Patents by Inventor Robert J. Lambert
Robert J. Lambert has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20080177814Abstract: This invention describes a method for evaluating a polynomial in an extension field Fqm, wherein the method comprises the steps of partitioning the polynomial into a plurality of parts, each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; and computing for each part components of qth powers from components of smaller powers. A further embodiment of the invention provides for a method of converting a field element represented in terms of a first basis to its representation in a second basis, comprising the steps of partitioning a polynomial, being a polynomial in the second basis, into a plurality of parts, wherein each part is comprised of smaller polynomials using a qth power operation in a field of characteristic q; evaluating the polynomial at a root thereof by computing for each part components of qth powers from components of smaller powers; and evaluating the field element at the root of the polynomial.Type: ApplicationFiled: October 31, 2007Publication date: July 24, 2008Inventor: Robert J. Lambert
-
Publication number: 20080141036Abstract: A signature scheme is provided in which a message is divided into a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: ApplicationFiled: June 21, 2007Publication date: June 12, 2008Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pinstov, Frederick W. Ryan, Ari Singer
-
Patent number: 7372961Abstract: A potential bias in the generation or a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: GrantFiled: December 26, 2001Date of Patent: May 13, 2008Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Ashok Vadekar, Robert J. Lambert, Robert P. Gallant, Daniel R. Brown, Alfred Menezes
-
Patent number: 7372960Abstract: In general terms, the invention provides a finite field engine and methods for operating on elements in a finite field. The finite field engine provides finite field sub-engines suitable for any finite field size requiring a fixed number of machine words. The engine reuses these engines, along with some general purpose component or specific component providing modular reduction associated with the exact reduction (polynomial or prime) of a specific finite field. The engine has wordsized suitable code capable of adding, subtracting, multiplying, squaring, or inverting finite field elements, as long as the elements are representable in no more than the given number of words. The wordsized code produces unreduced values. Specific reduction is then applied to the unreduced value, as is suitable for the specific finite field. In this way, fast engines can be produced for many specific finite fields, without duplicating the bulk of the engine instructions (program).Type: GrantFiled: January 29, 2002Date of Patent: May 13, 2008Assignee: Certicom Corp.Inventor: Robert J. Lambert
-
Patent number: 7299253Abstract: This invention describes a method for evaluating a polynomial in an extension field FqM, wherein the method comprises the steps of partitioning the polynomial into a plurality of parts, each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; and computing for each part components of q-th powers from components of smaller powers. A further embodiment of the invention provides for a method of converting a field element represented in terms of a first basis to its representation in a second basis, comprising the steps of partitioning a polynomial, being a polynomial in the second basis, into a plurality of parts, wherein each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; evaluating the polynomial at a root thereof by computing for each part components of q-th powers from components of smaller powers; and evaluating the field element at the root of the polynomial.Type: GrantFiled: September 10, 2001Date of Patent: November 20, 2007Assignee: Certicom Corp.Inventor: Robert J. Lambert
-
Patent number: 7249259Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.Type: GrantFiled: September 7, 1999Date of Patent: July 24, 2007Assignee: Certicom Corp.Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
-
Patent number: 7215780Abstract: The applicants have recognized an alternate method of performing modular reduction that admits precomputation. The precomputation is enabled by approximating the inverse of the truncator T, which does not depend on the scalar. The applicants have also recognized that the representation of a scalar in a ?-adic representation may be optimized for each scalar that is needed. The applicants have further recognized that a standard rounding algorithm may be used to perform reduction modulo the truncator. In general terms, there is provided a method of reducing a scalar modulo a truncator, by pre-computing an inverse of the truncator. Each scalar multiplication then utilizes the pre-computed inverse to enable computation of the scalar multiplication without requiring a division by the truncator for each scalar multiplication.Type: GrantFiled: January 29, 2002Date of Patent: May 8, 2007Assignee: Certicom Corp.Inventors: Robert J. Lambert, Ashok Vadekar, Adrian Antipa
-
Patent number: 7092523Abstract: A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.Type: GrantFiled: July 10, 2001Date of Patent: August 15, 2006Assignee: Certicom Corp.Inventors: Farhad Pezeshki, Robert J. Lambert
-
Patent number: 7020281Abstract: A method for determining a result of a group operation performed an integral number of times on a selected element of the group, the method comprises the steps of representing the integral number as a binary vector; initializing an intermediate element to the group identity element; selecting successive bits, beginning with a left most bit, of the vector. For each of the selected bits; performing the group operation on the intermediate element to derive a new intermediate element; replacing the intermediate element with the new intermediate element; performing the group operation on the intermediate element and an element, selected from the group consisting of: the group element if the selected bit is a one; and an inverse element of the group element if the selected bit is a zero; replacing the intermediate element with the new intermediate element.Type: GrantFiled: January 18, 2001Date of Patent: March 28, 2006Assignee: Certicom Corp.Inventors: Ashok Vadekar, Robert J. Lambert
-
Patent number: 6925564Abstract: A digital signature scheme for a “smart” card utilizes a set of prestored signing elements and combines pairs of the elements to produce a new session pair. The combination of the elements is performed partly on the card and partly on the associated transaction device so that the exchange of information between card and device does not disclose the identity of the signing elements. The signing elements are selected in a deterministic but unpredictable manner so that each pair of elements is used once. Further signing pairs are generated by implementing the signing over an anomalous elliptic curve encryption scheme and applying a Frobenius Operator to the normal basis representation of one of the elements.Type: GrantFiled: November 5, 1999Date of Patent: August 2, 2005Assignee: Certicom Corp.Inventors: Ronald C. Mullin, Scott A. Vanstone, Robert J. Lambert, Rob Gallant
-
Publication number: 20030194086Abstract: A method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. Each of the plurality of parts is combined with the random value to derive a plurality of new values such that the new values when combined are equivalent to the secret value. Each of the new values is used in the cryptographic operation, thereby using the secret generator in place of the generator G in the cryptographic operation. The introduction of randomness facilitates the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks.Type: ApplicationFiled: April 11, 2002Publication date: October 16, 2003Inventor: Robert J. Lambert
-
Patent number: 6607632Abstract: A one-part adhesive composition for bonding glass including: (a) a cyanoacrylate monomer; (b) 15 to 60% w/w of at least one plasticizer by weight of the composition; (c) 0.01% to 5.0% w/w of at least one silane by weight of the composition.Type: GrantFiled: February 12, 1999Date of Patent: August 19, 2003Assignee: Loctite (R&D) LimitedInventors: Patrick F. McDonnell, Robert J. Lambert, Edward P. Scott, Gerard M. Wren, Marie McGuinness
-
Publication number: 20030123654Abstract: In general terms, the invention provides a finite field engine and methods for operating on elements in a finite field. The finite field engine provides finite field sub-engines suitable for any finite field size requiring a fixed number of machine words. The engine reuses these engines, along with some general purpose component or specific component providing modular reduction associated with the exact reduction (polynomial or prime) of a specific finite field. The engine has wordsized suitable code capable of adding, subtracting, multiplying, squaring, or inverting finite field elements, as long as the elements are representable in no more than the given number of words. The wordsized code produces unreduced values. Specific reduction is then applied to the unreduced value, as is suitable for the specific finite field. In this way, fast engines can be produced for many specific finite fields, without duplicating the bulk of the engine instructions (program).Type: ApplicationFiled: January 29, 2002Publication date: July 3, 2003Inventor: Robert J. Lambert
-
Publication number: 20030123655Abstract: The applicants have recognized an alternate method of performing modular reduction that admits precomputation. The precomputation is enabled by approximating the inverse of the truncator T, which does not depend on the scalar.Type: ApplicationFiled: January 29, 2002Publication date: July 3, 2003Inventors: Robert J. Lambert, Ashok Vadekar, Adrian Antipa
-
Patent number: 6487660Abstract: A method of authenticating a pair of correspondents C,S to permit the exchange of information therebetween, each of the correspondents having a respective private key, e, d and a public key, Qu, and Qs derived from a generator element of a group and a respective ones of the private keys e,d, the method comprising the steps of: a first of the correspondents C generating a session value x; the first correspondent generating a private value t, a public value derived from the private value t and the generator and a shared secret value derived from the private value t and the public key Qs of the second correspondent; the second correspondent generating a challenge value y and transmitting the challenge value y to the first correspondent; the first correspondent in response thereto computing a value h by applying a function H to the challenge value y, the session value x, the public value an of the first correspondent; the first correspondent signing the value h utilizing the private key e; the first correspondentType: GrantFiled: November 2, 1999Date of Patent: November 26, 2002Assignee: Certicon Corp.Inventors: Scott Alexander Vanstone, Donald B. Johnson, Robert J. Lambert, Ashok Vadekar
-
Patent number: 6430690Abstract: A protocol for authenticating at least one of a pair of first and second correspondents C and T in a data communication system, the method comprising the steps or storing a public key in the first correspondent C; computing a shared secret by the second correspondent T incorporating the public key C; storing the shared secret in the first correspondent C: the second correspondent T generating a challenge value a; the first correspondent C transmitting to the second correspondent T information including the stored public key C; the second correspondent T computing a test shared secret from the received public key C; the first and second correspondents computing response signals using the challenge value z and the shared secret in a one-way function fr; and the first correspondent C transmitting the computed response signal to the second correspondent T whereby the second correspondent verifies the first correspondent.Type: GrantFiled: July 28, 2000Date of Patent: August 6, 2002Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Ashok V. Vadekar, Robert J. Lambert, Robert P. Gallant
-
Publication number: 20020090085Abstract: A potential bias in the generation or a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: ApplicationFiled: December 26, 2001Publication date: July 11, 2002Inventors: Scott A. Vanstone, Ashok Vadekar, Robert J. Lambert, Robert P. Gallant, Daniel R. Brown, Alfred Menezes
-
Publication number: 20020057796Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism &psgr;, where &psgr; (Q)=&lgr;−Q for all points Q(x,y) on the elliptic curve; and using smaller representations ki of the scalar k in combination with the mapping &psgr; to compute the scalar multiple of the elliptic curve point Q.Type: ApplicationFiled: August 17, 2001Publication date: May 16, 2002Inventors: Robert J. Lambert, Robert Gallant, Scott A. Vanstone
-
Publication number: 20020041682Abstract: This invention describes a method for evaluating a polynomial in an extension field FqM, wherein the method comprises the steps of partitioning the polynomial into a plurality of parts, each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; and computing for each part components of q-th powers from components of smaller powers. A further embodiment of the invention provides for a method of converting a field element represented in terms of a first basis to its representation in a second basis, comprising the steps of partitioning a polynomial, being a polynomial in the second basis, into a plurality of parts, wherein each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; evaluating the polynomial at a root thereof by computing for each part components of q-th powers from components of smaller powers; and evaluating the field element at the root of the polynomial.Type: ApplicationFiled: September 10, 2001Publication date: April 11, 2002Inventor: Robert J. Lambert
-
Publication number: 20020029346Abstract: A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.Type: ApplicationFiled: July 10, 2001Publication date: March 7, 2002Inventors: Farhad Pezeshki, Robert J. Lambert