Abstract: A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key.

Abstract: A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to the communication network and the trusted network.

Abstract: A signature scheme is provided in which a message is divided into a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.

Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion.

Abstract: A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to the communication network and the trusted network.

Abstract: A method of authenticating a pair of correspondents C,S to permit the exchange of information therebetween, each of the correspondents having a respective private key, e, d and a public key, Qu, and Qs derived from a generator element of a group and a respective ones of the private keys e,d, the method comprising the steps of: a first of the correspondents C generating a session value x; the first correspondent generating a private value t, a public value derived from the private value t and the generator and a shared secret value derived from the private value t and the public key Qs of the second correspondent; the second correspondent generating a challenge value y and transmitting the challenge value y to the first correspondent; the first correspondent in response thereto computing a value h by applying a function H to the challenge value y, the session value x, the public value an of the first correspondent; the first correspondent signing the value h utilizing the private key e; the first correspondent

Abstract: A finite field multiplier with intrinsic modular reduction includes an interface unit (1208) that translates an n bit wide data path to a m bit wide data path where n is less than m. Also included is a finite field data unit (1204) with m bit wide registers that is coupled to a finte field control unit (1202). The finite field control unit (1202) includes a microsequencer (1402) and a finite state machine multiplier (1404). The microsequencer (1402) controls the finite state machine multiplier (1404) which performs a finite field multiply operation with intrinsic modular reduction and presents a finite field multiplication product to the finite field data unit (1204).

Abstract: An elliptic curve (EC) processor circuit (120) comprising a finite field arithmetic logic unit (122), operation registers (124) an EC control unit (123) and a register file (127). A storage element (250) is coupled to the finite field arithmetic logic unit (122). The EC control unit (123) controls the various components of the EC processor circuit (120) to decompress a compressed one-bit representation of a Y coordinate of an elliptic curve point (X, Y). The EC control unit (123) controls the use of the operation register (124), the storage element (250) and the finite field arithmetic logic unit (122) to recursively compute the decompressed version of the compressed Y coordinate based upon the X coordinate and the compressed one-bit representation of the Y coordinate. The circuit and method employ minimal additional hardware and processing in an EC processor circuit (120).

Abstract: A finite field inverse circuit has a finite field data unit (1112) and an inverse control unit (1110). The inverse control unit includes (1110) a k.sub.l and k.sub.u decrementer pair (1108, 1122), a k.sub.l -k.sub.u difference unit (1106), an inverse control finite state machine (1102), and a one-bit memory (1104) coupled to the inverse control finite state machine (1102). The finite field data unit (1112) includes four m bit wide registers that are shift registers designated as B (1120), A (1118), M (1114), and C (1116), where B- is a first register, A- is a second register, M- is a irreducible polynomial register, and C- is a field element register. An the irreducible polynomial is loaded left justified in the M-register, a field element to be inverted is loaded left justified in the C-register, and a single "1" is loaded in an LSB bit of the B-register. The field element is then inverted in 2n+2 system clock cycles where n is a field size associated with the field element.

Abstract: A finite field inverse circuit (600) for use in an elliptic curve processor (12). The finite field inverse circuit (600) comprises a control circuit (610) and a data circuit (660). The data circuit (610) comprises a data multiplexer (668) for coupling the contents of one of three registers (662, 664, 680) to a finite field arithmetic logic unit (122). A first plurality of bits representing the finite field element to be inverted is initially loaded into a first one of the three registers. The control circuit (660) comprises a shift register (614) suitable for storing a second plurality of bits representing a size of the finite field element to be inverted.