| 摘要 |
The invention relates to methods for an espionage-protected determination of the modular inverse b of a value a to the modulus n for a cryptographic application. According to said method, an auxiliary value beta and an auxiliary modulus delta are determined at least in accordance with the value a, the modulus n and also at least one masking parameter r, an auxiliary inverse beta' is determined as the modular inverse of the auxiliary value beta to the auxiliary modulus delta and the modular inverse b is determined at least in accordance with the auxiliary inverse beta', the masking parameter(s) r and the auxiliary value beta and/or the auxiliary modulus delta. The invention also relates to a corresponding computer program product and a portable data carrier. The invention provides a modular inversion method that is protected against espionage, which is suitable for security-critical applications, e.g. cryptographic calculations in a portable data carrier. |
