CN109005039A - A method of accelerating ecdsa sign test in embedded device end - Google Patents
A method of accelerating ecdsa sign test in embedded device end Download PDFInfo
- Publication number
- CN109005039A CN109005039A CN201811000547.6A CN201811000547A CN109005039A CN 109005039 A CN109005039 A CN 109005039A CN 201811000547 A CN201811000547 A CN 201811000547A CN 109005039 A CN109005039 A CN 109005039A
- Authority
- CN
- China
- Prior art keywords
- mod
- calculated
- continuing
- calculate
- meet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Complex Calculations (AREA)
Abstract
The present invention relates to a kind of methods for accelerating ecdsa sign test in embedded device end.Method includes the following steps: that initializing elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, and signer public key is Q, obtains elliptic curve basic point G;Under C language environment, w=s is calculated‑1mod n;Under C language environment, u1=m*w mod n is calculated;Under C language environment, u2=r*w mod n is calculated;Under C language environment, (x, y)=u1*G+u2*Q is calculated;V=x mod n;Judge whether to meet v=r, meets then signature verification and pass through, otherwise signature verification does not pass through.The present invention has the advantage that compared with the existing technology makes some low side embedded devices have faster ecdsa sign test speed by optimization algorithm, and product cost is effectively reduced.
Description
Technical field:
The present invention relates to mobile payment technical fields, accelerate ecdsa sign test in embedded device end further to one kind
Method.
Background technique:
Because of cCredit card payment, the further genralrlization of the mobile payments means such as two dimensional code payment, ecdsa sign test technology is extensive
Using into embedded device.
The embedded device common demands of mobile payment at present are at low cost, and operational capability is caused to there is limitation.Research insertion
The method that formula equipment end accelerates ecdsa sign test can effectively solve the above problems.
Since high-precision multiplication of integers and modulo operation are in ecdsa sign test algorithm bottom circulation, so improving multiplication
Ecdsa sign test speed can be effectively promoted with the modulo operation speed of service.It is replaced commonly in multiplying using Fast Multiplication
Multiplying is the optimal way currently generally used in terms of algorithm.By improving carry system, improvement recursive procedure and changing
It keeps forging ahead modular arithmetic etc., Algorithms T-cbmplexity is reduced, to accelerate algorithm execution speed.
In general, there are three main problems for meeting when high-level language is realized for the multiplication of high-precision integer and modulo operation:
Speed is slow, modulus need to division arithmetic, intermediate value may cross the border twice.Therefore, it should be realized using assembler language and optimization algorithm
Above-mentioned operation.It is realized using assembler language instead of high-level language, is the optimal way currently generally used in terms of language, it can
Instruction execution efficiency is improved, it can be with the faster procedure speed of service.
Summary of the invention:
The purpose of the present invention is to provide the methods that one kind can accelerate ecdsa sign test.
The present invention is accomplished in that
A method of accelerating ecdsa sign test in embedded device end, includes the following steps:
Step 1: initialization elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, signer
Public key is Q, obtains elliptic curve basic point G;
Step 2: under C language environment, calculating w=s-1mod n;
Step 3: under C language environment, calculating u1=m*w mod n;
Step 4: under C language environment, calculating u2=r*w mod n;
Step 5: under C language environment, calculating (x, y)=u1*G+u2*Q;
Step 6:v=x mod n;
Step 7: judging whether to meet v=r, meet then signature verification and pass through, otherwise signature verification does not pass through.
Preferred embodiment one, the step 2 include following detailed process:
Step 2.1: round numbers p=n, q=s, w=0, t=1, k=0, zj go to step 2.2;
Step 2.2: judging whether to meet q > 0, be, go to step 2.3, otherwise go to step 2.10;
Step 2.3: judging whether p is even number, be to go to step 2.4, otherwise go to step 2.5;
Step 2.4: continuing to calculate p, t, k, p=p/2, t=2t, k=k+1, return step 2.2;
Step 2.5: judging whether q is even number, be to go to step 2.6, otherwise go to step 2.7;
Step 2.6: continuing to calculate q, w, k, q=q/2, w=2w, k=k+1, return step 2.2;
Step 2.7: calculating x=p-q, judge whether to meet x > 0, be, go to step 2.8, otherwise go to step 2.9;
Step 2.8: continuing to calculate p, w, t, p=x/2, w=w+t, k=k+1, return step 2.2;
Step 2.9: continuing to calculate q, t, w, k, q=-x/2, t=w+t, w=2w, k=k+1, return step 2.2;
Step 2.10: judging whether to meet w > n, be to go to step 2.11, otherwise go to step 2.12;
Step 2.11: continuing to calculate w, w=w-n, go to step 2.12;
Step 2.12: continuing to calculate w, w=n-w, go to step 2.13;
Step 2.13: judging whether to meet k >=0, be to go to step 2.14, otherwise go to step 2.17;
Step 2.14: judging whether w is even number, be to turn 2.15, otherwise go to step 2.16;
Step 2.15: continuing to calculate w, k, w=w/2, k=k-1 go to step 2.13;
Step 2.16: continuing to calculate w, w=(w+n)/2, k=k-1 goes to step 2.13;
Step 2.17: returning to the value of w.
Preferred embodiment two, the step 3 include following detailed process:
Step 3.1: round numbers t meets t > n, makes (t, n)=1;
Step 2.2: calculating m '=m*t mod n, w '=w*t mod n;
Step 2.3: returning to u1=m ' * w ' * t-1*t-1mod n。
Preferred embodiment three, the step 4 include following detailed process:
Step 4.1: round numbers t meets t > n, makes (t, n)=1;
Step 4.2: calculating r '=r*t mod n, w '=w*t mod n;
Step 4.3: returning to u2=r ' * w ' * t-1*t-1mod n。
Preferred embodiment four, the step 5 include following detailed process:
Step 5.1: note u1=(u1t-1,u1t-2,…,u11,u10)2, u2=(u2k-1,u2k-2,…,u21,u20)2Take ellipse
Curve point M=∞, N=∞, round numbers i=t-1, j=k-1 go to step 5.2;
Step 5.2: judging whether to meet i >=0, be to go to step 5.3, otherwise go to step 5.5;
Step 5.3: continuing to calculate M, i, M=M+M, i=i-1 judge whether to meet u1i=1, it is to go to step 5.4, otherwise
Return step 5.2;
Step 5.4: continuing to calculate M, M=M+G, return step 5.2;
Step 5.5: judging whether to meet j >=0, be to go to step 5.6, otherwise go to step 5.8;
Step 5.6: continuing to calculate N, j, N=N+N, j=j-1 judge whether to meet u2i=1, it is to go to step 5.7, otherwise
Return step 5.5;
Step 5.7: continuing to calculate N, N=N+Q, return step 5.2;
Step 5.8: returning to (x, y)=M+N.
The present invention has the advantage that compared with the existing technology
(1) ecdsa sign test speed is promoted by optimization algorithm, does not increase hardware cost.
(2) make some low side embedded devices that there is faster ecdsa sign test speed by optimization algorithm, effectively drop
Low product cost.
Detailed description of the invention:
Fig. 1 is the flow diagram of the method for the present invention.
Specific embodiment:
Embodiment:
A method of accelerating ecdsa sign test in embedded device end, includes the following steps:
Step 1: initialization elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, signer
Public key is Q, obtains elliptic curve basic point G;
Step 2: under C language environment, calculating w=s-1mod n;
Step 3: under C language environment, calculating u1=m*w mod n;
Step 4: under C language environment, calculating u2=r*w mod n;
Step 5: under C language environment, calculating (x, y)=u1*G+u2*Q;
Step 6:v=x mod n;
Step 7: judging whether to meet v=r, meet then signature verification and pass through, otherwise signature verification does not pass through.
Above-mentioned steps 2 include following detailed process:
Step 2.1: round numbers p=n, q=s, w=0, t=1, k=0, zj go to step 2.2;
Step 2.2: judging whether to meet q > 0, be, go to step 2.3, otherwise go to step 2.10;
Step 2.3: judging whether p is even number, be to go to step 2.4, otherwise go to step 2.5;
Step 2.4: continuing to calculate p, t, k, p=p/2, t=2t, k=k+1, return step 2.2;
Step 2.5: judging whether q is even number, be to go to step 2.6, otherwise go to step 2.7;
Step 2.6: continuing to calculate q, w, k, q=q/2, w=2w, k=k+1, return step 2.2;
Step 2.7: calculating x=p-q, judge whether to meet x > 0, be, go to step 2.8, otherwise go to step 2.9;
Step 2.8: continuing to calculate p, w, t, p=x/2, w=w+t, k=k+1, return step 2.2;
Step 2.9: continuing to calculate q, t, w, k, q=-x/2, t=w+t, w=2w, k=k+1, return step 2.2;
Step 2.10: judging whether to meet w > n, be to go to step 2.11, otherwise go to step 2.12;
Step 2.11: continuing to calculate w, w=w-n, go to step 2.12;
Step 2.12: continuing to calculate w, w=n-w, go to step 2.13;
Step 2.13: judging whether to meet k >=0, be to go to step 2.14, otherwise go to step 2.17;
Step 2.14: judging whether w is even number, be to turn 2.15, otherwise go to step 2.16;
Step 2.15: continuing to calculate w, k, w=w/2, k=k-1 go to step 2.13;
Step 2.16: continuing to calculate w, w=(w+n)/2, k=k-1 goes to step 2.13;
Step 2.17: returning to the value of w.
Above-mentioned steps 3 include following detailed process:
Step 3.1: round numbers t meets t > n, makes (t, n)=1;
Step 2.2: calculating m '=m*t mod n, w '=w*t mod n;
Step 2.3: returning to u1=m ' * w ' * t-1*t-1mod n。
Above-mentioned steps 4 include following detailed process:
Step 4.1: round numbers t meets t > n, makes (t, n)=1;
Step 4.2: calculating r '=r*t mod n, w '=w*t mod n;
Step 4.3: returning to u2=r ' * w ' * t-1*t-1mod n。
Above-mentioned steps 5 include following detailed process:
Step 5.1: note u1=(u1t-1,u1t-2,…,u11,u10)2, u2=(u2k-1,u2k-2,…,u21,u20)2Take ellipse
Curve point M=∞, N=∞, round numbers i=t-1, j=k-1 go to step 5.2;
Step 5.2: judging whether to meet i >=0, be to go to step 5.3, otherwise go to step 5.5;
Step 5.3: continuing to calculate M, i, M=M+M, i=i-1 judge whether to meet u1i=1, it is to go to step 5.4, otherwise
Return step 5.2;
Step 5.4: continuing to calculate M, M=M+G, return step 5.2;
Step 5.5: judging whether to meet j >=0, be to go to step 5.6, otherwise go to step 5.8;
Step 5.6: continuing to calculate N, j, N=N+N, j=j-1 judge whether to meet u2i=1, it is to go to step 5.7, otherwise
Return step 5.5;
Step 5.7: continuing to calculate N, N=N+Q, return step 5.2;
Step 5.8: returning to (x, y)=M+N.
Above-mentioned steps 5.3, step 5.4, step 5.6, step 5.7, Point on Elliptic Curve A, point B involved in step 5.8,
The calculating of A=B+C between point C carries out according to the following procedure:
Step 5a: note B=(x1, y1), C=(x2, y2), A=(x3, y3), elliptic curve equation y2=x3+ax+b;
Step 5b: c=x1*x1 is calculated;
Step 5c: d=x2*x2 is calculated;
Step 5d: e=x1*x2 is calculated;
Step 5e: λ=(c+d+e+a)/(y1+y2) is calculated;
Step 5f: λ 2=λ * λ is calculated;
Step 5g: x3=λ 2-x1-x2 is calculated;
Step 5h: f=λ * x1 is calculated;
Step 5i: g=λ * x3 is calculated;
Step 5j: y3=f-g-y1 is calculated;
Step 5k: it returns A=(x3, y3).
Z=x*y is calculated under above-mentioned steps 5b, step 5c, step 5d, step 5f, the decimal system involved in step 5h, 5i,
Algorithm is z=alg (x, y), is remembered m=(maximum value of the digit of x and y), and recursive decrease lowest order digit is that k, m and k are compiling
It is preceding specified, and 2 power times that m is k;It comprises the following processes:
Step 501: judging whether to meet m < k, be to go to step 502, otherwise go to step 503;
Step 502: returning to z=x*y;
Step 503: calculating m2=m/2;
Step 504: note x1 is high m2 of x, and x2 is low m2 of x, and y1 is high m2 of y, and y2 is low m2 of y;
Step 505: calculating z1=alg (x2, y2), z2=alg (x1+x2, y1+y2), z3=alg (x1, y1);
Step 506: returning to z=z3*10m+(z2-z3-z1)*10m2+z1
Above-mentioned steps 502 carry out according to the following procedure:
Step 502-1: under assembly language environment, remember that the digits of y are y from high to lown、yn-1、…、y1;
Step 502-2: under assembly language environment, z is calculatedi=x*yi(1≤i≤n);
Step 502-3: under assembly language environment, z=∑ is returned ton I=1zi*10i。
In the ecdsa sign test that the arm9 processor platform operation present invention realizes, the ecdsa algorithm realized with the library Openssl
Time test comparison is carried out, following result is obtained:
The first situation: having application program operation from the background, and CPU usage is typically up to 80% or more before testing, and average value misses
Difference about 10ms;Test result comparison such as following table
Version | Average time | Minimum time | Maximum time |
The present invention | 53ms | 4ms | 130ms |
Openssl sign test | 1036ms | 814ms | 1256ms |
Second situation: running without application program from the background, and CPU usage is generally 1% hereinafter, average value error before testing
About 1ms;Test result comparison such as following table
Version | Average time | Minimum time | Maximum time |
The present invention | 4ms | 4ms | 8ms |
Openssl sign test | 81ms | 78ms | 125ms |
Test environment parameter: dominant frequency: 454Mhz, memory 128M, each test carry out 1000 statistics, and test result is aobvious
Show, on identical embedded platform, time performance of the present invention has significant advantage.
Claims (8)
1. a kind of method for accelerating ecdsa sign test in embedded device end, which comprises the steps of:
Step 1: initialization elliptic curve note order of curve is n, and signature result is (r, s), and being signed message is m, signer public key
For Q, elliptic curve basic point G is obtained;
Step 2: under C language environment, calculating w=s-1mod n;
Step 3: under C language environment, calculating u1=m*w mod n;
Step 4: under C language environment, calculating u2=r*w mod n;
Step 5: under C language environment, calculating (x, y)=u1*G+u2*Q;
Step 6:v=x mod n;
Step 7: judging whether to meet v=r, meet then signature verification and pass through, otherwise signature verification does not pass through.
2. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described
Step 2 includes following detailed process:
Step 2.1: round numbers p=n, q=s, w=0, t=1, k=0, zj go to step 2.2;
Step 2.2: judging whether to meet q > 0, be, go to step 2.3, otherwise go to step 2.10;
Step 2.3: judging whether p is even number, be to go to step 2.4, otherwise go to step 2.5;
Step 2.4: continuing to calculate p, t, k, p=p/2, t=2t, k=k+1, return step 2.2;
Step 2.5: judging whether q is even number, be to go to step 2.6, otherwise go to step 2.7;
Step 2.6: continuing to calculate q, w, k, q=q/2, w=2w, k=k+1, return step 2.2;
Step 2.7: calculating x=p-q, judge whether to meet x > 0, be, go to step 2.8, otherwise go to step 2.9;
Step 2.8: continuing to calculate p, w, t, p=x/2, w=w+t, k=k+1, return step 2.2;
Step 2.9: continuing to calculate q, t, w, k, q=-x/2, t=w+t, w=2w, k=k+1, return step 2.2;
Step 2.10: judging whether to meet w > n, be to go to step 2.11, otherwise go to step 2.12;
Step 2.11: continuing to calculate w, w=w-n, go to step 2.12;
Step 2.12: continuing to calculate w, w=n-w, go to step 2.13;
Step 2.13: judging whether to meet k >=0, be to go to step 2.14, otherwise go to step 2.17;
Step 2.14: judging whether w is even number, be to turn 2.15, otherwise go to step 2.16;
Step 2.15: continuing to calculate w, k, w=w/2, k=k-1 go to step 2.13;
Step 2.16: continuing to calculate w, w=(w+n)/2, k=k-1 goes to step 2.13;
Step 2.17: returning to the value of w.
3. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described
Step 3 includes following detailed process:
Step 3.1: round numbers t meets t > n, makes (t, n)=1;
Step 2.2: calculating m '=m*t mod n, w '=w*t mod n;
Step 2.3: returning to u1=m ' * w ' * t-1*t-1mod n。
4. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described
Step 4 includes following detailed process:
Step 4.1: round numbers t meets t > n, makes (t, n)=1;
Step 4.2: calculating r '=r*t mod n, w '=w*t mod n;
Step 4.3: returning to u2=r ' * w ' * t-1*t-1mod n。
5. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 1, which is characterized in that described
Step 5 includes following detailed process:
Step 5.1: note u1=(u1t-1,u1t-2,…,u11,u10)2, u2=(u2k-1,u2k-2,…,u21,u20)2Take elliptic curve
Point M=∞, N=∞, round numbers i=t-1, j=k-1 go to step 5.2;
Step 5.2: judging whether to meet i >=0, be to go to step 5.3, otherwise go to step 5.5;
Step 5.3: continuing to calculate M, i, M=M+M, i=i-1 judge whether to meet u1i=1, it is to go to step 5.4, otherwise returns
Step 5.2;
Step 5.4: continuing to calculate M, M=M+G, return step 5.2;
Step 5.5: judging whether to meet j >=0, be to go to step 5.6, otherwise go to step 5.8;
Step 5.6: continuing to calculate N, j, N=N+N, j=j-1 judge whether to meet u2i=1, it is to go to step 5.7, otherwise returns
Step 5.5;
Step 5.7: continuing to calculate N, N=N+Q, return step 5.2;
Step 5.8: returning to (x, y)=M+N.
6. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 5, which is characterized in that described
Step 5.3, step 5.4, step 5.6, step 5.7, Point on Elliptic Curve A, point B involved in step 5.8, A=B+ between point C
The calculating of C carries out according to the following procedure:
Step 5a: note B=(x1, y1), C=(x2, y2), A=(x3, y3), elliptic curve equation y2=x3+ax+b;
Step 5b: c=x1*x1 is calculated;
Step 5c: d=x2*x2 is calculated;
Step 5d: e=x1*x2 is calculated;
Step 5e: λ=(c+d+e+a)/(y1+y2) is calculated;
Step 5f: λ 2=λ * λ is calculated;
Step 5g: x3=λ 2-x1-x2 is calculated;
Step 5h: f=λ * x1 is calculated;
Step 5i: g=λ * x3 is calculated;
Step 5j: y3=f-g-y1 is calculated;
Step 5k: it returns A=(x3, y3).
7. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 6, which is characterized in that described
Step 5b, z=x*y, algorithm z=alg are calculated under step 5c, step 5d, step 5f, the decimal system involved in step 5h, 5i
(x, y) remembers m=(maximum value of the digit of x and y), and recursive decrease lowest order digit is that k, m and k are that compiling is preceding specified, and m is k
2 power times;It comprises the following processes:
Step 501: judging whether to meet m < k, be to go to step 502, otherwise go to step 503;
Step 502: returning to z=x*y;
Step 503: calculating m2=m/2;
Step 504: note x1 is high m2 of x, and x2 is low m2 of x, and y1 is high m2 of y, and y2 is low m2 of y;
Step 505: calculating z1=alg (x2, y2), z2=alg (x1+x2, y1+y2), z3=alg (x1, y1);
Step 506: returning to z=z3*10m+(z2-z3-z1)*10m2+z1。
8. a kind of method for accelerating ecdsa sign test in embedded device end according to claim 7, which is characterized in that described
Step 502 carries out according to the following procedure:
Step 502-1: under assembly language environment, remember that the digits of y are y from high to lown、yn-1、…、y1;
Step 502-2: under assembly language environment, z is calculatedi=x*yi(1≤i≤n);
Step 502-3: under assembly language environment, z=∑ is returned ton I=1zi*10i。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811000547.6A CN109005039A (en) | 2018-08-30 | 2018-08-30 | A method of accelerating ecdsa sign test in embedded device end |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811000547.6A CN109005039A (en) | 2018-08-30 | 2018-08-30 | A method of accelerating ecdsa sign test in embedded device end |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109005039A true CN109005039A (en) | 2018-12-14 |
Family
ID=64594101
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811000547.6A Pending CN109005039A (en) | 2018-08-30 | 2018-08-30 | A method of accelerating ecdsa sign test in embedded device end |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109005039A (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6163841A (en) * | 1998-06-23 | 2000-12-19 | Microsoft Corporation | Technique for producing privately authenticatable cryptographic signatures and for authenticating such signatures |
CN106856431A (en) * | 2015-12-09 | 2017-06-16 | 上海华虹集成电路有限责任公司 | Improved ECDSA and sign test method |
CN107634836A (en) * | 2017-09-05 | 2018-01-26 | 何德彪 | A kind of SM2 digital signature generation method and system |
CN107678763A (en) * | 2017-09-28 | 2018-02-09 | 杭州海兴电力科技股份有限公司 | Electric energy meter upgrade method and system based on digital signature technology |
-
2018
- 2018-08-30 CN CN201811000547.6A patent/CN109005039A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6163841A (en) * | 1998-06-23 | 2000-12-19 | Microsoft Corporation | Technique for producing privately authenticatable cryptographic signatures and for authenticating such signatures |
CN106856431A (en) * | 2015-12-09 | 2017-06-16 | 上海华虹集成电路有限责任公司 | Improved ECDSA and sign test method |
CN107634836A (en) * | 2017-09-05 | 2018-01-26 | 何德彪 | A kind of SM2 digital signature generation method and system |
CN107678763A (en) * | 2017-09-28 | 2018-02-09 | 杭州海兴电力科技股份有限公司 | Electric energy meter upgrade method and system based on digital signature technology |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Kannwischer et al. | Single-trace attacks on keccak | |
den Boer et al. | A DPA attack against the modular reduction within a CRT implementation of RSA | |
Bogdanov | Improved side-channel collision attacks on AES | |
US7957527B2 (en) | Cryptographic processing apparatus | |
JP6110577B1 (en) | Elliptic curve point multiplication procedure to resist side channel information leakage | |
EP2228716B1 (en) | Fault-resistant calculcations on elliptic curves | |
US7991154B2 (en) | Exponentiation method using multibase number representation | |
US20060045262A1 (en) | Reliable elliptic curve cryptography computation | |
US8144864B2 (en) | Method for speeding up the computations for characteristic 2 elliptic curve cryptographic systems | |
CN109145616B (en) | SM2 encryption, signature and key exchange implementation method and system based on efficient modular multiplication | |
Bos et al. | Fast Arithmetic Modulo 2^ xp^ y±1 | |
KR20140046568A (en) | Method for elliptic curve cryptography with countermeasures against simple power analysis and fault injection analysis and system thereof | |
CN112560107B (en) | Method and device for processing private data | |
US10348495B2 (en) | Configurable crypto hardware engine | |
Koppermann et al. | 18 seconds to key exchange: Limitations of supersingular isogeny Diffie-Hellman on embedded devices | |
US8700921B2 (en) | Fault-resistant exponentiation algorithm | |
Castryck et al. | Efficient arithmetic on elliptic curves using a mixed Edwards-Montgomery representation | |
CN109150544A (en) | A method of accelerating sm2 sign test in embedded device end | |
CN109005039A (en) | A method of accelerating ecdsa sign test in embedded device end | |
Bos et al. | Elliptic and hyperelliptic curves: A practical security analysis | |
US20120039462A1 (en) | Rsa signature method and apparatus | |
Bernstein et al. | Faster elliptic-curve discrete logarithms on FPGAs | |
Aljuffri et al. | Multi-bit blinding: A countermeasure for RSA against side channel attacks | |
US11184148B2 (en) | Elliptic curve cryptography scheme for Edwards curves having a differential side-channel attack countermeasure | |
US20140286488A1 (en) | Determining a Division Remainder and Ascertaining Prime Number Candidates for a Cryptographic Application |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20181214 |
|
WD01 | Invention patent application deemed withdrawn after publication |