CN111480140B - 计算设备和方法 - Google Patents

计算设备和方法 Download PDF

Info

Publication number
CN111480140B
CN111480140B CN201880079830.4A CN201880079830A CN111480140B CN 111480140 B CN111480140 B CN 111480140B CN 201880079830 A CN201880079830 A CN 201880079830A CN 111480140 B CN111480140 B CN 111480140B
Authority
CN
China
Prior art keywords
shares
multiplication
variable
multiplicative
share
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201880079830.4A
Other languages
English (en)
Chinese (zh)
Other versions
CN111480140A (zh
Inventor
R·里特曼
S·J·A·德雷赫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips NV filed Critical Koninklijke Philips NV
Publication of CN111480140A publication Critical patent/CN111480140A/zh
Application granted granted Critical
Publication of CN111480140B publication Critical patent/CN111480140B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/723Modular exponentiation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/724Finite field arithmetic
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/76Arrangements for rearranging, permuting or selecting data according to predetermined rules, independently of the content of the data
    • G06F7/764Masking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • G06F2207/7223Randomisation as countermeasure against side channel attacks
    • G06F2207/7233Masking, e.g. (A**e)+r mod n
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • G06F2207/7223Randomisation as countermeasure against side channel attacks
    • G06F2207/7257Random modification not requiring correction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/04Masking or blinding
    • H04L2209/046Masking or blinding of operations, operands or results of the operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/16Obfuscation or hiding, e.g. involving white box

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
CN201880079830.4A 2017-11-10 2018-10-29 计算设备和方法 Active CN111480140B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP17201106.6A EP3484093A1 (en) 2017-11-10 2017-11-10 A computation device and method
EP17201106.6 2017-11-10
PCT/EP2018/079537 WO2019091809A1 (en) 2017-11-10 2018-10-29 A computation device and method

Publications (2)

Publication Number Publication Date
CN111480140A CN111480140A (zh) 2020-07-31
CN111480140B true CN111480140B (zh) 2024-05-28

Family

ID=60320709

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880079830.4A Active CN111480140B (zh) 2017-11-10 2018-10-29 计算设备和方法

Country Status (5)

Country Link
US (1) US11381379B2 (https=)
EP (2) EP3484093A1 (https=)
JP (1) JP7191097B2 (https=)
CN (1) CN111480140B (https=)
WO (1) WO2019091809A1 (https=)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3095709B1 (fr) * 2019-05-03 2021-09-17 Commissariat Energie Atomique Procédé et système de masquage pour la cryptographie
US11456855B2 (en) * 2019-10-17 2022-09-27 Arm Limited Obfuscating data at-transit
FR3112643B1 (fr) * 2020-07-15 2024-05-03 Banks And Acquirers Int Holding Dispositif, méthode et programme pour une communication sécurisée entre boîtes blanches
US12118098B1 (en) * 2023-12-08 2024-10-15 Pqsecure Technologies, Llc Computer processing system and method configured to effectuate lower-order masking in a higher-order masked design

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015004286A1 (en) * 2013-07-12 2015-01-15 Koninklijke Philips N.V. Key agreement device and method
WO2017063986A1 (en) * 2015-10-12 2017-04-20 Koninklijke Philips N.V. A cryptographic device and an encoding device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070150530A1 (en) 2005-12-13 2007-06-28 Intel Corporation Resisting cache timing based attacks
FR2917197B1 (fr) 2007-06-07 2009-11-06 Thales Sa Procede de masquage du resultat d'une operation de multiplication modulaire et dispositif associe.
JP2014145958A (ja) 2013-01-30 2014-08-14 Renesas Electronics Corp 半導体装置
US9959429B2 (en) * 2013-03-15 2018-05-01 Cryptography Research, Inc. Asymmetrically masked multiplication
US10235506B2 (en) * 2015-05-05 2019-03-19 Nxp B.V. White-box modular exponentiation
US10372886B2 (en) * 2015-05-05 2019-08-06 Nxp B.V. Protecting the input/output of modular encoded white-box RSA/ECC
JP6006842B1 (ja) 2015-07-22 2016-10-12 日本電信電話株式会社 秘密計算装置、その方法、およびプログラム
WO2017102879A1 (en) * 2015-12-15 2017-06-22 Koninklijke Philips N.V. A computation device and method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015004286A1 (en) * 2013-07-12 2015-01-15 Koninklijke Philips N.V. Key agreement device and method
WO2017063986A1 (en) * 2015-10-12 2017-04-20 Koninklijke Philips N.V. A cryptographic device and an encoding device

Also Published As

Publication number Publication date
EP3707593A1 (en) 2020-09-16
JP7191097B2 (ja) 2022-12-16
WO2019091809A1 (en) 2019-05-16
CN111480140A (zh) 2020-07-31
EP3707593B1 (en) 2021-06-02
US11381379B2 (en) 2022-07-05
JP2021502743A (ja) 2021-01-28
EP3484093A1 (en) 2019-05-15
US20200266970A1 (en) 2020-08-20

Similar Documents

Publication Publication Date Title
US10726108B2 (en) Protecting the input/output of modular encoded white-box RSA
US10431123B2 (en) Method for testing and hardening software applications
CN105453481B (zh) 包括表网络的计算设备
JP7123959B2 (ja) 楕円曲線点乗算デバイス及び方法
JP5861018B1 (ja) テーブルネットワークによって構成されたコンピューティングデバイス
CN111480140B (zh) 计算设备和方法
EP3407528A1 (en) Cryptographic device and method
US20200097256A1 (en) A calculation device for encoded addition
US10140437B2 (en) Array indexing with modular encoded values
US10235506B2 (en) White-box modular exponentiation
CN113273131B (zh) 使用共享的份额的计算设备
WO2012090289A1 (ja) 暗号処理装置および方法
EP3078154B1 (en) A computing device for iterative application of table networks
EP3125145B1 (en) White-box elliptic curve point multiplication
US10068070B2 (en) White-box elliptic curve point multiplication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant