CN109005039A - A method of accelerating ecdsa sign test in embedded device end - Google Patents

A method of accelerating ecdsa sign test in embedded device end Download PDF

Info

Publication number
CN109005039A
CN109005039A CN201811000547.6A CN201811000547A CN109005039A CN 109005039 A CN109005039 A CN 109005039A CN 201811000547 A CN201811000547 A CN 201811000547A CN 109005039 A CN109005039 A CN 109005039A
Authority
CN
China
Prior art keywords
mod
calculated
continuing
calculate
meet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811000547.6A
Other languages
Chinese (zh)
Inventor
高珊华
周亮
刘哲理
李伟超
田久鵾
郭晓杰
卢垚松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin Card Intelligent Network Polytron Technologies Inc
Original Assignee
Tianjin Card Intelligent Network Polytron Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin Card Intelligent Network Polytron Technologies Inc filed Critical Tianjin Card Intelligent Network Polytron Technologies Inc
Priority to CN201811000547.6A priority Critical patent/CN109005039A/en
Publication of CN109005039A publication Critical patent/CN109005039A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Complex Calculations (AREA)

Abstract

The present invention relates to a kind of methods for accelerating ecdsa sign test in embedded device end.Method includes the following steps: that initializing elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, and signer public key is Q, obtains elliptic curve basic point G;Under C language environment, w=s is calculated‑1mod n;Under C language environment, u1=m*w mod n is calculated;Under C language environment, u2=r*w mod n is calculated;Under C language environment, (x, y)=u1*G+u2*Q is calculated;V=x mod n;Judge whether to meet v=r, meets then signature verification and pass through, otherwise signature verification does not pass through.The present invention has the advantage that compared with the existing technology makes some low side embedded devices have faster ecdsa sign test speed by optimization algorithm, and product cost is effectively reduced.

Description

A method of accelerating ecdsa sign test in embedded device end
Technical field:
The present invention relates to mobile payment technical fields, accelerate ecdsa sign test in embedded device end further to one kind Method.
Background technique:
Because of cCredit card payment, the further genralrlization of the mobile payments means such as two dimensional code payment, ecdsa sign test technology is extensive Using into embedded device.
The embedded device common demands of mobile payment at present are at low cost, and operational capability is caused to there is limitation.Research insertion The method that formula equipment end accelerates ecdsa sign test can effectively solve the above problems.
Since high-precision multiplication of integers and modulo operation are in ecdsa sign test algorithm bottom circulation, so improving multiplication Ecdsa sign test speed can be effectively promoted with the modulo operation speed of service.It is replaced commonly in multiplying using Fast Multiplication Multiplying is the optimal way currently generally used in terms of algorithm.By improving carry system, improvement recursive procedure and changing It keeps forging ahead modular arithmetic etc., Algorithms T-cbmplexity is reduced, to accelerate algorithm execution speed.
In general, there are three main problems for meeting when high-level language is realized for the multiplication of high-precision integer and modulo operation: Speed is slow, modulus need to division arithmetic, intermediate value may cross the border twice.Therefore, it should be realized using assembler language and optimization algorithm Above-mentioned operation.It is realized using assembler language instead of high-level language, is the optimal way currently generally used in terms of language, it can Instruction execution efficiency is improved, it can be with the faster procedure speed of service.
Summary of the invention:
The purpose of the present invention is to provide the methods that one kind can accelerate ecdsa sign test.
The present invention is accomplished in that
A method of accelerating ecdsa sign test in embedded device end, includes the following steps:
Step 1: initialization elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, signer Public key is Q, obtains elliptic curve basic point G;
Step 2: under C language environment, calculating w=s-1mod n;
Step 3: under C language environment, calculating u1=m*w mod n;
Step 4: under C language environment, calculating u2=r*w mod n;
Step 5: under C language environment, calculating (x, y)=u1*G+u2*Q;
Step 6:v=x mod n;
Step 7: judging whether to meet v=r, meet then signature verification and pass through, otherwise signature verification does not pass through.
Preferred embodiment one, the step 2 include following detailed process:
Step 2.1: round numbers p=n, q=s, w=0, t=1, k=0, zj go to step 2.2;
Step 2.2: judging whether to meet q > 0, be, go to step 2.3, otherwise go to step 2.10;
Step 2.3: judging whether p is even number, be to go to step 2.4, otherwise go to step 2.5;
Step 2.4: continuing to calculate p, t, k, p=p/2, t=2t, k=k+1, return step 2.2;
Step 2.5: judging whether q is even number, be to go to step 2.6, otherwise go to step 2.7;
Step 2.6: continuing to calculate q, w, k, q=q/2, w=2w, k=k+1, return step 2.2;
Step 2.7: calculating x=p-q, judge whether to meet x > 0, be, go to step 2.8, otherwise go to step 2.9;
Step 2.8: continuing to calculate p, w, t, p=x/2, w=w+t, k=k+1, return step 2.2;
Step 2.9: continuing to calculate q, t, w, k, q=-x/2, t=w+t, w=2w, k=k+1, return step 2.2;
Step 2.10: judging whether to meet w > n, be to go to step 2.11, otherwise go to step 2.12;
Step 2.11: continuing to calculate w, w=w-n, go to step 2.12;
Step 2.12: continuing to calculate w, w=n-w, go to step 2.13;
Step 2.13: judging whether to meet k >=0, be to go to step 2.14, otherwise go to step 2.17;
Step 2.14: judging whether w is even number, be to turn 2.15, otherwise go to step 2.16;
Step 2.15: continuing to calculate w, k, w=w/2, k=k-1 go to step 2.13;
Step 2.16: continuing to calculate w, w=(w+n)/2, k=k-1 goes to step 2.13;
Step 2.17: returning to the value of w.
Preferred embodiment two, the step 3 include following detailed process:
Step 3.1: round numbers t meets t > n, makes (t, n)=1;
Step 2.2: calculating m '=m*t mod n, w '=w*t mod n;
Step 2.3: returning to u1=m ' * w ' * t-1*t-1mod n。
Preferred embodiment three, the step 4 include following detailed process:
Step 4.1: round numbers t meets t > n, makes (t, n)=1;
Step 4.2: calculating r '=r*t mod n, w '=w*t mod n;
Step 4.3: returning to u2=r ' * w ' * t-1*t-1mod n。
Preferred embodiment four, the step 5 include following detailed process:
Step 5.1: note u1=(u1t-1,u1t-2,…,u11,u10)2, u2=(u2k-1,u2k-2,…,u21,u20)2Take ellipse Curve point M=∞, N=∞, round numbers i=t-1, j=k-1 go to step 5.2;
Step 5.2: judging whether to meet i >=0, be to go to step 5.3, otherwise go to step 5.5;
Step 5.3: continuing to calculate M, i, M=M+M, i=i-1 judge whether to meet u1i=1, it is to go to step 5.4, otherwise Return step 5.2;
Step 5.4: continuing to calculate M, M=M+G, return step 5.2;
Step 5.5: judging whether to meet j >=0, be to go to step 5.6, otherwise go to step 5.8;
Step 5.6: continuing to calculate N, j, N=N+N, j=j-1 judge whether to meet u2i=1, it is to go to step 5.7, otherwise Return step 5.5;
Step 5.7: continuing to calculate N, N=N+Q, return step 5.2;
Step 5.8: returning to (x, y)=M+N.
The present invention has the advantage that compared with the existing technology
(1) ecdsa sign test speed is promoted by optimization algorithm, does not increase hardware cost.
(2) make some low side embedded devices that there is faster ecdsa sign test speed by optimization algorithm, effectively drop Low product cost.
Detailed description of the invention:
Fig. 1 is the flow diagram of the method for the present invention.
Specific embodiment:
Embodiment:
A method of accelerating ecdsa sign test in embedded device end, includes the following steps:
Step 1: initialization elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, signer Public key is Q, obtains elliptic curve basic point G;
Step 2: under C language environment, calculating w=s-1mod n;
Step 3: under C language environment, calculating u1=m*w mod n;
Step 4: under C language environment, calculating u2=r*w mod n;
Step 5: under C language environment, calculating (x, y)=u1*G+u2*Q;
Step 6:v=x mod n;
Step 7: judging whether to meet v=r, meet then signature verification and pass through, otherwise signature verification does not pass through.
Above-mentioned steps 2 include following detailed process:
Step 2.1: round numbers p=n, q=s, w=0, t=1, k=0, zj go to step 2.2;
Step 2.2: judging whether to meet q > 0, be, go to step 2.3, otherwise go to step 2.10;
Step 2.3: judging whether p is even number, be to go to step 2.4, otherwise go to step 2.5;
Step 2.4: continuing to calculate p, t, k, p=p/2, t=2t, k=k+1, return step 2.2;
Step 2.5: judging whether q is even number, be to go to step 2.6, otherwise go to step 2.7;
Step 2.6: continuing to calculate q, w, k, q=q/2, w=2w, k=k+1, return step 2.2;
Step 2.7: calculating x=p-q, judge whether to meet x > 0, be, go to step 2.8, otherwise go to step 2.9;
Step 2.8: continuing to calculate p, w, t, p=x/2, w=w+t, k=k+1, return step 2.2;
Step 2.9: continuing to calculate q, t, w, k, q=-x/2, t=w+t, w=2w, k=k+1, return step 2.2;
Step 2.10: judging whether to meet w > n, be to go to step 2.11, otherwise go to step 2.12;
Step 2.11: continuing to calculate w, w=w-n, go to step 2.12;
Step 2.12: continuing to calculate w, w=n-w, go to step 2.13;
Step 2.13: judging whether to meet k >=0, be to go to step 2.14, otherwise go to step 2.17;
Step 2.14: judging whether w is even number, be to turn 2.15, otherwise go to step 2.16;
Step 2.15: continuing to calculate w, k, w=w/2, k=k-1 go to step 2.13;
Step 2.16: continuing to calculate w, w=(w+n)/2, k=k-1 goes to step 2.13;
Step 2.17: returning to the value of w.
Above-mentioned steps 3 include following detailed process:
Step 3.1: round numbers t meets t > n, makes (t, n)=1;
Step 2.2: calculating m '=m*t mod n, w '=w*t mod n;
Step 2.3: returning to u1=m ' * w ' * t-1*t-1mod n。
Above-mentioned steps 4 include following detailed process:
Step 4.1: round numbers t meets t > n, makes (t, n)=1;
Step 4.2: calculating r '=r*t mod n, w '=w*t mod n;
Step 4.3: returning to u2=r ' * w ' * t-1*t-1mod n。
Above-mentioned steps 5 include following detailed process:
Step 5.1: note u1=(u1t-1,u1t-2,…,u11,u10)2, u2=(u2k-1,u2k-2,…,u21,u20)2Take ellipse Curve point M=∞, N=∞, round numbers i=t-1, j=k-1 go to step 5.2;
Step 5.2: judging whether to meet i >=0, be to go to step 5.3, otherwise go to step 5.5;
Step 5.3: continuing to calculate M, i, M=M+M, i=i-1 judge whether to meet u1i=1, it is to go to step 5.4, otherwise Return step 5.2;
Step 5.4: continuing to calculate M, M=M+G, return step 5.2;
Step 5.5: judging whether to meet j >=0, be to go to step 5.6, otherwise go to step 5.8;
Step 5.6: continuing to calculate N, j, N=N+N, j=j-1 judge whether to meet u2i=1, it is to go to step 5.7, otherwise Return step 5.5;
Step 5.7: continuing to calculate N, N=N+Q, return step 5.2;
Step 5.8: returning to (x, y)=M+N.
Above-mentioned steps 5.3, step 5.4, step 5.6, step 5.7, Point on Elliptic Curve A, point B involved in step 5.8, The calculating of A=B+C between point C carries out according to the following procedure:
Step 5a: note B=(x1, y1), C=(x2, y2), A=(x3, y3), elliptic curve equation y2=x3+ax+b;
Step 5b: c=x1*x1 is calculated;
Step 5c: d=x2*x2 is calculated;
Step 5d: e=x1*x2 is calculated;
Step 5e: λ=(c+d+e+a)/(y1+y2) is calculated;
Step 5f: λ 2=λ * λ is calculated;
Step 5g: x3=λ 2-x1-x2 is calculated;
Step 5h: f=λ * x1 is calculated;
Step 5i: g=λ * x3 is calculated;
Step 5j: y3=f-g-y1 is calculated;
Step 5k: it returns A=(x3, y3).
Z=x*y is calculated under above-mentioned steps 5b, step 5c, step 5d, step 5f, the decimal system involved in step 5h, 5i, Algorithm is z=alg (x, y), is remembered m=(maximum value of the digit of x and y), and recursive decrease lowest order digit is that k, m and k are compiling It is preceding specified, and 2 power times that m is k;It comprises the following processes:
Step 501: judging whether to meet m < k, be to go to step 502, otherwise go to step 503;
Step 502: returning to z=x*y;
Step 503: calculating m2=m/2;
Step 504: note x1 is high m2 of x, and x2 is low m2 of x, and y1 is high m2 of y, and y2 is low m2 of y;
Step 505: calculating z1=alg (x2, y2), z2=alg (x1+x2, y1+y2), z3=alg (x1, y1);
Step 506: returning to z=z3*10m+(z2-z3-z1)*10m2+z1
Above-mentioned steps 502 carry out according to the following procedure:
Step 502-1: under assembly language environment, remember that the digits of y are y from high to lown、yn-1、…、y1
Step 502-2: under assembly language environment, z is calculatedi=x*yi(1≤i≤n);
Step 502-3: under assembly language environment, z=∑ is returned ton I=1zi*10i
In the ecdsa sign test that the arm9 processor platform operation present invention realizes, the ecdsa algorithm realized with the library Openssl Time test comparison is carried out, following result is obtained:
The first situation: having application program operation from the background, and CPU usage is typically up to 80% or more before testing, and average value misses Difference about 10ms;Test result comparison such as following table
Version Average time Minimum time Maximum time
The present invention 53ms 4ms 130ms
Openssl sign test 1036ms 814ms 1256ms
Second situation: running without application program from the background, and CPU usage is generally 1% hereinafter, average value error before testing About 1ms;Test result comparison such as following table
Version Average time Minimum time Maximum time
The present invention 4ms 4ms 8ms
Openssl sign test 81ms 78ms 125ms
Test environment parameter: dominant frequency: 454Mhz, memory 128M, each test carry out 1000 statistics, and test result is aobvious Show, on identical embedded platform, time performance of the present invention has significant advantage.

Claims (8)

1. a kind of method for accelerating ecdsa sign test in embedded device end, which comprises the steps of:
Step 1: initialization elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, signer public key For Q, elliptic curve basic point G is obtained;
Step 2: under C language environment, calculating w=s-1mod n;
Step 3: under C language environment, calculating u1=m*w mod n;
Step 4: under C language environment, calculating u2=r*w mod n;
Step 5: under C language environment, calculating (x, y)=u1*G+u2*Q;
Step 6:v=x mod n;
Step 7: judging whether to meet v=r, meet then signature verification and pass through, otherwise signature verification does not pass through.
2. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described Step 2 includes following detailed process:
Step 2.1: round numbers p=n, q=s, w=0, t=1, k=0, zj go to step 2.2;
Step 2.2: judging whether to meet q > 0, be, go to step 2.3, otherwise go to step 2.10;
Step 2.3: judging whether p is even number, be to go to step 2.4, otherwise go to step 2.5;
Step 2.4: continuing to calculate p, t, k, p=p/2, t=2t, k=k+1, return step 2.2;
Step 2.5: judging whether q is even number, be to go to step 2.6, otherwise go to step 2.7;
Step 2.6: continuing to calculate q, w, k, q=q/2, w=2w, k=k+1, return step 2.2;
Step 2.7: calculating x=p-q, judge whether to meet x > 0, be, go to step 2.8, otherwise go to step 2.9;
Step 2.8: continuing to calculate p, w, t, p=x/2, w=w+t, k=k+1, return step 2.2;
Step 2.9: continuing to calculate q, t, w, k, q=-x/2, t=w+t, w=2w, k=k+1, return step 2.2;
Step 2.10: judging whether to meet w > n, be to go to step 2.11, otherwise go to step 2.12;
Step 2.11: continuing to calculate w, w=w-n, go to step 2.12;
Step 2.12: continuing to calculate w, w=n-w, go to step 2.13;
Step 2.13: judging whether to meet k >=0, be to go to step 2.14, otherwise go to step 2.17;
Step 2.14: judging whether w is even number, be to turn 2.15, otherwise go to step 2.16;
Step 2.15: continuing to calculate w, k, w=w/2, k=k-1 go to step 2.13;
Step 2.16: continuing to calculate w, w=(w+n)/2, k=k-1 goes to step 2.13;
Step 2.17: returning to the value of w.
3. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described Step 3 includes following detailed process:
Step 3.1: round numbers t meets t > n, makes (t, n)=1;
Step 2.2: calculating m '=m*t mod n, w '=w*t mod n;
Step 2.3: returning to u1=m ' * w ' * t-1*t-1mod n。
4. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described Step 4 includes following detailed process:
Step 4.1: round numbers t meets t > n, makes (t, n)=1;
Step 4.2: calculating r '=r*t mod n, w '=w*t mod n;
Step 4.3: returning to u2=r ' * w ' * t-1*t-1mod n。
5. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described Step 5 includes following detailed process:
Step 5.1: note u1=(u1t-1,u1t-2,…,u11,u10)2, u2=(u2k-1,u2k-2,…,u21,u20)2Take elliptic curve Point M=∞, N=∞, round numbers i=t-1, j=k-1 go to step 5.2;
Step 5.2: judging whether to meet i >=0, be to go to step 5.3, otherwise go to step 5.5;
Step 5.3: continuing to calculate M, i, M=M+M, i=i-1 judge whether to meet u1i=1, it is to go to step 5.4, otherwise returns Step 5.2;
Step 5.4: continuing to calculate M, M=M+G, return step 5.2;
Step 5.5: judging whether to meet j >=0, be to go to step 5.6, otherwise go to step 5.8;
Step 5.6: continuing to calculate N, j, N=N+N, j=j-1 judge whether to meet u2i=1, it is to go to step 5.7, otherwise returns Step 5.5;
Step 5.7: continuing to calculate N, N=N+Q, return step 5.2;
Step 5.8: returning to (x, y)=M+N.
6. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 5, which is characterized in that described Step 5.3, step 5.4, step 5.6, step 5.7, Point on Elliptic Curve A, point B involved in step 5.8, A=B+ between point C The calculating of C carries out according to the following procedure:
Step 5a: note B=(x1, y1), C=(x2, y2), A=(x3, y3), elliptic curve equation y2=x3+ax+b;
Step 5b: c=x1*x1 is calculated;
Step 5c: d=x2*x2 is calculated;
Step 5d: e=x1*x2 is calculated;
Step 5e: λ=(c+d+e+a)/(y1+y2) is calculated;
Step 5f: λ 2=λ * λ is calculated;
Step 5g: x3=λ 2-x1-x2 is calculated;
Step 5h: f=λ * x1 is calculated;
Step 5i: g=λ * x3 is calculated;
Step 5j: y3=f-g-y1 is calculated;
Step 5k: it returns A=(x3, y3).
7. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 6, which is characterized in that described Step 5b, z=x*y, algorithm z=alg are calculated under step 5c, step 5d, step 5f, the decimal system involved in step 5h, 5i (x, y) remembers m=(maximum value of the digit of x and y), and recursive decrease lowest order digit is that k, m and k are that compiling is preceding specified, and m is k 2 power times;It comprises the following processes:
Step 501: judging whether to meet m < k, be to go to step 502, otherwise go to step 503;
Step 502: returning to z=x*y;
Step 503: calculating m2=m/2;
Step 504: note x1 is high m2 of x, and x2 is low m2 of x, and y1 is high m2 of y, and y2 is low m2 of y;
Step 505: calculating z1=alg (x2, y2), z2=alg (x1+x2, y1+y2), z3=alg (x1, y1);
Step 506: returning to z=z3*10m+(z2-z3-z1)*10m2+z1。
8. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 7, which is characterized in that described Step 502 carries out according to the following procedure:
Step 502-1: under assembly language environment, remember that the digits of y are y from high to lown、yn-1、…、y1
Step 502-2: under assembly language environment, z is calculatedi=x*yi(1≤i≤n);
Step 502-3: under assembly language environment, z=∑ is returned ton I=1zi*10i
CN201811000547.6A 2018-08-30 2018-08-30 A method of accelerating ecdsa sign test in embedded device end Pending CN109005039A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811000547.6A CN109005039A (en) 2018-08-30 2018-08-30 A method of accelerating ecdsa sign test in embedded device end

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811000547.6A CN109005039A (en) 2018-08-30 2018-08-30 A method of accelerating ecdsa sign test in embedded device end

Publications (1)

Publication Number Publication Date
CN109005039A true CN109005039A (en) 2018-12-14

Family

ID=64594101

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811000547.6A Pending CN109005039A (en) 2018-08-30 2018-08-30 A method of accelerating ecdsa sign test in embedded device end

Country Status (1)

Country Link
CN (1) CN109005039A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6163841A (en) * 1998-06-23 2000-12-19 Microsoft Corporation Technique for producing privately authenticatable cryptographic signatures and for authenticating such signatures
CN106856431A (en) * 2015-12-09 2017-06-16 上海华虹集成电路有限责任公司 Improved ECDSA and sign test method
CN107634836A (en) * 2017-09-05 2018-01-26 何德彪 A kind of SM2 digital signature generation method and system
CN107678763A (en) * 2017-09-28 2018-02-09 杭州海兴电力科技股份有限公司 Electric energy meter upgrade method and system based on digital signature technology

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6163841A (en) * 1998-06-23 2000-12-19 Microsoft Corporation Technique for producing privately authenticatable cryptographic signatures and for authenticating such signatures
CN106856431A (en) * 2015-12-09 2017-06-16 上海华虹集成电路有限责任公司 Improved ECDSA and sign test method
CN107634836A (en) * 2017-09-05 2018-01-26 何德彪 A kind of SM2 digital signature generation method and system
CN107678763A (en) * 2017-09-28 2018-02-09 杭州海兴电力科技股份有限公司 Electric energy meter upgrade method and system based on digital signature technology

Similar Documents

Publication Publication Date Title
Kannwischer et al. Single-trace attacks on keccak
den Boer et al. A DPA attack against the modular reduction within a CRT implementation of RSA
Bogdanov Improved side-channel collision attacks on AES
US7957527B2 (en) Cryptographic processing apparatus
JP6110577B1 (en) Elliptic curve point multiplication procedure to resist side channel information leakage
EP2228716B1 (en) Fault-resistant calculcations on elliptic curves
US7991154B2 (en) Exponentiation method using multibase number representation
US20060045262A1 (en) Reliable elliptic curve cryptography computation
US8144864B2 (en) Method for speeding up the computations for characteristic 2 elliptic curve cryptographic systems
CN109145616B (en) SM2 encryption, signature and key exchange implementation method and system based on efficient modular multiplication
Bos et al. Fast Arithmetic Modulo 2^ xp^ y±1
KR20140046568A (en) Method for elliptic curve cryptography with countermeasures against simple power analysis and fault injection analysis and system thereof
CN112560107B (en) Method and device for processing private data
US10348495B2 (en) Configurable crypto hardware engine
Koppermann et al. 18 seconds to key exchange: Limitations of supersingular isogeny Diffie-Hellman on embedded devices
US8700921B2 (en) Fault-resistant exponentiation algorithm
Castryck et al. Efficient arithmetic on elliptic curves using a mixed Edwards-Montgomery representation
CN109150544A (en) A method of accelerating sm2 sign test in embedded device end
CN109005039A (en) A method of accelerating ecdsa sign test in embedded device end
Bos et al. Elliptic and hyperelliptic curves: A practical security analysis
US20120039462A1 (en) Rsa signature method and apparatus
Bernstein et al. Faster elliptic-curve discrete logarithms on FPGAs
Aljuffri et al. Multi-bit blinding: A countermeasure for RSA against side channel attacks
US11184148B2 (en) Elliptic curve cryptography scheme for Edwards curves having a differential side-channel attack countermeasure
US20140286488A1 (en) Determining a Division Remainder and Ascertaining Prime Number Candidates for a Cryptographic Application

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20181214

WD01 Invention patent application deemed withdrawn after publication