Patent Number: 6,307,935

Title: Method and apparatus for fast elliptic encryption with direct embedding

Abstract: The present invention takes advantage of a quadratic-only ambiguity for x-coordinates in elliptic curve algebra as a means for encrypting plaintext directly onto elliptic curves. The encrypting of plaintext directly onto elliptic curves is referred to herein as "direct embedding". When performing direct embedding, actual plaintext is embedded as a "+" or "-" x-coordinate. The sender specifies using an extra bit whether + or - is used so that the receiver can decrypt appropriately. In operation their are two public initial x-coordinates such that two points P.sub.1.sup.+ and P.sub.1.sup.- lie respectively on two curves E.sup.+ and E.sup.-. A parcel of text x.sub.text is selected that is no more than q bits in length. The curve (E.sup.+ or E.sup.-) that contains x.sub.text is determined. A random number r is chosen and used to generate a coordinate x.sub.q using the public key of a receiving party. An elliptic add operation is used with the coordinate x.sub.q and the parcel of text to generated a message coordinate x.sub.m. A clue x.sub.c is generated using the random number and the point P from the appropriate curve E.sup..+-.. The sign that holds for x.sub.text is determined and called g. The message coordinate x.sub.m, the clue x.sub.c, and the sign g are sent as a triple to the receiving party. The receiving party uses the clue x.sub.c and its private key to generate coordinate x.sub.q. Using the sign g and coordinate x.sub.q, the text can be recovered.

Inventors: Crandall; Richard E. (Portland, OR), Garst; Blaine (Belmont, CA)

Assignee: Apple Computer, Inc.

International Classification: G06F 7/72 (20060101); G06F 7/60 (20060101); H04L 9/32 (20060101); H04L 9/28 (20060101); H04L 9/30 (20060101); H04L 009/30 ()

Expiration Date: 10/23/2018