Patents by Inventor Robert P. Gallant
Robert P. Gallant has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8806197Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.Type: GrantFiled: May 23, 2012Date of Patent: August 12, 2014Assignee: Certicom Corp.Inventors: Marinus Struik, Daniel R. Brown, Scott A. Vanstone, Robert P. Gallant, Adrian Antipa, Robert J. Lambert
-
Patent number: 8788827Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.Type: GrantFiled: September 14, 2012Date of Patent: July 22, 2014Assignee: Certicom Corp.Inventors: Marinus Struik, Daniel R. Brown, Scott A. Vanstone, Robert P. Gallant, Adrian Antipa, Robert J. Lambert
-
Patent number: 8782400Abstract: A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points.Type: GrantFiled: June 13, 2012Date of Patent: July 15, 2014Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Patent number: 8634562Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: GrantFiled: September 14, 2012Date of Patent: January 21, 2014Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Robert P. Gallant, Daniel R. L. Brown
-
Patent number: 8588409Abstract: Methods for choosing groups for a static Diffie-Hellman key agreement protocol to inhibit active attacks by an adversary are provided. In mod p groups, an even h is chosen of value approximately ( 9/16)(log2n)2, values r and n are determined using sieving and primality testing on r and n, and a value t is found to compute p=tn+1 wherein p is prime. In elliptic curve groups defined over a binary filed, a random curve is chosen, the number of points on the curve is counted and this number is checked for value of 2n wherein n is prime and n?1 meets preferred criteria. In elliptic curve groups defined over a prime field of order q, a value n=hr+1 is computed, wherein n is prime and n?1 meets preferred criteria, and a complex multiplication method is applied on n to produce a value q and an elliptic curve E defined over q and having an order n.Type: GrantFiled: November 14, 2005Date of Patent: November 19, 2013Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone
-
Publication number: 20130246805Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: ApplicationFiled: September 14, 2012Publication date: September 19, 2013Applicant: CERTICOM CORP.Inventors: Scott A. VANSTONE, Robert P. GALLANT, Daniel R.L. BROWN
-
Publication number: 20130064367Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.Type: ApplicationFiled: September 14, 2012Publication date: March 14, 2013Inventors: Marinus Struik, Daniel R. Brown, Scott A. Vanstone, Robert P. Gallant, Adrian Antipa, Robert J. Lambert
-
Patent number: 8335317Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: GrantFiled: November 14, 2005Date of Patent: December 18, 2012Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Robert P. Gallant, Daniel R. L. Brown
-
Publication number: 20120314855Abstract: A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points.Type: ApplicationFiled: June 13, 2012Publication date: December 13, 2012Applicant: Certicom Corp.Inventors: Daniel R.L Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Publication number: 20120230494Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.Type: ApplicationFiled: May 23, 2012Publication date: September 13, 2012Inventors: Marinus Struik, Daniel R. Brown, Scott A. Vanstone, Robert P. Gallant, Adrian Antipa, Robert J. Lambert
-
Patent number: 8204232Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.Type: GrantFiled: January 18, 2006Date of Patent: June 19, 2012Assignee: Certicom Corp.Inventors: Marinus Struik, Daniel R. Brown, Scott A. Vanstone, Robert P. Gallant, Adrian Antipa, Robert J. Lambert
-
Publication number: 20110268270Abstract: A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: ApplicationFiled: July 12, 2011Publication date: November 3, 2011Applicant: Certicom Corp.Inventors: Scott A. Vanstone, Ashok Vadekar, Robert J. Lambert, Robert P. Gallant, Daniel R. Brown, Alfred Menezes
-
Publication number: 20110060909Abstract: The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions.Type: ApplicationFiled: November 12, 2010Publication date: March 10, 2011Applicant: CERTICOM CORP.Inventors: Daniel R.L. Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Patent number: 7844051Abstract: The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions.Type: GrantFiled: November 14, 2005Date of Patent: November 30, 2010Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Publication number: 20090323944Abstract: A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: ApplicationFiled: May 12, 2008Publication date: December 31, 2009Inventors: Scott A. VANSTONE, Ashok VADEKAR, Robert J. LAMBERT, Robert P. GALLANT, Daniel R. BROWN, Alfred MENEZES
-
Patent number: 7372961Abstract: A potential bias in the generation or a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: GrantFiled: December 26, 2001Date of Patent: May 13, 2008Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Ashok Vadekar, Robert J. Lambert, Robert P. Gallant, Daniel R. Brown, Alfred Menezes
-
Patent number: 6738478Abstract: This invention provides a method of computing a multiple k of a point P on an elliptic curve defined over a field, the method including the steps of representing the number k as binary vector k1, forming an ordered pair of point P1 and P2, wherein the points P1 and P2 differ at most by P, and selecting each of the bits ki in sequence, and for each of the ki, upon ki being a 0, computing a new set of points P1′, P2′ by doubling the first point P1 to generate the point P1′ and adding the points P1 and P2 to generate the point P2′ or upon ki being a 1, computing a new set of points P1′, P2′ by doubling the second point P2 to generate the point P2′ and adding the points P1 and P2 to produce the point P1′, whereby the doubles or adds are always performed in the same order for each of the bits bi, thereby minimizing a timing attack on the method. An embodiment of the invention applies to both multiplicative and additive groups.Type: GrantFiled: September 5, 2000Date of Patent: May 18, 2004Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Robert P. Gallant
-
Patent number: 6430690Abstract: A protocol for authenticating at least one of a pair of first and second correspondents C and T in a data communication system, the method comprising the steps or storing a public key in the first correspondent C; computing a shared secret by the second correspondent T incorporating the public key C; storing the shared secret in the first correspondent C: the second correspondent T generating a challenge value a; the first correspondent C transmitting to the second correspondent T information including the stored public key C; the second correspondent T computing a test shared secret from the received public key C; the first and second correspondents computing response signals using the challenge value z and the shared secret in a one-way function fr; and the first correspondent C transmitting the computed response signal to the second correspondent T whereby the second correspondent verifies the first correspondent.Type: GrantFiled: July 28, 2000Date of Patent: August 6, 2002Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Ashok V. Vadekar, Robert J. Lambert, Robert P. Gallant
-
Publication number: 20020090085Abstract: A potential bias in the generation or a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.Type: ApplicationFiled: December 26, 2001Publication date: July 11, 2002Inventors: Scott A. Vanstone, Ashok Vadekar, Robert J. Lambert, Robert P. Gallant, Daniel R. Brown, Alfred Menezes
-
Patent number: 5518932Abstract: The process of preparing higher aluminum alkyls by olefin chain growth on alkyl aluminum is improved by using on-line flow-through calorimetry to determine the aluminum concentration of a process stream, such as the aluminum alkyl feed stream, by reacting a sample portion of the process stream with a molar excess of alcohol and measuring the change in temperature. The aluminum concentration of the stream can then be adjusted as required to maintain it within a selected range.Type: GrantFiled: June 21, 1993Date of Patent: May 21, 1996Assignee: Albemarle CorporationInventors: Robert P. Gallant, Isaac L. Smith, Joseph B. Tedder, Jr., Lloyd T. Crasto, George A. Daniels