Patents by Inventor Robert Gallant
Robert Gallant has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20150006900Abstract: The present invention relates to data communication systems and protocols utilized in such systems.Type: ApplicationFiled: June 24, 2014Publication date: January 1, 2015Inventors: Robert GALLANT, Herb LITTLE, Scott A. VANSTONE, Adrian ANTIPA
-
Patent number: 8793500Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination.Type: GrantFiled: March 15, 2012Date of Patent: July 29, 2014Assignees: Certicom Corp., Pitney Bowes Inc.Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
-
Publication number: 20120233469Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination.Type: ApplicationFiled: March 15, 2012Publication date: September 13, 2012Applicants: PITNEY BOWES INC., CERTICOM CORP.Inventors: Scott Alexander VANSTONE, Robert GALLANT, Robert J. LAMBERT, Leon A. PINTSOV, Frederick W. RYAN, JR., Ari SINGER
-
Publication number: 20110093718Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: ApplicationFiled: December 23, 2010Publication date: April 21, 2011Applicants: CERTICOM CORP., PITNEY BOWES INC.Inventors: Scott Alexander VANSTONE, Robert GALLANT, Robert J. LAMBERT, Leon A. PINSTOV, Frederick W. RYAN, JR., Ari SINGER
-
Patent number: 7877610Abstract: A signature scheme is provided in which a message is divided into a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: GrantFiled: June 21, 2007Date of Patent: January 25, 2011Assignees: Certicom Corp., Pitney Bowes Inc.Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
-
Publication number: 20080141036Abstract: A signature scheme is provided in which a message is divided into a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: ApplicationFiled: June 21, 2007Publication date: June 12, 2008Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pinstov, Frederick W. Ryan, Ari Singer
-
Patent number: 7249259Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: GrantFiled: September 7, 1999Date of Patent: July 24, 2007Assignee: Certicom Corp.Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
-
Publication number: 20070076866Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDP operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: ApplicationFiled: November 14, 2005Publication date: April 5, 2007Inventors: Scott Vanstone, Robert Gallant, Daniel Brown
-
Publication number: 20070071237Abstract: Methods for choosing groups for a static Diffie-Hellman key agreement protocol to inhibit active attacks by an adversary are provided. In mod p groups, an even h is chosen of value approximately (9/16)(log2n)2, values r and n are determined using sieving and primality testing on r and n, and a value t is found to compute p=tn+1 wherein p is prime. In elliptic curve groups defined over a binary filed, a random curve is chosen, the number of points on the curve is counted and this number is checked for value of 2n wherein n is prime and n?1 meets preferred criteria. In elliptic curve groups defined over a prime field of order q, a value n=hr+1 is computed, wherein n is prime and n?1 meets preferred criteria, and a complex multiplication method is applied on n to produce a value q and an elliptic curve E defined over q and having an order n.Type: ApplicationFiled: November 14, 2005Publication date: March 29, 2007Inventors: Daniel Brown, Robert Gallant, Scott Vanstone
-
Publication number: 20070064932Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.Type: ApplicationFiled: January 18, 2006Publication date: March 22, 2007Inventors: Marinus Struik, Daniel Brown, Scott Vanstone, Robert Gallant, Adrian Antipa, Robert Lambert
-
Patent number: 7190789Abstract: A method and systems provided for basis conversion in a cryptographic system. The method comprises the steps of a first correspondent transmitting an element represented in the first basis to an intermediate processor, the intermediate processor converting the element into a second basis representation and forwarding the converted element to the first correspondent who then uses the converted element in a cryptographic operation. A further embodiment of the invention provides for the intermediate processor to perform the basis conversion on a field element and then forward the converted element to a second correspondent. A still further embodiment of the invention provides for the correspondents in a cryptographic scheme making use of a bit string as a function of a sequence of traces of a field element, wherein the bit string is a shared secret for performing certain cryptographic operations.Type: GrantFiled: August 22, 2001Date of Patent: March 13, 2007Assignee: Certicom Corp.Inventors: Robert Lambert, Robert Gallant, Ronald Mullin, Scott A. Vanstone
-
Patent number: 7110538Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism ?, where ?(Q)=?.Q for all points Q(x,y) on the elliptic curve: and using smaller representations ki of the scalar k in combination with the mapping ? to compute the scalar multiple of the elliptic curve point Q.Type: GrantFiled: June 22, 2001Date of Patent: September 19, 2006Assignee: Certicom Corp.Inventors: Robert Gallant, Robert Lambert, Scott A. Vanstone
-
Publication number: 20060140400Abstract: The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions.Type: ApplicationFiled: November 14, 2005Publication date: June 29, 2006Inventors: Daniel Brown, Robert Gallant, Scott Vanstone, Marinus Struik
-
Publication number: 20060029222Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism ?, where ?(Q)=?·Q for all points Q(x,y) on the elliptic curve; and using smaller representations ki of the scalar k in combination with the mapping y to compute the scalar multiple of the elliptic curve point Q.Type: ApplicationFiled: April 1, 2005Publication date: February 9, 2006Inventors: Robert Lambert, Robert Gallant, Scott Vanstone
-
Patent number: 6782100Abstract: A method for multiplication of a point P on elliptic curve E by a value k in order to derive a point kP comprises the steps of representing the number k as vector of binary digits stored in a register and forming a sequence of point pairs (P1, P2) wherein the point pairs differed most by P and wherein the successive series of point pairs are selected either by computing (2mP,(2m+1)P) from (mP,(m+1)P) or ((2m+1)P,(2m+2)P) from (mP,(m+1)P). The computations may be performed without using the y-coordinate of the points during the computation while allowing the y-coordinate to be extracted at the end of the computations, thus, avoiding the use of inversion operations during the computation and therefore, speeding up the cryptographic processor functions. A method is also disclosed for accelerating signature verification between two parties.Type: GrantFiled: October 2, 2000Date of Patent: August 24, 2004Assignee: Certicom Corp.Inventors: Scott Vanstone, Ronald Mullin, Adrian Antipa, Robert Gallant
-
Publication number: 20020057796Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism &psgr;, where &psgr; (Q)=&lgr;−Q for all points Q(x,y) on the elliptic curve; and using smaller representations ki of the scalar k in combination with the mapping &psgr; to compute the scalar multiple of the elliptic curve point Q.Type: ApplicationFiled: August 17, 2001Publication date: May 16, 2002Inventors: Robert J. Lambert, Robert Gallant, Scott A. Vanstone
-
Publication number: 20020044649Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism &PSgr;, where &PSgr;(Q)=&lgr;.Q for all points Q(x,y) on the elliptic curve: and using smaller representations ki of the scalar k in combination with the mapping &PSgr; to compute the scalar multiple of the elliptic curve point Q.Type: ApplicationFiled: June 22, 2001Publication date: April 18, 2002Applicant: CERTICOM CORP.Inventors: Robert Gallant, Robert Lambert, Scott A. Vanstone
-
Publication number: 20020025038Abstract: A method and systems provided for basis conversion in a cryptographic system. The method comprises the steps of a first correspondent transmitting an element represented in the first basis to an intermediate processor, the intermediate processor converting the element into a second basis representation and forwarding the converted element to the first correspondent who then uses the converted element in a cryptographic operation. A further embodiment of the invention provides for the intermediate processor to perform the basis conversion on a field element and then forward the converted element to a second correspondent. A still further embodiment of the invention provides for the correspondents in a cryptographic scheme making use of a bit string as a function of a sequence of traces of a field element, wherein the bit string is a shared secret for performing certain cryptographic operations.Type: ApplicationFiled: August 22, 2001Publication date: February 28, 2002Inventors: Robert Lambert, Robert Gallant, Ronald Mullin, Scott A. Vanstone
-
Patent number: 6349318Abstract: The present disclosure provides an arithmetic processor having an arithmetic logic unit having a plurality of arithmetic circuits each for performing a group of associated arithmetic operations, such as finite field operations, or modular integer operations. The arithmetic logic unit has an operand input data bus, for receiving operand data thereon and a result data output bus for returning the results of the arithmetic operations thereon. A register file is coupled to the operand data bus and the result data bus. The register file is shared by the plurality of arithmetic circuits. Further a controller is coupled to the ALU and the register file, the controller selecting one of the plurality of arithmetic circuits in response to a mode control signal requesting an arithmetic operation and for controlling data access between the register file and the ALU and whereby the register file is shared by the arithmetic circuits.Type: GrantFiled: October 14, 1999Date of Patent: February 19, 2002Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Robert J. Lambert, Robert Gallant, Aleksandar Jurisic, Ashok V. Vadekar