115 results about "Hamming weight" patented technology

A data encryption method performed with ring arithmetic operations using a residue number multiplication process wherein a first conversion to a first basis is done using a mixed radix system and a second conversion to a second basis is done using a mixed radix system. In some embodiments, a modulus C is be chosen of the form 2w-L, wherein C is a w-bit number and L is a low Hamming weight odd integer less than 2(w-1)/2. And in some of those embodiments, the residue mod C is calculated via several steps. P is split into 2 w-bit words H1 and L1. S1 is calculated as equal to L1+(H12x1)+(H12x2)+ . . . +(H12xk)+H1. S1 is split into two w-bit words H2 and L2. S2 is computed as being equal to L2+(H22x1)+(H22x2)+ . . . +(H22xk)+H2. S3 is computed as being equal to S2+(2x1+ . . . +2xk+1). And the residue is determined by comparing S3 to 2w. If S3<2w, then the residue equals S2. If S3>2w, then the residue equals S3-2w.

A data dependent scrambler for a communications channel that receives a user data sequence including X bits that are organized as N M-bit symbols includes a seed finder that generates a scrambling seed that is dependent upon the symbols in the user data sequence. A first scrambler receives the user data sequence from the data buffer and the scrambling seed from the seed finder and generates the scrambled user data sequence. An H-code finder generates at least one of an H-code token that is dependent upon the symbols in the user data sequence and an offset of the H-code token from the scrambling seed. An H-code encoder receives the scrambled user data sequence and at least one of the H-code token and the offset. The H-code encoder increases a Hamming weight of the scrambled user data sequence using the at least one of the H-code token and the offset.

A Hamming weight encoder includes an input that receives user data including P symbols and a Hamming weight module that determines a Hamming weight of N of said P symbols. N and P are integers greater than one and N is less than or equal to P. The Hamming weight encoder also includes a comparing module that compares the Hamming weight to a Hamming weight threshold and an inverting module that selectively bitwise inverts bits in said N symbols based on said comparison.

A method for generating block codes from Golay code and a method and apparatus for encoding data are provided. The method can effectively generate codes having various lengths, various dimensions, and superior hamming weight distribution, and encodes data such as control information having various lengths into codes having strong resistance to channel errors, resulting in an increase of error correction performance.

It is an object of the disclosed technology to provide a tamper resistance device such as a card member having high security. The disclosed technology provides a solution to problems by reduction of the degree of relationship between information processed in the card member such as a chip for an IC card and current consumption for the processing. As a means for solving the problem, there is provided a method for reducing the degree of relationship between the magnitude of a current consumed by the chip for an IC card and information processed by the chip. In accordance with this method, information is transformed by using data for disturbance of the information prior to processing and, after the processing of the transformed data, the processed transformed information is subjected to inverse transformation using the data for disturbance of the information to result in correct processed information. The method is characterized in that the hamming weight of the data for disturbance of information is all but constant.

The invention discloses a template attack method in allusion to SM4 cipher algorithm round output. According to the method disclosed by the invention, special channel input is taken as a premise, the SM4 algorithm round output is used as an attack point, the hamming weight or the hamming distance of the round output is selected to establish a template, and template attack in allusion to the SM4 cipher algorithm round output can be realized by a small number of templates. Meanwhile, selective input is taken as a basis in a template matching stage, a support vector machine is used to act as a tool for judgment and analysis, a bit of linear transformation output can be broken by only two times of matching, and then a round sub-key is reversely derived by inverse transformation of nonlinear transformation and linear transformation. The method disclosed by the invention effectively solves a problem that template attack in allusion to the SM4 cipher algorithm round number is infeasible at the present stage.

A method performs scalar multiplication of points on an elliptic curve by a finite expandable field K of a first field F_p of a p>3 characteristic, wherein said characteristic p has low Hamming weight and the expandable field has a polynomF(X)+X^d−2 of order d in the polynomial representation thereof.

The invention relates to a quantitative evaluation method of safety degree of a side channel of a code safety chip. The method comprises the following steps of: obtaining at least two relevant coefficients of power consumption and Hamming weight; calculating a normalized difference value; and calculating the safety coefficient of the side channel of the code safety chip. The method can evaluate the safety degree under the analytical attack of the side channel of a key of the code safety chip.

Embodiments of an invention for hardening data transmissions against power side channel attacks are disclosed. In one embodiment, a system includes a first agent and a second agent. The first agent is to transmit an encoded datum through an interface in a plurality of encoded packets. The second agent is to receive each of the plurality of encoded packets from the interface and decode each of the encoded packets to generate a plurality of decoded packets. Each of the encoded packets has the same Hamming weight. The Hamming distance between any two consecutively transmitted encoded packets is constant.

The present invention aims to provide an information security apparatus that counters a simple power analysis attack (SPA) on an information security apparatus such as an RSA cryptosystem. The information security apparatus uses a multiplication with 1 in a Montgomery domain. 1 in the Montgomery domain is determined depending on a modulus and an integer k, which is greater than a number of bits of a modulus p. Therefore, it is hard for attackers who do not know p or k to analyze. Also, even if an analyzer can predict the Hamming weight, it is possible to further improve the safety against the SPA by modifying k or the modulus at random.

The invention discloses a class template attack method based on a deep learning convolutional neural network. The method aims at characteristics of energy traces and types of Hamming weights, a deep learning convolutional neural network with a unique five-layer structure is built and is used for predicting Hamming weight of the attack energy trace; the dependence of traditional template attack ontemplate construction is well solved, the deep learning convolutional neural network is used as a class template for predicting the energy trace Hamming weight, the problem that template constructionis inaccurate is solved, the attack success rate is increased, and meanwhile the energy trace Hamming weight prediction method has high generalization capacity.

The invention discloses an encryption system side channel attack test method and relates to information security technologies. The encryption system side channel attack test method includes the following steps: inputting a specific plaintext on a controlled device, using an attacked cryptosystem to conduct encryption, and capturing a power consumption curve. The encryption system side channel attack test method is characterized in that the inputted plaintext is a large number which is low in Hamming weight. The encryption system side channel attack test method has the advantages that attack efficiency is high, the method has certain universality, and attack cannot be prevented with utilization of a single method for shielding special numbers. The encryption system side channel attack test method is beneficial to promotion of development of an information security system with higher safety performance.

A fast batch verification method and apparatus are provided. In the method of batch-verifying a plurality of exponentiations, (a) a predetermined bit value t is set to an integer equal to or greater than 1; (b) a maximum Hamming weight k is set to an integer equal to or greater than 0 and less than or equal than the predetermined bit value t; (c) n verification exponents s_i are randomly selected from a set of verification exponents S (n is an integer greater than 1, i is an integer such that 1≦i≦n), where the set of verification exponents S include elements whose bit values are less than or equal to the predetermined bit value t and to which a Hamming weight less than or equal to the maximum Hamming weight k is allocated; (d) a value of verification result is computed by a predetermined verification formula; and (e) the verification of the signatures is determined to be passed when the value of verification result satisfies a pre-determined pass condition. Accordingly, it is possible to significantly reduce the amount of computation and particularly, the computation amount of multiplication, without increasing a probability that a verification error would occur, thereby significantly improving the speed of verifying a plurality of signatures.

The invention discloses an AES-algorithm-oriented power analysis attack resistant method based on random time delay. A random number generator and a random time delay module are added in an AES algorithm; a plurality of different time delay paths are provided between a register and a wheel operation module; one path is randomly selected through the random number generated by the random number generator, so that the power consumption generation time point generated by the wheel operation module trends to randomization in one clock period. The method has the advantages that the dependency of the supposed power and practical power consumption track based on hamming weight in the AES algorithm can be effectively reduced; the power analysis attack based on the hamming weight module can be effectively resisted.

The invention discloses a signature method of preventing side-channel attack from multi-azimuth. The signature method of preventing side-channel attack from multi-azimuth is characterized in that the technology or similar technology contained in the signature method masks the base, and an RSA signature or other public key system signatures are obtained; in the signature method of preventing side-channel attack from multi-azimuth, two module exponentiation results are obtained at the same time, and the power exponents are radix minus one complement for each other; when modular exponentiation is realized, the verification technology of preventing outputting error data is used; and for the modular exponentiation algorithm which does not use the jump statement, the signature method of preventing side-channel attack from multi-azimuth is the technology that during the operation process, the data or the operation result data is equal to the Hamming weight. The signature method of preventing side-channel attack from multi-azimuth effectively protects the step which is known and is easy to be attacked during the RSA STD operation process. The modular exponentiation provided by the signature method of preventing side-channel attack from multi-azimuth can be fully applied to the RSA CRT operation, and can realize that the algorithm of the modular exponentiation algorithm and the complementary power can be transplanted to the point multiplication operation of SM2 at the same time. The test that whether the module exponentiation is attacked can be similarly transplanted in the point multiplication operation of SM2.

The embodiment of the invention provides an encryption and decryption data processing method, device and system. The method comprises the steps that first equipment obtains a public key generated by second equipment; the first equipment selects one random bit string; the first equipment employs the public key to encrypt the random bit string, and obtains a first cryptograph; the first equipment employs a one-way function to achieve the mapping of the random bit string; the first equipment employs the decimal numerical value of the random bit string, the Hamming weight of the random bit string and the mapped random bit string to achieve the encryption of cleartext, and obtains a second cryptograph; and the first equipment transmits the cryptographs to the second equipment, wherein the cryptographs comprises the first cryptograph and the second cryptographs. According to the embodiment of the invention, the encryption for a plurality of bits is achieved, and the defect that the encryption efficiency of the cleartext in a single-bit mode is low is ironed out.

The invention discloses a hybrid advanced iteration-stopping method of a weighted bit-flipping decoding method of LDPC (low-density parity-check) codes. The method includes the steps of S1, performing hard decision and S2, decoding a sequence subjected to hard decision. The step S2 includes sub-steps of S21, performing initializing; S22, calculating a syndrome; S23, judging whether a value of the syndrome is 0; S24, calculating a flipping function; S25, calculating a maximum value of the flipping function, and jointly judging a symbol to the maximum value of the flipping function and post-flipping changes in the Hamming weight of the syndrome; S26, judging whether the syndrome is all-zero after flipping and whether the number of iterations is less than a final value; S27, ending decoding. The method has the advantages that the probability of correct judging is increased, decoding performance loss is decreased, and no decoding performance loss is caused during the use of the method in the IMWBF (improved modified weighted bit-flipping) algorithm.

A method for exploiting location information inherent in the location of points within a transmitted signal constellation. A common method for assigning weights to branch metrics in a Viterbi decoder is to assign Hamming weights which are summations of the number of places in which a received bit pattern differs from the bit pattern assigned to a branch metric. Signal strength information may be incorporated into the weight assigned to a branch metric in the Viterbi decoder. Additionally information-inherent in the location of the points within a constellation may be taken into account. Bit errors which require a larger deviation to occur are given higher weights, and bit errors which require less deviation to occur are given lower weights. By taking into account signal strength and location information up to 2 dB of coding gain can be realized.

A decoding method of a cyclic code decoder includes the machine-implemented steps of: establishing a lookup table; receiving a codeword; computing a syndrome and a Hamming weight; if the Hamming weight is not equal to zero and not greater than an error correcting capability value, performing a first error correcting operation; if the Hamming weight is greater than the error correcting capability value, and if the syndrome has a matching syndrome pattern in the lookup table, performing a second error correcting operation; if a second Hamming weight corresponding to a syndrome difference is smaller than a check value, performing a third error correcting operation, otherwise performing a fourth error correcting operation; and if a counter value is greater than zero, performing a fifth error correcting operation before decoding a corrected codeword.

A method for transmitting a codeword in a wireless communication system is disclosed. The method includes generating a codeword by encoding an input signal based on a polar code, acquiring a Hamming weight from a bit sequence of at least a part of the codeword, generating Hamming weight information based on the Hamming weight, and transmitting the Hamming weight information and the codeword to a receiver. The Hamming weight information includes a range indicator indicating a range to which the Hamming weight belongs, among a plurality of ranges.

The invention discloses a hardware security evaluation method for a chaotic cipher system, which comprises the following steps of 1) analyzing the structure of the chaotic block cipher system applying a replacement-replacement network structure, and judging the possible bypass information leakage; 2) comparing the links with bypass information leakage in the SP structure, and selecting the attack points; 3) modeling the energy consumption information corresponding to the intermediate data generated at the attack point, wherein the adopted energy consumption model is a Hamming weight model; 4) performing the correlation energy analysis attack on the chaotic cryptographic algorithm of the SP structure according to the energy consumption model; and 5) evaluating the security of the chaotic cryptographic algorithm of the SP structure during hardware implementation according to the attack result. According to the method, the hardware security of the chaotic cryptosystem passing the statistical test can be verified, whether the cryptosystem has the possibility of being cracked by a side channel attack or not is verified, and a necessary method and a necessary detection means are provided for the design, analysis and evaluation of the cryptosystem.

The invention provides a block password fault-tolerant algebraic bypass analysis method based on multi-inference utilization, which comprises the following steps of: when a key is known, constructinga power consumption track template corresponding to a Hamming weight candidate value in an encryption intermediate state according to a plurality of power consumption tracks in a block password encryption process executed by a controlled password chip; Executing a power consumption track in a block password encryption process by utilizing the power consumption track template and a password chip tobe attacked to obtain a Hamming weight multi-inference value set in an encryption intermediate state; Representing the block cipher algorithm and the Hamming weight multi-inference value set by usingan algebraic equation; And using an analyzer to solve the algebraic equation, and recovering the encrypted master key. It can be seen that for AES block password implementation on the microcontroller, the master key recovery can be achieved through one power consumption track. Moreover, a plurality of Hamming weight inference values corresponding to one power consumption track exist in the actualattack, so that the fault-tolerant capability of the algebraic bypass attack can be greatly improved by utilizing the plurality of inference values.