Patent Number: 8,817,973

Title: Encrypting method having countermeasure function against power analyzing attacks

Abstract: Based on an encrypting method for performing an exponential remainder calculation y=a.sup.d (mod n) from an u-bit exponent d=(d.sub.u-1, . . . , d.sub.0).sub.2, input data a, and a modulo n, calculating a'=a.sup.2(mod n) is performed first. Next, calculating y=(a').sup.f(mod n) is performed on f=(d.sub.u-1, d.sub.u-2, . . . , d.sub.1).sub.2. Then, when d.sub.0=1, calculating y=y.times.a (mod n) is performed. Then, outputting y=a.sup.d (mod n) is performed. In the first step, although an attacker inputs data including a minus value such as a=-1 and a=s, -s, etc., only plus values can be constantly generated in multiplication and squaring. Therefore, the method makes it hard to estimate a secret key using power analyzing attacks such as the SPA and the DPA, thereby realizing an encryption processor having high tamper-resistance.

Inventors: Itoh; Kouichi (Kawasaki, JP)

Assignee: Fujitsu Limited

International Classification: H04L 9/00 (20060101)

Expiration Date: 8/26/12018