# Nevine Maurice Nassif Ebeid, Kitchener CA

## Nevine Maurice Nassif Ebeid, Kitchener CA

Patent application number | Description | Published |
---|---|---|

20080219437 | Method and Apparatus for Performing Elliptic Curve Scalar Multiplication in a Manner that Counters Power Analysis Attacks - When multiplicative splitting is used to hide a scalar in an Elliptic Curve scalar Multiplication ECSM operation, the associated modular division operation employs the known Almost Montgomery Inversion algorithm. By including dummy operations in some of the branches of the main iteration loop of the Almost Montgomery Inversion algorithm, all branches of the algorithm may be viewed, from the perspective of a Power Analysis-based attack, as equivalent and, accordingly, devoid of information useful in determining the value of the scalar, which may be a cryptographic private key. | 09-11-2008 |

20080219438 | Method and Apparatus for Generating a Public Key in a Manner That Counters Power Analysis Attacks - A public key for an Elliptic Curve Cryptosystem is generated in a manner that acts as a countermeasure to power analysis attacks. In particular, a known scalar multiplication method is enhanced by, in one aspect, performing a right shift on the private key. The fixed-sequence window method includes creation and handling of a translated private key. Conveniently, as a result of the right shift, the handling of the translated private key is made easier and more efficient. | 09-11-2008 |

20080219450 | Methods And Apparatus For Performing An Elliptic Curve Scalar Multiplication Operation Using Splitting - For an Elliptic Curve Scalar Multiplication (ECSM) operation to be performed on a scalar and a base point, a given previous set of parameters that was used to split the scalar for a previous ECSM operation and a selected random integer are used to determine a new set of parameters for splitting the scalar. By basing the new set of parameters on the previous set of parameters, repeated use of the scalar to determine key-splitting parameters is avoided and susceptibility to a Differential Power Analysis Side Channel attack is minimized. | 09-11-2008 |

20080273694 | Combining Interleaving with Fixed-Sequence Windowing in an Elliptic Curve Scalar Multiplication - An Elliptic Curve scalar multiplication product involving a scalar and a base point is determined in a manner that acts as a countermeasure to side channel attacks. A key splitting strategy called Additive Splitting Using Division involves selecting a random integer and determining an integer quotient and a remainder by dividing the scalar by the random integer. The product may then be expressed as a sum of scalar multiplications, which may be evaluated using a combination of a fixed-sequence window method with the known Interleaving method. When the integer quotient and remainder are odd, major collisions may be avoided when determining the product. Accordingly, the random integer that determines whether the integer quotient and remainder are odd may be subject to some control. | 11-06-2008 |

20080275932 | Integer Division In A Manner That Counters A Power Analysis Attack - In the course of performing an Elliptic Curve Scalar Multiplication operation by Additive Splitting Using Division, a main loop of an integer division operation may be performed. The integer division has a dividend and a divisor. By storing both the divisor and the negative value of the divisor, susceptibility to a Simple Power Analysis Side Channel attack is minimized. A carry bit from a previous iteration of the main loop determines which of the divisor or the negative of the divisor to use. The order of an addition operation and a shift left operations in the main loop is interchanged compared to a known integer division method and there are no negation operations in the main loop. | 11-06-2008 |

20080301458 | Power Analysis Attack Countermeasure for the ECDSA - Execution of the Elliptic Curve Digital Signature Algorithm (ECDSA) requires determination of a signature, which determination involves arithmetic operations. Some of the arithmetic operations employ a long term cryptographic key. It is the execution of these arithmetic operations that can make the execution of the ECDSA vulnerable to a power analysis attack. In particular, an attacker using a power analysis attack may determine the long term cryptographic key. By modifying the sequence of operations involved in the determination of the signature and the inputs to those operations, power analysis attacks may no longer be applied to determine the long term cryptographic key. | 12-04-2008 |

20080301459 | Power Analysis Countermeasure for the ECMQV Key Agreement Algorithm - Execution of the ECMQV key agreement algorithm requires determination of an implicit signature, which determination involves arithmetic operations. Some of the arithmetic operations employ a long-term cryptographic key. It is the execution of these arithmetic operations that can make the execution of the ECMQV key agreement algorithm vulnerable to a power analysis attack. In particular, an attacker using a power analysis attack may determine the long-term cryptographic key. By modifying the sequence of operations involved in the determination of the implicit signature and the inputs to those operations, power analysis attacks may no longer be applied to determine the long-term cryptographic key. | 12-04-2008 |

20090112962 | MODULAR SQUARING IN BINARY FIELD ARITHMETIC - After squaring an element of a binary field, the squaring result may be reduced modulo the field-defining polynomial g bits at a time. To this end, a lookup table may be employed, where the lookup table stores entries corresponding to reducing g-bit-long polynomials modulo the field-defining polynomial. Such a reducing strategy may be shown to be more efficient than a bit-by-bit reducing strategy. | 04-30-2009 |

20090157788 | MODULAR SQUARING IN BINARY FIELD ARITHMETIC - After squaring an element of a binary field, the squaring result may be reduced modulo the field-defining polynomial g bits at a time. To this end, a lookup table may be employed, where the lookup table stores entries corresponding to reducing g-bit-long polynomials modulo the field-defining polynomial. Such a reducing strategy may be shown to be more efficient than a bit-by-bit reducing strategy. | 06-18-2009 |

20100223478 | SYSTEM AND METHOD FOR PERFORMING EXPONENTIATION IN A CRYPTOGRAPHIC SYSTEM - There are disclosed systems and methods for computing an exponentiatied message. In one embodiment blinding is maintained during the application of a Chinese Remainder Theorem (CRT) algorithm and then removed subsequent to the completion of the CRT algorithm. In another embodiment, fault injection attacks, such as the gcd attack, can be inhibited by applying and retaining blinding during the application of the CRT algorithm to yield a blinded exponentiation value, and then subsequently removing the blinding in a manner that causes an error injected into the CRT computation to cascade into the exponent of the value used to unblind the blinded exponentiated value. | 09-02-2010 |

20110314292 | POWER ANALYSIS ATTACK COUNTERMEASURE FOR THE ECDSA - Execution of the Elliptic Curve Digital Signature Algorithm (ECDSA) requires determination of a signature, which determination involves arithmetic operations. Some of the arithmetic operations employ a long term cryptographic key. It is the execution of these arithmetic operations that can make the execution of the ECDSA vulnerable to a power analysis attack. In particular, an attacker using a power analysis attack may determine the long term cryptographic key. By modifying the sequence of operations involved in the determination of the signature and the inputs to those operations, power analysis attacks may no longer be applied to determine the long term cryptographic key. | 12-22-2011 |

20120033808 | Method and Apparatus for Generating a Public Key in a Manner That Counters Power Analysis Attacks - A public key for an Elliptic Curve Cryptosystem is generated in a manner that acts as a countermeasure to power analysis attacks. In particular, a known scalar multiplication method is enhanced by, in one aspect, performing a right shift on the private key. The fixed-sequence window method includes creation and handling of a translated private key. Conveniently, as a result of the right shift, the handling of the translated private key is made easier and more efficient. | 02-09-2012 |

20120114117 | Methods And Apparatus For Performing An Elliptic Curve Scalar Multiplication Operation Using Splitting - For an Elliptic Curve Scalar Multiplication (ECSM) operation to be performed on a scalar and a base point, a given previous set of parameters that was used to split the scalar for a previous ECSM operation and a selected random integer are used to determine a new set of parameters for splitting the scalar. By basing the new set of parameters on the previous set of parameters, repeated use of the scalar to determine key-splitting parameters is avoided and susceptibility to a Differential Power Analysis Side Channel attack is minimized. | 05-10-2012 |

20120254620 | Power Analysis Countermeasure for the ECMQV Key Agreement Algorithm - Execution of the ECMQV key agreement algorithm requires determination of an implicit signature, which determination involves arithmetic operations. Some of the arithmetic operations employ a long-term cryptographic key. It is the execution of these arithmetic operations that can make the execution of the ECMQV key agreement algorithm vulnerable to a power analysis attack. In particular, an attacker using a power analysis attack may determine the long-term cryptographic key. By modifying the sequence of operations involved in the determination of the implicit signature and the inputs to those operations, power analysis attacks may no longer be applied to determine the long-term cryptographic key. | 10-04-2012 |

20120257742 | Efficient Implementation of Hash Algorithm on a Processor - An efficient implementation of SHA-512, and similarly SHA-384, on an ARM processor. The implementation maximizes reuse of the register values between iterations so as to minimize the need to load these values from memory. This is achieved by categorizing the iterations into even and odd ones such that the sequence of computation in the even iteration is reversed in the odd iteration and the register values at the end of one iteration are consumed at the beginning of the following one. | 10-11-2012 |

20120275594 | Method and Apparatus for Performing Elliptic Curve Scalar Multiplication in a Manner that Counters Power Analysis Attacks - When multiplicative splitting is used to hide a scalar in an Elliptic Curve scalar Multiplication ECSM operation, the associated modular division operation employs the known Almost Montgomery Inversion algorithm. By including dummy operations in some of the branches of the main iteration loop of the Almost Montgomery Inversion algorithm, all branches of the algorithm may be viewed, from the perspective of a Power Analysis-based attack, as equivalent and, accordingly, devoid of information useful in determining the value of the scalar, which may be a cryptographic private key. | 11-01-2012 |

20130016830 | POWER ANALYSIS ATTACK COUNTERMEASURE FOR THE ECDSA - Execution of the Elliptic Curve Digital Signature Algorithm (ECDSA) requires determination of a signature, which determination involves arithmetic operations. Some of the arithmetic operations employ a long term cryptographic key. It is the execution of these arithmetic operations that can make the execution of the ECDSA vulnerable to a power analysis attack. In particular, an attacker using a power analysis attack may determine the long term cryptographic key. By modifying the sequence of operations involved in the determination of the signature and the inputs to those operations, power analysis attacks may no longer be applied to determine the long term cryptographic key. | 01-17-2013 |

20140004824 | KEY AGREEMENT FOR WIRELESS COMMUNICATION | 01-02-2014 |

20140006786 | KEY AGREEMENT USING A KEY DERIVATION KEY | 01-02-2014 |

20140152417 | ANTENNA SHIELD FOR PROXIMITY-BASED COMMUNICATION DEVICES - A shielding article is provided, for shielding a device enabled for proximity-based communications, for example, NFC-enabled devices. The shielding article comprises a shielding component configured to prevent operation of an antenna of the device used for conducting proximity-based communications, without preventing operation of at least one other antenna of the device when the shielding component is aligned with the antenna used for conducting proximity-based communications. The shielding article may be separate from, or included in an accessory or carrying article and may be fixed or detachably coupled thereto. | 06-05-2014 |