-
公开(公告)号:US20240080197A1
公开(公告)日:2024-03-07
申请号:US17903647
申请日:2022-09-06
Applicant: INGONYAMA LTD.
Inventor: Daniel SHTERMAN , Omer SHLOMOVITS , Michael ASA , Yuval DOMB
CPC classification number: H04L9/3218 , G06F7/725 , G06F17/16
Abstract: A hardware accelerator computes a scalar dot product given by Σi=0N−1diPi where di is a scalar of length b bits and Pi is an element in a group. The hardware accelerator includes a plurality A of accumulators addressed by corresponding contiguous partitions of the scalar di, each partition being of length c such that
A
=
⌈
b
c
⌉
and each accumulator containing a plurality B of buckets where B=2c. The value of Pi is entered into each empty accumulator bucket whose value corresponds to the weight of the respective partition associated with the corresponding accumulator or is added to a non-zero value that is already in the bucket, the sum replacing the previous value. An accumulator sums the values in the respective buckets of each accumulator so as to derive A sums, and sums the A computed sums to derive the scalar dot product.-
公开(公告)号:US20230370253A1
公开(公告)日:2023-11-16
申请号:US18199320
申请日:2023-05-18
Applicant: nChain Licensing AG
Inventor: Alexandra COVACI , Simone MADEO , Patrick MOTYLINSKI , Stephane VINCENT
CPC classification number: H04L9/085 , G06F7/725 , G06F17/17 , H04L9/3218 , H04L9/3093 , H04L9/14 , H04L9/3066 , H04L9/0841 , H04L9/50 , H04L9/3236
Abstract: Systems and methods described herein relate to techniques in which multiple parties each generate and exchange quantities that are based on a shared secret (e.g., powers of the shared secret) without exposing the shared secret. According to a protocol, two or more parties may exchange sets of elliptic curve points generated over polynomials that can be used, by each of the two or more parties, to determine a power of a shared secret. The protocol may be utilised as part of determining parameters for a smart contract that is broadcast to a blockchain network (e.g., Bitcoin). Based on the protocol, an additional party (e.g., a third party different from the two or more parties) may perform a computational task such as execution of the smart contract.
-
公开(公告)号:US11728988B2
公开(公告)日:2023-08-15
申请号:US16488835
申请日:2018-02-12
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: Oscar Garcia Morchon , Sauvik Bhattacharya , Ludovicus Marinus Gerardus Maria Tolhuizen , Ronald Rietman
CPC classification number: H04L9/3073 , G06F7/725 , H04L9/0643 , H04L9/0841 , H04L9/0866 , H04L9/3257 , H04L2209/60 , H04L2209/80
Abstract: An electronic key pre-distribution device for configuring multiple network nodes with local key information is provided. The key pre-distribution device applies at least a first hash function and a second hash function to a digital identifier of a network node. The first and second hash functions map the digital identifier to a first public point and a second public point on a first elliptic curve and second elliptic curve. A first and second secret isogeny are applied to the first and second public elliptic curve points, to obtain a first private elliptic curve point and second private elliptic curve point that are part of private key material for the network node.
-
公开(公告)号:US20180336015A1
公开(公告)日:2018-11-22
申请号:US15669929
申请日:2017-08-05
Applicant: Microsoft Technology Licensing, LLC
Inventor: Martin Roetteler , Kristin Lauter , Krysta Svore
CPC classification number: G06F7/728 , G06F7/72 , G06F7/721 , G06F7/723 , G06F7/725 , G06F17/5022 , G06F17/505 , G06N10/00
Abstract: In this application, example methods for performing quantum Montgomery arithmetic are disclosed. Additionally, circuit implementations are disclosed for reversible modular arithmetic, including modular addition, multiplication and inversion, as well as reversible elliptic curve point addition. This application also shows that elliptic curve discrete logarithms on an elliptic curve defined over an n-bit prime field can be computed on a quantum computer with at most 9n+2 ┌log2(n)┐+10 qubits using a quantum circuit of at most 512n3 log2(n)+3572n3 Toffoli gates.
-
5.
公开(公告)号:US20180316498A1
公开(公告)日:2018-11-01
申请号:US15862803
申请日:2018-01-05
Applicant: SAMSUNG SDS CO., LTD.
Inventor: Kyu-Young CHOI , Duk-Jae MOON , Hyo-Jin YOON , Ji-Hoon CHO
CPC classification number: H04L9/003 , G06F1/03 , G06F7/723 , G06F7/725 , G06F21/755 , G06F2207/7219 , H04L9/3252
Abstract: An apparatus and method for performing operation being secure against side channel attack are provided. The apparatus and method generate values equal to values obtained through an exponentiation operation or a scalar multiplication operation of a point using values extracted from previously generated parameter candidate value sets and an operation secure against side-channel attack, thereby improving security against side-channel attack without degrading performance.
-
公开(公告)号:US10075299B2
公开(公告)日:2018-09-11
申请号:US14236959
申请日:2012-07-31
Applicant: Koichi Sakumoto
Inventor: Koichi Sakumoto
CPC classification number: H04L9/3247 , G06F7/725 , H04L9/3026 , H04L9/3093 , H04L9/3221 , H04L63/08
Abstract: An information processing apparatus including a message generating unit that generates N sets of messages based on a multi-order multivariate polynomial set F=(f1, . . . , fm) defined on a ring K and a vector s that is an element of a set Kn, a first information selecting unit that inputs a document M and the N sets of messages to a one-way function that selects one piece of first information from among k (where k≥3) pieces of first information in response to a set of input information, and selects N pieces of first information, a second information generating unit that generate N pieces of second information, and a signature providing unit that provides a verifier with the N pieces of first information and the N pieces of second information as a digital signature.
-
公开(公告)号:US10025596B2
公开(公告)日:2018-07-17
申请号:US15267895
申请日:2016-09-16
Applicant: RENESAS ELECTRONICS CORPORATION
Inventor: Takayuki Shinohara , Masatoshi Kimura
IPC: G06F11/30 , G06F9/4401 , H04M1/725 , G06F7/72 , G06F17/30 , H04L9/00 , H04L9/30 , H04M1/02 , G06F3/06 , G06F13/38 , G06F13/40 , H04M1/65
CPC classification number: G06F9/4403 , G06F3/061 , G06F3/0655 , G06F3/0679 , G06F7/725 , G06F13/385 , G06F13/4068 , G06F16/13 , G06F2207/7228 , G06F2213/3806 , H04L9/003 , H04L9/3066 , H04L2209/08 , H04L2209/56 , H04M1/026 , H04M1/6505 , H04M1/72522 , H04M2201/36 , H04M2250/14
Abstract: A memory system is constituted of a file storage flash memory storing a control program required for a control portion and a large amount of data, and a random access memory storing a program used by the control portion and functioning as a buffer memory for received data. Thus, a memory system for a portable telephone capable of storing a large amount of received data at high-speed and allowing reading of the stored data at high-speed is provided.
-
公开(公告)号:US09979543B2
公开(公告)日:2018-05-22
申请号:US14139849
申请日:2013-12-23
Applicant: NXP B.V.
Inventor: Miroslav Knezevic , Ventzislav Nikov
CPC classification number: H04L9/3066 , G06F7/725 , G06F7/726
Abstract: An optimized hardware architecture and method introducing a simple arithmetic processor that allows efficient implementation of an Elliptical Curve Cryptography point doubling algorithm for Jacobian coordinates. The optimized architecture additionally reduces the required storage for intermediate values to one intermediate value.
-
公开(公告)号:US20180101362A1
公开(公告)日:2018-04-12
申请号:US15727058
申请日:2017-10-06
Applicant: Idemia Identity & Security France
Inventor: Victor SERVANT , Guillaume DABOSVILLE
CPC classification number: G06F7/725 , G06F9/30098 , G06F2207/7261 , G06F2207/7285 , G06K19/07 , H04L9/003 , H04L9/3066
Abstract: The invention relates to a cryptographic processing method comprising multiplication of a point P of an elliptic curve on a Galois field by a scalar k, the multiplication comprising steps of: storing, in a first register, a zero point of the Galois field, executing a loop comprising at least one iteration comprising steps of: selecting a window of w bits in the non-signed binary representation of the scalar k, w being a predetermined integer independent of the scalar k and strictly greater than 1, calculating multiple points of P being each associated with a bit of the window and of the form ±2iP, adding or not in the first register of multiple points stored, depending of the value of the bit of the window with which the multiple points are associated, wherein the loop ends once each bit of the non-signed binary representation of the scalar k has been selected, returning a value stored in the first register. If all the bits of the window selected during an iteration of the loop are zero, the iteration comprises at least one dummy execution of the addition function, and/or if all the bits of the window during an iteration of the loop are non-zero, the multiple points to be added in the first register during the step are determined from a non-adjacent form associated with the window.
-
10.
公开(公告)号:US20170346633A1
公开(公告)日:2017-11-30
申请号:US15166925
申请日:2016-05-27
Applicant: NXP B.V.
Inventor: Joppe Willem Bos , Artur Tadeusz Burchard , Jan Hoogerbrugge , Wilhelmus Petrus Adrianus Johannus Michiels
CPC classification number: H04L9/3066 , G06F7/725 , G06F12/1433 , G06F2207/7242 , G06F2207/7252 , H04L9/002 , H04L2209/16 , H04L2209/46
Abstract: A system for securely computing an elliptic curve scalar multiplication in an unsecured environment, including: a secure processor including secure memory, the secure processor configured to: split a secure scalar K into m2 random values ki, where i is an integer index; randomly select m1−m2 values ki for the indices m2
-
-
-
-
-
-
-
-
-