Provided is a method for securely performing a public key algorithm comprising cryptographic computations using a private key. It includes selecting (S1), by a server device, a set of mutually coprime integers (p1,...,pn) as a base of a Residue Number System (RNS-base B), with n an integer; computing (S2), by said server device, a RNS representation of said private key, said RNS representation of an integer x in [0, P-1], with P the product of every elements of the base, being the list (x1, ...xn) with xi = x mod pi, i being an integer in [1,n]; sending (S3), by said server device, the computed RNS representation to a client device; and performing (S4), by said client device, the cryptographic computations of the public key algorithm in said RNS base using said sent RNS representation.

The present invention discloses an INS network-based anti-fault attack method of random infection, comprising the steps of sending the plain-text into an encryption processor, wherein two groups of cipher text are outputted through temporal or spatial redundancy; conducting XOR operation) on the two groups of said cipher text output to obtain the output difference; sending the said output difference into an infection function module to initiate an infection operation to obtain the infection result; conducting XOR operation on any of said groups of cipher text output to generate the final output. The present invention can realize the randomization of infection function in infection countermeasures, reduce the successful probability of fault attack and improve the safety of the circuit.

The invention introduces an apparatus for detecting errors during data encryption. The apparatus includes an encoding circuitry and an error detection circuitry. The encoding circuitry is arranged operably to realize an encryption algorithm including multiple rounds, in which of each round encodes plaintext or an intermediate encryption result with a round key. The error detection circuitry is arranged operably to: calculate redundant data corresponding to the intermediate encryption result; and output an error signal to a processing unit when finding that the intermediate encryption result does not match the redundant data at a check point during an encryption process.

A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.

A bonded structure is disclosed. The bonded structure can include a first semiconductor element having a first front side and a first back side opposite the first front side. The bonded structure can include a second semiconductor element having a second front side and a second back side opposite the second front side, the first front side of the first semiconductor element directly bonded to the second front side of the second semiconductor element along a bond interface without an adhesive. The bonded structure can include security circuitry extending across the bond interface, the security circuitry electrically connected to the first and second semiconductor elements

An algorithm execution method includes carrying out a first execution of the algorithm by a processing unit, sending at least one first result, which is to be written into a memory, to a memory management circuit, and storing said first result into a first area of the volatile memory. The method also includes carrying out a second execution of the algorithm by the processing unit, sending at least one second result, which is to be written into the memory, to the memory management circuit, and applying, by means of the memory management circuit, a different processing for the at least one second result in the second execution than was applied for the at least one first results in the first execution.

In a general aspect, a method can include: executing an operation of a program that loads an arbitrarily chosen value of an initial data item of a series of ordered data; executing a series of calculation operations distributed in the program, that calculate a current data item based on a preceding data item; performing a final calculation operation of the series of operations that calculates a final data item of the data series; and executing an operation of the program that detects a program execution error by comparing the current data item of the data series with an expected value of the current data item or the final data item, the final data item having an expected value that is independent of the number of data items in the data series and is calculated based on the current data item of the data series and a final compensation data item.

The disclosure concerns a method of protecting a calculation on a first number and a second number, including the steps of: generating a third number including at least the bits of the second number, the number of bits of the third number being an integer multiple of a fourth number; dividing the third number into blocks each having the size of the fourth number; successively, for each block of the third number: performing a first operation with a first operator on the contents of a first register and of a second register, and then on the obtained intermediate result and the first number, and placing the result in a third register; and for each bit of the current block, performing a second operation by submitting the content of the third register to a second operator with a function of the rank of the current bit of the third number, and then to the first operator with the content of the first or of the second register according to state “0” or “1” of said bit, and placing the result in the first or second register.

A redundancy system includes a first computational device and a second computational device each configured to receive at least one input and to generate a first output and a second output, respectively, based on the at least one input; a random sequence generator configured to generate a random bit sequence; a random delay selector configured to determine a random delay based on the random bit sequence; a first random delay circuit configured to delay outputting the at least one input to the first computational device based on the random delay; a second random delay circuit configured to delay outputting the second output based on the random delay; and a fault detection circuit configured to receive the first output and the delayed second output, and to generate a comparison result based on comparing the first input to the delayed second output.

A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.