公开(公告)号：EP1675300A1

公开(公告)日：2006-06-28

申请号：EP05103305.8

申请日：2005-04-22

Applicant: Hewlett-Packard Development Company, L.P. ,  STMicroelectronics S.r.l.

Inventor： Harrison, Keith Alexander ,  Chen, Liqun ,  Bertoni, Guido Marco ,  Fragneto, Pasqualina ,  Pelosi, Gerardo

IPC: H04L9/32 ,  H04L9/30 ,  G06F7/72

CPC classification number: H04L9/08 ,  H04L9/3073 ,  H04L9/321 ,  H04L2209/80 ,  H04W12/06

Abstract: Cryptographic methods are known that involve the computation of a non-degenerate bilinear mapping of first and second elements (P 1 , Q 1 ) one of which comprises a secret of a first entity (A). For a mapping implemented as, for example, a Tate pairing, the mapping is computable by applying a predetermined function (f) to the first and second elements (P 1 , Q 1 ) and then exponentiating the result with a known exponent (e pub ). Improvements in respect of computational loading, size of output, and security are enabled for the first party (A) by arranging for the first entity to carry out (12) only part of the mapping, a second entity (B) being used to complete computation (13) of the mapping. Cryptographic applications using these improvements are also disclosed.

Abstract translation: 已知密码学方法涉及第一和第二元素（P 1，Q 1）的非简并双线性映射的计算，其中之一包括第一实体（A）的秘密。 对于实现为例如Tate配对的映射，可以通过将预定函数（f）应用于第一和第二元素（P 1，Q 1）然后用已知指数（e pub）对结果进行指数来计算该映射 ）。 对于第一方（A），通过安排第一实体仅执行部分映射（12）来实现计算负载，输出大小和安全性的改进，第二实体（B）用于完成 映射的计算（13）。 还公开了使用这些改进的加密应用。

公开(公告)号：EP1775880A1

公开(公告)日：2007-04-18

申请号：EP05425713.4

申请日：2005-10-11

Applicant: STMicroelectronics S.r.l.

Inventor： Bertoni, Guido Marco ,  Fragneto, Pasqualina ,  Pelosi, Gerardo ,  Harrison, Keith ,  Chen, Liqun

IPC: H04L9/30 ,  G06F7/72

CPC classification number: G06F7/725 ,  H04L9/3073 ,  H04L2209/08

Abstract: A method of processing information (INFO) to be confidentially transmitted from a first module (C) to a second module (D) provides that a first scalar multiplication (SCAL-MLTr) may be carried out in order to obtain a first result [r]P) . This first scalar - multiplication comprises a plurality of generation steps of ordered factors (Q 0 , Q 1 ) from which a plurality of first partial sums (SUM1r, SUM2r) are required to be built.
The method also comprises the carrying out of a second scalar multiplication (SCAL-MLTm) in order to obtain a second result ([m]P). This second multiplication provides that a plurality of second partial sums (SUM1m, SUM2m) may be built.
A piece of encrypted information is obtained by processing the information (INFO) based on the results of said scalar multiplications.
The method is characterized in that in order to build the second partial sums of the second scalar multiplication the same ordered factors being obtained by the generation step of the first scalar multiplication are employed.

Abstract translation: 一种处理从第一模块（C）到第二模块（D）保密地发送的信息（INFO）的方法，可以执行第一标量乘法（SCAL-MLTr），以获得第一结果[r ] P）。 该第一标量乘法包括要求构建多个第一部分和（SUM1r，SUM2r）的有序因子（Q 0，Q 1）的多个生成步骤。 该方法还包括执行第二标量乘法（SCAL-MLTm）以获得第二结果（[m] P））。 该第二乘法规定可以构建多个第二部分和（SUM1m，SUM2m）。 通过基于所述标量乘法的结果处理信息（INFO）来获得加密信息。 该方法的特征在于，为了构建第二标量乘法的第二部分和，采用通过第一标量乘法的生成步骤获得的相同有序因子。

公开(公告)号：EP1675299A1

公开(公告)日：2006-06-28

申请号：EP05103298.5

申请日：2005-04-22

Applicant: Hewlett-Packard Development Company, L.P. ,  STMicroelectronics S.r.l.

Inventor： Chen, Liqun ,  Harrison, Keith ,  Bertoni, Guido Marco ,  Fragneto, Pasqualina ,  Pelosi, Gerardo

IPC: H04L9/32

CPC classification number: H04L9/08 ,  H04L9/3073 ,  H04L9/321 ,  H04L2209/80 ,  H04W12/06

Abstract: An authentication method of a first module (A) by a second module (B). This method comprises the steps of:

generating, by the second module (B), a first random datum (U) to be sent to the first module (A);
generating by the first module (A) a first number (v; v') starting from said first datum (U) and by means of a private key ([s]Q_A; [1/(a+s)]Q 1 ) of the first module (A);
generating by the second module (B) a second number (n; n') to be compared with the first number, such as to authenticate the first module (A). Furthermore, the step of generating the second number (n; n') is performed starting from public parameters and is independent of the step of generating the first number.

Abstract translation: 第二模块（B）的第一模块（A）的认证方法。 该方法包括以下步骤：由第二模块（B）产生要发送到第一模块（A）的第一随机数据（U）; 由所述第一模块（A）从所述第一数据（U）开始并通过私钥（[s] Q_A; [1 /（a + s）] Q 1）产生第一数字（v; v' 的第一模块（A）; 由所述第二模块（B）生成与所述第一号码进行比较的第二号码（n; n'），以便认证所述第一模块（A）。 此外，从公共参数开始执行产生第二数目（n; n'）的步骤，并且与生成第一数字的步骤无关。

公开(公告)号：EP1675300B1

公开(公告)日：2008-10-01

申请号：EP05103305.8

申请日：2005-04-22

Applicant: Hewlett-Packard Development Company, L.P. ,  STMicroelectronics S.r.l.

Inventor： Harrison, Keith Alexander ,  Chen, Liqun ,  Bertoni, Guido Marco ,  Fragneto, Pasqualina ,  Pelosi, Gerardo

IPC: H04L9/32 ,  H04L9/30 ,  G06F7/72

CPC classification number: H04L9/08 ,  H04L9/3073 ,  H04L9/321 ,  H04L2209/80 ,  H04W12/06