Patents by Inventor Guido Bertoni
Guido Bertoni has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9485087Abstract: A method of performing a cryptographic operation including: receiving a plurality of binary input values; splitting the binary input values into a plurality of non-binary digits of base r, where r is an integer greater than 2 and not equal to a power of 2; and performing, by a cryptographic block on each of the plurality of non-binary digits, a different modulo r operation to generate at least one output digit) of base r.Type: GrantFiled: May 1, 2012Date of Patent: November 1, 2016Assignees: Proton World International N.V., STMicroelectronics S.r.l.Inventors: Gilles Van Assche, Joan Daemen, Guido Bertoni
-
Publication number: 20120284533Abstract: A method of performing a cryptographic operation including: receiving a plurality of binary input values; splitting the binary input values into a plurality of non-binary digits of base r, where r is an integer greater than 2 and not equal to a power of 2; and performing, by a cryptographic block on each of the plurality of non-binary digits, a different modulo r operation to generate at least one output digit) of base r.Type: ApplicationFiled: May 1, 2012Publication date: November 8, 2012Applicants: STMicroelectronics S.r.I., Proton World International N.V.Inventors: Gilles Van Assche, Joan Daemen, Guido Bertoni
-
Patent number: 8233619Abstract: Circuitry for encrypting at least a part of an input data flow and generating a tag based on the input data flow with the same ciphering algorithm and the same key, the algorithm including iterative computations by at least two operation units, the circuitry including a pipeline including an input selection unit arranged to receive first data values to generate encryption sequences with the ciphering algorithm, second data values to generate temporary tags with the ciphering algorithm and an output of the pipeline; a first stage arranged to receive an output of the input selection unit and including at least a first operation unit; and a second stage arranged to receive an output of the first stage, including at least a second operation unit and providing the output of the pipeline.Type: GrantFiled: June 7, 2006Date of Patent: July 31, 2012Assignees: STMicroelectronics S.r.l., STMicroelectronics Inc.Inventors: Guido Bertoni, Jefferson E. Owen
-
Publication number: 20120033806Abstract: The disclosure relates to a method of encrypting or of decrypting a binary data stream by generating a binary encryption stream and combining by a reversible logic operation each bit of the binary data stream with a bit of the binary encryption stream, the generation of the binary encryption stream including generating an input block by applying a cryptographic function using a secret key to a data block, and generating the binary encryption stream from the input block by combining the bits of the input block with each other by logic operations in a manner so as to prevent the input block from being determined from the binary encryption stream.Type: ApplicationFiled: August 2, 2011Publication date: February 9, 2012Applicants: STMICROELECTRONICS S.R.L., STMICROELECTRONICS (GRENOBLE 2) SASInventors: Guido Bertoni, Fabio Sozzani
-
Patent number: 8102997Abstract: A processor for executing a Rijndeal algorithm which applies a plurality of encryption rounds to a data block array in order to obtain an array of identical size, each round involving a key block array and a data block substitution table, wherein said processor comprises: a first input register (102) containing an input data block column; an output register (111) containing an output data block column or an intermediate block column; a second input register (101) containing a key block column or the intermediate data blocks; a block substitution element (104) receiving the data one block at a time following the selection (103) thereof in the first register and providing, for each block, a column of blocks; an element (109) applying a cyclic permutation to the substitution circuit column blocks; and an Exclusive-OR combination element (110) combining the permutation circuit column blocks with the content of the second register, the result of said combination being loaded into the output register.Type: GrantFiled: March 29, 2004Date of Patent: January 24, 2012Assignees: STMicroelectronics S.A., STMicroelectronics S.r.l.Inventors: Yannick Teglia, Fabrice Romain, Pierre-Yvan Liardet, Pasqualina Fragneto, Fabio Sozzani, Guido Bertoni
-
Patent number: 8000467Abstract: A method and device for encrypting and/or decrypting binary data blocks protecting both confidentiality and integrity of data sent to or received from a memory. The encryption method comprises steps of: applying to the input data block a reversible scrambling process, the scrambling process providing a scrambled data block in which the bits of the input data block are mixed so that a modification of one bit in the scrambled data block impacts on every bit of the input data block, and applying to the scrambled data block a stream cipher encryption algorithm providing an encrypted data block. Application can be made to secured integrated circuits requiring to securely store data in an external memory.Type: GrantFiled: March 19, 2007Date of Patent: August 16, 2011Assignees: STMicroelectronics SA, Ecole Nationale Superieure des Mines de Saint-Etienne, STMicroelectronics S.r.l., Porton World International N.V.Inventors: Reouven Elbaz, Joan Daemen, Guido Bertoni
-
Patent number: 7831039Abstract: Circuitry for encrypting at least a part of an input data flow and generating a tag based on the input data flow with the same ciphering algorithm and the same key including a first ciphering branch arranged to encrypt the at least part of the input data; a second ciphering branch arranged to generate the tag; and a single key schedule unit arranged to receive the key, to generate at least one sub-key based on the key and to provide the at least one sub-key to the first and second ciphering branches.Type: GrantFiled: June 7, 2006Date of Patent: November 9, 2010Assignees: STMicroelectronics S.r.l., STMicroelectronics Inc.Inventors: Guido Bertoni, Jefferson E. Owen
-
Patent number: 7801301Abstract: Data are converted between an unencrypted and an encrypted format according to the Rijndael algorithm, including a plurality of rounds. Each round is comprised of a fixed set of transformations applied to a two-dimensional array, designating states, of rows and columns of bit words. At least a part of the transformations are applied on a transposed version of the state, wherein rows and columns are transposed for the columns and rows, respectively.Type: GrantFiled: October 10, 2001Date of Patent: September 21, 2010Assignee: STMicroelectronics S.R.L.Inventors: Marco Macchetti, Stefano Marchesin, Umberto Bondi, Luca Breveglieri, Guido Bertoni, Pasqualina Fragneto
-
Publication number: 20080285745Abstract: A processor for executing a Rijndeal algorithm which applies a plurality of encryption rounds to a data block array in order to obtain an array of identical size, each round involving a key block array and a data block substitution table, wherein said processor comprises: a first input register (102) containing an input data block column; an output register (111) containing an output data block column or an intermediate block column; a second input register (101) containing a key block column or the intermediate data blocks; a block substitution element (104) receiving the data one block at a time following the selection (103) thereof in the first register and providing, for each block, a column of blocks; an element (109) applying a cyclic permutation to the substitution circuit column blocks; and an Exclusive-OR combination element (110) combining the permutation circuit column blocks with the content of the second register, the result of said combination being loaded into the output register.Type: ApplicationFiled: March 29, 2004Publication date: November 20, 2008Applicants: STMicroelectronics S.A., STMicroelectonics S.r.l.Inventors: Yannick Teglia, Fabrice Romain, Pierre-Yvan Liardet, Pasqualina Fragneto, Fabio Sozzani, Guido Bertoni
-
Publication number: 20080232581Abstract: A method and device for encrypting and/or decrypting binary data blocks protecting both confidentiality and integrity of data sent to or received from a memory. The encryption method comprises steps of: applying to the input data block a reversible scrambling process, the scrambling process providing a scrambled data block in which the bits of the input data block are mixed so that a modification of one bit in the scrambled data block impacts on every bit of the input data block, and applying to the scrambled data block a stream cipher encryption algorithm providing an encrypted data block. Application can be made to secured integrated circuits requiring to securely store data in an external memory.Type: ApplicationFiled: March 19, 2007Publication date: September 25, 2008Applicants: STMicroelectronics S.A., ECOLE NATIONALE SUPERIEURE DES MINES DE SAINT- ETIENNE, STMicroelectronics S.r.I., PROTON WORLD INTERNATIONAL N.V.Inventors: Reouven Elbaz, Joan Daemen, Guido Bertoni
-
Publication number: 20080016346Abstract: Cryptographic methods are known that involve the computation of a non-degenerate bilinear mapping of first and second elements one of which comprises a secret of a first entity. For a mapping implemented as, for example, a Tate pairing, the mapping is computable by applying a predetermined function to the first and second elements and then exponentiating the result with a known exponent. Improvements in respect of computational loading, size of output, and security are enabled for the first party by arranging for the first entity to carry out only part of the mapping, a second entity being used to complete computation of the mapping. Cryptographic applications using these improvements are also disclosed.Type: ApplicationFiled: December 21, 2005Publication date: January 17, 2008Inventors: Keith Harrison, Liqun Chen, Guido Bertoni, Pasqualina Fragneto, Gerardo Pelosi
-
Publication number: 20070286415Abstract: Circuitry for encrypting at least a part of an input data flow and generating a tag based on the input data flow with the same ciphering algorithm and the same key including a first ciphering branch arranged to encrypt the at least part of the input data; a second ciphering branch arranged to generate the tag; and a single key schedule unit arranged to receive the key, to generate at least one sub-key based on the key and to provide the at least one sub-key to the first and second ciphering branches.Type: ApplicationFiled: June 7, 2006Publication date: December 13, 2007Applicants: STMicroelectronics S.R.L., STMicroelectronics Inc.Inventors: Guido Bertoni, Jefferson E. Owen
-
Publication number: 20070286416Abstract: Circuitry for encrypting at least a part of an input data flow and generating a tag based on the input data flow with the same ciphering algorithm and the same key, the algorithm including iterative computations by at least two operation units, the circuitry including a pipeline including an input selection unit arranged to receive first data values to generate encryption sequences with the ciphering algorithm, second data values to generate temporary tags with the ciphering algorithm and an output of the pipeline; a first stage arranged to receive an output of the input selection unit and including at least a first operation unit; and a second stage arranged to receive an output of the first stage, including at least a second operation unit and providing the output of the pipeline.Type: ApplicationFiled: June 7, 2006Publication date: December 13, 2007Applicants: STMicroelectronics S.R.L., STMicroelectronics Inc.Inventors: Guido Bertoni, Jefferson E. Owen
-
Publication number: 20070260664Abstract: A computing method and circuit for computing a modular operation with at least one operand having a binary representation. Iteratively for each bit of this operand, doubling the value of an intermediate result stored in a first memory element by shifting the bits of the intermediate result towards the most significant bit and, while the most significant bit of the intermediate result is one, updating this intermediate result by subtracting a modulus stored in a second memory element.Type: ApplicationFiled: April 11, 2007Publication date: November 8, 2007Inventors: Guido Bertoni, Pasqualina Fragneto, Andrew Marsh, Gerardo Pelosi, Moris Ravasio
-
Publication number: 20070244944Abstract: A method of processing information to be confidentially transmitted from a first module to a second module provides that a first scalar multiplication may be carried out in order to obtain a first result [r]P). This first scalar multiplication comprises a plurality of generation steps of ordered factors from which a plurality of first partial sums are required to be built. The method also comprises the carrying out of a second scalar multiplication in order to obtain a second result. This second multiplication provides that a plurality of second partial sums may be built. A piece of encrypted information is obtained by processing the information based on the results of said scalar multiplications. The second partial sums of the second scalar multiplication use the same ordered factors obtained by the generation step of the first scalar multiplication.Type: ApplicationFiled: October 10, 2006Publication date: October 18, 2007Applicant: STMICROELECTRONICS S.R.L.Inventors: Guido Bertoni, Pasqualina Fragneto, Gerardo Pelosi, Keith Harrison, Liqun Chen
-
Publication number: 20070180241Abstract: An authentication method of a first module by a second module includes the steps of generating a first random datum by the second module to be sent to the first module, generating a first number by the first module starting from the first datum and by way of a private key, and generating a second number by the second module to be compared with the first number, so as to authenticate the first module. The step of generating the second number is performed starting from public parameters and is independent of the step of generating the first number.Type: ApplicationFiled: December 22, 2005Publication date: August 2, 2007Inventors: Liqun Chen, Keith Harrison, Guido Bertoni, Pasqualina Fragneto, Gerardo Pelosi
-
Patent number: 7206410Abstract: A circuit for computing the inner of scalar product of two vectors in a finite Galois field defined by a generator polynomial, wherein each vector includes at least two elements belonging to said finite field, comprises one or more look-up tables storing digital words indicative of said possible combinations and said possible reductions. The digital words in question are defined as a function of the second elements of said vectors and the generator polynomial of the field. The input register(s) and the look-up table(s) are configured to co-operate in a plurality of subsequent steps to generate at each step a partial product result identified by at least one of digital word addressed in a corresponding look-up table as a function of the digital signals stored in the input register(s). The circuit also includes an accumulator unit for adding up the partial results generated at each step to give a final product result deriving from accumulation of said partial results.Type: GrantFiled: October 10, 2001Date of Patent: April 17, 2007Assignee: STMicroelectronics S.r.l.Inventors: Guido Bertoni, Luca Breveglieri, Pasqualina Fragneto
-
Publication number: 20060008084Abstract: A method and an element for ciphering with an integrated processor data to be stored in a memory, including applying to each data block to be ciphered a ciphering algorithm which is a function of at least one key specific to the integrated circuit, and before applying the ciphering algorithm thereto, combining the data block to be ciphered with the result of a function of the storage address of the ciphered block in the memory, and/or of combining the key with the result of a function of the storage address of the ciphered block in the memory and of a digital quantity different from the ciphering key.Type: ApplicationFiled: July 6, 2005Publication date: January 12, 2006Applicants: Proton World International N.V., STMicroelectronics S.r.I.Inventors: Joan Daemen, Gilles Van Assche, Guido Bertoni
-
Publication number: 20050169464Abstract: A method for decrypting the encrypted messages sent by a transmission device to a first electronic device associated with a first trusted authority and to a second electronic device (ME). In one embodiment, first and second tokens are generated and exchanged, respectively, by the first and second electronic devices, which then generate a joint decryption key in order to decrypt the encrypted message.Type: ApplicationFiled: December 17, 2004Publication date: August 4, 2005Applicant: STMicroelectronics S.r.l.Inventors: Roberto Sannino, Fabio Sozzani, Guido Bertoni, Gerardo Pelosi, Pasqualina Fragneto
-
Patent number: RE44594Abstract: Data are converted between an unencrypted and an encrypted format according to the Rijndael algorithm, including a plurality of rounds. Each round is comprised of a fixed set of transformations applied to a two-dimensional array, designating states, of rows and columns of bit words. At least a part of the transformations are applied on a transposed version of the state, wherein rows and columns are transposed for the columns and rows, respectively.Type: GrantFiled: May 29, 2012Date of Patent: November 12, 2013Assignee: STMicroelectronics S.R.L.Inventors: Marco Macchetti, Stefano Marchesin, Umberto Bondi, Luca Breveglieri, Guido Bertoni, Pasqualina Fragneto