Message index aware multi-hash accelerator for post quantum cryptography secure hash-based signing and verification

US 11,240,039 B2
Filed: 06/28/2019
Issued: 02/01/2022
Est. Priority Date: 06/28/2019
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a computer readable memory;

at least one of;

a signature logic to generate a signature to be transmitted in association with a message, the signature logic to apply a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, ora verification logic to verify a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key; and

an accelerator logic to;

apply a structured order to at least one set of inputs to the hash-based signature scheme;

divide the signature into a plurality of signature components;

apply a secure hash algorithm (SHA) to the plurality of signature components;

identify a hash chain message length for each signature component in the plurality of signature components; and

sort the plurality of signature components into an indexed hash chain list according to the respective hash chain message length of each signature component in the plurality of signature components.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one example an apparatus comprises a computer readable memory, a signature logic to generate a signature to be transmitted in association with a message, the signature logic to apply a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, or a verification logic to verify a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key, and an accelerator logic to apply a structured order to at least one set of inputs to the hash-based signature scheme. Other examples may be described.

15 Citations

15 Claims

1. An apparatus, comprising:
- a computer readable memory;
  
  at least one of;
  
  a signature logic to generate a signature to be transmitted in association with a message, the signature logic to apply a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, ora verification logic to verify a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key; and
  
  an accelerator logic to;
  
  apply a structured order to at least one set of inputs to the hash-based signature scheme;
  
  divide the signature into a plurality of signature components;
  
  apply a secure hash algorithm (SHA) to the plurality of signature components;
  
  identify a hash chain message length for each signature component in the plurality of signature components; and
  
  sort the plurality of signature components into an indexed hash chain list according to the respective hash chain message length of each signature component in the plurality of signature components.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The apparatus of claim 1, wherein the hash-based signature scheme utilizes a plurality of hash engines to apply the SHA to the plurality of signature components.
  - 3. The apparatus of claim 2, the accelerator logic to:
    - assign the plurality of signature components into a plurality of groups according to their respective chain message lengths, the plurality groups corresponding to the plurality of hash engines; and
      
      assign the plurality of groups to the plurality of hash engines to be executed contemporaneously.
  - 4. The apparatus of claim 3, the accelerator logic to:
    - alternate between the signature component having a longest chain message length and a signature component having a shortest chain message length to assign the plurality of signature components into the corresponding plurality of groups.
  - 5. The apparatus of claim 1, wherein the hash-based signature scheme comprises an Extended Merkle signature scheme (XMSS).

6. A computer-implemented method, comprising:
- performing at least one of;
  
  generating a signature to be transmitted in association with a message by applying a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, orverifying a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key;
  
  applying a structured order to at least one set of inputs to the hash-based signature scheme;
  
  dividing the signature into a plurality of signature components; and
  
  applying a secure hash algorithm (SHA) to the plurality of signature components;
  
  identifying a hash chain message length for each signature component in the plurality of signature components; and
  
  sorting the plurality of signature components into an indexed hash chain list according to the respective hash chain message length of each signature component in the plurality of signature components.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the hash-based signature scheme utilizes a plurality of hash engines to apply the SHA to the plurality of signature components.
  - 8. The method of claim 7, further comprising:
    - assigning the plurality of signature components into a plurality of groups according to their respective chain message lengths, the plurality groups corresponding to the plurality of hash engines; and
      
      assigning the plurality of groups to the plurality of hash engines to be executed contemporaneously.
  - 9. The method of claim 8, further comprising:
    - alternating between the signature component having a longest chain message length and a signature component having a shortest chain message length to assign the plurality of signature components into the corresponding plurality of groups.
  - 10. The method of claim 6, wherein the hash-based signature scheme comprises an XMSS signature scheme.

11. A non-transitory computer-readable medium comprising instructions which, when executed by a processor, configure the processor to perform operations, comprising:
- applying a hash-based signature scheme to perform at least one of;
  
  generating a signature using a private key, the signature to be transmitted in association with a message comprising a public key, orverifying the signature received in association with the message using the public key;
  
  applying a structured order to at least one set of inputs to the hash-based signature scheme;
  
  dividing the signature into a plurality of signature components; and
  
  applying a secure hash algorithm (SHA) to the plurality of signature components;
  
  identifying a hash chain message length for each signature component in the plurality of signature components; and
  
  sorting the plurality of signature components into an indexed hash chain list according to the respective hash chain message length of each signature component in the plurality of signature components.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer-readable medium of claim 11, wherein the hash-based signature scheme utilizes a plurality of hash engines to apply the SHA to the plurality of signature components.
  - 13. The non-transitory computer-readable medium of claim 12, wherein the instructions configure the processor to perform operations comprising:
    - assigning the plurality of signature components into a plurality of groups according to their respective chain message lengths, the plurality groups corresponding to the plurality of hash engines; and
      
      assigning the plurality of groups to the plurality of hash engines to be executed contemporaneously.
  - 14. The non-transitory computer-readable medium of claim 13, wherein the instructions configure the processor to perform operations comprising:
    - alternating between the signature component having a longest chain message length and a signature component having a shortest chain message length to assign the plurality of signature components into the corresponding plurality of groups.
  - 15. The non-transitory computer-readable medium of claim 11, wherein the hash-based signature scheme comprises an XMSS signature scheme.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Suresh, Vikram, Mathew, Sanu, Sastry, Manoj, Ghosh, Santosh, Kumar, Raghavan, Misoczki, Rafael
Primary Examiner(s)
Jamshidi, Ghodrat

Application Number

US16/455,921
Publication Number

US 20190319799A1
Time in Patent Office

949 Days
Field of Search
US Class Current
CPC Class Codes

G06F 9/3877   using a slave processor, e....

G09C 1/00   Apparatus or methods whereb...

H04L 2209/125   Parallelization or pipelini...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0861   Generation of secret inform...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

Message index aware multi-hash accelerator for post quantum cryptography secure hash-based signing and verification

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Message index aware multi-hash accelerator for post quantum cryptography secure hash-based signing and verification

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links