# Robert J. Lambert

## Robert J. Lambert, Mississauga CA

Patent application number | Description | Published |
---|---|---|

20110093718 | HYBRID SIGNATURE SCHEME - A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion. If the required redundancy is present the signature is accepted and the message reconstructed from the recovered bit string and the visible portion. | 04-21-2011 |

20120233469 | HYBRID SIGNATURE SCHEME - A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. | 09-13-2012 |

## Robert J. Lambert, Cambridge CA

Patent application number | Description | Published |
---|---|---|

20090077144 | METHOD AND APPARATUS FOR PERFORMING FINITE FIELD CALCULATIONS - In general terms, the invention provides a finite field engine and methods for operating on elements in a finite field. The finite field engine provides finite field sub-engines suitable for any finite field size requiring a fixed number of machine words. The engine reuses these engines, along with some general purpose component or specific component providing modular reduction associated with the exact reduction (polynomial or prime) of a specific finite field. The engine has wordsized suitable code capable of adding, subtracting, multiplying, squaring, or inverting finite field elements, as long as the elements are representable in no more than the given number of words. The wordsized code produces unreduced values. Specific reduction is then applied to the unreduced value, as is suitable for the specific finite field. In this way, fast engines can be produced for many specific finite fields, without duplicating the bulk of the engine instructions (program). | 03-19-2009 |

20090113252 | FAULT DETECTION IN EXPONENTIATION AND POINT MULTIPLICATION OPERATIONS USING A MONTGOMERY LADDER - A system and method are provided enabling implicit redundancies such as constant differences and points that should be on the same curve, to be checked at the beginning, end and intermittently throughout the computation to thwart fault injection attacks. This can be implemented by checking the constant difference in point pairs during point multiplication, by checking constant scalings in exponentiation pairs, and by checking that any intermediate point is on the curve and/or in the correct subgroup of the curve. | 04-30-2009 |

20090262930 | METHOD FOR STRENGTHENING THE IMPLEMENTATION OF ECDSA AGAINST POWER ANALYSIS - A method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. Each of the plurality of parts is combined with the random value to derive a plurality of new values such that the new values when combined are equivalent to the secret value. Each of the new values is used in the cryptographic operation, thereby using the secret generator in place of the generator G in the cryptographic operation. The introduction of randomness facilitates the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks. | 10-22-2009 |

20090268900 | SIGNED MONTGOMERY ARITHMETIC - A system and method configured for applying Montgomery style reduction directly to negative quantities as well as positive values, producing the new form which does not require conditional operations to move values into the positive range. The low-order components of the resulting product, or partially completed product, can be reduced either by the addition of multiples of the modulus, as is usual in the standard Montgomery multiplication which accepts positive values, or by subtracting multiples of the modulus, which of course depends on the actual computation. Signed versions of the Montgomery values in a Montgomery computation are used to avoid the conditional addition and subtraction that can leak information, for example, using a two's complement representation. | 10-29-2009 |

20090323944 | METHOD OF PUBLIC KEY GENERATION - A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated. | 12-31-2009 |

20100278334 | METHOD AND APPARATUS FOR MINIMIZING DIFFERENTIAL POWER ATTACKS ON PROCESSORS - A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation. | 11-04-2010 |

20110268270 | Method of Public Key Generation - A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated. | 11-03-2011 |

20120230494 | Accelerated Verification of Digital Signatures and Public Keys - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained. | 09-13-2012 |

20130064367 | ACCELERATED VERIFICATION OF DIGITAL SIGNATURES AND PUBLIC KEYS - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained. | 03-14-2013 |

20130073867 | METHOD FOR STRENGTHENING THE IMPLEMENTATION OF ECDSA AGAINST POWER ANALYSIS - A method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. Each of the plurality of parts is combined with the random value to derive a plurality of new values such that the new values when combined are equivalent to the secret value. Each of the new values is used in the cryptographic operation, thereby using the secret generator in place of the generator G in the cryptographic operation. The introduction of randomness facilitates the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks. | 03-21-2013 |

20130101112 | METHOD AND APPARATUS FOR MINIMIZING DIFFERENTIAL POWER ATTACKS ON PROCESSORS - A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation. | 04-25-2013 |

## Robert J. Lambert, Lucan IE

Patent application number | Description | Published |
---|---|---|

20090050649 | Nozzle assembly incorporating a molded flow through brush application and a reusable break-off cap, a container having a nozzle assembly and packaging therefor - A nozzle assembly ( | 02-26-2009 |

## Robert J. Lambert, Waterloo CA

Patent application number | Description | Published |
---|---|---|

20140082367 | VERIFYING PASSWORDS ON A MOBILE DEVICE - Methods, systems, and computer programs for verifying a password are disclosed. For example, the password can be verified on a mobile device to control user access to the mobile device. In some implementations, a mobile device includes a user interface, a main processor, and a co-processor. The user interface receives a submitted password value from a user. The main processor calls the co-processor to provide a hash chain input value based on the submitted password value. The main processor evaluates a hash chain based on the hash chain input value provided by the co-processor. Evaluating the hash chain generates a submitted password verification value. The submitted password verification value is compared to a stored password verification value stored on the mobile device. Access to mobile device functionality may be permitted or denied based on a result of the comparison. | 03-20-2014 |

## Robert J. Lambert, Dublin IE

Patent application number | Description | Published |
---|---|---|

20130174981 | CYANOACRYLATE ADHESIVE WITH IMPROVED WATER RESISTANCE - The present invention relates generally to cyanoacrylate adhesives and, more particularly, to a one-part adhesive, comprising one or more 2-cyanoacrylate esters, one or more bis-silanes and optionally one or more monosilanes and to the use of said adhesive as an instant adhesive with improved water resistance. | 07-11-2013 |