The systems and methods described herein provide computationally effective ways to calculate cryptography key pairs for a variety of cryptography applications, including but not limited to encryption/decryption systems, digital signature systems, encrypting file systems, etc. In various implementations, a cryptography key computation system identifies an encryption function, such as an elliptical curve function, that is used as the basis of a cryptography key pair. The cryptography key computation system may further identify a basepoint on the encryption function as well as a scalar that is to be multiplied by the basepoint. The cryptography key computation system may decompose the scalar into a sum of folding units, e.g., smaller scalars that are represented by the product of a coefficient and a power of an integer. In some implementations, the coefficients of the folding units may be precomputed. Permutations of specific coefficients may be cached/stored using the techniques described herein.

An elliptic curve scalar multiplication apparatus stores a prime number p and information of a first point, the prime number p defining a field of definition F.sub.p, which defines a first curve, which is a Weierstrass form elliptic curve, and expressed as p=p.sub.0+p.sub.1c+ . . . +p.sub.1c.sup.n1, (where c equals 2.sup.f and f is an integer equal to or larger than 1 that is units of breaking data into pieces in multiple-precision integer arithmetic executed by the elliptic curve scalar multiplication apparatus), calculates a Montgomery constant k.sub.0, work, and h.sub.1, executes doubling of a second point, which is calculated from the first point, by Montgomery multiplication that uses k.sub.0, work, and h.sub.1, adds a third point and fourth point, which are calculated from the first point, by Montgomery multiplication that uses k.sub.0, work, and h.sub.1; and calculates a scalar multiple of the first point, based on a result of the doubling and the addition.

A computer-implemented method for enabling elliptic curve arithmetic to be performed using blockchain transactions, wherein the method is performed by a script generator. A first script of a first blockchain transaction is generated, wherein the first script comprises a modular inversion script configured to obtain a target integer and a modulus value and output a modular inverse of the target integer. The target integer and the modulus value are co-prime. The modular inverse is generated by iteratively computing a first sequence of the extended Euclidean algorithm with the target integer and modulus value as inputs, and using the first sequence to compute a Bezout co-efficient of the target integer, wherein the Bezout co-efficient of the target integer is output as the modular inverse. The first script is outputted for inclusion in the first blockchain transaction.

A computer-implemented method for enabling elliptic curve arithmetic to be performed using blockchain transactions. A first script of a first blockchain transaction is generated, comprising a modular inversion script configured to obtain a target integer and a modulus value, and output a modular inverse of the target integer. The modular inverse is generated by generating a sequence of squaring values; for each set bit of a reduced modulus value expressed in binary, including the corresponding squaring value of the sequence of squaring values in a result; multiplying together the squaring values of the result to generate a resultant value; and computing a modulus of the resultant value with respect to the modulus value, wherein the modulus of the resultant value is output as the modular inverse, and outputting the first script for inclusion in the first blockchain transaction.

Systems and methods described herein relate to techniques in which multiple parties each generate and exchange quantities that are based on a shared secret (e.g., powers of the shared secret) without exposing the shared secret. According to a protocol, two or more parties may exchange sets of elliptic curve points generated over polynomials that can be used, by each of the two or more parties, to determine a power of a shared secret. The protocol may be utilised as part of determining parameters for a smart contract that is broadcast to a blockchain network (e.g., Bitcoin). Based on the protocol, an additional party (e.g., a third party different from the two or more parties) may perform a computational task such as execution of the smart contract.

The present disclosure relates to a cryptographic method comprising: multiplying a point belonging to a mathematical set with a group structure by a scalar by performing: the division of a scalar into a plurality of groups formed of a same number w of digits, w being greater than or equal to 2; and the execution, by a cryptographic circuit and for each group of digits, of a sequence of operations on point, the sequence of operations being identical for each group of digits, at least one of the operations executed for each of the groups of digits being a dummy operation.

In Elliptic Curve Cryptography (ECC), one performs a great number of modular multiplications. These are usually done by Montgomery Multiplication algorithm, which needs the operands to be preprocessed (namely, converted to the Montgomery Domain), which is normally done by an equivalent of a long division. We provide a method to perform this conversion by a single Montgomery multiplication on the raw data. The method is formulated for elliptic curve points represented in Jacobian coordinates but can be extended to other representations.

The present disclosure relates to a cryptographic method including the execution, by a cryptographic circuit, of an algorithm applied to a scalar in order to generate an output vector, of length L+n, which digits are d.sub.0, . . . , d.sub.L+n1, the algorithm comprising iterations i, each iteration i taking an input data value, initially equal to said scalar and an input vector of length c, which digits are d.sub.i, . . . , d.sub.i+c1, where for each j{i, . . . , i+c1}, the digit d.sub.j is such that: $d_j^{}=\{\begin{array}{c}{d}_j\mathrm{if}j<L\\ d_{j-m}\mathrm{otherwise}\end{array}.$

A memory system is constituted of a file storage flash memory storing a control program required for a control portion and a large amount of data, and a random access memory storing a program used by the control portion and functioning as a buffer memory for received data. Thus, a memory system for a portable telephone capable of storing a large amount of received data at high-speed and allowing reading of the stored data at high-speed is provided.

Computer-implemented methods for locking a blockchain transaction based on undetermined data are described. The invention is implemented using a blockchain network. This may, for example, be the Bitcoin blockchain. A locking node may include a locking script in a blockchain transaction to lock a digital asset. The locking script includes a public key for a determined data source and instructions to cause a validating node executing the locking script to verify the source of data provided in an unlocking script by: a) generating a modified public key based on the public key for the determined data source and based on data defined in the unlocking script; and b) evaluating a cryptographic signature in the unlocking script based on the modified public key. The blockchain transaction containing the locking script is sent by the locking node to the blockchain network. The lock may be removed using a cryptographic signature generated from a private key modified based on the data.