CN103391193A - Method for detecting bit security of public key cryptosystem - Google Patents

Method for detecting bit security of public key cryptosystem Download PDF

Info

Publication number
CN103391193A
CN103391193A CN2013103175751A CN201310317575A CN103391193A CN 103391193 A CN103391193 A CN 103391193A CN 2013103175751 A CN2013103175751 A CN 2013103175751A CN 201310317575 A CN201310317575 A CN 201310317575A CN 103391193 A CN103391193 A CN 103391193A
Authority
CN
China
Prior art keywords
bit
ciphertext
key cryptosystem
common key
meaningful
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2013103175751A
Other languages
Chinese (zh)
Other versions
CN103391193B (en
Inventor
吕克伟
康镇麒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN201310317575.1A priority Critical patent/CN103391193B/en
Publication of CN103391193A publication Critical patent/CN103391193A/en
Application granted granted Critical
Publication of CN103391193B publication Critical patent/CN103391193B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of bit security detection method of common key cryptosystem,Wherein,Detected bit is maximum significant bit,It the steps include: the common parameter N for 1) inputting common key cryptosystem to be detected,To the safe bit number k that plaintext x is detected,Wherein x is less than N; 2) ciphertext C is shifted,Obtain first k maximum significant bit bi of the corresponding plaintext of the ciphertext C ' obtained after displacement every time; Wherein,Ciphertext C is using the common key cryptosystem to the encrypted ciphertext of plaintext x,The shift length relative to the starting position ciphertext C is L=ki every time,I=0,1,..,M-1, 3) formula is utilized Calculate output test result M; 4) M and plaintext x are compared, if unanimously, determining that the first k maximum significant bit of plaintext x is safe bit. The present invention can the maximum significant bit of accurate judgement public encryption system and minimum significant bit be safe bit.

Description

A kind of bit security detection method of common key cryptosystem
Technical field
The invention belongs to common key cryptosystem bit security field tests, be specifically related to a kind of bit security detection method of common key cryptosystem; The test bit fail safe, if belong to safe bit, hardware realization and software are realized must avoiding revealing.
Background technology
At present, analyzing some main results for the bit of public key cryptography is that the fail safe of each bit of RSA of providing of the people such as Sweden scientist Johan Hastad is (with reference to J.Hastad, M.Naslund:The security of all RSA and discrete log bits.J.ACM 51 (2), pp.187 – 230 (2004)), and the people such as the professor Dan Boneh of Stanford University has provided the Diffie-Hellman cipher key change, the ElGamal public key encryption, the bit safety analysis results such as Shamir transmission of messages are (with reference to D.Boneh, R.Venkatesan:Rounding in lattics and its cryptographic applications.Proc.8 thannual ACM-SIAM Symp.On Discr.Algorithms, ACM, 1997, pp.675-681. with document D.Boneh, R.Venkatesan:Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes.Lect.Notes in Comp.Sci., Springer-Verlag, Berlin, vol.1109 (1996), pp.129-142).
Since Dan Boneh initiative provided the bit safety analysis such as Diffie-Hellman cipher key change, ElGamal public key encryption, Shamir transmission of messages, numerous scientific research persons have provided further result on its basis.For example, the people such as Australian Academy of Science academician Shparlinski has reduced the size on required amount of bits and rank.But the result of analyzing for Diffie-Hellman cipher key change, ElGamal public key encryption, Shamir message transmission protocol bit at present is still not satisfied, specific as follows:
1. the algorithm of analyzing is probabilistic algorithm, can not guarantee to export correct result;
2. whether do not provide the safety results of single-bit, but provided the safety results of a string bit, not providing maximum or minimum meaningful bit is safe bit.
Summary of the invention
Be probabilistic algorithm and without the fail safe conclusion problem of single-bit in order to overcome the existing parser for ElGamal public key encryption system, the object of the present invention is to provide a kind of bit security detection method of common key cryptosystem.
The technical solution adopted for the present invention to solve the technical problems is: the binary digital expansion of an integer based under mark, adopt the mode of bit displacement, by the internal relation between bit, whether can recover expressly to judge the bit security of public key system by test bit.
Technical scheme of the present invention is:
A kind of bit security detection method of common key cryptosystem, wherein, the bit that detects is maximum meaningful bit, the steps include:
1) input the common parameter N of common key cryptosystem to be detected, the safe bit number k that plaintext x is detected, wherein x is less than N;
2) ciphertext C is shifted, is obtained the corresponding maximum meaningful bit b of front k expressly of the ciphertext C ' obtained after each displacement i; Wherein, ciphertext C is the ciphertext of utilizing after this common key cryptosystem is encrypted plaintext x, and the displacement length with respect to ciphertext C starting position is L=ki at every turn, i=0, and 1 ..., m-1,
Figure BDA00003569568300021
3) utilize formula calculate output detections M as a result;
4) M and plaintext x are contrasted, if consistent, judged that expressly front k the maximum meaningful bit of x is safe bit.
Adopt formula
Figure BDA00003569568300023
calculate front k the maximum meaningful bit b obtained after each displacement i; Wherein, ms d(2 ikxmodp) be 2 ikunder x mark binary digital expansion of an integer 2 ik x mod p p = Σ i = 1 ∞ m s i ( 2 ik x mod p ) 2 - i D value, p is the odd number that is greater than x.
Described common key cryptosystem is the ElGamal common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kimodN.
Described common key cryptosystem is the RSA common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kie, the PKI that e is RSA.
A kind of bit security detection method of common key cryptosystem, wherein, the bit that detects is minimum meaningful bit, the steps include:
1) input the common parameter N of common key cryptosystem to be detected, the safe bit number k that plaintext x is detected, wherein x is less than N;
2) ciphertext C is shifted, is obtained the corresponding meaningful bit lsb of minimum expressly of the ciphertext C ' obtained after each displacement 1(2 ixmodN); Wherein, ciphertext C is the ciphertext of utilizing after this common key cryptosystem is encrypted plaintext x, and the displacement length with respect to ciphertext C starting position is L=ki at every turn, i=0, and 1 ..., m-1,
Figure BDA00003569568300025
The meaningful bits switch of the minimum that 3) will at every turn obtain is the ms under x mark binary digital expansion of an integer i(x); Ms i(x) be i maximum meaningful bit expression formula under x mark binary digital expansion of an integer;
4) utilize formula calculate b, the output detections result
Figure BDA00003569568300032
5) will
Figure BDA00003569568300033
with plaintext, x is contrasted, if consistent, judges that expressly the meaningful bit of minimum of x is safe bit.
Utilize formula lsb 1(2 ixmodN)=ms i(x) the meaningful bit lsb of the minimum that will at every turn obtain 1(2 ixmodN) be converted to the ms under x mark binary digital expansion of an integer i(x).
Described common key cryptosystem is the ElGamal common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kimodN.
Described common key cryptosystem is the RSA common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kie, the PKI that e is RSA.
Compared with prior art, the invention has the beneficial effects as follows:
Under deterministic algorithm, accurately judged that the maximum meaningful bit of the public key encryption systems such as ElGamal, RSA and minimum meaningful bit are safe bit.
The accompanying drawing explanation
Fig. 1 is the inventive method flow chart.
Embodiment
Below in conjunction with drawings and Examples, the present invention is further described.
Inputting interface of the present invention has the zone of input common parameter N, and input detection amount of bits, and in addition also needing to select is LSB or MSB.All fill in completely when all, start to detect;
Annotate: if select LSB, k will be fixed as 1.
The information that input is obtained by detection information, according to different common parameter N and detection bit number k, have " compute " of different quantity.Compute means ciphertext C is multiplied by certain number (routine compute i=2, be multiplied by 2^{i}), then detects front k maximum meaningful bit of the plaintext of 2^{i}C.If hardware is realized or software realizes causing information leakage, repeatedly access software or hardware of meaning.
Explanation of nouns:
Maximum meaningful bit (MSB): the front k of x ∈ [0, p-1] maximum meaningful bit definitions is integer t, and t meets
(t-1)·p/2 k≤x<t·p/2 k
Minimum meaningful bit (LSB): the least meaning bit definitions of x ∈ [0, p-1] is t, and t meets:
Figure BDA00003569568300041
Wherein, x is a number that is less than p, can regard that expressly p is odd number as, can be expressly any one number that is less than p.
Testing process of the present invention as shown in Figure 1, if wherein the output plaintext M is consistent with true plaintext x, can judge that testing out this bit is safe bit, in design hardware implementation or software implementation, must avoid revealing.
Below we analyze core algorithm and flow process.
Can, if C=f (x) is ciphertext, wherein x be that expressly N is common parameter, by k maximum meaningful bit number before detecting expressly, recover expressly x, the fail safe of judgement public key cryptosyst, and algorithm substantially is as follows:
1 order
Figure BDA00003569568300042
for rounding up
2?for(i=0;i<m;i++)do
3?L=k·i;
4 C '=C2 lmodN, need to guarantee C '=f (x2 l);
5 b i=obtain front k the maximum meaningful bit of the plaintext of ciphertext C '.;
6?End?for
7 output detections information
Figure BDA00003569568300046
If M is consistent with x, illustrate when hardware or software are realized, the k detected a maximum meaningful bit is safe bit, leak case can not occur.
Design as above algorithmic technique background:
In public key cryptosyst, expressly x is less than N, and under the x mark, binary digital expansion of an integer is
Figure BDA00003569568300044
ms i(x) ∈ { 0,1}, ms i(x) be i maximum meaningful bit expression formula under the x mark; The binary digital expansion of an integer of x is
Figure BDA00003569568300045
lsb i(x) ∈ { 0,1}, lsb i(x) be x i minimum meaningful bit.Wherein, under the x mark, the binary digital expansion of an integer of binary digital expansion of an integer and x has following relation:
1)lsb 1(2 ixmodN)=ms i(x),(i=1,2,…);
Figure BDA00003569568300051
3)ms j+k(x)=ms j(2 kxmodN),j=1,2…k;
4) if integer t is front k the maximum meaningful bit of x, meet: meet (t-1) p/2 k≤ x<tp/2 k.
By above-mentioned four relations, if k maximum meaningful bit security before our known detection, we can change and try to achieve binary digital expansion of an integer under the x mark, more further utilize and concern 2) try to achieve expressly.In algorithm 2-5 step, the first step (i=0), obtain expressly front k the maximum meaningful bit of x, and utilize concern 3), ciphertext C is multiplied by 2 kafter obtain again corresponding plaintext x2 kfront k maximum meaningful bit.When algorithm 2-5 step is carried out
Figure BDA00003569568300053
after inferior, obtain corresponding b i = ( &Sigma; d = 1 k ms d ( 2 ik x mod N ) 2 - d + k ) + 1 , i = 0,1,2 , . . . , m - 1 . Wherein, ms d(2 ikxmodp) be 2 ik x mod p p = &Sigma; i = 1 &infin; ms i ( 2 ik x mod p ) 2 - i D value.
Utilize and concern 2), 3), 4) and obtain testing result M by algorithm the 7th step, utilize testing result M and plaintext x to be contrasted, judge whether its expressly front k maximum meaningful bit is the bit that can not reveal.Wherein, concern 3) guarantee that algorithm the 4th step can obtain more ms i(x), concern 4) guarantee the relation of the meaningful bit of maximum of maximum meaningful bit and x under the x mark to concern 2) guarantee to have maximum meaningful bit under abundant mark, can obtain x.
For detecting expressly minimum meaningful bit, algorithm utilization concerns 1) by the meaningful bits switch of minimum, be that maximum meaningful bit is detected.Obtain the expressly meaningful bit of minimum of x, first obtain lsb 1(2 1xmodp)=ms 1(x), then allow corresponding ciphertext C be multiplied by 2, lsb reentries 1(2 2xmodp)=ms 2(x); Utilize and concern lsb 1(2 ixmodp)=ms i(x), (i=1,2 ...), obtain abundant ms i(x) time, just can utilize and concern 2).
Merit attention, different for different public key encryption system algorithm the 4th steps, guarantee 2 ldirectly act on expressly.For example ElGamal is adopted to top the 4th step, but need to adopt C '=C2 for RSA le, the PKI that e is RSA here.
Below provide the instantiation for ElGamal public key encryption system and the analysis of RSA bit:
Whether A. detect front 4 the meaningful bits of maximum of RSA can not reveal
1) common parameter of input RSA, and detect bit number k, and select LSB or MSB, click " start ";
2) allow 2 kie(PKI of eRSA) is multiplied by C (ciphertext), obtains 2 kiek maximum meaningful bit before the plaintext of C, and click " start " calculates result.
Example: N=984863712293=992449 * 992357, PKI e=988213, ciphertext C=204418673441=(1111) emodN.Hard-wired defect causes front 4 meaningful bits of maximum to survey.
In information leakage, we need to obtain successively:
1) (1111) ethe maximum meaningful bit of the ciphertext of modN front 4 (value is 1);
2) 2 e(1111) efront 4 meaningful bits of maximum (value is 1) of modN;
3) 2 2e(1111) efront 4 meaningful bits of maximum (value is 1) of modN;
4) 2 3e(1111) efront 4 meaningful bits of maximum (value is 1) of modN;
5) 2 4e(1111) efront 4 meaningful bits of maximum (value is 1) of modN;
6) 2 5e(1111) efront 4 meaningful bits of maximum (value is 1) of modN;
7) 2 6e(1111) efront 4 meaningful bits of maximum (value is 1) of modN;
8) 2 7e(1111) efront 4 meaningful bits of maximum (value is 5) of modN;
9) 2 8e(1111) efront 4 meaningful bits of maximum (value is 14) of modN;
10) 2 9e(1111) efront 4 meaningful bits of maximum (value is 9) of modN;
11) 2 10e(1111) efront 4 meaningful bits of maximum (value is 6) of modN,
We have recovered plaintext 1111.We may safely draw the conclusion: when RSA hardware or software are realized, front 4 meaningful bits of maximum necessarily can not be revealed.
Annotate: LSB or front 1 maximum are had a mind to bit can be proved equally.
Whether B. detect front 4 the meaningful bits of maximum of ElGamal can not reveal
1) common parameter of input ElGamal public key encryption system, and detect bit number, and select LSB or MSB, click " start ";
2) allow 2 kibe multiplied by C (ciphertext when information is returned), obtain 2 kik maximum meaningful bit before the plaintext of C, and click " start " calculates result;
Example: Bob PKI y=g xmodN and g (establishing g=98932, N=976817837417), Alice selects r at random, sends (g rmodN, C=13333y rmodN) give Bob.Bob utilizes 13333=(g r) -x13333y rmodN obtains expressly.If Bob can survey because hard-wired defect causes front 4 meaningful bits of maximum.We can obtain in proper order:
1) front 4 of C maximum meaningful bits (value is 1);
2) 2 4front 4 meaningful bits of maximum (value is 1) of Cmodp;
3) 2 8front 4 meaningful bits of maximum (value is 1) of Cmodp;
4) 2 12front 4 meaningful bits of maximum (value is 1) of Cmodp;
5) 2 16front 4 meaningful bits of maximum (value is 1) of Cmodp;
6) 2 20front 4 meaningful bits of maximum (value is 1) of Cmodp;
7) 2 24front 4 meaningful bits of maximum (value is 4) of Cmodp;
8) 2 28front 4 meaningful bits of maximum (value is 11) of Cmodp;
9) 2 32front 4 meaningful bits of maximum (value is 10) of Cmodp;
10) 2 36front 4 meaningful bits of maximum (value is 16) of Cmodp;
11) 2 40front 4 meaningful bits of maximum (value is 12) of Cmodp;
We have recovered expressly 13333, and we may safely draw the conclusion: when ElGamal hardware or software are realized, front 4 meaningful bits of maximum necessarily can not be revealed.
Annotate: the related logarithm of this specification number, all take 2 the end of as and common parameter N is odd number.

Claims (8)

1. the bit security detection method of a common key cryptosystem, wherein, the bit that detects is maximum meaningful bit, the steps include:
1) input the common parameter N of common key cryptosystem to be detected, the safe bit number k that plaintext x is detected, wherein x is less than N;
2) ciphertext C is shifted, is obtained the corresponding maximum meaningful bit b of front k expressly of the ciphertext C ' obtained after each displacement i; Wherein, ciphertext C is the ciphertext of utilizing after this common key cryptosystem is encrypted plaintext x, and the displacement length with respect to ciphertext C starting position is L=ki at every turn, i=0, and 1 ..., m-1,
Figure FDA00003569568200011
3) utilize formula
Figure FDA00003569568200016
calculate output detections M as a result;
4) M and plaintext x are contrasted, if consistent, judged that expressly front k the maximum meaningful bit of x is safe bit.
2. the method for claim 1, is characterized in that adopting formula
Figure FDA00003569568200013
calculate front k the maximum meaningful bit b obtained after each displacement i; Wherein, ms d(2 ikxmodp) be 2 ikunder x mark binary digital expansion of an integer 2 ik x mod p p = &Sigma; i = 1 &infin; ms i ( 2 ik x mod p ) 2 - i D value, p is the odd number that is greater than x.
3. want 1 or 2 described methods as right, it is characterized in that described common key cryptosystem is the ElGamal common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kimodN.
4. method as claimed in claim 1 or 2, is characterized in that described common key cryptosystem is the RSA common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kie, the PKI that e is RSA.
5. the bit security detection method of a common key cryptosystem, wherein, the bit that detects is minimum meaningful bit, the steps include:
1) input the common parameter N of common key cryptosystem to be detected, the safe bit number k that plaintext x is detected, wherein x is less than N;
2) ciphertext C is shifted, is obtained the corresponding meaningful bit lsb of minimum expressly of the ciphertext C ' obtained after each displacement 1(2 ixmodN); Wherein, ciphertext C is the ciphertext of utilizing after this common key cryptosystem is encrypted plaintext x, and the displacement length with respect to ciphertext C starting position is L=ki at every turn, i=0, and 1 ..., m-1,
Figure FDA00003569568200015
The meaningful bits switch of the minimum that 3) will at every turn obtain is the ms under x mark binary digital expansion of an integer i(x); Ms i(x) be i maximum meaningful bit expression formula under x mark binary digital expansion of an integer;
4) utilize formula
Figure FDA00003569568200023
calculate b, the output detections result
Figure FDA00003569568200022
5) will
Figure FDA00003569568200024
with plaintext, x is contrasted, if consistent, judges that expressly the meaningful bit of minimum of x is safe bit.
6. method as claimed in claim 5, is characterized in that utilizing formula lsb 1(2 ixmodN)=ms i(x) the meaningful bit lsb of the minimum that will at every turn obtain 1(2 ixmodN) be converted to the ms under x mark binary digital expansion of an integer i(x).
7. want 5 or 6 described methods as right, it is characterized in that described common key cryptosystem is the ElGamal common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kimodN.
8. method as described as claim 5 or 6, is characterized in that described common key cryptosystem is the RSA common key cryptosystem; The ciphertext C ' obtained after each displacement=C2 kie, the PKI that e is RSA.
CN201310317575.1A 2013-07-25 2013-07-25 A kind of bit security detection method of common key cryptosystem Expired - Fee Related CN103391193B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310317575.1A CN103391193B (en) 2013-07-25 2013-07-25 A kind of bit security detection method of common key cryptosystem

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310317575.1A CN103391193B (en) 2013-07-25 2013-07-25 A kind of bit security detection method of common key cryptosystem

Publications (2)

Publication Number Publication Date
CN103391193A true CN103391193A (en) 2013-11-13
CN103391193B CN103391193B (en) 2016-03-16

Family

ID=49535358

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310317575.1A Expired - Fee Related CN103391193B (en) 2013-07-25 2013-07-25 A kind of bit security detection method of common key cryptosystem

Country Status (1)

Country Link
CN (1) CN103391193B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105678083A (en) * 2016-01-11 2016-06-15 成都卫士通信息产业股份有限公司 Rapid detection method capable of performing single-bit frequency detection and frequency detection within block

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080096530A1 (en) * 2006-10-20 2008-04-24 Innovative Sonic Limited Method for calculating start value for security for user equipment in a wireless communications system and related apparatus
US20130124784A1 (en) * 2011-11-15 2013-05-16 Samsung Electronics Co., Ltd. Memory system comprising nonvolatile memory device and related method of operation
CN103118009A (en) * 2013-01-08 2013-05-22 深圳大学 Authentication key exchange method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080096530A1 (en) * 2006-10-20 2008-04-24 Innovative Sonic Limited Method for calculating start value for security for user equipment in a wireless communications system and related apparatus
US20130124784A1 (en) * 2011-11-15 2013-05-16 Samsung Electronics Co., Ltd. Memory system comprising nonvolatile memory device and related method of operation
CN103118009A (en) * 2013-01-08 2013-05-22 深圳大学 Authentication key exchange method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
苏东,王克,吕克伟: "Paillier陷门函数的两个变体的比特安全性分析", 《计算机学报》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105678083A (en) * 2016-01-11 2016-06-15 成都卫士通信息产业股份有限公司 Rapid detection method capable of performing single-bit frequency detection and frequency detection within block

Also Published As

Publication number Publication date
CN103391193B (en) 2016-03-16

Similar Documents

Publication Publication Date Title
US8401179B2 (en) Encryption parameter setting apparatus, key generation apparatus, cryptographic system, program, encryption parameter setting method, and key generation method
Imem Comparison and evaluation of digital signature schemes employed in NDN network
EP2582085A1 (en) Generating implicit certificates
US20130091362A1 (en) Generating implicit certificates
Clarke et al. Cryptanalysis of the dragonfly key exchange protocol
Tahat et al. A new RSA public key encryption scheme with chaotic maps
US7043018B1 (en) Prime number generation method, prime number generation apparatus, and cryptographic system
Niu et al. Lossy data aggregation integrity scheme in wireless sensor networks
US7177423B2 (en) Method and apparatus for exponentiation in an RSA cryptosystem
JP2004534971A (en) Public key cryptosystem using finite non-commutative group
Raghunandan et al. Secure RSA variant system to avoid factorization attack using phony modules and phony public key exponent
Saho et al. Securing document by digital signature through RSA and elliptic curve cryptosystems
Dubey et al. Cryptanalytic attacks and countermeasures on RSA
Wu et al. On the improvement of wiener attack on rsa with small private exponent
HS et al. Comparative study and performance analysis of encryption in RSA, ECC and Goldwasser-Micali cryptosystems
US20100150343A1 (en) System and method for encrypting data based on cyclic groups
CN103391193B (en) A kind of bit security detection method of common key cryptosystem
Mazlisham et al. Analysis of Rabin-P and RSA-OAEP Encryption Scheme on Microprocessor Platform
Zhigang et al. Review of how to construct a fully homomorphic encryption scheme
Li et al. A novel algorithm for scalar multiplication in ECDSA
Sarma et al. Public key cryptosystem based on Pell's equation using the Gnu Mp library
Wu et al. Batch public key cryptosystem with batch multi-exponentiation
Chen et al. An Efficient Fog-Assisted Unstable Sensor Detection Scheme with Privacy Preserved
JP5912281B2 (en) Decryption result verification apparatus, method, system, and program
Lee et al. Efficient fault-tolerant scheme based on the RSA system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20160316

Termination date: 20210725