Patents by Inventor Jeffrey Hoffstein
Jeffrey Hoffstein has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220385479Abstract: A PQ signature scheme MMSAT that is capable of aggregating and compressing unrelated messages signed individually by different parties. The scheme extends the notion of multi-signatures, which are signatures that support aggregation of signatures on a single message signed by multiple parties.Type: ApplicationFiled: September 11, 2020Publication date: December 1, 2022Inventors: Jeffrey HOFFSTEIN, Joseph SILVERMAN, Berk SUNAR, Yarkin DOROZ
-
Patent number: 10924287Abstract: A method is set forth for signing and subsequently verifying a plurality of digital messages, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q, a relatively smaller integer p that is coprime with q, and a Gaussian function parameter; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse of f mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a plurality of message digests by hashing each of the digital messages with the public key; for each message digest, producing a digital signature using the message digest, the private key, and a Gaussian noise polynomial related to the Gaussian function parameter; and performing a batch verification procedure utilizing the plurality of digital signatures and the publicType: GrantFiled: June 22, 2018Date of Patent: February 16, 2021Assignee: OnBoard Security, Inc.Inventors: Jeffrey Hoffstein, Jill Pipher, William J Whyte, Zhenfei Zhang
-
Publication number: 20200228309Abstract: Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring Fq[x] and selecting a polynomial h(y) of exact degree n in a ring Fq[y]. The method includes constructing an isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and constructing an inverse isomorphism from the ring Fq[y]/(h(y)) to the ring Fq[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.Type: ApplicationFiled: January 15, 2020Publication date: July 16, 2020Inventors: Jeffrey HOFFSTEIN, Joseph H. SILVERMAN
-
Patent number: 10560257Abstract: Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring Fq[x] and selecting a polynomial h(y) of exact degree n in a ring Fq[y]. The method includes constructing an isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and constructing an inverse isomorphism from the ring Fq[y]/(h(y)) to the ring Fq[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.Type: GrantFiled: July 8, 2016Date of Patent: February 11, 2020Assignee: BROWN UNIVERSITYInventors: Jeffrey Hoffstein, Joseph H. Silverman
-
Patent number: 10277403Abstract: A method for signing and subsequently verifying a digital message, including the following steps: generating an irreducible monic polynomial f(x) of degree n in a ring Fq[x]; generating an irreducible monic polynomial F(y) of degree n in a ring Fq[y]; producing first and second finite fields as Fq[x]/(f(x)) and Fq[y]/(F(y)), respectively; producing a secret isomorphism from the first finite field to the second finite field; producing and publishing a public key that depends on F(y); producing a private key that depends on the secret isomorphism; producing a message digest by applying a hash function to the digital message and the public key; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key.Type: GrantFiled: February 24, 2017Date of Patent: April 30, 2019Assignee: Onboard Security, Inc.Inventors: Jeffrey Hoffstein, Jill Pipher, Joseph H Silverman, William J Whyte, Zhenfei Zhang
-
Publication number: 20190020486Abstract: A method is set forth for signing and subsequently verifying a plurality of digital messages, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q, a relatively smaller integer p that is coprime with q, and a Gaussian function parameter; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse off mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a plurality of message digests by hashing each of the digital messages with the public key; for each message digest, producing a digital signature using the message digest, the private key, and a Gaussian noise polynomial related to the Gaussian function parameter; and performing a batch verification procedure utilizing the plurality of digital signatures and the public kType: ApplicationFiled: June 22, 2018Publication date: January 17, 2019Inventors: Jeffrey Hoffstein, Jill Pipher, William J. Whyte, Zhenfei Zhang
-
Publication number: 20180212750Abstract: Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring Fq[x] and selecting a polynomial h(y) of exact degree n in a ring Fq[y]. The method includes constructing an isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and constructing an inverse isomorphism from the ring Fq[y]/(h(y)) to the ring Fq[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.Type: ApplicationFiled: July 8, 2016Publication date: July 26, 2018Inventors: Jeffrey HOFFSTEIN, Joseph H. SILVERMAN
-
Publication number: 20170250819Abstract: A method for signing and subsequently verifying a digital message, including the following steps: generating an irreducible monic polynomial f(x) of degree n in a ring Fq[x]; generating an irreducible monic polynomial F(y) of degree n in a ring Fq[y]; producing first and second finite fields as Fq[x]/(f(x)) and Fq[y]/(F(y)), respectively; producing a secret isomorphism from the first finite field to the second finite field; producing and publishing a public key that depends on F(y); producing a private key that depends on the secret isomorphism; producing a message digest by applying a hash function to the digital message and the public key; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key.Type: ApplicationFiled: February 24, 2017Publication date: August 31, 2017Inventors: Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman, William J. Whyte, Zhenfei Zhang
-
Patent number: 9722798Abstract: A method for signing and subsequently verifying a digital message, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q and a relatively smaller integer p that is coprime with q; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse of f mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a message digest by applying a hash function to the digital message; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key to determine whether the signature is valid.Type: GrantFiled: January 5, 2015Date of Patent: August 1, 2017Assignee: Security Innovation Inc.Inventors: Jeffrey Hoffstein, Jill Pipher, John M Schanck, Joseph H Silverman, William J Whyte
-
Patent number: 9634840Abstract: A method for signing a digital message, including the following steps: selecting parameters that include first and second primes, a ring of polynomials related to the primes, and at least one range-defining integer; deriving private and public keys respectively related to a random polynomial private key of the ring of polynomials, and to evaluations of roots of unity of the random polynomial to obtain a public key set of integers; storing the private key and publishing the public key; signing the digital message by: (A) generating a noise polynomial, (B) deriving a candidate signature by obtaining a hash of the digital message and the public key evaluated at the noise polynomial, and determining the candidate signature using the private key, a polynomial derived from the hash, and the noise polynomial, (C) determining whether the coefficients of the candidate signature are in a predetermined range dependent on the at least one range-defining integer, and (D) repeating steps (A) through (C) until the criterionType: GrantFiled: July 22, 2014Date of Patent: April 25, 2017Assignee: Security Innovation Inc.Inventors: Jeffrey Hoffstein, John M Schanck, Joseph H Silverman, William J Whyte
-
Publication number: 20150229478Abstract: A method for signing and subsequently verifying a digital message, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q and a relatively smaller integer p that is coprime with q; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse of f mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a message digest by applying a hash function to the digital message; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key to determine whether the signature is valid.Type: ApplicationFiled: January 5, 2015Publication date: August 13, 2015Inventors: Jeffrey Hoffstein, Jill Pipher, John M Schanck, Joseph H Silverman, William J Whyte
-
Publication number: 20150033025Abstract: A method for signing a digital message, including the following steps: selecting parameters that include first and second primes, a ring of polynomials related to the primes, and at least one range-defining integer; deriving private and public keys respectively related to a random polynomial private key of the ring of polynomials, and to evaluations of roots of unity of the random polynomial to obtain a public key set of integers; storing the private key and publishing the public key; signing the digital message by: (A) generating a noise polynomial, (B) deriving a candidate signature by obtaining a hash of the digital message and the public key evaluated at the noise polynomial, and determining the candidate signature using the private key, a polynomial derived from the hash, and the noise polynomial, (C) determining whether the coefficients of the candidate signature are in a predetermined range dependent on the at least one range-defining integer, and (D) repeating steps (A) through (C) until the criterionType: ApplicationFiled: July 22, 2014Publication date: January 29, 2015Inventors: Jeffrey Hoffstein, John M Schanck, Joseph H Silverman, William J Whyte
-
Publication number: 20130058483Abstract: A method is set forth for encrypting and decrypting a message, including: selecting a plurality of integers and a plurality of vectors, and deriving therefrom a public key that includes a collection of vectors and a private key; selecting a message, in the form of a vector; selecting a vector of random weights; deriving a preliminary encrypted message, in the form of a vector, as a function of the selected message, the public key, and the random weights; evaluating the preliminary encrypted message to derive a normalizing value; combining the preliminary encrypted message and the normalizing value, to obtain a security-enhanced encrypted message; and decrypting the security-enhanced encrypted message using the private key, to recover the selected message.Type: ApplicationFiled: August 9, 2012Publication date: March 7, 2013Inventors: William J. Whyte, Jeffrey Hoffstein
-
Patent number: 7913088Abstract: A signing technique of a disclosed identification/digital signature method hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring, while a disclosed verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties. In an embodiment of the identification/digital signature scheme hereof that employs a quotient ring of polynomials, the security also relies on the experimentally observed fact that for most lattices, it is very difficult to find a vector whose length is only a little bit longer than the shortest vector, and it is also difficult to find a lattice vector that is quite close to a randomly chosen nonlattice vector.Type: GrantFiled: November 20, 2007Date of Patent: March 22, 2011Assignee: NTRU Cryptosystmes, Inc.Inventors: Jeffrey Hoffstein, Nicholas A. Howgrave-Graham, Jill C. Pipher, Joseph H. Silverman, William J. Whyte
-
Publication number: 20090070590Abstract: A signing technique of a disclosed identification/digital signature method hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring, while a disclosed verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties. In an embodiment of the identification/digital signature scheme hereof that employs a quotient ring of polynomials, the security also relies on the experimentally observed fact that for most lattices, it is very difficult to find a vector whose length is only a little bit longer than the shortest vector, and it is also difficult to find a lattice vector that is quite close to a randomly chosen nonlattice vector.Type: ApplicationFiled: November 20, 2007Publication date: March 12, 2009Inventors: Jeffrey Hoffstein, Nicholas A. Howgrave-Graham, Jill C. Pipher, Joseph H. Silverman, William J. Whyte
-
Patent number: 7308097Abstract: A method, system and apparatus for performing user identification, digital signatures and other secure communication functions in which keys are chosen essentially at random from a large set of vectors and key lengths are comparable to the key lengths in other common identification and digital signature schemes at comparable security levels. The signing technique of an embodiment of the identification/digital signature scheme hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring; while the verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties.Type: GrantFiled: December 6, 2002Date of Patent: December 11, 2007Assignee: NTRU Cryptosystems, Inc.Inventors: Jeffrey Hoffstein, Nicholas A. Howgrave-Graham, Jill C. Pipher, Joseph H. Silverman, William J. Whyte
-
Patent number: 7031468Abstract: A method for performing a cryptographic operation involving transforming digital information is described. A digital operator is provided that has a component selected from a large set of elements. The component is expanded into a plurality of factors, each factor having a low Hamming weight. Digital information is transformed using the digital operator. Computer readable medium embody instructions for the method.Type: GrantFiled: August 24, 2001Date of Patent: April 18, 2006Assignee: NTRU Cryptosystems, Inc.Inventors: Jeffrey Hoffstein, Joseph H. Silverman
-
Patent number: 6959085Abstract: A method for authenticating, by a second user, the identity of a first user, that includes a challenge communication from the second user to the first user, a response communication from the first user to the second user, and a verification by the second user, includes the steps: selection by the first user of a private key f in a ring R and a public key that includes ?(f) in a ring B that is mapped from f using the ring homomorphism ?: R?B, and publication by the first user of the public key; generation of the challenge communication by the second user that includes selection of a challenge c in the ring R; generation of the response communication by the first user that includes computation of a response comprising h in the ring R, where h is a function of c and f; and performing of a verification by the second user that includes determination of ?(c) from c, ?(h) from h, and an evaluation that depends on ?(h), ?(c) and ?(f).Type: GrantFiled: May 3, 2000Date of Patent: October 25, 2005Assignee: NTRU Cryptosystems, Inc.Inventors: Jeffrey Hoffstein, Joseph H. Silverman, Daniel Lieman
-
Publication number: 20030120929Abstract: A method, system and apparatus for performing user identification, digital signatures and other secure communication functions in which keys are chosen essentially at random from a large set of vectors and key lengths are comparable to the key lengths in other common identification and digital signature schemes at comparable security levels. The signing technique of an embodiment of the identification/digital signature scheme hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring; while the verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties.Type: ApplicationFiled: December 6, 2002Publication date: June 26, 2003Applicant: NTRU Cryptosystems, IncorporatedInventors: Jeffrey Hoffstein, Nicholas A. Howgrave-Graham, Jill C. Pipher, Joseph H. Silverman, William J. Whyte
-
Publication number: 20020136401Abstract: Methods, systems and computer readable media for signing and verifying a digital message m are described. First, ideals p and q of a ring R are selected. Elements f and g of the ring R are generated, followed by generating an element F, which is an inverse of f, in the ring R. A public key h is produced, where h is equal to a product that can be calculated using g and F. Then, a private key that includes f is produced. A digital signature s is signed to the message m using the private key. The digital signature is verified by confirming one or more specified conditions using the message m and the public key h. A second user also can authenticate the identity of a first user. A challenge communication that includes selection of a challenge m in the ring R is generated by the second user. A response communication that includes computation of a response s in the ring R, where s is a function of m and f, is generated by the first user.Type: ApplicationFiled: March 20, 2001Publication date: September 26, 2002Inventors: Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman