Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees

Public key

Subclass of:

380 - Cryptography


Patent class list (only not empty are listed)

Deeper subclasses:

20100119058INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND PROGRAM - There is provided an information processing apparatus according to the invention including a bilinear map selection unit for selecting a bilinear map used for a predetermined operation, a group selection unit for selecting at least two types of groups G05-13-2010
20110182423Data Encryption and Decryption with a Key by an N-state Inverter Modified Switching Function - Methods and apparatus for implementing an n-state ripple-adder scheme coder with n≧2 using an n-state reversible switching function and a non-reversible n-state switching function acting upon a first and a second word of at least 2 n-state symbols are disclosed. Corresponding decoding methods and apparatus are also disclosed. A resulting codeword may be a codeword which can be decoded by using the identical or different n-state switching functions in a corresponding ripple adder scheme decoder. Feistel networks and LFSRs apply the coding and decoding. Systems using the coding and decoding methods may be communication, storage and/or financial systems.07-28-2011
20100086128Asymmetric encryption/decryption method - An asymmetric encryption/decryption method comprises the steps of: selecting a plaintext (M) and a modulus (n); selecting a public key (e) and a private key (d) from the modulus (n); and generating a ciphertext (C) by M×e mod n=C, or recovering the plaintext (M) by C×d mod n=M.04-08-2010
20100046747PLAYBACK APPARATUS AND PLAYBACK METHOD - In the Local Storage (02-25-2010
20100046746PARAMETER GENERATING DEVICE AND CRYPTOGRAPHIC PROCESSING SYSTEM - A parameter generating device includes an input receiving unit that receives a degree n of an algebraic torus T including a group G in which a cryptosystem used in a torus-compressed public key cryptosystem is defined, a size W of a finite field F, and a size S of the group G, an extension-degree determining unit that determines an extension degree m of a finite field Fp02-25-2010
20100046745ENCRYPTING APPARATUS, DECRYPTING APPARATUS, CRYPTOCOMMUNICATION SYSTEM, AND METHODS AND COMPUTER PROGRAM PRODUCTS THEREFOR - A decrypting apparatus that decrypts encrypted data that has been encrypted first data containing plain data, the encrypted data being represented by using an affine representation F_{p̂m}×F_{p̂m}̂*(where p: a prime number; m: a natural number; and ̂: exponentiation) obtains encrypted data represented in a vector format and a secret key corresponding to a public key and judges whether a vector component contained in the encrypted data is the affine representation F_{p̂m}×F_{p̂m}̂*. Further, based on the result of the judging process, the decrypting apparatus maps the vector component onto each of the members of an algebraic torus by forming a decompression map and decrypts the encrypted data mapped onto each of the members of the algebraic torus, by using the secret key, therefore obtains the plain data.02-25-2010
20090185679Method for electronically signing electronic documents and method for verifying an electronic signature - A medical professional registers himself with the trust centre (TC) or trusted registry (TR) acting on behalf of and/or operated by the mobile communication service provider. According to an embodiment of the present invention, the trust centre or trusted registry generates a pair of keys (“private key, public key”) and associates the private key with the mobile-phone identity (IMEI, SIM-chip-number or phone number) in a secret table stored at the TC or TR. The TC or TR also associates the public key with the medical author's name (plus office address) as an entry into a directory.07-23-2009
20100104096Data Processing For Coding - A system and method for data processing for coding. The method may include providing a first plurality of bytes of data, non-linearly transforming the first plurality of bytes into a second plurality of bytes, multiplying each of the second plurality of bytes of data by a predetermined constant of a plurality of constants to generate a third plurality of bytes, and organizing in use the third plurality of bytes as a plurality of output bytes. Systems to practice the foregoing methods are also described.04-29-2010
20100040227Collaborative, Incremental Specification Of Identities - Methods and systems for collaborative, incremental specification of identities are provided. Users of an information processing system collaborate to define and refine identities of entities, and users can create references for those identities. Relationships among the identifiers implied related keywords that can be used to improve search, navigation, and integration. Relationship factoring can be used to maintain efficient logical and physical representations.02-18-2010
20090323932Method and apparatus for encrypting data to facilitate resource savings and detection of tampering - One embodiment of the present invention provides a system that facilitates encrypting data. During operation, the system receives unencrypted data to be encrypted. Next, the system preprocesses the unencrypted data to create preprocessed unencrypted data, wherein preprocessing the unencrypted data involves generating a salt (wherein the salt facilitates in determining if the subsequently encrypted data has been altered) and concatenating the salt and the unencrypted data to create the preprocessed unencrypted data. Next, the system encrypts the preprocessed unencrypted data to create the encrypted data. Because the salt has already been applied to the plaintext data, it does not need to be reapplied during the encryption phase as is typically done in encryption. Finally, the system stores a copy of the salt with the encrypted data.12-31-2009
20110007895Secure Configuration of a Computing Device - In accordance with a broad aspect, a method is provided to securely configure a computing device. A configuration indication is received into the computing device, including receiving a digital signature generated based on the configuration indication. Generation of the digital signature accounts for a unique identifier nominally associated with the computing device. The received configuration indication may be verified to be authentic including processing the unique identifier, the received configuration indication and the received digital signature. The computing device may be operated or interoperated with in accordance with the received configuration indication. In one example, a service interoperates with the computing device. The configuration indication and digital signature may be provided from the computing device to the service, and the service may interoperate with the computing device in accordance with the configuration indication and the digital signature. For example, the computing device may be a portable media player, and the service may provide media to the computing device based on a capacity indication of the configuration indication.01-13-2011
20090092247Server Certificate Issuing System - A server certificate issuing system confirms existence of a Web server for which a certificate is to be issued. The web server includes means for generating an entry screen to input application matters for an issuance of a server certificate, means for generating a key pair of a public key and a private key, means for generating a certificate signing request file (CSR) containing the generated public key, and means for generating a verification page indicating intention of requesting the issuance of the certificate. A registration server retrieves the CSR from a received server certificate request and accesses the Web server to read the verification information, and compares the read verification information with the CSR. If the verification information read from the Web server is identical to the CSR, it is determined that the Web server for which the server certificate is to be issued exists.04-09-2009
20130064363INCORPORATING DATA INTO AN ECDSA SIGNATURE COMPONENT - During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported to be signed by the signer, a verifier can extract the particular information from the signature component.03-14-2013
20090010428Asymmetric cryptosystem employing paraunitary matrices - Disclosed are multivariate paraunitary asymmetric cryptographic systems and methods that are based on paraunitary matrices. An algebraic approach is employed in designing the multivariate cryptographic systems and methods. The cryptographic systems and methods are based on formulating a general system of multivariate polynomial equations by paraunitary matrices. These matrices are a family of invertible polynomial matrices that can be completely parameterized and efficiently generated by primitive building blocks. Using a general formulation that involves paraunitary matrices, a one-way function is designed that operates over the fields of characteristic two. To include a trapdoor, approximations are made to the paraunitary matrix. The result is a trapdoor one-way function that is efficient to evaluate, but hard to invert unless secret information about the trapdoor is known. An exemplary implementation operates on the finite field GF(256). In this example, the message block includes 16 to 32 symbols from GF(256), i.e., the block size n is an integer between 16 and 32. The ciphertext block takes its elements from the same field and has at least 10 extra symbols.01-08-2009
20120114117Methods And Apparatus For Performing An Elliptic Curve Scalar Multiplication Operation Using Splitting - For an Elliptic Curve Scalar Multiplication (ECSM) operation to be performed on a scalar and a base point, a given previous set of parameters that was used to split the scalar for a previous ECSM operation and a selected random integer are used to determine a new set of parameters for splitting the scalar. By basing the new set of parameters on the previous set of parameters, repeated use of the scalar to determine key-splitting parameters is avoided and susceptibility to a Differential Power Analysis Side Channel attack is minimized.05-10-2012
20090180611REPRESENTATION CHANGE OF A POINT ON AN ELLIPTIC CURVE - An elliptic curve cryptographic system where point coordinates are transformed from a first coordinate system to a second coordinate system. The transformed coordinates are processed by field operations, which have been modified for operating on the transformed point coordinates. In some implementations, the point coordinates are transformed from an affine coordinate system to a projective coordinate system using a non-random value for the projective coordinate. In some implementations, the transformed projective representation of the point can be changed from a first representation of the point in projective coordinates to a second representation of the point in projective coordinates, where the projective coordinate used in the representation change is a random value.07-16-2009
20090285388Cryptographic Method with Elliptical Curves - A method determines an elliptical curve, suitable for a cryptographic method. An elliptical curve to be tested is prepared. The order of a twisted elliptical curve associated with the elliptical curve to be tested is determined. It is automatically checked whether the order of the twisted elliptical curve is a strong prime number. If the order of the twisted elliptical curve is a strong prime number, the elliptical curve to be tested is selected as an elliptical curve suitable for cryptographical methods.11-19-2009
20090290705Algorithms for generating parameters for genus 2 hyperelliptic curve cryptography - An exemplary method includes defining a CM field, representing coefficients of a Frobenius element of a hyperelliptic curve over a prime field as non-linear polynomials that are functions of an integer x and selecting a value for x whereby the product of the Frobenius element and its complex conjugate is a prime number. Such a method may further include determining the order of the Jacobian of the hyperelliptic curve, for example, where the order is an almost prime number. Various other methods, devices, systems, etc., are also disclosed, which may be optionally used for cryptography.11-26-2009
20090154693ENCRYPTION PROCESSING APPARATUS, ENCRYPTION METHOD, DECRYPTION PROCESSING APPARATUS, DECRYPTION METHOD AND DATA STRUCTURE - To allow encryption by setting conditions of decryption variously. Encrypted data obtained by encrypting subject data has header data 06-18-2009
20090147948Method for Elliptic Curve Point Multiplication - An elliptic curve multiplication method comprises three stages. In the first stage, randomly selected point representations are stored in variables. In the second stage, a right-to-left loop is executed that modifies the variable values in dependency of a multiplier. In the last stage, the result is calculated from the modified variable values.06-11-2009
20090207999DECRYPTION PROCESSING APPARATUS, SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT - In a decryption processing apparatus, a decompression processing unit performs a map to pieces of compressed data included in a compressed encrypted data, thereby obtaining the pieces of the encrypted data having each of the pieces of the compressed data decompressed, the decompression map being a process of inputting the compressed data and either the final output data or the auxiliary output data and being a process of outputting the encrypted data and the auxiliary output data, a decryption processing unit performs a decryption process to each of the pieces of encrypted data, using a secret key corresponding to the public key, thereby obtaining the plain data, and a control unit controls parallel execution of the decompression process and the decryption process, and controls the decryption process performed by the decryption processing unit to the encrypted data output by the decompression processing unit, based on the decryption procedure.08-20-2009
20090046852METHOD AND SYSTEM FOR GENERATING IMPLICIT CERTIFICATES AND APPLICATIONS TO IDENTITY-BASED ENCRYPTION (IBE) - The invention relates to a method of generating an implicit certificate and a method of generating a private key from a public key. The method involves a method generating an implicit certificate in three phases. The public key may be an entity's identity or derived from an entity's identify. Only the owner of the public key possesses complete information to generate the corresponding private key. No authority is required to nor able to generate an entity's private key.02-19-2009
20090274295Configurable Encryption/Decryption for Multiple Services Support - A system to transmit a set of programs from a transmitter to a receiver is used to accommodate different levels of security used for each program. When a high level of security is necessary for transmitting or receiving a program the transmitter and/or receiver is operable to accommodate that level of security. Thus, both transmitters and receivers are operable to be reconfigured to encrypt or decrypt, respectively, at different levels. Accordingly, differing amounts of programs can be transmitted or received based on the resource requirements needed at any level of security. Consequently, a high level of encryption/decryption requires more resources and allows the processing of fewer services, while a lower level of encryption/decryption allows more services to be transmitted/received.11-05-2009
20090296924KEY MANAGEMENT FOR COMMUNICATION NETWORKS - One embodiment of the present invention relates to a method for key management in a communications network. In this method, a public key authentication scheme is carried out between a security controller and a plurality of nodes to establish a plurality of node-to-security-controller (NSC) keys. The NSC keys are respectively associated with the plurality of nodes and are used for secure communication between the security controller and the respective nodes. Other methods and devices are also disclosed.12-03-2009
20110206200METHOD AND APPARATUS FOR APPLYING RECIPIENT CRITERIA IN IDENTITY-BASED ENCRYPTION - An approach is provided for reducing communication traffic and cost by applying recipient criteria in identity-based encryption. A recipient criterion application selects one or more recipient criteria for data, and encrypts the data using the selected one or more recipient criteria as a public key of identity-based encryption.08-25-2011
20090003594MODULUS SCALING FOR ELLIPTIC-CURVE CRYPTOGRAPHY - Modulus scaling applied a reduction techniques decreases time to perform modular arithmetic operations by avoiding shifting and multiplication operations. Modulus scaling may be applied to both integer and binary fields and the scaling multiplier factor is chosen based on a selected reduction technique for the modular arithmetic operation.01-01-2009
20090003593UNIFIED SYSTEM ARCHITECTURE FOR ELLIPTIC-CURVE CRYTPOGRAPHY - A system for performing public key encryption is provided. The system supports mathematical operations for a plurality of public key encryption algorithms such as Rivert, Shamir, Aldeman (RSA) and Diffie-Hellman key exchange (DH) and Elliptic Curve Cryptosystem (ECC). The system supports both prime fields and different composite binary fields.01-01-2009
20090034720METHOD OF COUNTERING SIDE-CHANNEL ATTACKS ON ELLIPTIC CURVE CRYPTOSYSTEM - A method of countering side-channel attacks on an elliptic curve cryptosystem (ECC) is provided. The method comprises extending a definition field of an elliptic curve of the ECC to an extension ring in a first field; generating a temporary ciphertext in the extension ring and countering attacks on the ECC; and generating a final ciphertext for the first field if a fault injection attack on the ECC is not detected. The countering of attacks on the ECC may comprise countering a power attack on the ECC. Checking if there is a fault injection attack on the ECC may be performed by determining if the temporary ciphertext satisfies a second elliptic curve equation. The fault detection algorithms takes place in a small subring of the extension ring, not in the original field, to minimize the computational overhead. The method can improve the stability of the ECC and reduce computational overhead of the ECC.02-05-2009
20080273695Method for elliptic curve scalar multiplication using parameterized projective coordinates - The method for elliptic curve scalar multiplication in an elliptic curve cryptosystem implemented over an insecure communications channel includes the steps of: (a) selecting positive integers L11-06-2008
20080279370METHODS AND APPARATUS FOR GENERATING A RANDOM NUMBER IN ONE OR MORE ISOLATED PROCESSORS - A system and method is disclosed which may include providing at least one processor with an integrally disposed random number generator (RNG) therein; entering a protected mode by said at least one processor; and generating a random number using said RNG in said at least one processor after entering said protected mode.11-13-2008
20080310625DIGITAL SIGNATURE ON A SMARTCARD - A digital signature scheme for a “smart” card utilizes a set of prestored signing elements and combines pairs of the elements to produce a new session pair. The combination of the elements is performed partly on the card and partly on the associated transaction device so that the exchange of information between card and device does not disclose the identity of the signing elements. The signing elements are selected in a deterministic but unpredictable manner so that each pair of elements is used once. Further signing pairs are generated by implementing the signing over an anomalous elliptic curve encryption scheme and applying a Frobenius Operator to the normal basis representation of one of the elements.12-18-2008
20090122980Cryptographic Method for Securely Implementing an Exponentiation, and an Associated Component - An asymmetrical cryptographic method applied to a message M includes a private operation of signing or decrypting the message M to obtain a signed or decrypted message s. The private operation is based on at least one modular exponentiation EM in the form EM=M05-14-2009
20090185680ENCRYPTION APPARATUS, DECRYPTION APPARATUS, KEY GENERATION APPARATUS, AND PROGRAM - An encryption apparatus includes a plaintext embedding unit that embeds a message m as a coefficient of a three-variable plaintext polynomial m(x,y,t), an identification polynomial generating unit that generates a three-variable identification polynomial f(x,y,t), a polynomial generating unit that randomly generates three-variable polynomials s07-23-2009
20090285389ELECTRONIC CERTIFICATION SYSTEM AND CONFIDENTIAL COMMUNICATION SYSTEM - A first apparatus as a requester is configured to encrypt random number data by using a public key of a second apparatus as a certificate issuer; to perform a calculation that multiples original data by the obtained encrypted random number data; and to deliver the obtained random number scrambled original data to the second apparatus. The second apparatus is configured to perform a calculation that multiples the random number scrambled original data by certified item data; to encrypt the obtained random number scrambled original data having the certified item, using a private key of the second apparatus; and to issue the obtained certificate data to one of the first apparatus and another apparatus that performs verification.11-19-2009
20080317245Hash function implemention with ROM and CSA - A hash unit for obtaining a hash value from hashing a set of parameters and a protocol parameter. The hash unit has a plurality of memory units for receiving the set of parameters and outputting a plurality of multiplication results, a first plurality of addition logics for receiving the plurality of multiplication results for outputting an addition result, and a second plurality of addition logics to generate the hash value wherein the hash value being equal to the addition result modulo a modulus constant.12-25-2008
20110142231Prime number generating device, prime number generating method, and computer readable storage medium - A prime number generating device is provided that includes a computation unit capable of performing at least addition and division on data of a predetermined number of bits or less; a prime number candidate data generating unit that generates prime number candidate data with a larger number of bits than the predetermined number of bits; a partitioned prime number candidate data generating unit that generates a plurality of partitioned prime number candidate data elements by partitioning the prime number candidate data; and a determination data generating unit that generates determination data for determining whether or not the prime number candidate expressed by the prime number candidate data is a composite number by using the computation unit to add together the respective plurality of partitioned prime number candidate data elements.06-16-2011
20130121486IDENTITY-BASED-ENCRYPTION MESSAGE MANAGEMENT SYSTEM - Systems and methods for managing email are provided. Some of the email may be encrypted using identity-based-encryption (IBE) techniques. When an incoming IBE-encrypted message for a recipient in an organization is received by a gateway at the organization, the gateway may request an IBE private key from an IBE private key generator. The IBE private key generator may generate the requested IBE private key for the gateway. The gateway may use an IBE decryption engine to decrypt the incoming message. The decrypted message can be scanned for viruses and spam and delivered to the recipient. Outgoing email messages can also be processed. If indicated by message attributes or information provided by a message sender, an outgoing message can be encrypted using an IBE encryption engine and the IBE public key of a desired recipient.05-16-2013
20100150342ENCRYPTION AND DECRYPTION OF RECORDS IN ACCORDANCE WITH GROUP ACCESS VECTORS - According to some embodiments, a system, method, means, and/or computer program code are provided to facilitate an appropriate access to secure information by a plurality of users categorized into a plurality of groups. For example, a group access vector may be determined for each of a plurality of records in a data report, each group access vector including a plurality of indicators that indicate if an associated group is authorized to access that record. It may then be arranged for an encryption key to be assigned to each unique group access vector associated with the data report. It may further be arranged for each record in the data report to be encrypted in accordance with the encryption key assigned to the group access vector of that record, the combined encrypted records comprising an encrypted data report.06-17-2010
20100166177METHOD FOR PROTECTING A CRYPTOGRAPHIC DEVICE AGAINST SPA, DPA AND TIME ATTACKS - A method is for operating a cryptographic device to reduce effects of power analysis and time attacks. The method may include executing a first set of cryptographic algorithm computations with a first crypto-processor of the cryptographic device. The first set of cryptographic algorithm computations may provide encryption of a first set of data to be protected with a first secret key stored in the cryptographic device. The method may further include executing a second set of cryptographic algorithm computations with a second crypto-processor of the cryptographic device for providing encryption of a second set of data different from the first set of data to be protected with a second different secret key.07-01-2010
20120140920RNA-BASED CRYPTOGRAPHIC SYSTEM AND METHOD - The RNS-based cryptographic system and method uses a symmetric residue number system (RNS) for encryption and decryption of messages, i.e., the sender and receiver agree upon a set of relatively prime numbers, referred to as the basis, whose product is an integer, and both the RNS and the integer are kept secret. To break the cipher, an attacker must factor the secret integer, which is unknown to the attacker, given only the upper bound of the unknown integer, a problem referred to as blind factorization of the unknown integer, which is a computationally hard problem. The method may be combined with a discrete logarithm problem, and the ciphertext may be padded with random values to hide the upper bound of the unknown integer. When the ciphertext requires multiple blocks, subsets of the basis and/or the random number padding may be used to prevent collision attacks.06-07-2012
20100226496ENCRYPTION APPARATUS, DECRYPTION APPARATUS, KEY GENERATION APPARATUS, AND STORAGE MEDIUM - A decryption apparatus includes a section assignment unit which assigns a section D to a plurality of encrypted texts F09-09-2010
20100177890Hash functions with elliptic polynomial hopping - The hash functions with elliptic polynomial hopping are based upon an elliptic polynomial discrete logarithm problem. Security using hash functions is dependent upon the implementation of a computationally hard problem, and the elliptic polynomial discrete logarithm problem provides enough relative difficulty in computation to ensure that the produced hash functions, as applied to message bit strings, are optimally secure. The hash functions are produced as functions of both the elliptic polynomial as well as the twist of the elliptic polynomial, particularly using a method of polynomial hopping.07-15-2010
20090041233CERTIFICATE-BASED ENCRYPTION AND PUBLIC KEY INFRASTRUCTURE - The present invention provides methods for sending a digital message from a sender to a recipient in a public-key based cryptosystem comprising an authorizer. The authorizer can be a single entity or comprise a hierarchical or distributed entity. The present invention allows communication of messages by an efficient protocol, not involving key status queries or key escrow, where a message recipient can decrypt a message from a message sender only if the recipient possesses up-to-date authority from the authorizer. The invention allows such communication in a system comprising a large number (e.g. millions) of users.02-12-2009
20130129084FINDING NEARBY USERS WITHOUT REVEALING OWN LOCATION - A first and second secure location indicators are electronically received at one or more servers from a first portable computing device and a second portable computing device, respectively, operating in a wireless communication network. Each of the secure location indicators is generated using the location of the corresponding portable computing device, and neither secure location indicator reveals the location of the corresponding portable computing device to the one or more servers. The first secure location indicator is compared to the second secure location indicator at the one or more servers and, in response to determining that the first secure location indicator is identical to the second secure location indicator, an indication of physical proximity of the second portable computing device is electronically transmitted to the first portable computing device.05-23-2013
20130136257DECRYPTION APPARATUS AND METHOD OF DECRYPTING CIPHERTEXT OF THE SAME - The method of decrypting a ciphertext includes: pre-storing a plurality of polynomial functions into which a secret key decrypting a ciphertext to a plaintext according to a public-key cryptography algorithm is broken down; receiving the ciphertext generated based on the secret key which is broken down into the plurality of polynomial functions from a ciphertext generating device; and decrypting the received ciphertext into the plaintext based on the pre-stored polynomial functions.05-30-2013
20100303230Secure Identity Binding (SIB) - A system includes a tag having a machine readable tag identifier (Tag ID) configured to be read by a reader; and a device to be identified by the tag, in which: the device is configured to communicate with the reader; the device has access to a secure Tag ID; and the device communicates a verification to the reader if the machine readable Tag ID communicated to the device from the reader matches the secure Tag ID. A method includes: reading a Tag ID from a tag attached to a device; communicating the Tag ID read from the tag to the device; comparing a secure Tag ID of the device to the Tag ID read from the tag; and responding with a “match” or “no-match” message from the device, according to which the device is either trusted or not trusted as being identified by the Tag ID. A method of verifying a trusted agent (TA) on a device includes: storing a digital signature of the TA in a secure vault of the device; and verifying the TA by verifying the digital signature of the TA each time the TA is used.12-02-2010
20110243320Efficient Homomorphic Encryption Scheme For Bilinear Forms - In one exemplary embodiment, a computer readable storage medium tangibly embodying a program of instructions executable by a machine for performing operations including: receiving information B to be encrypted as a ciphertext C in accordance with an encryption scheme having an encrypt function; and encrypting B in accordance with the encrypt function to obtain C, the scheme utilizes at least one public key A, where B, C, and A are matrices, the encrypt function receives as inputs A and B and outputs C as C→AS+pX+B (mod q), S is a random matrix, X is an error matrix, p is in integer, q is an odd prime number. In other exemplary embodiments, the encryption scheme includes a decrypt function that receives as inputs at least one private key T (a matrix) and C and outputs B as B=T10-06-2011
20110243321SCRAMBLING OF A CALCULATION PERFORMED ACCORDING TO AN RSA-CRT ALGORITHM - A method and a circuit for scrambling an RSA-CRT algorithm calculation by an electronic circuit, in which a result is obtained from two modular exponentiation calculations, each providing a partial result, and from a recombination step, and in which a first step adds a digital quantity to at least one first partial result before said recombination step; and a second step cancels the effects of this quantity after the recombination step.10-06-2011
20120243680INCORPORATING DATA INTO AN ECDSA SIGNATURE COMPONENT - During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported to be signed by the signer, a verifier can extract the particular information from the signature component.09-27-2012
20110085658System and Method for Comparison of Private Values - An embodiment includes a first system for computing a contribution to a greater-than comparison of a first private value and a second private value. The first system includes: an accessing unit configured to access the first private value; a processor unit configured to compute a first encrypted value by encrypting the first private value, compute a decrypted value by decrypting a third encrypted value, and compute a contribution to a result of the greater-than comparison by checking a relation between the decrypted value and a modulus value; and a communication unit configured to send the first encrypted value to a second system and to receive the third encrypted value.04-14-2011
20090214027PROTECTING AGAINST SECURITY ATTACK - A communication device having a private key and configured to implement an elliptic curve security mechanism for successful operation of which it: (a) receives a first value from another device, (b) computes a second value as the scalar multiplication of the first value with its private key and (c) returns that second value for use by the other device; the mechanism being such that the first value defines a pair of coordinates representing a first point and the second value defines a pair of coordinates representing a second point and being such that the first value is valid only if it lies on an elliptic curve of predefined form; the device being configured to implement the mechanism by the steps of: receiving data as the first value; making a first evaluation as to whether the first value is a singular point with respect to the elliptic curve; computing the second value as the scalar multiplication of the first value with the private key; making a second evaluation as to whether the second value lies on the elliptic curve; and returning the second value only if the first evaluation is false and the second evaluation is true.08-27-2009
20090323934Method for calculating compressed RSA moduli - A method for generating a compressed RSA modulus, allowing up to two thirds of the bits of a modulus N to be fixed. N has a predetermined portion N12-31-2009
20090323933Exponentiation method using multibase number representation - A method of scalar multiplication for use in elliptic curve-based cryptosystems (ECC) is provided. Scalars are represented using a generic multibase form combined with the non-adjacency property, which greatly reduces the nonzero density in the representation. The method allows for flexibly selecting an unrestricted number of bases and their weight in the representation according to the particular characteristics of a setting, in such a way that computing costs are minimized. A simple, memory-friendly conversion process from binary to multibase representation and an inexpensive methodology to protect the multibase scalar multiplication against simple-side channel attacks are also provided.12-31-2009
20090323935PSEUDO PUBLIC KEY ENCRYPTION - According to the present invention, a secret key cryptosystem and tamper-proof hardware are used to realize a pseudo-public key cryptosystem at a low cost. A trap-door one-way function is substantially realized with the use of tamper-proof hardware. Each user performs communication using equipment provided with hardware having the same capabilities described below. Such hardware retains association between an ID and a key. In response to a request from a user, the hardware issues and stores an ID, and it can perform decryption and generation of a MAC (message authentication code) with a key associated with the ID. A user publishes his ID. When performing encryption, a message sender encrypts a message using the published ID. A third person can perform decryption with the ID only by analyzing the mechanism in the hardware. However, the hardware has a capability of destroying itself when such an act is attempted.12-31-2009
20120201375Processing Non-Editable Fields in Web Pages - A method of processing non-editable fields in a web page is provided herein. The method includes receiving a request comprising a submitted form of the web page. The request may include a target field value generated by a web server. The target field value may be non-editable on the web page. The method further includes determining that the web page comprises a hidden key associated with the target field value. Additionally, the method includes encrypting the target field value using an encryption key and a one-way encryption algorithm. The method also includes determining that the encrypted target field value matches the hidden key. Further, the method includes persisting the target field value.08-09-2012
20090022311METHOD OF COMPRESSING A CRYPTOGRAPHIC VALUE - A method of compressing a cryptographic value. The method comprising the steps of: (a) selecting a secret value; (b) performing a cryptographic operation on the secret value to generate the cryptographic value; (c) determining whether the cryptographic value satisfies the pre-determined criteria; and (d) repeating the sequence of steps starting at step (a) until the cryptographic value satisfies the pre-determined criteria.01-22-2009
20080205638Method for elliptic curve scalar multiplication - The method for elliptic curve scalar multiplication is a method for fast, efficient multiplication of a point on an elliptic curve by a scalar. Two different parameters are used to assign separate projective coordinates to the x-coordinate and the y-coordinate. The x- and y-coordinates are projected by Z08-28-2008
20080205639Method for securely encrypting or decrypting a message - A method for securely encrypting or decrypting a message or for generating or verifying a digital signature in a message, in which the message is subjected, with the aid of a processor, to a mathematical operation using a key (k) which can be represented in the form of a binary number with a sequence of bits, and computational operations are sequentially carried out on auxiliary variables for each bit. The dependence of the computational result on the values of individual bits is taken into account by reading the memory addresses from the auxiliary variables and assigning them to address variables. The difference between the addresses is calculated and, depending on the respective current bit, is added to, or subtracted from, the computer addresses. The assignment of the auxiliary variables to the address variables can thus be interchanged. As a result, the order and selection of the computational operations is controlled on the basis of bits without the program sequence having to contain jump instructions.08-28-2008
20110164746MAINTAINING PRIVACY DURING USER PROFILING - Systems, methods, and computer storage media having computer-executable instructions embodied thereon that maintain privacy during user profiling are provided. A profiling service receives, from a first device, rules for profiling a user. The rules were encrypted using a private key. The profiling service also receives, from a second device, user data. The user data was encrypted using a public key communicated to the second device by the first device. The profiling service then matches the encrypted rules with the encrypted user data, and based on the matching, generates a profile for the user. In embodiments, such a user profile can be utilized to deliver personalized digital content to a user.07-07-2011
20100183147ASYMMETRICAL METHOD OF ENCRYPTION OR SIGNATURE VERIFICATION - The invention proposes a method and a device for decrypting an encrypted message represented by a sequence C or applying an electronic signature to a sequence C, said sequence C consisting of data belonging to a finite field K=GF(q), where q>1, in which there are processed successive blocks each comprising (n·d) successive data items from the sequence C, where n and d are predetermined integers greater than 1, the processing of such a block including the following steps: applying a predetermined affine invertible transformation t07-22-2010
20080219438Method and Apparatus for Generating a Public Key in a Manner That Counters Power Analysis Attacks - A public key for an Elliptic Curve Cryptosystem is generated in a manner that acts as a countermeasure to power analysis attacks. In particular, a known scalar multiplication method is enhanced by, in one aspect, performing a right shift on the private key. The fixed-sequence window method includes creation and handling of a translated private key. Conveniently, as a result of the right shift, the handling of the translated private key is made easier and more efficient.09-11-2008
20080219437Method and Apparatus for Performing Elliptic Curve Scalar Multiplication in a Manner that Counters Power Analysis Attacks - When multiplicative splitting is used to hide a scalar in an Elliptic Curve scalar Multiplication ECSM operation, the associated modular division operation employs the known Almost Montgomery Inversion algorithm. By including dummy operations in some of the branches of the main iteration loop of the Almost Montgomery Inversion algorithm, all branches of the algorithm may be viewed, from the perspective of a Power Analysis-based attack, as equivalent and, accordingly, devoid of information useful in determining the value of the scalar, which may be a cryptographic private key.09-11-2008
20080219436METHOD AND APPARATUS FOR PROVIDING A DIGITAL RIGHTS MANAGEMENT ENGINE - A method receives a set of data. Further, the method receives a traffic key. In addition, the method determines a traffic protection group for the set of data. The method also encrypts the set of data according to the traffic key to generate an encrypted set of data. Finally, the method provides the encrypted set of data through a network to a device.09-11-2008
20120121084PUBLIC KEY ENCRYPTION SYSTEM USING ERROR CORRECTING CODES - This invention provides improved security and improved throughput of the McEliece public key encryption system and reduces the public key size. Even though the public key is reduced, in some embodiments of the invention the ensemble of cryptograms produced is identical to the ensemble of cryptograms produced by the original system for a given Goppa code, and the same private key. It is possible using this invention that the encrypted message, the cryptogram is a truly random function, not a pseudo random function of the message so that even with the same message and the same public key, a different, unpredictable cryptogram is produced each time. Other embodiments of the invention use a shortened error correcting code allowing the length of the generated cryptogram to match exactly the available transmission or storage media such as is the case of RFID and packet based radio applications.05-17-2012
20130010950Public-Key Encrypted Bloom Filters With Applications To Private Set Intersection - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for retrieving, from computer-readable memory, a set, the set including a plurality of elements, adding, using a computing device, elements of the set to a Bloom filter, the Bloom filter including a plurality of bits, and encrypting, using the computing device, each bit of the plurality of bits of the Bloom filter to provide an encrypted Bloom filter, encrypting being achieved using homomorphic, public key encryption. Implementations are further directed to performing operations on the encrypted Bloom filter, and performing private set intersection (PSI) using the encrypted Bloom filter.01-10-2013
20120207299DATA PROCESSING DEVICE - A certification device 08-16-2012
20090285387Symmetric encryption/decryption method of variable length and application thereof - A symmetric encryption/decryption method of variable length and an application of using the method are disclosed. The method is established in a computational structure of diffusion algebra and includes a plaintext (M) and a private key (P). The length of a private key represents a cycle (T), and the cycle is a product of an encryption cycle (Te) and a decryption cycle (Td). The plaintext is encrypted by M11-19-2009
20120057696MULTI-KEY CRYPTOGRAPHY FOR ENCRYPTING FILE SYSTEM ACCELERATION - Embodiments of methods and systems for encrypting and decrypting with encryption attributes are presented. An encryption attribute contains information to identify one or more segments of a file to be encrypted. An encryption process encrypts those one or more segments to generate a partly encrypted file instead of encrypting the entire file. That is, the file includes some data that are encrypted and some data that are not. In one embodiment, at least three encryption keys are used such that the encryption attribute is encrypted with using a third key.03-08-2012
20090136025Method for scalarly multiplying points on an elliptic curve - A method performs scalar multiplication of points on an elliptic curve by a finite expandable field K of a first field F05-28-2009
20100226495Digital readout method and apparatus - A digital focal plane array includes an all-digital readout integrated circuit in combination with a detector array. The readout circuit includes unit cell electronics, orthogonal transfer structures, and data handling structures. The unit cell electronics include an analog to digital converter. Orthogonal transfer structures enable the orthogonal transfer of data among the unit cells. Data handling structures may be configured to operate the digital focal plane array as a data encryptor/decipherer. Data encrypted and deciphered by the digital focal plane array need not be image data.09-09-2010
20090110190FAST SECURE BOOT IMPLEMENTATION - A method for data storage includes employing a first CPU to execute code from a ROM associated therewith. A second CPU is employed to upload code from a flash memory to a code RAM associated with the first CPU, while the first CPU is available to perform other tasks.04-30-2009
20100172495SEMIOTIC SYSTEM AND METHOD WITH PRIVACY PROTECTION - A method of processing semiotic data includes receiving semiotic data including at least one data set P, selecting a function h, and for at least one of each data set P to be collected, computing h(P), destroying data set P, and storing h(P) in a database, wherein data set P cannot be extracted from h(P). The method further includes selecting a private key/public key (K, k) once for all cases, one of destroying the private key K and sending the private key K to a trusted party, and choosing function h as the public encryption function corresponding to k.07-08-2010
20100091984SECURE LOGICAL VECTOR CLOCKS - Embodiments include a system for processing logical clock values according to a secure maximum operation. The system may include a communication unit and a processing unit. The communication unit may be configured to receive an encrypted first value of a logical clock, send an encrypted blinded difference, receive an encrypted blinded maximum value, and receive a maximum value. The processing unit may be configured to access an encrypted second value of the logical clock, generate the encrypted blinded difference between the first value and the second value, provide an encrypted blinded first value and an encrypted blinded second value in an oblivious transfer protocol, and generate an encrypted maximum value from the encrypted blinded maximum value.04-15-2010
20100091983METHOD AND A DEVICE FOR GENERATING COMPRESSED RSA MODULI - Method and device for generating factors of a RSA modulus N with a predetermined portion N04-15-2010
20120163589SYSTEM AND METHOD FOR IMPLEMENTING A TRUSTED DYNAMIC LAUNCH AND TRUSTED PLATFORM MODULE (TPM) USING SECURE ENCLAVES - An apparatus and method are described for implementing a trusted dynamic launch and trusted platform module (TPM) using a secure enclave. For example, a computer-implemented method according to one embodiment of the invention comprises: initializing a secure enclave in response to a first command, the secure enclave comprising a trusted software execution environment which prevents software executing outside the enclave from having access to software and data inside the enclave; and executing a trusted platform module (TPM) from within the secure enclave, the trusted platform module securely reading data from a set of platform control registers (PCR) in a processor or chipset component into a memory region allocated to the secure enclave.06-28-2012
20100208887Method and device for countering faul attacks - The public exponent e of an RSA key is embedded in a RSA key object that lacks this exponent. During exponentiation, the public exponent e may be extracted and used to verify that the result of the exponentiation is correct. The result is output only if this is the case. The invention counters fault-attacks. Also provided are an apparatus and a computer program product.08-19-2010
20110182422DOCUMENT AUTHENTICATION DATA EMBEDDING METHOD AND APPARATUS - A method of embedding authentication data in an electronic document image is described. Data related to an item of information on an image of at least one page in the electronic document is acquired. The image is decomposed into a hierarchy of images having a top level and one Or more lower levels each having a higher level parent, each lower level image defining a smaller region of the corresponding higher level parent image, the top level image defining a region that covers the item of information. A first secure identifier of at least the top level image is computed and arranged in a first data arrangement. A second secure identifier of the data related to the item of information is computed and arranged in a second data arrangement with the data related to the item of information. The first and second data arrangements are embedded in the electronic document.07-28-2011
20100272253INFORMATION PROCESSING DEVICE, OPERATION VERIFYING METHOD, AND PROGRAM - An information processing device includes a scalar multiplication operating unit calculating, based on a point P on an elliptic curve E defined on a predetermined defined field, a point Q=s·P by scalar-multiplying the point P and an operation verifying unit verifying whether an equation (P+Q)+G=P+(Q+G) holds by using the point P on the elliptic curve E, the point Q=s·P calculated by the scalar multiplication operating unit, and an arbitrary point G on the elliptic curve E.10-28-2010
20090003596EFFICIENT ELLIPTIC-CURVE CRYPTOGRAPHY BASED ON PRIMALITY OF THE ORDER OF THE ECC-GROUP - Time to perform scalar point multiplication used for ECC is reduced by minimizing the number of shifting operations. These operations are minimized by applying modulus scaling by performing selective comparisons of points at intermediate computations based on primality of the order of an ECC group.01-01-2009
20130170640Fully Homomorphic Encryption - In one exemplary embodiment of the invention, a method and computer program include: receiving first and second ciphertexts having first and second data encrypted per an encryption scheme, the encryption scheme has public/secret keys and encryption, decryption, operation and refresh functions, the encryption function encrypts data, the decryption decrypts ciphertext, the operation receives ciphertexts and performs operation(s) on them, the refresh operates to prevent growth of the magnitude of noise for a ciphertext while reducing the modulus of the ciphertext without using the secret key, utilizing a modulus switching technique that involves transforming a first ciphertext c modulo q into a second ciphertext c′ modulo p while preserving correctness, the technique includes scaling by p/q and rounding, p07-04-2013
20100189253PRIVACY-ENHANCED E-PASSPORT AUTHENTICATION PROTOCOL - A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.07-29-2010
20090052660Method For Encrypting And Decrypting Instant Messaging Data - This invention provides a method for encrypting and decrypting Instant Messaging data. A client encrypts Instant Messaging data using a data encryption key and transmits the data encryption key to a server; the server encrypts the data encryption key using a uniform server key and transmits the encrypted data encryption key to the client. When the server needs to assist with decryption, the client transmits to the server a data encryption key encrypted using a uniform server key; the server acquires the data encryption key and transmits it to the client; the client decrypts Instant Messaging data locally stored using the data encryption key. By embodiments of this invention, server doesn't need to store one key for encrypting and decrypting data encryption key for each client, only needs to store a uniform server key, thereby saving storage spaces of server, and reducing the burden of server performing encrypting and decrypting.02-26-2009
20100232603DECRYPTION PROCESSOR AND DECRYPTION PROCESSING METHOD - A decryption processor for calculating a plaintext through decryption of a ciphertext c includes, a first part that calculates m′09-16-2010
20130016831Method and Apparatus For Computing A Shared Secret Key - A method of generating a key by a first correspondent. The key is computable by a second correspondent by a second correspondent. The method comprising the steps of: 01-17-2013
20110158401SYSTEM AND METHOD FOR SIGNING ELECTRONIC DOCUMENT - A method for signing an electronic document includes receiving a digital signature request of an electronic document from a client computer, the digital signature request comprising the electronic document and an identifier of the electronic document, sending the electronic document to a corresponding application server determined by the identifier of the electronic device. The method further includes receiving a signed value from the client computer, sending the signed value to the corresponding application server to generate a digitally-singed electronic document by merging the signed value and the electronic document.06-30-2011
20080253562Handshake procedure - The invention discloses a solution for establishing by a handshake procedure a group temporal key for group communication. The group temporal key is established by a group procedure and is a group-specific temporal key.10-16-2008
20080226065Method for secure communication between a secure hardware device and a computer and apparatus for changing a shared secret for generating a session key for a secure communication between a secure hardware device and a computer - There is provided a method for secure communication between a secure hardware device connected to a computer and said computer,09-18-2008
20080226064CHINESE REMAINDER THEOREM - BASED COMPUTATION METHOD FOR CRYPTOSYSTEMS - A computer hardware implemented cryptography method computes a modular exponentiation, M:=C09-18-2008
20130177151Attack-Resistant Multivariate Signature Scheme - A cryptographic method, apparatus, and system, including selecting a first multivariate polynomial mapping, which includes first multivariate polynomial equations over first variables in a finite field, defining a second multivariate polynomial mapping, which includes at least some of the first multivariate polynomial equations and further includes second multivariate polynomial equations over the first variables together with second variables in the finite field, generating a public key based on the second multivariate polynomial mapping, and digitally signing a message, using a processor, with a digital signature that is verifiable using the public key and is generated by solving the first multivariate polynomial mapping to find respective first values of the first variables, solving a set of linear equations using the first values to find respective second values of the second variables, and applying a transform to the first and second values so as to generate a vector corresponding to the digital signature, wherein the second values are chosen so that a predefined group of elements of the vector will be zero. Related methods, apparatus, and systems are also described.07-11-2013
20110274271COUNTERMEASURE METHOD AND DEVICES FOR ASYMMETRIC ENCRYPTION - A countermeasure method in an electronic component implementing an asymmetric private key encryption algorithm includes generating a protection parameter, calculating, using a primitive, an intermediate data from the protection parameter, dividing the binary representation of the private key into several binary blocks, transforming each binary block using the protection parameter and, for each transformed binary block, performing an intermediate calculation using the primitive, and calculating an output data by combining the intermediate data with the intermediate calculations.11-10-2011
20090003595SCALE-INVARIANT BARRETT REDUCTION FOR ELLIPTIC-CURVE CYRPTOGRAPHY - The computation time to perform scalar point multiplication in an Elliptic Curve Group is reduced by modifying the Barrett Reduction technique. Computations are performed using an N-bit scaled modulus based a modulus m having k-bits to provide a scaled result, with N being greater than k. The N-bit scaled result is reduced to a k-bit result using a pre-computed N-bit scaled reduction parameter in an optimal manner avoiding shifting/aligning operations for any arbitrary values of k, N.01-01-2009
20080199003Method and Apparatus for Facilitating Secure Distributed Content Delivery - One embodiment of the present invention provides a system that facilitates receiving content from a primary peer and forwarding it to a secondary peer, wherein blocks of the content are sent to the secondary peer prior to all of the blocks of the content being received from the primary peer. The system starts by receiving an encrypted list of checksums from a server, wherein each checksum in the list is associated with a corresponding block of the content. Next, the system decrypts the encrypted list of checksums to form a list of decrypted checksums. The system then receives a block of the content from the primary peer and calculates a checksum for the block of the content. The system subsequently compares the calculated checksum with a corresponding checksum from the list of decrypted checksums received from the server. If the calculated checksum matches the corresponding checksum, the system sends the block of the content to the secondary peer.08-21-2008
20110235799METHOD AND APPARATUS FOR QUERYING CONTENT PROTECTED BY IDENTITY-BASED ENCRYPTION - An approach is provided for reducing communication traffic/cost and protecting content by applying recipient criteria in identity-based encryption. A criterion application of a querier causes, at least in part, transmission of a query associated with a first user described according to a first set of criteria. Based on the query, the criterion application of the querier receives one or more second sets of criteria associated with respective second users, wherein the second sets of criteria are matched, at least in part, to the first set of criteria, and wherein at least one of the second sets of criteria is used as a public key for encrypting data according to an identity-based encryption scheme. A criterion application of an information store receives the query associated with the first user, and matches one or more second sets of criteria with all or part of the first set of criteria.09-29-2011
20130094649PUBLIC KEY CRYPTOSYSTEM BASED ON GOPPA CODES AND PUF BASED RANDOM GENERATION - This invention provides improved security of the McEliece Public Key encryption system adding features which make full use of random number generation for given message and cryptogram parameters, using this invention the encrypted message (i.e. the cryptogram) is a truly random function, not a pseudo random function of the message so that even with the same message and the same public key, a different, unpredictable cryptogram is produced each time. With the knowledge of the private key, the random function may be determined from the cryptogram and the message decrypted. Different embodiments of the invention are described which enable the level of security to be traded-off against cryptogram size and complexity. A number of different applications are given.04-18-2013

Patent applications in class Public key