| 发明名称 |
Cryptographic method comprising a modular exponentiation operation |
| 摘要 |
The present invention relates to a method for performing an iterative calculation of exponentiation of a large datum, the method being implemented in an electronic device (DV1) and comprising calculations of squaring and multiplying large variables performed in parallel, by squaring (SB1) and multiplication (SM1) blocks, the method comprising steps of: while a temporary storage buffer memory is not full of unused squares, triggering a calculation by the squaring block for a bit of the exponent, when the squaring block is inactive, storing each square provided by the squaring block in the buffer memory, if the bit of the corresponding exponent is on 1, and while the buffer memory contains an unused square, triggering a calculation by the multiplication block concerning the unused square, when the multiplication block is inactive. |
| 申请公布号 |
US9405729(B2) |
申请公布日期 |
2016.08.02 |
| 申请号 |
US201314072155 |
申请日期 |
2013.11.05 |
| 申请人 |
Inside Secure |
发明人 |
Clavier Christophe;Verneuil Vincent |
| 分类号 |
G06F17/10;G06F7/72;H04L9/00;H04L9/30 |
主分类号 |
G06F17/10 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for performing an iterative calculation of exponentiation of a large datum by an exponent formed of a number of bits, the method being implemented in an electronic device and comprising:
squaring a large variable, by a squaring block comprising a hardware coprocessor; multiplying large variables, by a multiplication block comprising a hardware coprocessor; storing results, by a buffer memory provided by the squaring block; triggering a calculation by the squaring block for each bit of the exponent while the buffer memory is not full of results that have not been used by the multiplication block when the squaring block is inactive; storing a result provided by the squaring block in the buffer memory, in association with a value of a group of at least two consecutive bits following a bit of 1 of the exponent, and resetting to zero each bit of the exponent belonging to a single group of at least two consecutive bits; triggering a multiplication calculation by the multiplication block for multiplying an unused squaring result in the buffer memory by a multiplication result stored for the value of the group associated with the squaring result and storing the result of the multiplication for the value of the group while the buffer memory contains a squaring result not used by the multiplication block when the multiplication block is inactive; and combining the multiplication results stored for the groups by raising the multiplication results stored to the power of two times the value of the group plus 1 and by multiplying among themselves the results of the raising operations obtained. |
| 地址 |
Meyreuil FR |
