An information processing apparatus includes a memory, and a processor coupled to the memory and configured to generate, from a common key used for symmetric key cryptography, and from either an encryption process using the common key or a decryption process using the common key, an encryption lookup table corresponding to the encryption process or a decryption lookup table corresponding to the decryption process by using white box cryptography, and disseminate the generated encryption lookup table or the generated decryption lookup table as a public key.

An information processing apparatus includes a processor that acquires an operation result on an input data by referring to a look-up table that stores an operation result of an operation process, including an obfuscating operation that includes ordering of bits, an exclusive-OR operation on a random number, and a multiplication on a Galois field, performed on data.

A method of operation concealment for a cryptographic system includes randomly selecting which one of at least two cryptographic operation blocks receives a key to apply a valid operation to data and outputs a result that is used for subsequent operations. Noise can be added by operating the other of the at least two cryptographic operation blocks using a modified key. The modified key can be generated by mixing the key with a block-unique-identifier, a device secret, a slowly adjusting output of a counter, or a combination thereof. In some cases, noise can be added to a cryptographic system by transforming input data of the other cryptographic operation block(s) by mixing the input data with the block-unique-identifier, device secret, counter output, or a combination thereof. A cryptographic system with operation concealment can further include a distributed (across a chip) or interweaved arrangement of subblocks of the cryptographic operation blocks.

A method is disclosed. The method includes receiving, by a user device, an encrypted message from a server computer. The encrypted message is a message encrypted with a master secret key or a key derived from the master secret key. The user device signs the encrypted message with a secure element private key. The user device, using a whitebox, cryptographically recovers a secure element public key from a certified key using a server computer public key. The certified key is certified by the server computer and based on at least the secure element public key. The user device, using the whitebox, cryptographically recovers the encrypted message from the signed encrypted message using the secure element public key. The user device, using the whitebox, decrypts the encrypted message using the master secret key or the key derived from the master secret key in the whitebox to obtain the message.

A method for generating digital signatures is disclosed. The method contains the steps of generating at least one private key, generating at least one table by using the private key in at least one white box cryptosystem, generating at least one random number, generating pre images, each to be used in a digital signature by encrypting the random numbers using the generated table in at least one white box cryptosystem, and generating at least one digital signature by using at least one generated pre image.

A search key is generated (S20). A key relationship array is transmitted (S11). If an element matching the key relationship array is present, the found search key is held (S21). A key relationship index is transmitted (S22). A record read out using the key relationship index is transmitted (S12). If the record matches the search key, the found search key is held (S23). The found search key is set for an empty element of the key relationship array and is transmitted (S24). A data array is transmitted (S13). If an element matching the data array is present, the found data is held (S25). A data index is transmitted (S26). A record read out using the data index is transmitted (S14). If the record matches the search key, the found data is held (S27). Desired data is set for an empty element of the data array and is transmitted (S28).

A substitute box includes a target input terminal, an obfuscation input terminal, a first output terminal and a second output terminal. The target input terminal is configured to receive a target input data. The obfuscation input terminal is configured to receive an obfuscation input data unrelated to a plaintext. The first output terminal is configured to output a first output data. The second output terminal is configured to output a second output data associated with the first output data. The first output data and the second output data are generated according to both the target input data and the obfuscation input data.

A computer implemented method of protecting data in a message for communication from a sender to a receiver, the sender and receiver sharing a secret, the method including splitting the message into a plurality of ordered message blocks, the order being a proper order such that an aggregation of the blocks in the proper order constitutes the message; generating a hash value for each message block, each hash value being generated on the basis of at least a content of the block and the secret; generating, for each block, an encoded indication of a position of the block in the proper order of blocks, the encoding being reversible and based on at least the hash value for the block and a position of the block in the proper order; communicating the blocks to the receiver in an order different to the proper order so as to obfuscate the message; and communicating the encoded indications to the receiver such that the blocks can be reassembled by the receiver in the proper order on the basis of the shared secret.

A method for hyper security encoding includes receiving data to be encrypted, and padding the data to be encrypted with padding data to avoid un-obfuscated bits after encryption. The method also includes encrypting, with a Mojette Transform, the data to be encrypted after the data to be encrypted is padded with the padding data, and outputting a result of the encryption as encrypted data.

A modular operation circuit includes a controller, a modular multiplier and a modular adder. The controller divides a first number into K segments. The modular multiplier performs modular multiplication operations and the modular adder performs modular addition operations to the K segments in (K−1) iterations for deriving a remainder of a division of the first number by a second number.