In one embodiment, an apparatus includes a hardware accelerator to execute cryptography operations including a Rivest Shamir Adleman (RSA) operation and an elliptic curve cryptography (ECC) operation. The hardware accelerator may include a multiplier circuit comprising a parallel combinatorial multiplier, and an ECC circuit coupled to the multiplier circuit to execute the ECC operation. The ECC circuit may compute a prime field multiplication using the multiplier circuit and reduce a result of the prime field multiplication in a plurality of addition and subtraction operations for a first type of prime modulus. The hardware accelerator may execute the RSA operation using the multiplier circuit. Other embodiments are described and claimed.

An iterative calculation is performed on a first number and a second number, while protecting the iterative calculation against side-channel attacks. For each bit of the second number, successively, an iterative calculation routine of the bit of the second number is determined. The determination is made independent of a state of the bit. The determined iterative calculation routine of the bit is executed. A result of the iterative calculation is generated based on a result of the execution of the determined iterative calculation routine of a last bit of the second number.

An apparatus and method for performing operation being secure against side channel attack are provided. The apparatus and method generate values equal to values obtained through an exponentiation operation or a scalar multiplication operation of a point using values extracted from previously generated parameter candidate value sets and an operation secure against side-channel attack, thereby improving security against side-channel attack without degrading performance.

Systems and methods for end-to-end encryption of a web browsing process are described herein. A web query is encrypted at a client using a homomorphic encryption scheme. The encrypted query is sent to a server where the encrypted query is evaluated over web content to generate an encrypted response without decrypting the encrypted query and without decrypting the response. The encrypted response is sent to the client where it is decrypted to obtain the results of the query without revealing the query or results to the owner of the web content, an observer, or an attacker.

The present invention relates to a method for electronic signing of a document with a predetermined secret key (x), the method being characterized in that it comprises the implementation of steps of: (a) Drawing a pair formed by a first internal state (s.sub.1.sup.i) and a white-box implementation (WB.sub.i) of a modular arithmetic operation, from among a set of predetermined pairs ({(s.sub.1.sup.i,WB.sub.i)}.sub.i[0,n-1]) each for one nonce (k.sub.i), said first internal state (s.sub.1.sup.i) being a function of the nonce (k.sub.i) and said modular arithmetic operation being a function of the first internal state (s.sub.1.sup.i), of the nonce (k.sub.i) and of the secret key (x); (b) Determining a second internal state (s.sub.2.sup.i) by application of said drawn white-box implementation (WB.sub.i) to a condensate of the document obtained via a given hash function; (c) Generating an electronic signature of the document from the first internal state (s.sub.1.sup.i) of the drawn pair and from the second determined internal state (s.sub.2.sup.i), and deleting the drawn pair of said set of pairs ({(s.sub.1.sup.i,WB.sub.i)}.sub.i[0,n-1]).

In one embodiment, an apparatus includes: a hardware accelerator to execute cryptography operations including a Rivest Shamir Adleman (RSA) operation and an elliptic curve cryptography (ECC) operation. The hardware accelerator may include: a multiplier circuit comprising a parallel combinatorial multiplier; and an ECC circuit coupled to the multiplier circuit to execute the ECC operation. The ECC circuit may compute a prime field multiplication using the multiplier circuit and reduce a result of the prime field multiplication in a plurality of addition and subtraction operations for a first type of prime modulus. The hardware accelerator may execute the RSA operation using the multiplier circuit. Other embodiments are described and claimed.

A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.

An apparatus and method for performing operation being secure against side channel attack are provided. The apparatus and method generate values equal to values obtained through an exponentiation operation or a scalar multiplication operation of a point using values extracted from previously generated parameter candidate value sets and an operation secure against side-channel attack, thereby improving security against side-channel attack without degrading performance.

Cryptographic circuitry, in operation, performs a calculation on a first number and a second number. The performing of the calculation is protected by breaking the second number into a plurality of third numbers, a sum of values of the third numbers being equal to a value of the second number. The calculation is performed bit by bit for each rank of the third numbers. Functional circuitry, coupled to the cryptographic circuitry, uses a result of the calculation.

A bit-decomposition secure computation apparatus uses r1, r2, and r3 satisfying w=r1+r2+r3 mod 2{circumflex over ()}n as share information of (2, 3) threshold type RSS (Replicated Secret Sharing) stored in a share value storage apparatus, and includes an addition sharing part that sums two values out of the share information by modulo 2{circumflex over ()}n arithmetic and distributes the sum using (2, 3) type RSS; and a full adder secure computation part that adds the value generated by the addition sharing part by distributing the sum of the two values to share information of one remaining value other than the two values used by the addition sharing part for each digit by using secure computation of a full adder.