Asymmetrical cryptographic communication method and portable object therefor
Asymmetrical cryptographic communication method and portable object therefor
 CN 1,178,619 A
 Filed: 01/24/1997
 Published: 04/08/1998
 Est. Priority Date: 01/26/1996
 Status: Abandoned Application
First Claim
1. asymmetric cryptography communication process, this process is at n element (x by ring A _{1}..., x _{n}) first represented m the element (y that is worth (x) and encircles thus _{1}..., y _{m}) setting up a kind of correspondence between the represented second value y, n and m are the integer more than or equal to 2, it is characterized in that:
 described correspondence is less than or equal to 6 A by total exponent number ^{N+m+k}Open multinomial (the P of →
A multivariable _{j}) definition, thereby exist as P _{j}(x _{1}..., x _{n}y _{1}..., y _{m}z _{1}..., z _{R}The equation of)=0 type, (z herein _{1}..., z _{k}) be possible intermediate variable, k is an integer. some multinomial (Pj) does not have Tj (y _{1}..., y _{n})=S _{j}(x _{1}..., x _{n}) form, herein, S _{j}For total exponent number is 2 multinomial, T _{j}It for total exponent number 1 multinomial.
Chinese PRB Reexamination
Abstract
The invention relates to an asymmetric cryptographic communication process which establishes a correspondence between a first value (x) represented by n elements (x1, . . . , xn) of a ring (A) and a second value (y) represented by m elements (y1, . . . , ym) of this ring, n and m being integers greater than or equal to 2. The said correspondence is defined by multi variable public polynomials (Pj) of An+m+k>A, with a low total degree, such that there are equations of the type Pj(x1, . . . , xn; y1, . . . , ym; z1, . . . , zk)=0, where(z1, . . . , zk) are possible intermediate variables and k is an integer. At least the majority of the polynomials (Pj) do not have the form Tj(y1, . . . , ym)=Sj(x1, . . . , xn), where the Sj would be polynomials with a total degree of 2 and the Tj would be polynomials with a total degree of 1. A related portable object is also disclosed.

1 Citation
Encryption processing system  
Patent #
CN 102,415,047 A
Filed 04/14/2010

Current Assignee

No References
12 Claims

1. asymmetric cryptography communication process, this process is at n element (x by ring A _{1}..., x _{n}) first represented m the element (y that is worth (x) and encircles thus _{1}..., y _{m}) setting up a kind of correspondence between the represented second value y, n and m are the integer more than or equal to 2, it is characterized in that:

described correspondence is less than or equal to 6 A by total exponent number ^{N+m+k}Open multinomial (the P of →
A multivariable _{j}) definition, thereby exist as P _{j}(x _{1}..., x _{n}y _{1}..., y _{m}z _{1}..., z _{R}The equation of)=0 type, (z herein _{1}..., z _{k}) be possible intermediate variable, k is an integer.some multinomial (Pj) does not have Tj (y _{1}..., y _{n})=S _{j}(x _{1}..., x _{n}) form, herein, S _{j}For total exponent number is 2 multinomial, T _{j}It for total exponent number 1 multinomial.


2. according to the process of claim 1, some multinomial (Pj) does not have T in this process _{j}(y _{1}..., y _{m})=S _{j}(x _{1}..., x _{n}) form, S herein _{j}For total exponent number is less than or equal to 6 multinomial, T _{j}It for total exponent number 1 multinomial.

3. according to the process of claim 1, multivariable discloses multinomial (P in this process _{j}) have a form P _{j}(x _{1}..., x _{n}y _{1}..., y _{m})=0, the following characteristics of some multinomial tool:
 there is the integer p between integer j between one 1 and the n and 1 and the m, thus described multinomial (P _{j}) comprise at least one x _{j}y _{p}The nonzero monomial.

4. according to the process of claim 3, corresponding being defined as follows between the first value x described in this process and the second value y:

1) utilize the knowledge of two secret affine transformation s and t, s is an A ^{n}→
A ^{n}Affine transformation, promptly be n n variable multinomial decision of 1 by total exponent number;
T is A ^{m}→
A ^{m}Affine transformation, promptly be m m variable multinomial decision of 1 by total exponent number, a function y=F (x) calculates as follows;
1.1) affine transformation s puts on x, obtains reflection a=S (x) 1.2) a conversion f put on reflection (a), obtains a map b, thereby b=f (a), and; 1.2.1) if a=(a _{1}, a _{2}..., a _{j}... a _{n}) and b=(b _{1}, b _{2}..., b _{j}..., b _{m}) (a _{j}, b _{j}Element for A), exist a kind of by A ^{N+m}Open multinomial (the V of the multivariable of →
A _{j}) definition correspondence, multinomial (V _{j}) clever nonzero and have low total exponent number, each multinomial satisfies the equation of following type;
V _{j}(a _{1}, a _{2}, a _{j}..., a _{n}b _{1}, b _{2}..., b _{j}..., b _{m}Some multinomial (V of)=0 (I) _{j}) the following characteristics of tool;
exist 1 and n between integer j and 1 and m between integer in, from the described multinomial (V of face _{j}) comprise a of at least one nonzero _{j}B _{p}Monomial.1.2.2) selection of conversion f is also satisfied;
exist a kind of algorithm to make for a plurality of reflection b, calculate at least one reflection (a) thus f (a)=b becomes possibility.1.3) affine transformation t puts on reflection b, obtains t (b)=y; 2) by the existence of equation (I), by transformed variable, may derive the existence of equation (II), equation (II) has defined described multivariable polynomial (P _{j});
P _{j}(x _{1}, x _{2}..., x _{n}y _{1}, y _{2}... y _{m})=0 (II) some of them multinomial is disclosed.


5. according to the process of claim 1, in this process, multivariable is multinomial (P openly _{j}) comprise according to Q _{j}(x _{1}..., x _{n}z _{1}..., z _{k}Multinomial (the R of)=0 formal definition _{p}), (z herein _{1}..., z _{n}) and (z _{1}..., z _{k}) be in esse intermediate variable, j, p, k and k are integer.

6. be used to calculate the process of message identifier according to claim 1.In this process, second value y=(y _{1}..., y _{m}) the representative message that will be identified is maybe with a function of the message of sign, and in this process first value x=(x _{1}..., x _{n}) represent the sign of message.This process comprises the checking to message identifier, and this checking is by verifying described multinomial (P _{j}) equation reality satisfied and to have finished.This is interpreted as, if having variable z in the equation _{1}..., z _{k}, need checking to satisfy this type of shape (z of all these equatioies _{1}..., z _{n}) whether variable exist.

7. the process that is used for encrypting messages according to claim 1, in this process, the first value x=(x _{1}..., x _{n}) representative is with encrypted message, second is worth y=(y _{1}..., y _{m}) represent the message after encrypting, this process comprises, uses the corresponded manner of the described first value x, thereby uses a cover to comprise the open multinomial (P of described multivariable _{j}) publickey cryptography, for some or all value x, obtain the second value y.

8. be used to carry out the process of asymmetric confirmation according to claim 1, this confirms to be called as people'"'"'s execution of verifier and to be confirmed that another is called as certifier'"'"'s people, is characterized in that by first:

verifier sends a value that is made of second value (y) to the certifier. certifier returns a value that is made of first value (x) to the verifier. verifier verifies described multinomial (P _{j}) actual first value (x) and second value (y) of being fit to of equation, this is interpreted as;
if there is variable z in the equation _{1}... z _{n}, actual is checking this type (z _{1}... z _{n}) variable physical presence whether.


9. according to the process of claim 1, in this process,
correspondence comprises the affine exchange S that maintains secrecy at least, and this conversion S is to be the defined matrix of value among the described A of ring by a coefficient. The coefficient value ofdescribed matrix is in a subring (A) of (A), thus the open multinomial (P of described multivariable _{j}) coefficient value is in a subring (A) of (A)

10. according to the process of claim 1, in this process, described multivariable is multinomial (P openly _{j}) in each individual event item comprise at least one variable y _{j}, this just means multinomial (P _{j}) for variable y _{j}Total exponent number be 0 or 1.

11. according to the process of claim 1, in this process,
A one has the finite universe K of oligoelement, and element is designated as q=IKI; 
m＝
n；a and b represent two values of two elements of the territory Fqn that qn element arranged; conversion f is that a form is f (a)=b=a ^{h}Dijection, h is an open or secret and q herein ^{n}1 integer.


12. comprise the portable unit of information processor and storing apparatus, this device is designed to carry out asymmetric cryptography communication, this symmetric cryptography communication is at n element (x by ring A _{1}..., x _{n}) first represented m the element (y that is worth (x) and encircles thus _{1}... y _{j}... y _{m}) setting up a kind of correspondence between the represented second value y, n and m are the integer more than or equal to 2, it is characterized in that:

described correspondence is less than or equal to 6 A by total exponent number ^{N+m+h}Open multinomial (the P of the multivariable of →
A _{j}) definition, thereby Pj is (x _{1}..., x _{n}y _{1}... y _{m}z _{1}..., z _{n})=0, (z herein _{1}... z _{n}) be possible intermediate variable, k is an integer.some multinomial (P _{j}) do not have a T _{j}(y _{1}... y _{m})=S _{j}(x _{1}... x _{n}) form, all herein S _{j}For total exponent number is 2 multinomial, all T _{i}It for total exponent number 1 multinomial. Open multinomial (the P ofvariable that described storing apparatus does not store _{j});
as the open multinomial (P of needs calculating multivariable _{j}) time, this portable unit is designed to only provide and makes that calculating the open multinomial of multivariable from the portable unit outside becomes possible data, can be worth (x) in this way by first and calculate the 2nd value (y).

Specification(s)