A device is provided. In some examples, the device includes a division logic circuit having input lines including a first least significant input line. The division logic circuit further includes temporary output lines including a second least significant line. The device also includes a first multiplexer having a first data input coupled to the first least significant input line. The first multiplexer further includes a second data input coupled to the second least significant line.

The present invention relates to a method for digital signing of a document using a predetermined secret key (x), comprising steps of: (a) determination of an initial internal state (s.sub.0) by application to a condensate of the document of a first white box implementation (WB.sub.0) of: generation of a main nonce (k); then a modular sum of the main nonce (k) and of a predetermined constant (K); (b) determination of a first internal state (s.sub.1) by application to the initial internal state (s.sub.0) of a first modular arithmetic operation, then of a modular product with exponentiation of the predetermined constant (K); (c) determination of a second internal state (s.sub.2) by application to said condensate of a second white box implementation (WB.sub.s2) of: generation of the main nonce (k); and a second modular arithmetic operation function of the first internal state (s.sub.1), of the main signature nonce (k) and of the secret key (x); (d) generation of a digital signature of the document from the first internal state (s.sub.1) and the second internal state (s.sub.2).

In an aspect, an apparatus obtains at least a first input value and a second input value from a sender device. The apparatus performs a computational operation between portions of the first input value and portions of the second input value to obtain a plurality of partial results of the computational operation. The apparatus applies a hash function to each of the plurality of partial results of the computational operation to obtain a hash of a final result of the computational operation between the first input value and the second input value. The apparatus obtains the final result of the computational operation from the sender device. The apparatus verifies that the final result of the computational operation from the sender device is correct based on the hash of the final result of the computational operation.

The secret calculation system comprises three secret calculation apparatuses. An i.sup.th secret calculation apparatus (i=1, 2, 3) comprises a holder that holds (S[i], T[i]) and (S[i], T[i]) as distributed values of an n-bit number W and an n-bit W (n is any natural number), respectively; a first multiplicator that derives a logical conjunction of S[i] and S[i]; a second multiplicator that derives a logical conjunction of T[i] and T[i]; and a first subtractor that derives a difference between the logical conjunction derived by the first multiplicator and the logical conjunction derived by the second multiplicator.

The present embodiments relate to an address generator circuit for addressing a storage circuit. The address generator circuit may generate address signals for read and write access operations at the storage circuit. The write access operation may store a two-dimensional array in the storage circuit and the read access operation may retrieve a transpose of the two-dimensional array from the storage circuit. The address generator circuit may include a status flag generation circuit that generates status flag signals, a modulo adder circuit that receives first and second signals and computes a modulo adder output signal, and an address processing circuit. The address processing circuit may receive the modulo adder output signal from the modulo adder circuit and the plurality of status flag signals from the status flag generation circuit and provide the first and second signals to the modulo adder circuit.

A data loading and storage system includes a storage module, a buffering module, a control module, a plurality of data loading modules, a plurality of data storage modules and a multi-core processor array module. The data is continuously stored in a DDR, and the data computed by the multi-core processor may be arranged continuously or be arranged according to a certain rule. After DMA reads the data into the DATA_BUF module by a BURST mode, in order to support fast loading of the data into the multi-core processor array, the data loading modules (i.e., load modules) are designed. In order to quickly store the computed result of the multi-core processor array into the (DATA_BUF module according to a certain rule, the data storage modules (i.e., store module) are designed.

A processor of an aspect includes a plurality of registers, and a decode unit to decode an instruction. The instruction is to indicate at least one storage location that is to store a first integer, a second integer, and a modulus. An execution unit is coupled with the decode unit, and coupled with the plurality of registers. The execution unit, in response to the instruction, is to store a Montgomery multiplication product corresponding to the first integer, the second integer, and the modulus, in a destination storage location. Other processors, methods, systems, and instructions are disclosed.

A hardware circuit computes a checksum using a technique such as the Adler-32 checksum algorithm. The hardware circuit may include one or more serially-connected chains of adders followed by a modulus circuit. The modulus circuit produces a modulus value in N, where N is not an integer power of 2. In some examples, N is 65,521. In some examples, the modulus circuit may produce a modulus value modulo 2.sup.16 and then correct that value to modulo N. In other examples, the modulus circuit may include selection logic that selects an appropriate integer multiple of 65,521 to determine the modulo 65,521 result directly.

A binary logic circuit for determining the ratio x/d in accordance with a rounding scheme, where x is a variable integer input of bit length w and d is a fixed positive integer of the form 2.sup.n1, the binary logic circuit being configured to form the ratio as a plurality of bit slices, the bit slices collectively representing the ratio, wherein the binary logic circuit is configured to generate each bit slice according to a first modulo operation for calculating mod(2.sup.n1) of a respective bit selection of the input x and in dependence on a check for a carry bit, wherein the binary logic circuit is configured to, responsive to the check, selectively combine a carry bit with the result of the first modulo operation.

Hardware logic arranged to perform modulo calculation with respect to a constant value b is described. The modulo calculation is based on a finite polynomial ring with polynomial coefficients in GF(2). This ring is generated using a generator polynomial which has a repeat period (or cycle length) which is a multiple of b. The hardware logic comprises an encoding block which maps an input number into a plurality of encoded values within the ring and a decoding block which maps an output number back from the ring into binary. A multiplication block which comprises a tree of multipliers (e.g. a binary tree) takes the encoded values and multiplies groups (e.g. pairs) of them together within the ring to generate intermediate values. Groups (e.g. pairs) of these intermediate values are then iteratively multiplied together within the ring until there is only one intermediate value generated which is the output number.