Electrical computers and digital processing systems: support – Data processing protection using cryptography
Reexamination Certificate
2000-10-25
2004-07-27
Jung, David (Department: 2134)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
C713S193000, C713S150000
Reexamination Certificate
active
06769062
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates to cryptographic methods and, more particularly, to a method and system of using secure and non-secure processors to perform cryptographic calculations while maintaining the security of private data.
The Internet has evolved from a network used primarily for the exchange of information into a communications medium used for business and commercial transactions. This evolution of the Internet into a communication medium for business and commercial transactions has lead to the need to make communications over public networks secure. Encryption technology is now commonly used to maintain secure communications over insecure networks, such as the Internet. In addition, the growth of e-commerce has lead to a need for new authentication methods for remote log-in and document verification.
Public key encryption technology provides both security and authentication capability. In public key cryptosystems, each user holds a matched pair of keys, including a private key and a public key. The private key and public key form a unique, matched pair. Documents or communications encrypted with a private key can only be decrypted with the matched public key and vice versa. The public key may be publicly disclosed and can be used by anyone to encrypt communications intended for the owner of the public key. The private key is maintained secret. Thus, a communication encrypted with the public key can only be decrypted by the owner of the matching private key.
Public key encryption methods can also be used to create digital signatures for electronic documents and communications. This digital signature may be used to verify documents. A person may sign an electronic document or communication by encrypting the document or communication with his or her private key. A signed document can then be verified or authenticated by decrypting the signed document with the matching public key. If the document or communication decrypts successfully using the matched public key, only the owner of the private key could have sent the message.
To ensure the integrity of commercial transactions and to prevent fraud, it is necessary for users to keep their private keys secret. Anyone who has access to the private key of a user can masquerade as that user with complete anonymity. Thus, widespread use of digital signatures for electronic commerce and other applications will require technology for secure storage of private keys.
It is known to store private keys in tamper-proof hardware devices, such as a removable smart card. The user's private key and public key certificate are written into the memory of the smart card. To use the smart card, the user inserts the smart card into a card reader connected to a host device and then enters an ID/password to activate the smart card. If the correct ID/password is entered, the on-card processor releases the private key for use by the host device. If an incorrect ID/password is entered on a predetermined number of consecutive attempts, the smart card locks up permanently. Some intelligent smart cards (often called cryptocards) can perform cryptographic operations so that the private key does not need to be output from its tamper-proof environment. The bytes to be processed are input to the smart card by the host device and processed by the smart card. Only the result is output from the smart card to the host device.
BRIEF SUMMARY OF THE INVENTION
The present invention is directed to a method and system of using secure and non-secure devices for performing cryptographic calculations, such as encryption and decryption of messages, without disclosing secret information. At least a portion of secret information is maintained within the secure device. The secret information is not discoverable by any practical means from the disclosed portion of the secret information.
One embodiment includes a method and system for performing calculations on a bitstring using a secret cipher key. The cipher key is divided into two partial values, referred to herein as the modified cipher key and the indicator. The modified cipher key is then output to an external processor. The modified cipher key may be generated by randomly changing selected bits of the cipher key. An indicator corresponding to the modified cipher key is also generated and includes a plurality of indicator bits. The indicator is a bitstring that, when added to the modified cipher key, produces the original cipher key. A first product is computed by the insecure processor and is a function of the bitstring and the modified cipher key. A second product is computed within the secure processor and is a function of the bitstring and the indicator. A final product is computed within the secure processor by combining the first product and the second product.
A second embodiment of the present invention divides the cipher key into three partial values, referred to herein as the short part, modified long part, and indicator. The insecure processor computes a first product which is combined with a second product computed by the secure processor. The first product is a function of a third product computed by the secure processor and a fourth product. The secure processor initially computes the third product and outputs the result to the insecure processor. The third product is a function of the bitstring and short part of the cipher key. The fourth product is a function of the bitstring and modified long part of the cipher key. The insecure processor multiplies the third product by a fourth product to obtain the first product. The first product is input to the secure processor which computes a second product and combines the second product with the first product to obtain the final product. The second product is a function of the bitstring and indicator.
REFERENCES:
patent: 6678825 (2004-01-01), Ellison et al.
patent: 6684330 (2004-01-01), Wack et al.
patent: 6701433 (2004-03-01), Schell et al.
patent: WO99/35782 (1999-07-01), None
Goodman et al., An energy-efficient IEEE 1363-based reconfigurable public-key cryptography processor, Solid-State Circuits Conference, 2001, Digest of Technical Papers, ISSCC, 2001, IEEE International, Feb. 5-7, 2001, pp. 330-331, 461.*
Kim et al., A compact finite processor over GF(2/sup m/) for elliptic curve cryptography, Circuits and Systems, 2002, ISCAS 2002, IEEE International Symposium on, vol. 2, May 26-29, 2002, pp.II-340-II-343, vol. 2.*
Posch et al., Residue number systems: a key to parallelism in public key cryptography, Parallel and Distributed Processing, 1992, Proceedings of the Fourth IEEE Symposium on, Dec. 1-4, 1992, pp. 432-435.*
Kato T. et al., “A Design for Modular Exponentiation Coprocessor in Mobile Telecommunication Terminals,” Cryptographic Hardware and Embedded Systems, 2ndInternational Workshop, Aug. 17-18, 2000, CHES 2000, vol. 1965, pp. 216-228.
Dent Paul W.
Kornby Michael
Smeets Ben
Coats & Bennett P.L.L.C.
Ericsson Inc.
Jung David
LandOfFree
Method and system of using an insecure crypto-accelerator does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system of using an insecure crypto-accelerator, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system of using an insecure crypto-accelerator will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3221508