Abstract: A system, method and elliptic curve cryptography scheme having a fault injection attack resistant protocol. The cryptographic scheme has a first arithmetic operation having at least one of a single input bit, a single output bit, or a single output bit-string that is vulnerable to a fault injection attack. The protocol includes: performing a first arithmetic operation to determine a first output; performing a second arithmetic operation to determine a second output, the second arithmetic operation being a variant of the first arithmetic operation; and comparing the first output and the second output, and if the comparison is incompatible, outputting an invalidity condition, otherwise, outputting the first output.

Abstract: A system, method and elliptic curve cryptography scheme using an Edwards-form elliptic curve. The elliptic curve cryptography scheme having a blinding protocol resistant to differential side channel attacks. The elliptic curve defined over field F and having a point P with coordinates located on the elliptic curve. The blinding protocol including: randomly selecting a random element I; and determining coordinates of a blinded point PB by performing a multiplication of a random element I by at least one of the coordinates of point P.

Abstract: A method and protocol for determining linear combinations of a first and second point for an elliptic curve cryptography scheme, including determining a first scalar multiplication of the first point with a first scalar, the first scalar multiplication including performing iteratively in relation to the value of the first scalar either one of: doubling of the first point in Jacobian projective coordinates; or mixed addition with the first point in affine coordinates; determining a combination point by adding the second point to the resultant of the first scalar multiplication; obtaining an affine coordinate representation of the combination point; determining a second scalar multiplication of the combination point with a second scalar, the second scalar multiplication including performing iteratively in relation to the value of the second scalar either one of: doubling of the combination point in Jacobian projective coordinates; or mixed addition with the combination point in affine coordinates.

Abstract: There is provided an elliptic curve cryptographic scheme for permitting secure communications between two or more cryptographic correspondent devices, with a simple side-channel attack countermeasure. The cryptographic scheme includes: transforming a point to Jacobian projective coordinates; constant-time scalar multiplication of the point by a parameter; and transforming the resultant of the scalar multiplication to affine coordinates. The scalar multiplication including: performing iteratively to the value of the parameter either one of: doubling of the point and multiplying any two random field elements; or mixed addition of the point.

Abstract: A method, system and elliptic curve cryptographic scheme for permitting secure communications between two or more cryptographic correspondent devices, the cryptographic scheme including a plurality of cryptographic operations applied to cryptographic parameters, the cryptographic operations including scalar multiplication of a point and a parameter, the elliptic curve cryptographic scheme characterized by selectively applying countermeasures and optimizations to the scalar multiplications by: applying a simple side-channel attack countermeasure for scalar multiplications that include a secret parameter as the parameter; applying a differential side-channel attack countermeasure for scalar multiplications when the elliptic curve point is not a generator point of the elliptic curve; and selectively applying optimizations.

Abstract: Elliptic curve cryptographic schemes performed between a pair of cryptographic correspondent computing devices. In an aspect, a first entity generates a first basis point in a first selected basis being, either a first basis (A) or a second basis (B), and performs a first key generation in the selected basis. A second entity receives the public key and determines the product of a predetermined scalar in a second selected basis being either the first basis (A) or the second basis (B) and one of the first auxiliary points. If the product is an identity point, performs second key generation in the second selected basis, otherwise performing second key generation in either of the first basis (A) or the second basis (B). A common key is generated using the private keys and public keys. In another aspect, a scheme is performed symmetrically between two entities to generate a common key.

Abstract: The present invention relates to data communication systems and protocols utilized in such systems.

Abstract: Systems and methods for cryptographic suite management are described. A system for cryptographic suite management has a cryptographic suite management unit comprising a series of APIs enabling diverse applications to call cryptographic functions. The system enables: multiple applications on an interface to access shared cryptographic resources; applications across multiple devices to share and license cryptographic resources between devices; encryption, decryption and sharing of data between devices having different cryptographic implementations; the definition, distribution and enforcement of policies governing the terms of use for cryptographic implementations, systems and methods to secure and protect shared and dynamically loaded cryptographic providers; use by an application of multiple cryptographic resources and the management of cryptographic provider bundles and associated policies across one or many cryptographic suite management unit instances.