An apparatus and method for performing operation being secure against side channel attack are provided. The apparatus and method generate values equal to values obtained through an exponentiation operation or a scalar multiplication operation of a point using values extracted from previously generated parameter candidate value sets and an operation secure against side-channel attack, thereby improving security against side-channel attack without degrading performance.

An apparatus and method for performing operation being secure against side channel attack are provided. The apparatus and method generate values equal to values obtained through an exponentiation operation or a scalar multiplication operation of a point using values extracted from previously generated parameter candidate value sets and an operation secure against side-channel attack, thereby improving security against side-channel attack without degrading performance.

An apparatus and method for performing operation being secure against side channel attack are provided. The apparatus and method generate values equal to values obtained through an exponentiation operation or a scalar multiplication operation of a point using values extracted from previously generated parameter candidate value sets and an operation secure against side-channel attack, thereby improving security against side-channel attack without degrading performance.

An intelligent transportation system, ITS, station (600) comprising: a host processor (640); and a memory (664) operably coupled to the host processor (640). The host processor (640) is configured to: perform precomputation of certificate data associated with an identity to be verified on a per identity basis; store precomputation data for a plurality of verified identities in the memory (664); and extract stored precomputation data from memory (664) and use the stored precomputation data to perform accelerated verification of subordinate certificates.

Methods, apparatus, and computer readable storage medium for performing interleaved scalar multiplication are described. The method includes obtaining a bit-number of a scalar; factorizing the bit-number of the scalar into a product of a plurality of factors, the plurality of factors comprising s, d, and w; generating d tables based on a parameter, each table comprising N entries; for each iteration of s iterations: multiplying a result by two, constructing an index for each table from w bits in the scalar in the binary format, selecting a value from each table based on the constructed index for each table, and adding the value selected from each table to the result and starting next iteration; and in response to completing the s iterations, determining the result for a scalar multiplication between the scalar and the parameter.

An information processing apparatus including a message generating unit that generates N sets of messages based on a multi-order multivariate polynomial set F=(f.sub.1, . . . , f.sub.m) defined on a ring K and a vector s that is an element of a set K.sup.n, a first information selecting unit that inputs a document M and the N sets of messages to a one-way function that selects one piece of first information from among k (where k3) pieces of first information in response to a set of input information, and selects N pieces of first information, a second information generating unit that generate N pieces of second information, and a signature providing unit that provides a verifier with the N pieces of first information and the N pieces of second information as a digital signature.

An apparatus computing scalar multiplication of a point on an elliptic curve by a scalar value includes an estimation unit configured to estimate a pre-computation amount based on the scalar value, a pre-computation unit configured to perform pre-computation based on the point on the elliptic curve by using the estimated pre-computation amount, a generating unit configured to generate an internal representation of the scalar value by using the estimated pre-computation amount, and a computation unit configured to output a result of the scalar multiplication of the point based on the result of the pre-computation and the internal representation.

In Elliptic Curve Cryptography (ECC), one performs a great number of modular multiplications. These are usually done by Montgomery Multiplication algorithm, which needs the operands to be preprocessed (namely, converted to the Montgomery Domain), which is normally done by an equivalent of a long division. We provide a method to perform this conversion by a single Montgomery multiplication on the raw data. The method is formulated for elliptic curve points represented in Jacobian coordinates but can be extended to other representations.

Systems and methods described herein relate to techniques in which multiple parties each generate and exchange quantities that are based on a shared secret (e.g., powers of the shared secret) without exposing the shared secret. According to a protocol, two or more parties may exchange sets of elliptic curve points generated over polynomials that can be used, by each of the two or more parties, to determine a power of a shared secret. The protocol may be utilised as part of determining parameters for a smart contract that is broadcast to a blockchain network (e.g., Bitcoin). Based on the protocol, an additional party (e.g., a third party different from the two or more parties) may perform a computational task such as execution of the smart contract.

A memory system is constituted of a file storage flash memory storing a control program required for a control portion and a large amount of data, and a random access memory storing a program used by the control portion and functioning as a buffer memory for received data. Thus, a memory system for a portable telephone capable of storing a large amount of received data at high-speed and allowing reading of the stored data at high-speed is provided.