摘要 |
The invention provides a method, in a processor, for executing a cryptographic computation. Upon the execution of the computation there is applied a base masking through which intermediate values are incorporated into the computation as masked intermediate values. Upon the execution of the computation a secondary masking is additionally applied, wherein for each intermediate value masked by means of the base masking the one's complement of the masked intermediate value is formed, the masked intermediate value and the one's complement of the masked intermediate value are made available, and randomly the computation is executed either with the masked intermediate value or with the one's complement of the masked intermediate value. |