Cryptographic method comprising secure modular exponentiation against hidden-channel attacks, cryptoprocessor for implementing the method and associated chip card
US8265266B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 22, 2006 |
| Grant date | Sep 11, 2012 |
| Priority date | — |
| Expiry date | Jan 17, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/046
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A cryptographic method carries out a modular exponentiation of the type C=A<B1> mod N, where A is an operand, B1 is a first exponent, N is a modulus and C is a result. The method includes the steps of masking the operand A by a number s, carrying out a modular exponentiation of the masked operand by the exponent B1, and demasking the result of the exponentiation, by removing a contribution from the random number s from the result of the exponentiation. During the step of masking the operand A, the operand A is multiplied by a parameter of the form K<s.B2>, where K is a constant and B2 is a second exponent such that B1.B2=1 mod N. The method is implemented preferably by using a Montgomery multiplier. The preferred choice for the constant K is K=2p, p being an integer lying between 0 and n, n being an upper bound of the size of the modulus N and conventionally depending on the choice of implementation of the Montgomery multiplication.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.