36 results about "Modular inversion" patented technology

Values X and N of n bits and a parameter t are input, then Y=X2−t mod N is calculated, then an extended binary GCD algorithm is executed for Y to obtain S=y−12k mod N and k, and R=S2−(k+t=2n) is calculated for S, thereby obtaining a Montgomery inverse R=X−122n mod N of X on a residue class ring Z / NZ.

The invention relates to a realization method and system of a signature verification algorithm based on an SM2 elliptic curve. The system, under control of an SM2 control module, realizes generation and verification of digital signatures by communicating with a signature generation control module and a signature verification control module, and calling a random number generation module, a password hash module, a point multiplication operation module, a point addition operation module, a modulo addition operation module, a modulo subtraction operation module, a modular multiplication operation module and a modular inversion operation module. In the digital signature generation and verification process, point multiplication operation adopts an improved partly use 1's complement subtraction form point multiplication algorithm (PCS algorithm); and in the signature generation process, modular multiplication operation adopts an improved Blakley modular multiplication algorithm, and modular inversion operation and modular multiplication operation are carried out simultaneously through a parallel operation method, thereby greatly improving operation speed and reducing operation time.

The invention provides a modular inverse operation method and an arithmetic device. The modular inversion operation method and the arithmetic device are used for calculating Z=Y<-1>mod X, wherein Z is a result of a modular inverse operation, X is a first operand and Y is a second operand. The modular inverse operation method comprises the following steps of calculating and acquiring a binary bit length Xlen of the first operand X and a binary bit length Ylen of the second operand Y; initializing a first variable R and a second variable S; when Xlen is greater than and equal to Ylen, calculating X <-1>modY; and when Xlen is smaller than and equal to Ylen, calculating Y <-1>modX. When the updated X is equal to 0 and the updated Y is equal to 1, a result of the modular inverse operation is the updated second variable S; when the updated X is equal to 1 and the updated Y is equal to 0, a result of the modular inverse operation is a difference between an X initial value and the updated first variable R; and when one of the updated X and the updated Y is equal to 0 and the other of the updated X and the updated Y is not equal to 1, a result of the modular inverse operation does not exist. By using the method and the arithmetic device, the modular inverse operation, in which the module is any non-zero integer can be realized, the calculation efficiency of the modular inverse operation is improved and the power consumption of hardware is reduced.

The invention relates to a method and device for defending a side channel attack, and a readable storage medium. The method, when adding a mask to modular inversion operation, comprises the followingsteps: obtaining a base number a, a modulus p and a random number r2 participating in modular inverse operation; calculating an intermediate variable e related to the modulus p according to e = p-2; performing mask multiplication processing of the random number r2 on the base number a to obtain an updated base number a; respectively constructing the power b = aemodp with a mask and the power c = r2emodp with a mask, and calculating the values of b and c; and outputting an operation result s according to s = b * cmodp. By implementing the technical scheme of the invention, simple power consumption attacks and differential power consumption attacks can be resisted.

The invention is applicable to the technical field of computers and communication and provides an element modular inversion calculation method and device. The method comprises the steps that the initial values of temporary variables X1 and X2 and decreasing variables u and v are obtained, wherein the initial values of the temporary variables X1 and X2 are 1 and 0 respectively, and the initial values of the decreasing variables u and v are a and P0 respectively; the temporary variables X1 and X2 and the decreasing variables u and v are subjected to iterative computation, wherein the iteration process meets the equations: a*x1=u(mod P0), a*x2=v(mod P0); after each time of iteration is completed in the iterative computation, whether one of u and v is 1 is judged, if neither u nor v is 1, the iterative computation is continued, and if either u or v is 1, the iterative computation is ended; after the iterative computation is ended, if u is 1, X1 is assigned to X, and if v is 1, X2 is assigned to X; when K=0, whether X is greater than zero or not is judged, and if X is greater than zero, X is the modular inversion related to P. By means of the technical scheme, the element modular inversion calculation method and device have the advantages that the computing speed is high, and the number of required computing resources is small.

The invention provides a low cost digital signature SPOC design method based on RSA and SHA-512. An in-chip MCU uses a soft core NiosII of an ALTERA to perform hardware and software partitioning on the RSA and SHA-512 according to operation characteristics; a software part comprises interaction with off-chip data, RSA modular exponentiation, and SHA-512 data filling; hardware finishes RSA modular multiplication, a modular addition operation, a modular inversion operation and an operation for taking 80 rounds as a subunit in the SHA-512. The low cost digital signature SPOC design method based on RSA and SHA-512 utilizes parallelism of hardware calculation to obtain a high speed operation result, uses flexibility of software to guarantee an attack resisting capability of a system, can support different RSA lengths and calculation modes of different HASH functions. Functionally, the low cost digital signature SPOC design method based on RSA and SHA-512 can be used for digital autographing and identity authentication.