Patents by Inventor Robert John Lambert
Robert John Lambert has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8532286Abstract: A system and method are described that provide an alternative way in which to produce a Montgomery reduction from below by storing a new precomputed value used to substantially replace the ? and n values used in Montgomery reduction with a single value. By modifying the Montgomery reduction mechanism in this way, the number of multiplications and registers required to effect the Montgomery reduction can be reduced. To avoid having to store both ? and n, a modified reduction value or a logical shift or signed version of such a value can be used in place of ? and n for the bulk of the low-order reduction.Type: GrantFiled: July 19, 2010Date of Patent: September 10, 2013Assignee: Certicom Corp.Inventor: Robert John Lambert
-
Publication number: 20130170644Abstract: An authentication device is used to authenticate a component to a product using a secret key. The life cycle of the authentication device is controlled by selective deletion of the secret key. An attestation message is sent by the authentication device upon deletion of the secret key. Authentication devices from faulty components or over supply of the authentication devices ma}? be rendered inoperable and audited.Type: ApplicationFiled: September 12, 2011Publication date: July 4, 2013Inventor: Robert John Lambert
-
Patent number: 8462944Abstract: A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: GrantFiled: July 12, 2011Date of Patent: June 11, 2013Assignee: Certicom Corp.Inventors: Scott Alexander Vanstone, Ashok Vadekar, Robert John Lambert, Robert Philip Gallant, Daniel Richard L. Brown, Alfred John Menezes
-
Publication number: 20130046972Abstract: A method and apparatus are disclosed for using a single credential request (e.g., registered public key or ECQV certificate) to obtain a plurality of credentials in a secure digital communication system having a plurality of trusted certificate authority CA entities and one or more subscriber entities A. In this way, entity A can be provisioned onto multiple PKI networks by leveraging a single registered public key or implicit certificate as a credential request to one or more CA entities to obtain additional credentials, where each additional credential can be used to derive additional public key-private key pairs for the entity A.Type: ApplicationFiled: February 10, 2012Publication date: February 21, 2013Inventors: Matthew John Campagna, Robert John Lambert, James Robert Alfred
-
Publication number: 20120311007Abstract: Methods and systems for squaring a binary finite field element are described. In some aspects, a data processing apparatus includes registers and processor logic. A first register stores a sequence of binary values that define a binary finite field element input. The processor logic accesses input components from the first register according to intervals in the sequence. Each input component includes a binary value from each interval in the sequence. In some cases, the intervals are periodic and the binary finite field element corresponds to a sum of phase-shifted input components. The processor logic generates output components based on the input components. The processor logic generates a square of the binary finite field element in the second register based on the output components. The number of input components can be selected, for example, to balance costs of additional processing time against benefits associated with reduced processing hardware.Type: ApplicationFiled: June 4, 2012Publication date: December 6, 2012Applicant: Certicom Corp.Inventor: Robert John Lambert
-
Publication number: 20120284514Abstract: Methods, systems, and computer programs for managing authentication data for an authentication device are disclosed. An authentication device may be included, for example, in a mobile device battery so that the battery can be authenticated by a mobile device. In some implementations, encrypted certificate data are stored on an authentication device. The encrypted certificate data are accessed, and unencrypted certificate data are generated by decrypting the encrypted certificate data. The unencrypted certificate data are stored on the authentication device. The unencrypted certificate data enable the authentication device to provide a valid reply message, for example, in response to receiving an interrogation message from an interrogation device. In some implementations, the reply message includes the unencrypted certificate data and a response value generated by the authentication device based on a secret value.Type: ApplicationFiled: May 3, 2012Publication date: November 8, 2012Applicant: Certicom CorporationInventor: Robert John Lambert
-
Publication number: 20120257742Abstract: An efficient implementation of SHA-512, and similarly SHA-384, on an ARM processor. The implementation maximizes reuse of the register values between iterations so as to minimize the need to load these values from memory. This is achieved by categorizing the iterations into even and odd ones such that the sequence of computation in the even iteration is reversed in the odd iteration and the register values at the end of one iteration are consumed at the beginning of the following one.Type: ApplicationFiled: April 5, 2012Publication date: October 11, 2012Applicant: CERTICOM CORP.Inventors: Nevine Maurice Nassif Ebeid, Robert John Lambert
-
Publication number: 20120242459Abstract: Methods, systems, and computer programs for interrogating an authentication device are disclosed. For example, a mobile device can include an interrogator module that interrogates an authentication module in a mobile device accessory, for example, upon installation of the mobile device accessory. In some implementations, challenge-response pairs and a challenge-response distribution are stored in a memory of an interrogator module. The challenge-response distribution defines selection probabilities for the challenge values. In some instances, the interrogator module receives an authentication request from an authentication module, and in response to the authentication request, the interrogator module selects an initial challenge value according to the challenge-response distribution. The interrogator module sends the authentication module an interrogation message that includes the initial challenge value.Type: ApplicationFiled: March 23, 2012Publication date: September 27, 2012Applicant: Certicom CorporationInventor: Robert John Lambert
-
Publication number: 20120155637Abstract: A cryptographic module and a computing device implemented method for securing data using a cryptographic module is provided. The cryptographic module may include an input component for receiving a password, an output component for outputting data to the computing device, a random number generator for generating a random number and a module processor operative to generate at least one cryptographic key using the generated random number, and to record an association between the received password linking the received password with the at least one cryptographic key in a data store accessible to the cryptographic module.Type: ApplicationFiled: December 21, 2010Publication date: June 21, 2012Applicants: Certicom Corp., Research In Motion LimitedInventors: Robert John LAMBERT, Christopher Lyle Bender
-
Patent number: 8195948Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: GrantFiled: December 23, 2010Date of Patent: June 5, 2012Assignees: Certicom Corp., Pitney Bowes Inc.Inventors: Scott Alexander Vanstone, Robert Phillip Gallant, Robert John Lambert, Leon A. Pinstov, Frederick W. Ryan, Jr., Ari Singer
-
Publication number: 20120079593Abstract: A method for hindering a cold boot attack on a user equipment (UE) is provided. The method includes, in response to detection of the cold boot attack, executing prioritized security procedures. A user equipment (UE) is also provided that includes a processor configured to execute prioritized security procedures responsive to detection of a cold boot attack.Type: ApplicationFiled: September 29, 2010Publication date: March 29, 2012Applicants: Certicom Corp., RESEARCH IN MOTION LIMITEDInventors: Neil Patrick Adams, Michael Stephen Brown, Robert John Lambert, Alfred John Menezes
-
Publication number: 20120011362Abstract: A system and method are provided which employs a key agreement scheme, wherein the agreed-upon-shared key is used in a protocol message in the authentication rather than being employed as a session key.Type: ApplicationFiled: July 6, 2011Publication date: January 12, 2012Applicant: Certicom Corp.Inventor: Robert John Lambert
-
Publication number: 20110270906Abstract: Techniques are disclosed for utilizing a block Montgomery machine designed only to operate at a fixed block length to perform operations using non-block length (flexible)moduli. In one embodiment, a new modulus n? is obtained having a block length equal to the fixed block length of the Montgomery machine or a multiple thereof. At least one modular additive operation is performed with the new modulus n?, and at least one modular multiplicative operation is performed with the non-block length modulus n. In this way, the result of the at least one additive operation is sufficiently reduced when a carry stems from the additive operation.Type: ApplicationFiled: April 30, 2010Publication date: November 3, 2011Applicant: Certicom Corp.Inventors: Robert John LAMBERT, Yuri Poeluev
-
Patent number: 8000470Abstract: A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: GrantFiled: May 12, 2008Date of Patent: August 16, 2011Assignee: Certicom Corp.Inventors: Scott Alexander Vanstone, Ashok Vadekar, Robert John Lambert, Robert Philip Gallant, Daniel Richard L. Brown, Alfred John Menezes
-
Publication number: 20110013768Abstract: A system and method are described that provide an alternative way in which to produce a Montgomery reduction from below by storing a new precomputed value used to substantially replace the ? and n values used in Montgomery reduction with a single value. By modifying the Montgomery reduction mechanism in this way, the number of multiplications and registers required to effect the Montgomery reduction can be reduced. To avoid having to store both ? and n, a modified reduction value or a logical shift or signed version of such a value can be used in place of ? and n for the bulk of the low-order reduction.Type: ApplicationFiled: July 19, 2010Publication date: January 20, 2011Applicant: CERTICOM CORP.Inventor: Robert John Lambert
-
Publication number: 20100223478Abstract: There are disclosed systems and methods for computing an exponentiatied message. In one embodiment blinding is maintained during the application of a Chinese Remainder Theorem (CRT) algorithm and then removed subsequent to the completion of the CRT algorithm. In another embodiment, fault injection attacks, such as the gcd attack, can be inhibited by applying and retaining blinding during the application of the CRT algorithm to yield a blinded exponentiation value, and then subsequently removing the blinding in a manner that causes an error injected into the CRT computation to cascade into the exponent of the value used to unblind the blinded exponentiated value.Type: ApplicationFiled: February 18, 2010Publication date: September 2, 2010Applicant: Certicom Corp.Inventors: Nevine Maurice Nassif Ebeid, Robert John Lambert
-
Publication number: 20100146028Abstract: A modulo reduction is performed on a value a represented as an ordered sequence of computer readable words. The lowest order words are eliminated by substituting an equivalent value represented by higher order words for each of the lower order words. The lowest order words are eliminated until the sequence has a word length corresponding to the modulus. Carries and borrows resulting from the substitution are propagated from lower order words to higher order words. Further reduction is performed to maintain the word length of the sequence to that of the modulus. The further reduction may be determined by examination of a carryover bit or may be performed a predetermined number of times without examination.Type: ApplicationFiled: October 30, 2009Publication date: June 10, 2010Applicant: Certicom Corp.Inventor: Robert John LAMBERT
-
Patent number: 6230179Abstract: A finite field multiplier with intrinsic modular reduction includes an interface unit (1208) that translates an n bit wide data path to a m bit wide data path where n is less than m. Also included is a finite field data unit (1204) with m bit wide registers that is coupled to a finte field control unit (1202). The finite field control unit (1202) includes a microsequencer (1402) and a finite state machine multiplier (1404). The microsequencer (1402) controls the finite state machine multiplier (1404) which performs a finite field multiply operation with intrinsic modular reduction and presents a finite field multiplication product to the finite field data unit (1204).Type: GrantFiled: December 24, 1997Date of Patent: May 8, 2001Assignees: Motorola, Inc., Certicom Corp.Inventors: James Douglas Dworkin, Michael John Torla, P. Michael Glaser, Ashok Vadekar, Robert John Lambert, Scott Alexander Vanstone
-
Patent number: 6199086Abstract: An elliptic curve (EC) processor circuit (120) comprising a finite field arithmetic logic unit (122), operation registers (124) an EC control unit (123) and a register file (127). A storage element (250) is coupled to the finite field arithmetic logic unit (122). The EC control unit (123) controls the various components of the EC processor circuit (120) to decompress a compressed one-bit representation of a Y coordinate of an elliptic curve point (X, Y). The EC control unit (123) controls the use of the operation register (124), the storage element (250) and the finite field arithmetic logic unit (122) to recursively compute the decompressed version of the compressed Y coordinate based upon the X coordinate and the compressed one-bit representation of the Y coordinate. The circuit and method employ minimal additional hardware and processing in an EC processor circuit (120).Type: GrantFiled: December 24, 1997Date of Patent: March 6, 2001Assignee: Motorola, Inc.Inventors: James Douglas Dworkin, Michael John Torla, P. Michael Glaser, Ashok Vadekar, Robert John Lambert, Scott Alexander Vanstone
-
Patent number: 6009450Abstract: A finite field inverse circuit has a finite field data unit (1112) and an inverse control unit (1110). The inverse control unit includes (1110) a k.sub.l and k.sub.u decrementer pair (1108, 1122), a k.sub.l -k.sub.u difference unit (1106), an inverse control finite state machine (1102), and a one-bit memory (1104) coupled to the inverse control finite state machine (1102). The finite field data unit (1112) includes four m bit wide registers that are shift registers designated as B (1120), A (1118), M (1114), and C (1116), where B- is a first register, A- is a second register, M- is a irreducible polynomial register, and C- is a field element register. An the irreducible polynomial is loaded left justified in the M-register, a field element to be inverted is loaded left justified in the C-register, and a single "1" is loaded in an LSB bit of the B-register. The field element is then inverted in 2n+2 system clock cycles where n is a field size associated with the field element.Type: GrantFiled: December 24, 1997Date of Patent: December 28, 1999Assignees: Motorola, Inc., Certicom Corp.Inventors: James Douglas Dworkin, P. Michael Glaser, Michael John Torla, Ashok Vadekar, Robert John Lambert, Scott Alexander Vanstone