Cryptographic apparatus, cryptographic method, and storage medium thereof

US 20050147243A1
Filed: 01/06/2005
Published: 07/07/2005
Est. Priority Date: 01/07/2004
Status: Abandoned Application

First Claim

Patent Images

1. A cryptographic apparatus comprising:

an AND circuit which performs an AND operation between a random number and first-masked data;

a shift circuit which receives an output signal of the AND circuit, and shifts the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and

a subtractor which receives the first-masked data and an output signal of the shift circuit, performs arithmetic subtraction of the output signal of the shift circuit from the first-masked data, and outputs second-masked data as a result.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic apparatus, a cryptographic method, and a computer readable storage medium provide for conversion between Boolean-masked data and arithmetic-masked data in a manner that allows for a reduction in computational overhead and hardware overhead. The cryptographic apparatus comprises: a first masking circuit which receives a first random number and data and outputs first-masked data; and a second masking circuit which receives a second random number and the first-masked data output from the first masking circuit, and outputs second-masked data. The second masking circuit comprises: an AND circuit which performs an AND operation between the first-masked data and the second random number; a shift circuit which receives the output signal of the AND circuit, and shifts the received output signal in a predetermined direction by predetermined bits; and a subtractor which receives the first-masked data and the output signal of the shift circuit, performs arithmetic subtraction of the output of the shift circuit form the first-masked data, and outputs second-masked is data. The first-masked data is Boolean-masked data and the second-masked data is arithmetic-masked data.

Citations

19 Claims

1. A cryptographic apparatus comprising:
- an AND circuit which performs an AND operation between a random number and first-masked data;
  
  a shift circuit which receives an output signal of the AND circuit, and shifts the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  a subtractor which receives the first-masked data and an output signal of the shift circuit, performs arithmetic subtraction of the output signal of the shift circuit from the first-masked data, and outputs second-masked data as a result.
- View Dependent Claims (2)
- - 2. The cryptographic apparatus of claim 1, wherein the shift circuit shifts the output signal of the AND circuit by 1 bit in the left-hand direction.

3. A cryptographic apparatus comprising:
- an AND circuit which performs an AND operation between a random number and first-masked data;
  
  an exclusive OR (XOR) circuit which receives an output signal of the AND circuit and the random number, and performs an XOR operation between the output signal and the random number;
  
  a shift circuit which receives an output signal of the XOR circuit, and shifts the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  an adder which receives the first-masked data and an output signal of the shift circuit, performs arithmetic addition of the first-masked data and the output signal of the shift circuit, and outputs second-masked data as a result.

4. A cryptographic apparatus comprising:
- a first masking circuit which receives a first random number and data, and outputs Boolean-masked data; and
  
  a second masking circuit which receives a second random number and the Boolean-masked data output from the first masking circuit and outputs arithmetic-masked data, wherein the second masking circuit comprises;
  
  an AND circuit which performs an AND operation between the second random number and the Boolean-masked data;
  
  a shift circuit which receives an output signal of the AND circuit, and shifts the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  a subtractor which receives the Boolean-masked data and an output signal of the shift circuit, performs arithmetic subtraction of the output signal of the shift circuit from the Boolean-masked data, and outputs the arithmetic-masked data as a result.
- View Dependent Claims (5, 6)
- - 5. The cryptographic apparatus of claim 4, wherein the shift circuit shifts the output signal of the AND circuit by 1 bit in the left-hand direction.
  - 6. The cryptographic apparatus of claim 4, where the first and second random numbers are an identical number.

7. A cryptographic apparatus comprising:
- a first masking circuit which receives a first random number and data, and outputs Boolean-masked data; and
  
  a second masking circuit which receives a second random number and the Boolean-masked data output from the first masking circuit and outputs arithmetic-masked data, wherein the second masking circuit comprises;
  
  an AND circuit which performs an AND operation between the second random number and the Boolean-masked data;
  
  an XOR circuit which receives an output signal of the AND circuit and the second random number, and performs an XOR operation between the output signal and the random number;
  
  a shift circuit which receives an output signal of the XOR circuit, and shifts the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  an adder which receives the Boolean-masked data and an output signal of the shift circuit, performs arithmetic addition of the Boolean-masked data and the output signal of the shift circuit, and outputs the arithmetic-masked data as a result.
- View Dependent Claims (8, 9)
- - 8. The cryptographic apparatus of claim 7, wherein the shift circuit shifts the output signal of the AND circuit by 1 bit in a left-hand direction.
  - 9. The cryptographic apparatus of claim 7, wherein the first and second random numbers are an identical number.

10. A cryptographic method comprising:
- performing an AND operation between a random number and first-masked data;
  
  receiving a result of the AND operation, and shifting the received result by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  receiving the first-masked data and a result of the shifting, performing arithmetic subtraction of the result of the shifting from the first-masked data, and outputting second-masked data as a result.

11. A cryptographic method comprising:
- performing an AND operation between a random number and first-masked data;
  
  receiving a result of the AND operation and the random number, and performing an XOR operation between the AND operation result and the random number;
  
  receiving a result of the XOR operation, and shifting the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  receiving the first-masked data and a result of the shifting, performing arithmetic addition of the first-masked data and the result of the shifting, and outputting second-masked data as a result.

12. A computer readable recording medium having embodied thereon a computer program for a cryptographic method, wherein the cryptographic method comprises:
- performing an AND operation between a random number and first-masked data;
  
  receiving a result of the AND operation, and shifting the received result by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  receiving the first-masked data and a result of the shifting, performing arithmetic subtraction of the result of the shifting from the first-masked data, and outputting second-masked data as a result.

13. A computer readable recording medium having embodied thereon a computer program for a cryptographic method, wherein the cryptographic method comprises:
- performing an AND operation between a random number and first-masked data;
  
  receiving a result of the AND operation and the random number, and performing an XOR operation between the AND operation result and the random number;
  
  receiving a result of the XOR operation, and shifting the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  receiving the first-masked data and a result of the shifting, performing arithmetic addition of the first-masked data and the result of the shifting, and outputting second-masked data as a result.

14. A cryptographic method comprising:
- receiving a first random number and data, and outputting Boolean-masked data; and
  
  receiving a second random number and the Boolean-masked data and outputting arithmetic-masked data, wherein the outputting arithmetic-masked data comprises;
  
  , performing an AND operation between the second random number and the Boolean-masked data;
  
  receiving a result of the AND operation, and shifting the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  receiving the Boolean-masked data and a result of the shifting, performing arithmetic subtraction of the shifting result from the Boolean-masked data, and outputting the arithmetic-masked data as a result.

15. A cryptographic method comprising:
- receiving a first random number and data, and outputting Boolean-masked data; and
  
  receiving a second random number and the Boolean-masked data and outputting arithmetic-masked data, wherein the outputting arithmetic-masked data comprises;
  
  performing an AND operation between the second random number and the Boolean-masked data;
  
  receiving a result of the AND operation and the random number, and performing an XOR operation between the AND operation result and the random number;
  
  receiving a result of the XOR operation, and shifting the received signal by m bits (here, m is a natural number) in any one of a right-hand direction and a left-hand direction; and
  
  receiving the Boolean-masked data and a result of the shifting, performing arithmetic addition of the Boolean-masked data and the shifting result, and outputting the arithmetic-masked data as a result.

16. A cryptographic method comprising:
- receiving n-bit data and a first random number with an n-bit length, and outputting n-bit arithmetic-masked data, a_n, a_n−
  
  1, . . . , a₂, a₁; and
  
  receiving a second random number with an n-bit length, r_n, r_n−
  
  1, . . . , r₂, r₁, and the arithmetic-masked data, a_n, a_n−
  
  1, . . . , a₂, a₁, and outputting n-bit Boolean-masked data, y_n, y_n−
  
  1, . . . , y₂, y₁, wherein the outputting arithmetic-masked data, y_n, y_n−
  
  1, . . . , y₂, y₁, comprises;
  
  outputting a₁as y₁;
  
  performing an AND operation between y₁and r₁and storing the result in a storage device, and performing an XOR operation between a₂and the data stored in the storage device and outputting the result as y₂, and performing an AND operation between a₂and the data stored in the storage device and generating the result as a carry;
  
  performing an AND operation between y_k−
  
  1and r_k−
  
  1, and storing the result in the storage device, and performing an XOR operation between a_kand the carry and an XOR operation between the data stored in the storage device and the carry, and outputting the result as y_k, and performing an OR operation between [the result of an AND operation between a_kand the data stored in the storage device] and [the result of an AND operation between a_kand the carry], and performing an OR operation between the OR operation result and [the result of the AND operation between the data stored in the storage device and the carry], and generating the result as the carry; and
  
  performing an AND operation between y_n−
  
  1and r_n−
  
  1and storing the result in the storage device, and performing an XOR operation between a_nand the data storage in the storage device, and outputting the result as y_n, and wherein predetermined variable k increases by 1 from 3 to (n−
  
  1).

17. A cryptographic method for receiving an n-bit random number, r_n, r_n−
- 1, . . . , r₂, r₁, and arithmetic-masked data, a_n, a_n−
  
  1, . . . , a₂, a₁, and outputting n-bit Boolean-masked data, y_n, y_n−
  
  1, . . . , y₂, y₁, the method comprising;
  
  outputting a₁as y₁;
  
  performing an AND operation between y₁and r₁and storing the result in a storage device, and performing an XOR operation between a₂and the data stored in the storage device and outputting the result as y₂, and performing an AND operation between a₂and the data stored in the storage device and generating the result as a carry;
  
  performing an AND operation between y_k−
  
  1and r_k−
  
  1, and storing the result in the storage device, and performing an XOR operation between a_kand the carry and an XOR operation between the data stored in the storage device and the carry, and outputting the result as y_k, and performing an OR operation between [the result of an AND operation between a_kand the data stored in the storage device] and [the result of an AND operation between a_kand the carry], and performing an OR operation between the OR operation result and [the result of the AND operation between the data stored in the storage device and the carry], and generating the result as the carry; and
  
  performing an AND operation between y_n−
  
  1and r_n−
  
  1and storing the result in the storage device, and performing an XOR operation between a_nand the data storage in the storage device, and outputting the result as y_n, and wherein predetermined variable k increases by 1 from 3 to (n−
  
  1).

18. A computer readable recording medium having embodied thereon a computer program for a cryptographic method comprising:
- receiving n-bit data and a first random number with an n-bit length, and outputting n-bit arithmetic-masked data, a_n, a_n−
  
  1, . . . , a₂, a₁; and
  
  receiving a second random number with an n-bit length, r_n, r_n−
  
  1, . . . , r₂, r₁, and the arithmetic-masked data, a_n, a_n−
  
  1, . . . , a₂, a₁, and outputting n-bit Boolean-masked data, y_n, y_n−
  
  1, . . . , y₂, y₁, wherein the outputting arithmetic-masked data, y_n, y_n−
  
  1, . . . , y₂, y₁, comprises;
  
  outputting a₁as y₁;
  
  performing an AND operation between y₁and r₁and storing the result in a storage device, and performing an XOR operation between a₂and the data stored in the storage device and outputting the result as y₂, and performing an AND operation between a₂and the data stored in the storage device and generating the result as a carry;
  
  performing an AND operation between y_k−
  
  1and r_k−
  
  1and storing the result in the storage device, and performing an XOR operation between a_kand the carry and an XOR operation between the data stored in the storage device and the carry, and outputting the result as y_k, and performing an OR operation between [the result of an AND operation between a_kand the data stored in the storage device] and [the result of an AND operation between a_kand the carry], and performing an OR operation between the OR operation result and [the result of the AND operation between the data stored in the storage device and the carry], and generating the result as the carry; and
  
  performing an AND operation between y_n−
  
  1and r_n−
  
  1and storing the result in the storage device, and performing an XOR operation between a_nand the data storage in the storage device, and outputting the result as y_n, and wherein predetermined variable k increases by 1 from 3 to (n−
  
  1).

19. A computer readable recording medium having embodied thereon a computer program for a cryptographic method for receiving an n-bit random number, r_n, r_n−
- 1, . . . , r₂, r₁, and arithmetic-masked data, a_n, a_n−
  
  1, . . . , a₂, a₁, and outputting n-bit Boolean-masked data, y_n, y_n−
  
  1, . . . , y₂, y₁, wherein the cryptographic method comprises;
  
  outputting a₁as y₁;
  
  performing an AND operation between y₁and r₁and storing the result in a storage device, and performing an XOR operation between a₂and the data stored in the storage device and outputting the result as y₂, and performing an AND operation between a₂and the data stored in the storage device and generating the result as a carry;
  
  performing an AND operation between y_k−
  
  1and r_k−
  
  1and storing the result in the storage device, and performing an XOR operation between a_kand the carry and an XOR operation between the data stored in the storage device and the carry, and outputting the result as y_k, and performing an OR operation between [the result of an AND operation between a_kand the data stored in the storage device] and [the result of an AND operation between a_kand the carry], and performing an OR operation between the OR operation result and [the result of the AND operation between the data stored in the storage device and the carry], and generating the result as the carry; and
  
  performing an AND operation between y_n−
  
  1and r_n−
  
  1and storing the result in the storage device, and performing an XOR operation between a_nand the data storage in the storage device, and outputting the result as y_n, and wherein predetermined variable k increases by 1 from 3 to (n−
  
  1).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Baek, Yoo-Jin

Application Number

US11/030,665
Publication Number

US 20050147243A1
Time in Patent Office

Days
Field of Search
US Class Current

380/28
CPC Class Codes

G06F 2207/7233   Masking, e.g. (A**e)+r mod n

G06F 7/00   Methods or arrangements for...

H04L 9/003   for power analysis, e.g. di...

Cryptographic apparatus, cryptographic method, and storage medium thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic apparatus, cryptographic method, and storage medium thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links