Server-aided computation method and distributed information processing unit
First Claim
Patent Images
1. A server-aided computation method for computing d-th power of integer C modulo n using a main unit for executing said computation with secret key d and at least one auxiliary unit for supporting a computation that said main unit executes, said method comprising the steps of:
- generating d'"'"' from a secret key d using m random numbers Ri (where i=1, ..., m) generated by said main unit having secret keys n and d;
transferring d'"'"' and n from said main unit to said auxiliary unit;
computing the following equation from a message block C in said auxiliary unit
space="preserve" listing-type="equation">M'"'"'=C.sup.d'"'"' mod ncomputing X using said random numbers Ri and n in said main unit while computing M'"'"' in said auxiliary unit;
transferring M'"'"' from said auxiliary unit to said main unit; and
computing a message block M using the following equation in said main unit
space="preserve" listing-type="equation">M=M'"'"'·
X mod n·
0 Assignments
0 Petitions
Accused Products
Abstract
A server-aided computation method using a main unit for processing secret information and at least one auxiliary unit for supporting a computation that said main unit executes, said method comprising the steps of generating d'"'"' from a secret key d'"'"' using m random numbers Ri (where i=l, . . . , m) generated by said main unit having secret keys n and d, transferring d'"'"' and n from said main unit to said auxiliary unit, computing the following equation from a message block C in said auxiliary unit
M'"'"'=C.sup.d'"'"' mod n
computing X using said random numbers Ri and n in said main unit while computing M'"'"' in said auxiliary unit, transferring M'"'"' from said auxiliary unit to said main unit, and computing a message block M using the following equation in said main unit.
M=M'"'"'·X mod n
-
Citations
12 Claims
-
1. A server-aided computation method for computing d-th power of integer C modulo n using a main unit for executing said computation with secret key d and at least one auxiliary unit for supporting a computation that said main unit executes, said method comprising the steps of:
-
generating d'"'"' from a secret key d using m random numbers Ri (where i=1, ..., m) generated by said main unit having secret keys n and d; transferring d'"'"' and n from said main unit to said auxiliary unit; computing the following equation from a message block C in said auxiliary unit
space="preserve" listing-type="equation">M'"'"'=C.sup.d'"'"' mod ncomputing X using said random numbers Ri and n in said main unit while computing M'"'"' in said auxiliary unit; transferring M'"'"' from said auxiliary unit to said main unit; and computing a message block M using the following equation in said main unit
space="preserve" listing-type="equation">M=M'"'"'·
X mod n·
-
-
2. A server-aided computation method for computing d-th power of integer C modulo n using a main unit for executing said computation with secret key d and at least one auxiliary unit for supporting a computation that said main unit executes, said method comprising the steps of:
-
generating d'"'"' from a secret key d using m random numbers Ri (where i=1, ..., m) generated by said main unit having secret keys n and d; transferring d'"'"' and n from said main unit to said auxiliary unit; computing the following equation from a message block C in said auxiliary unit
space="preserve" listing-type="equation">M'"'"'=C.sup.d'"'"' mod ncomputing X-1 using said random numbers Ri and n in said main unit while computing M'"'"' in said auxiliary unit; transferring M'"'"' from said auxiliary unit to said main unit; and computing a message block M using the following equation in said main unit
space="preserve" listing-type="equation">M=m'"'"'·
X.sup.-1 mod n ·
-
-
3. A server-aided computation method for computing d-th power of integer C modulo n using a main unit for executing said computation with secret key d and at least one auxiliary unit for supporting a computation that said main unit executes, said method comprising the steps of:
-
generating d'"'"' from a secret key d using m random numbers Ri (where i=1, ..., m) generated by said main unit having secret keys n and d; transferring d'"'"' and n from said main unit to said auxiliary unit; computing the following equation from a message block C in said auxiliary unit
space="preserve" listing-type="equation">M'"'"'=C.sup.d'"'"' mod ncomputing X and X-1 using said random numbers Ri and n in said main unit while computing M'"'"' in said auxiliary unit; transferring M'"'"' from said auxiliary unit to said main unit; and computing a message block M using M'"'"', X, and X-1.
-
-
4. A server-aided computation method for executing a computation to raise a positive integer M to the d-th power modulo n, using a main unit which has secret information d and at least one auxiliary unit for supporting said computation, said method comprising the steps of:
-
(a) decomposing said integer n into k (k≧
1) positive factors nj (where j=1, ..., k), which are relatively prime to each other;(b) decomposing said positive integer d into (m+1) k secret integers D1J =[dj0, fj1, fj2, ..., fjm ] (for j=1, ..., k) stored in said main unit and m×
k public integers D2j =[dj1, dj2, ..., djm ] (j=1, ..., k)which satisfy the following k sets of equations
space="preserve" listing-type="equation">d≡
d.sub.j0 +f.sub.j1 ·
d.sub.j1 +f.sub.j2 ·
d.sub.j2 +...+f.sub.jm ·
d.sub.jm (mod λ
(n.sub.j))where j=1, ..., k and λ
(nj) is the Carmichael function of said positive integer nj ;(c) computing in said auxiliary unit Yji =Mdji mod n where i=1, ..., m and j=1, ..., k and sending the results to said main unit; and (d) computing in said main unit the following k values Sj using Yj0 =Mdj0 mod n and Yji which have been computed by said main unit;
space="preserve" listing-type="equation">S.sub.j ≡
Y.sub.j0 ·
Y.sub.ji.sup.fj1 ·
Y.sub.j2.sup.fj2...Y.sub.jm.sup.fjm mod n.sub.jwhere j=1, ...k and (e) obtaining a result S which satisfies the k simultaneous equations concerning S as follows;
space="preserve" listing-type="equation">S.sub.j =S mod n.sub.j (for j=1, ..., k) . - View Dependent Claims (5, 6, 7, 8)
-
-
9. A distributed information processing unit having a main unit for storing secret information and at least one auxiliary unit for supporting a transformation that said main unit executes, for executing a distributed process without disclosing said secret information necessary for said transformation to other than said main unit, said distributed information processing unit comprising:
-
transformation means for transforming input information inverse transformation means for inversely transforming the transformation results; and verification means for comparing the inverse transformation results of said inverse transformation means with said input information so as to verify the transformation results of said transformation means, said main unit having said verification means. - View Dependent Claims (11)
-
-
10. A distributed information processing unit having a main unit for storing secret information and at least one auxiliary unit for supporting a transformation that said main unit executes, for executing a distributed process without disclosing said secret information necessary for said transformation to other than said main unit, said distributed information processing unit comprising:
-
a plurality of transformation means for executing said transformation of input information; and verification means for mutually comparing the transformation results of said plurality of transformation means, said main unit having said verification means.
-
-
12. A distributed information processing unit having a main unit for storing secret information and at least one auxiliary unit for supporting a transformation that said main unit executes, for executing a distributed process without disclosing said secret information necessary for said transformation to other than said main unit, said distributed information processing unit comprising:
-
first transformation means for executing said transformation of input information; second transformation means for executing an identity transformation; and comparison means for comparing the transformation results of said second transformation means with said input information so as to verify the transformation results of said first transformation means, said main unit having said comparison means.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeKabushiki Kaisha Toshiba (Toshiba Corporation)
-
Original AssigneeKabushiki Kaisha Toshiba (Toshiba Corporation)
-
InventorsTakabayashi, Kyoto, Shimbo, Atsushi, Kawamura, Shinichi
-
Primary Examiner(s)Tarcza, Thomas H.
-
Assistant Examiner(s)Swann, Tod
-
Application NumberUS07/474,404Time in Patent Office578 DaysField of Search380/23-25, 380/28, 380/30, 380/44, 380/46, 340/825.31, 340/825.34US Class Current380/46CPC Class CodesG06F 7/723 Modular exponentiation G06F...G06Q 20/341 Active cards, i.e. cards in...G06Q 20/40975 using encryption thereforG07F 7/1008 Active credit-cards provide...H04L 9/302 involving the integer facto...H04L 9/3249 using RSA or related signat...
