JP2005532715A - スパイ行為に対抗して保護される逆法計算 - Google Patents
スパイ行為に対抗して保護される逆法計算 Download PDFInfo
- Publication number
- JP2005532715A JP2005532715A JP2004505873A JP2004505873A JP2005532715A JP 2005532715 A JP2005532715 A JP 2005532715A JP 2004505873 A JP2004505873 A JP 2004505873A JP 2004505873 A JP2004505873 A JP 2004505873A JP 2005532715 A JP2005532715 A JP 2005532715A
- Authority
- JP
- Japan
- Prior art keywords
- auxiliary
- value
- parameter
- inverse
- occultation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/60—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
- G06F7/72—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
- G06F7/721—Modular inversion, reciprocal or quotient calculation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
- G06F2207/7223—Randomisation as countermeasure against side channel attacks
- G06F2207/7233—Masking, e.g. (A**e)+r mod n
- G06F2207/7238—Operand masking, i.e. message blinding, e.g. (A+r)**e mod n; k.(P+R)
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
- G06F2207/7223—Randomisation as countermeasure against side channel attacks
- G06F2207/7233—Masking, e.g. (A**e)+r mod n
- G06F2207/7247—Modulo masking, e.g. A**e mod (n*r)
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (13)
- 暗号法用途のためにnを法とする値aの逆法値bを、スパイ行為に対抗して保護される態様で、決定する方法において、
(a) 互いに素である補助値β及び補助法δを、前記補助値βが前記値aと異なるような態様及び/または前記補助法δが前記法nと異なるような態様で、前記値a、前記法n及び少なくとも1つの掩蔽パラメータrに少なくとも依存して決定する工程(10)、
(b) 前記補助法δを法とする前記補助値βの逆法値として補助逆法値β'を決定する工程(20)、及び
(c) 以下の値、
− 前記補助逆法値β',
− 前記少なくとも1つの掩蔽パラメータr,及び
−前記補助値β及び/または前記補助法δ
に少なくとも依存して前記逆法値bを決定する工程(24)、
を有してなることを特徴とする方法。 - 前記少なくとも1つの掩蔽パラメータrがランダムに選ばれ、及び/または前記少なくとも1つの掩蔽パラメータrの桁数が前記法nの桁数と同じであることを特徴とする請求項1に記載の方法。
- 前記値aまたは前記法nに前記掩蔽パラメータrが乗じられ、よって、前記補助値β及び/または前記補助法δの計算にある程度の影響を及ぼす積が得られることを特徴とする請求項1または2に記載の方法。
- 前記工程(a)における前記補助値β及び前記補助法δの決定がさらに、前記工程(c)における前記逆法値bの決定に間接的に影響を及ぼすに過ぎない、少なくとも1つの補助パラメータsに依存して行われることを特徴とする請求項1から3のいずれか1項に記載の方法。
- 前記少なくとも1つの補助パラメータsがランダムに選ばれ、及び/または前記少なくとも1つの補助パラメータsの桁数が前記値aの桁数と同じであることを特徴とする請求項4に記載の方法。
- 前記工程(a)において前記補助値β及び前記補助法δが、あらかじめ定められた値α及びγあるいは前記工程(a)で計算された値α及びγについて、式:ra=αn+β及びsn=γa+δが満たされるような態様で、決定されることを特徴とする請求項4または5に記載の方法。
- 前記逆法値bが、δ'=(ββ'−1)/δとする式:b=β'r+δ'γ (mod n)を評価することにより決定されることを特徴とする請求項8に記載の方法。
- 前記工程(a)において前記補助値β及び前記補助法δが、あらかじめ定められた値α及びγあるいは前記工程(a)で計算された値α及びγについて、式:ra=αn+δ及びsn=γa+βが満たされるような態様で、決定されることを特徴とする請求項4または5に記載の方法。
- 前記逆法値bが、δ'=(ββ'−1)/δとする式:b=−(δ'r+β'γ) (mod n)を評価することにより決定されることを特徴とする請求項8に記載の方法。
- 前記補助値β及び/または前記補助法δが、それぞれの場合において、不等式:0≦β<n及び0≦δ<aの内の少なくとも1つが満たされるように、剰余による1回の除法計算により決定されることを特徴とする請求項6から9のいずれか1項に記載の方法。
- 前記暗号法用途がRSAエンコード法またはRSA署名法におけるキー対の決定であることを特徴とする請求項1から10のいずれか1項に記載の方法。
- 請求項1から11のいずれか1項に記載の特徴をもつ方法をプロセッサに実行させるためのプログラム命令を有することを特徴とするコンピュータプログラム製品。
- 携帯型データ記憶媒体において、請求項1から11のいずれかに記載の特徴をもつ方法を実行するための用意がなされている、特にスマートカードまたはICモジュールであることを特徴とする携帯型データ記憶媒体。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE10222212.6 | 2002-05-16 | ||
DE10222212A DE10222212A1 (de) | 2002-05-16 | 2002-05-16 | Ausspähungsgeschützte modulare Inversion |
PCT/EP2003/005011 WO2003098429A2 (de) | 2002-05-16 | 2003-05-13 | Ausspähungsgeschützte modulare inversion |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2005532715A true JP2005532715A (ja) | 2005-10-27 |
JP4717437B2 JP4717437B2 (ja) | 2011-07-06 |
Family
ID=29413947
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2004505873A Expired - Lifetime JP4717437B2 (ja) | 2002-05-16 | 2003-05-13 | スパイ行為に対抗して保護される逆法計算 |
Country Status (6)
Country | Link |
---|---|
US (1) | US7474748B2 (ja) |
EP (1) | EP1506473B1 (ja) |
JP (1) | JP4717437B2 (ja) |
AU (1) | AU2003236642A1 (ja) |
DE (1) | DE10222212A1 (ja) |
WO (1) | WO2003098429A2 (ja) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102005024609A1 (de) * | 2005-05-25 | 2006-11-30 | Siemens Ag | Bestimmung einer modularen Inversen |
DE102005030286A1 (de) * | 2005-06-29 | 2007-01-04 | Giesecke & Devrient Gmbh | Verwendung eines Koprozessors zur modularen Inversion |
FR2897964B1 (fr) * | 2006-02-28 | 2017-01-13 | Atmel Corp | Procede de calcul numerique incluant la division euclidienne |
US8290151B2 (en) | 2007-10-12 | 2012-10-16 | Infineon Technologies Ag | Device and method for determining an inverse of a value related to a modulus |
CN103336680B (zh) * | 2013-06-27 | 2016-01-13 | 清华大学 | 实现二进制左移模逆算法的电路 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
WO2000042733A1 (en) * | 1999-01-15 | 2000-07-20 | Certicom Corp. | Method and apparatus for masking cryptographic operations |
JP2002082609A (ja) * | 2000-09-06 | 2002-03-22 | Toyo Commun Equip Co Ltd | 依頼計算を用いた演算装置、及び記録媒体 |
JP2003513491A (ja) * | 1999-10-28 | 2003-04-08 | ブル・セー・ペー・8 | 物理的分析によるハッキングに対する母数指数化に基づく電子暗号ユニットの安全保護方法 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3515306B2 (ja) | 1997-01-29 | 2004-04-05 | 日本電信電話株式会社 | 逆元演算装置 |
ATE325478T1 (de) * | 1998-01-02 | 2006-06-15 | Cryptography Res Inc | Leckresistentes kryptographisches verfahren und vorrichtung |
WO2002003608A1 (en) * | 2000-06-29 | 2002-01-10 | The State Of Oregon Acting By And Through The State Board Of Higher Education On Befalf Of The University Of Oregon | Method and apparatus for incomplete modular arithmetic |
DE10061697A1 (de) | 2000-12-12 | 2002-06-27 | Infineon Technologies Ag | Verfahren und Vorrichtung zum Ermitteln eines Schlüsselpaars und zum Erzeugen von RSA-Schlüsseln |
US6763365B2 (en) * | 2000-12-19 | 2004-07-13 | International Business Machines Corporation | Hardware implementation for modular multiplication using a plurality of almost entirely identical processor elements |
DE10143728B4 (de) | 2001-09-06 | 2004-09-02 | Infineon Technologies Ag | Vorrichtung und Verfahren zum Berechnen eines Ergebnisses einer modularen Exponentiation |
-
2002
- 2002-05-16 DE DE10222212A patent/DE10222212A1/de not_active Withdrawn
-
2003
- 2003-05-13 EP EP03735380.2A patent/EP1506473B1/de not_active Expired - Lifetime
- 2003-05-13 US US10/514,579 patent/US7474748B2/en not_active Expired - Fee Related
- 2003-05-13 WO PCT/EP2003/005011 patent/WO2003098429A2/de active Application Filing
- 2003-05-13 AU AU2003236642A patent/AU2003236642A1/en not_active Abandoned
- 2003-05-13 JP JP2004505873A patent/JP4717437B2/ja not_active Expired - Lifetime
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
WO2000042733A1 (en) * | 1999-01-15 | 2000-07-20 | Certicom Corp. | Method and apparatus for masking cryptographic operations |
JP2003513491A (ja) * | 1999-10-28 | 2003-04-08 | ブル・セー・ペー・8 | 物理的分析によるハッキングに対する母数指数化に基づく電子暗号ユニットの安全保護方法 |
JP2002082609A (ja) * | 2000-09-06 | 2002-03-22 | Toyo Commun Equip Co Ltd | 依頼計算を用いた演算装置、及び記録媒体 |
Non-Patent Citations (1)
Title |
---|
JPN6009056622, Mehdi−Laurent Akkar, Christophe Giraud, "An Implementation of DES and AES, Secure against Some Attacks", CHES2001, 200106, LNCS2162, p.309−318, Springer * |
Also Published As
Publication number | Publication date |
---|---|
EP1506473A2 (de) | 2005-02-16 |
AU2003236642A1 (en) | 2003-12-02 |
WO2003098429A2 (de) | 2003-11-27 |
WO2003098429A3 (de) | 2004-07-15 |
EP1506473B1 (de) | 2013-07-17 |
US20050157870A1 (en) | 2005-07-21 |
JP4717437B2 (ja) | 2011-07-06 |
DE10222212A1 (de) | 2003-12-04 |
US7474748B2 (en) | 2009-01-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5301989B2 (ja) | 楕円曲線点乗算 | |
US5016274A (en) | On-line/off-line digital signing | |
US7912216B2 (en) | Elliptic curve cryptosystem optimization using two phase key generation | |
JP4137385B2 (ja) | 公開鍵および秘密鍵による暗号化方法 | |
US20080310625A1 (en) | Digital signature on a smartcard | |
US7908641B2 (en) | Modular exponentiation with randomized exponent | |
Itoh et al. | DPA countermeasures by improving the window method | |
US20060126830A1 (en) | Montgomery transform device, arithmetic device, IC card, encryption device, decryption device and program | |
US20080240443A1 (en) | Method and apparatus for securely processing secret data | |
JP2003513491A (ja) | 物理的分析によるハッキングに対する母数指数化に基づく電子暗号ユニットの安全保護方法 | |
CN100380861C (zh) | 使用离散对数函数产生不对称加密系统的加密单元的方法 | |
US8160256B2 (en) | Key calculation method and key agreement method using the same | |
US20020041683A1 (en) | Method for selecting optimal number of prime factors of a modulus for use in a cryptographic system | |
JPH10500502A (ja) | 離散対数をベースとした公開キーによる暗号化方法 | |
JP4717437B2 (ja) | スパイ行為に対抗して保護される逆法計算 | |
JP2004226674A (ja) | 情報処理方法 | |
JP2002542504A (ja) | 同一の秘密鍵の暗号アルゴリズムを使用して1つまたは複数の電子装置を保護する方法、当該方法の使用および当該電子装置 | |
CN113141255A (zh) | 用于在处理设备、对应的处理设备和计算机程序产品中对数据执行密码运算的方法 | |
US7454625B2 (en) | Method and apparatus for protecting a calculation in a cryptographic algorithm | |
US7496758B2 (en) | Method and apparatus for protecting an exponentiation calculation by means of the chinese remainder theorem (CRT) | |
KR101990861B1 (ko) | 논-모듈러 승산기, 논-모듈러 승산 방법 및 계산 장치 | |
Peeran et al. | E-governance security via public key cryptography using elliptic curve cryptography | |
CN1985458A (zh) | 增强的自然蒙哥马利指数掩蔽 | |
Tutănescu et al. | Elliptic curves cryptosystems approaches | |
JP3779479B2 (ja) | Icカード |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20060413 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20091104 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20100204 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20100212 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20100304 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20100405 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20100506 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20100510 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20101019 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110119 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20110301 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20110330 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 4717437 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140408 Year of fee payment: 3 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |