each of which can process a round within a secret key algorithm. Data is transferred between the processing elements through dual port memories. A central processing unit allows for processing of very wide data words from global memory in single cycle operations. An adder circuit is simplified by using plural relatively small adder circuits with sums and carries looped back in plural cycles. Multiplier circuitry can be shared between the processing elements and the central processor by adapting the smaller processing element multipliers for concatenation as a very wide central processor multiplier.

摘要翻译： 加密芯片是可编程的，用于处理各种秘密密钥和公钥加密算法。 该芯片包括处理元件的流水线，每个处理元件可以在秘密密钥算法内处理一轮。 通过双端口存储器在处理元件之间传送数据。 中央处理单元允许在单周期操作中处理来自全局存储器的非常宽的数据字。 通过使用多个具有和的相对较小的加法器电路来简化加法器电路，并以多个周期进行循环。 乘法器电路可以通过将较小的处理单元乘法器适配为级联，作为非常宽的中央处理器乘法器而在处理元件和中央处理器之间共享。

公开(公告)号：US08369520B2

公开(公告)日：2013-02-05

申请号：US12034252

申请日：2008-02-20

申请人： Astrid Elbe ,  Norbert Janssen ,  Holger Sedlak

发明人： Astrid Elbe ,  Norbert Janssen ,  Holger Sedlak

IPC分类号： H04L9/00

CPC分类号： G06F9/3891 ,  G06F7/72 ,  G06F7/723 ,  G06F9/3879 ,  G06F9/3885 ,  G06F21/72 ,  G06F21/755 ,  G06F2207/7266

摘要： A cryptography processor includes a central processing unit and a co-processor, the co-processor comprising a plurality of calculating subunits as well as a single control unit which is coupled to each of the plurality of calculating subunits. A cryptographic operation is distributed among the individual calculating subunits in the form of sub-operations by the control unit. The central processing unit, the plurality of calculating subunits and the control unit are integrated on a single chip, the chip comprising a common supply current access for supplying the plurality of calculating subunits and the control unit with current. Due to the arrangement of the calculating subunit in parallel, on the hand, the throughput of the cryptography processor is increased. On the other hand, however, the current profile that may be detected at the supply current access is randomized to such an extent that an attacker can no longer infer numbers processed in the individual calculating subunits.

摘要翻译： 密码处理器包括中央处理单元和协处理器，所述协处理器包括多个计算子单元以及耦合到所述多个计算子单元中的每一个的单个控制单元。 通过控制单元以子操作的形式在各​​个计算子单元之间分配加密操作。 中央处理单元，多个计算子单元和控制单元集成在单个芯片上，该芯片包括用于向多个计算子单元和控制单元提供电流的公共供电电流访问。 由于并行计算子单元的配置，手段上增加了密码处理器的吞吐量。 然而，另一方面，可以在供应电流访问中检测到的当前简档被随机化到这样的程度，使得攻击者不再能够推断在各个计算子单元中处理的数字。

公开(公告)号：US20120271873A1

公开(公告)日：2012-10-25

申请号：US13495533

申请日：2012-06-13

申请人： Michael HIRSCH ,  Shmuel T. KLEIN ,  Yair TOAFF

发明人： Michael HIRSCH ,  Shmuel T. KLEIN ,  Yair TOAFF

IPC分类号： G06F7/535

CPC分类号： G06F7/462 ,  G06F7/44 ,  G06F7/72

摘要： A remainder by division of a sequence of bytes interpreted as a first number by a second number is calculated. A first remainder by division associated with a first subset of the sequence of bytes is calculated with a first processor. A second remainder by division associated with a second subset of the sequence of bytes is calculated with a second processor. The calculating of the second remainder by division may occur at least partially during the calculating of the first remainder by division. A third remainder by division is calculated based on the calculating of the first remainder by division and the calculating of the second remainder by division.

摘要翻译： 计算被解释为第一个数字的第二个数字的字节序列的余数。 用第一处理器计算与字节序列的第一子集相关联的第一余数除法。 用第二处理器计算与字节序列的第二子集相关联的第二余数。 通过除法计算第二余数可以至少部分地在第一余数除法计算期间进行。 基于通过划分的第一余数的计算和除以第二余数的计算来计算第三余数。

公开(公告)号：US08271570B2

公开(公告)日：2012-09-18

申请号：US11772166

申请日：2007-06-30

申请人： Vinodh Gopal ,  Erdinc Ozturk ,  Gilbert Wolrich ,  Wajdi K. Feghali

发明人： Vinodh Gopal ,  Erdinc Ozturk ,  Gilbert Wolrich ,  Wajdi K. Feghali

IPC分类号： G06F7/00

CPC分类号： G06F7/72 ,  G06F7/5324 ,  G06F7/725 ,  G06F2207/382

摘要： A unified integer/Galois-Field 2m multiplier performs multiply operations for public-key systems such as Rivert, Shamir, Aldeman (RSA), Diffie-Hellman key exchange (DH) and Elliptic Curve Cryptosystem (ECC). The multiply operations may be performed on prime fields and different composite binary fields in independent multipliers in an interleaved fashion.

摘要翻译： 统一的整数/伽罗瓦域2m乘法器为诸如Rivert，Shamir，Aldeman（RSA），Diffie-Hellman密钥交换（DH）和椭圆曲线加密系统（ECC）的公钥系统执行乘法运算。 可以以交错方式在独立乘法器中的主场和不同的复合二进制字段上执行乘法运算。