# Struik

## Marinus Struik, Toronto CA

Patent application number | Description | Published |
---|---|---|

20090100267 | Signatures with confidential message recovery - A portion of the signed message in an ECPVS is kept truly confidential by dividing the message being signed into at least three parts, wherein one portion is visible, another portion is recoverable by any entity and carries the necessary redundancy for verification, and at least one additional portion is kept confidential. The additional portion is kept confidential by encrypting such portion using a key generated from information specific to that verifying entity. In this way, any entity with access to the signer's public key can verify the signature by checking for a specific characteristic, such as a certain amount of redundancy in the one recovered portion, but cannot recover the confidential portion, only the specific entity can do so. Message recovery is also provided in an elliptic curve signature using a modification of the well analyzed ECDSA signing equation instead of, e.g. the Schnorr equation used in traditional PV signature schemes. | 04-16-2009 |

20090296939 | LOCAL AREA NETWORK - A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to the communication network and the trusted network. | 12-03-2009 |

20090316902 | METHOD AND APPARATUS FOR ENCODING SECURITY STATUS INFORMATION - A method of transmitting messages from a sender to a recipient over a wireless channel, the messages including a sequence counter and a frame counter. The method comprises establishing initial values of the sequence counter and the frame counter at the sender. Initial values of the frame counter and the sequence counter are provided to the recipient. The sender sends compressed messages including the value of the sequence counter and not the frame counter and monitors for an acknowledgement of receipt by the recipient. When no acknowledgment is received, the sender sends uncompressed messages until an acknowledgement of receipt is received from the recipient. The sequence counter is incremented and the next value of the frame counter is established as the integer next larger than previous value of the frame counter which is congruent to the sequence counter modulo | 12-24-2009 |

20100023771 | IMPLICIT CERTIFICATE VERIFICATION - A method of computing a cryptographic key to be shared between a pair of correspondents communicating with one another through a cryptographic system is provided, where one of the correspondents receives a certificate of the other correspondents public key information to be combined with private key information of the one correspondent to generate the key. The method comprises the steps of computing the key by combining the public key information and the private key information and including in the computation a component corresponding to verification of the certificate, such that failure of the certificate to verify results in a key at the one corespondent that is different to the key computed at the other correspondent. | 01-28-2010 |

20110060909 | TRAPDOOR ONE-WAY FUNCTIONS ON ELLIPTIC CURVES AND THEIR APPLICATION TO SHORTER SIGNATURES AND ASYMMETRIC ENCRYPTION - The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions. | 03-10-2011 |

20110087883 | SELF-SIGNED IMPLICIT CERTIFICATES - There are disclosed systems and methods for creating a self-signed implicit certificate. In one embodiment, the self-signed implicit certificate is generated and operated upon using transformations of a nature similar to the transformations used in the ECQV protocol. In such a system, a root CA or other computing device avoids having to generate an explicit self-signed certificate by instead generating a self-signed implicit certificate. | 04-14-2011 |

20110194694 | Accelerated Verification of Digital Signatures and Public Keys - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. For example, a technique for verifying a signature of a message can include applying a first mathematical function to a combination of the first signature component and the second message portion to obtain an intermediate component, using the intermediate component to generate a first value and a second value, where a second mathematical function applied to the first value and the second value obtains the intermediate component, and determining the ephemeral public key based on the first value, the second value, the second signature component, the base point of the elliptic curve, and a long-term public key of the long-term private-public key pair. The technique can include verifying whether a representation of the first message portion satisfies a predetermined characteristic. | 08-11-2011 |

20110222683 | DEVICE AND METHOD FOR IMPLEMENTING A CRYPTOGRAPHIC HASH FUNCTION - A computing device and a computing device implemented method are provided for preparing a message a bit-length number of bits in length less than or equal to a pre-determined maximum size, for input to a cryptographic hash function operating on blocks of a predetermined block size of B bits. The computing device comprises a processor in communication with a memory for processing the message. The method comprises the processor padding the message by adding sufficient padding bits and a length block of length n bits, such that a padded bit-length of the padded message is an integer factor times the block size B; and the processor setting the bits of the length block such that if the bit-length is less than 2 | 09-15-2011 |

20120036357 | CRYPTOGRAPHIC METHOD AND APPARATUS - A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used. | 02-09-2012 |

20120047363 | Implicit Certificate Verification - A method of computing a cryptographic key to be shared between a pair of correspondents communicating with one another through a cryptographic system is provided, where one of the correspondents receives a certificate of the other correspondents public key information to be combined with private key information of the one correspondent to generate the key. The method comprises the steps of computing the key by combining the public key information and the private key information and including in the computation a component corresponding to verification of the certificate, such that failure of the certificate to verify results in a key at the one correspondent that is different to the key computed at the other correspondent. | 02-23-2012 |

20120102334 | System and Method for Hardware Based Security - An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session. | 04-26-2012 |

20120137133 | Key Agreement and Transport Protocol - A key establishment protocol includes the generation of a value of cryptographic function, typically a hash, of a session key and public information. This value is transferred between correspondents together with the information necessary to generate the session key. Provided the session key has not been compromised, the value of the cryptographic function will be the same at each of the correspondents. The value of the cryptographic function cannot be compromised or modified without access to the session key. | 05-31-2012 |

20120221850 | System and Method for Reducing Computations in an Implicit Certificate Scheme - There are disclosed systems and methods for reducing the number of computations performed by a computing device constructing a public key from an implicit certificate associated with a certificate authority in an implicit certificate scheme. In one embodiment, the device first operates on the implicit certificate to derive an integer e. The device then derives a pair of integers (e | 08-30-2012 |

20120221858 | Accelerated Key Agreement With Assisted Computations - A method is provided for obtaining a secret value for use as a key in a cryptographic operation, the secret value combining a private key, x, of one computing device with a public key, Y, of another computing device to obtain a secret value xY. The method includes obtaining a pair of scalars x | 08-30-2012 |

20120230494 | Accelerated Verification of Digital Signatures and Public Keys - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained. | 09-13-2012 |

20120284800 | Method and Apparatus for Synchronizing an Adaptable Security Level in an Electronic Communication - A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient. | 11-08-2012 |

20120314855 | Trapdoor One-Way Functions on Elliptic Curves and Their Application to Shorter Signatures and Asymmetric Encryption - A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. | 12-13-2012 |

20130064367 | ACCELERATED VERIFICATION OF DIGITAL SIGNATURES AND PUBLIC KEYS - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained. | 03-14-2013 |

## Marinus Struik, Mississauga CA

Patent application number | Description | Published |
---|---|---|

20110208970 | DIGITAL SIGNATURE AND KEY AGREEMENT SCHEMES - A method is disclosed for performing key agreement to establish a shared key between correspondents and for generating a digital signature. The method comprises performing one of key agreement or signature generation, and using information generated in said one of key agreement or signature generation in the other of said key agreement or said signature generation. By doing this, computations and/or bandwidth can be saved. | 08-25-2011 |

## Marius Struik, Toronto CA

Patent application number | Description | Published |
---|---|---|

20100111296 | COLLISION-RESISTANT ELLIPTIC CURVE HASH FUNCTIONS - Elliptic curve hash functions are provided which do not require a pre-existing hash function, such as that required by the MuHash. The elliptic curve hash functions can be built from scratch and are collision free and can be incremental. In one embodiment, rather than a pre-existing hash function, the identity function with padding is used; and in another embodiment, rather than a pre-existing hash function, a block cipher with a fixed non-secret key is used. | 05-06-2010 |

## Pieter Struik, Nuenen NL

Patent application number | Description | Published |
---|---|---|

20100169680 | DISTRIBUTED TABLE-DRIVEN POWER MODE COMPUTATION FOR CONTROLLING OPTIMAL CLOCK and VOLTAGE SWITCHING - A method for computing the optimal power mode for a system-on-chip (SoC) in which both the clock and Vdd settings are controlled. Information from hardware blocks is synthesized into a global power mode for the entire SoC. The clocks can be disabled or enabled, and Vdd voltages can be disabled, set at a nominal operating level, and set at a retention level in which the state of memory and registers is retained. | 07-01-2010 |

20110145554 | DATA PROCESSING DEVICE WITH ADJUSTABLE PERFORMANCE LEVEL AND METHOD OF OPERATING SUCH DEVICE - A data processing device has a processor ( | 06-16-2011 |

20110239067 | VERIFICATION OF DESIGN INFORMATION FOR CONTROLLING MANUFACTURE OF A SYSTEM ON A CHIP - A system on a chip comprises a plurality of circuit blocks ( | 09-29-2011 |