38 results about "Multivariable polynomials" patented technology

Let us consider a message M an element (m1,m2, . . . ,mk) in a Galois field GF (2k), and multiply it by a product of polynomials beta 1(alpha)-alpha t(alpha) into M(alpha).<paragraph lvl="0"><in-line-formula>M(alpha)=Mbeta1(alpha).Mbeta2(alpha) . . . Mbetat(alpha)</in-line-formula>Combine a noise vector r(alpha) of n-k to M(alpha) in series so that the data is expanded into degree n. Next, they are transformed into Γ by permutation. Γ is multiplied by an element gammax in the Galois field GF(2n) into cyphertext C(M), where gamma is a primitive root of the multiplicative group of the Galois field GF(2n). Practically, when the message M is substituted for X in a public key C(X), the cyphertext C(M) is obtained. The cyphertext C(M) is multiplied by gamma-x, is applied to an inverse permutation, and the noise vector r(alpha) is separated. Then, the inverse element of the product of beta1(alpha)-betat(alpha) is multiplied and is raised to an adequate index. Then the decrypted message is obtained.

Provided an information processing apparatus including a number generation unit configured to generate numbers used in coefficients of terms included in a pair of multi-order multivariate polynomials F=(f₁, . . . , f_m), using a predetermined function, from information shared between entities executing an algorithm of a public-key authentication scheme or a digital signature scheme that uses a public key including the pair of multi-order multivariate polynomials F, and an allocation unit configured to allocate the numbers generated by the number generation unit to the coefficients of the multi-order multivariate polynomials for which the pair of multi-order multivariate polynomials F are included in constituent elements.

A method for performing, in a single round of communication and by a distributed computational system, Secure MultiParty Computation (SMPC) of an arithmetic function ƒ:_p^k→_p represented as a multivariate polynomial over secret shares for a user, comprising the steps of sharing secrets among participants being distributed computerized systems, using multiplicative shares, the product of which is the secret, or additive shares, that sum up to the secret by partitioning secrets to sums or products of random elements of the field; implementing sequences of additions of secrets locally by addition of local shares or sequences of multiplications of secrets locally by multiplication of local shares; separately evaluating the monomials of ƒ by the participants; adding the monomials to obtain secret shares of ƒ.

In one exemplary embodiment of the invention, a method includes: receiving a first description for a circuit whose operation over a plurality of inputs is to be verified; receiving a second description for expected behavior of the circuit, where the expected behavior in the second description is expressed as a set of algebraic systems of multivariable polynomials over at least one Galois field; applying at least one computational algebraic geometry technique to a combination of the first description and the second description to determine whether the circuit is verified, where verification of the circuit confirms that at least one output obtained based on the first description corresponds to at least one expected value based on the expected behavior expressed in the second description; and outputting an indication as to whether the circuit is verified.

A cryptographic method, apparatus, and system, including selecting a first multivariate polynomial mapping, which includes first multivariate polynomial equations over first variables in a finite field, defining a second multivariate polynomial mapping, which includes at least some of the first multivariate polynomial equations and further includes second multivariate polynomial equations over the first variables together with second variables in the finite field, generating a public key based on the second multivariate polynomial mapping, and digitally signing a message, using a processor, with a digital signature that is verifiable using the public key and is generated by solving the first multivariate polynomial mapping to find respective first values of the first variables, solving a set of linear equations using the first values to find respective second values of the second variables, and applying a transform to the first and second values so as to generate a vector corresponding to the digital signature, wherein the second values are chosen so that a predefined group of elements of the vector will be zero. Related methods, apparatus, and systems are also described.

Provided is an information processing apparatus including a number acquisition unit configured to acquire a number used for a coefficient of each term constituting a set of a multi-order multivariate polynomial F=(f₁, . . . , f_m), the number generated using a predetermined function from information shared between entities that execute an algorithm of a public-key authentication scheme or a digital signature scheme that uses a public key including the set of the multi-order multivariate polynomial F, and a polynomial calculation unit configured to calculate a multi-order multivariate polynomial for an input value of a variable by allocating the number acquired by the number acquisition unit to coefficients of the multi-order multivariate that includes the set of the multi-order multivariate polynomial F as a structural element. The polynomial calculation unit skips a calculation process for a term in which an input value of at least one variable is 0

The invention discloses a multivariable public key signature system and a multivariable public key signature method. The signature system comprises a first processor, a first linear affine transformation part, a trap door part, and a second linear affine transformation part. The first processor is used to generate a random number, and is used to receive to-be-signed massage, and is used to transmit the to-be-signed massage to the first linear affine transformation part. The first linear affine transformation part is used for the affine transformation of the to-be-signed massage, and the trap door part is used to generate a multivariable polynomial equation group according to a private key parameter, and is used to substitute the received random number and the affine transformation result into the multivariable polynomial equation group for the solution, and the second linear affine transformation part is used for the affine transformation of the solution acquired by the trap door part, and a signature is acquired. Under a condition of guaranteeing the unforgeability of the signature, the speed of the multivariable public key password signature is accelerated, and at the same time, the memory size of the private key is reduced.

An information processing apparatus including a message generating unit that generates N sets of messages based on a multi-order multivariate polynomial set F=(f₁, . . . f_m) defined on a ring K and a vector s that is an element of a set Kⁿ, a first information selecting unit that inputs a document M and the N sets of messages to a one-way function that selects one piece of first information from among k (where k≧3) pieces of first information in response to a set of input information, and selects N pieces of first information, a second information generating unit that generate N pieces of second information, and a signature providing unit that provides a verifier with the N pieces of first information and the N pieces of second information as a digital signature.

Provided is an information processing apparatus for realizing an electronic signature system of the MPKC signature method capable of safety certification with respect to chosen-message attack. An information processing apparatus including a first inverse transformation unit that transforms an element y of a finite ring Kⁿ containing elements constituted of n numbers into an element y′ of the finite ring Kⁿ by an inverse transformation T⁻¹ of a first secret polynomial T, an element computation unit that considers the element y′ of the finite ring Kⁿ obtained here as an element Y of an n-order extension A of a finite ring K and computes an element Xε{Z|f(Z)=Y} of an inverse image of mapping f: A→A represented by a predetermined multivariable polynomial by using the element Y, an element selection unit that selects one element X of the inverse image with a probability p proportional to a number of elements α of the inverse image and outputs an exception value with a probability (1-p), and a second inverse transformation unit that considers the element X selected here as an element x′ of the finite ring Kⁿ and transforms the element x′ of the finite ring Kⁿ into an element x of the finite ring Kⁿ by an inverse transformation S⁻¹ of a second secret polynomial S is provided.

Provided is an information processing apparatus including a message generating unit that generates a message based on a multi-order multivariate polynomial set F=(f₁, . . . ,f_m) defined on a ring K and a vector s that is an element of a set Kⁿ, a message providing unit that provides the message to a verifier holding the multi-order multivariate polynomial set F and a vector y=(y₁, . . . ,y_m)=(f₁(s), . . . ,f_m(s)), and a response providing unit that provides the verifier with response information corresponding to a verification pattern selected by the verifier from among k (where k≧3) verification patterns. The vector s is a secret key. The multi-order multivariate polynomial set F and the vector y are public keys. The message is information obtained by performing an operation prepared for a verification pattern corresponding to the response information in advance using the public keys and the response information.

Provided an information processing apparatus including a message generation unit that generates a message based on a pair of multi-order multivariate polynomials F=(f₁, . . . , f_m) and a vector s that is an element of a set Kⁿ, a message supply unit that supplies the message to a verifier storing the pair of multi-order multivariate polynomials F and vectors y=(y₁, . . . , y_m)=(f₁(s), . . . , f_m(s)), an intermediate information generation unit that generates third information based on first information randomly selected by the verifier and second information obtained at a time of generation of the message, an intermediate information supply unit that supplies the third information to the verifier, and a response supply unit that supplies the verifier with response information corresponding to a verification pattern which the verifier selects from among k (where k≧2) verification patterns.

The invention provides a method and a device for calling an agent model. The method comprises the steps of acquiring an order matrix of a multivariable polynomial substrate to serve as a first order matrix, and acquiring a coefficient matrix of the multivariable polynomial substrate to serve as a first coefficient matrix; generating a three-dimensional second matrix based on the first coefficientmatrix by taking the order matrix of the agent model as a base mark; constructing an order matrix of variables as a second order matrix based on the first order matrix; carrying out vector product onthe second matrix and the second order matrix along the first dimension of the second matrix to obtain a third matrix; obtaining a multivariable polynomial vector based on the third matrix; and working out a vector product on the coefficient matrix of the agent model and the multivariate polynomial vector to obtain the expansion of the agent model. According to the method, when the agent model iscalled, the calculation efficiency for calling the agent model is improved while the precision is ensured not to be lost, and effective application of the agent model is realized.

The invention discloses a fan output power prediction method, which comprises the following steps of: firstly, establishing a multivariate polynomial regression model based on a maximum information coefficient and multivariate polynomial regression; and then, determining a test set, and predicting the output power of the fan on the test set by using the multivariate polynomial regression model. In addition, the invention further provides a fan output power prediction system. According to the method and system, the maximum information coefficient is used for selecting the important variables influencing the output power of the fan in the process of establishing the multivariate polynomial regression model, multiple important variables are comprehensively considered, the problem that analysis is not comprehensive enough due to the fact that influence factors of the output power of the fan are analyzed manually is solved, and further, the relation between multivariable and the fan output power is modeled through a polynomial method, so that prediction of the fan output power has high accuracy and low model complexity.

A method for protecting a biometric template, comprising the steps of:

• • retrieving an original vector (V) representing said biometric template, said vector comprising a plurality of original elements (v₁, v₂, . . . v_i, . . . , v_n);
  • mapping at least some elements from said original vector to a protected vector (P) comprising a plurality of protected elements (p₁, p₂, . . . p_i, . . . , p_n−m+1), the mapping being based on multivariate polynomials defined by m user-specific coefficients (C) and exponents (E).

The invention discloses a multivariable signature method capable for resisting a forged signature attack, which is characterized in that by adding a vector called as signature additional value, a verification condition related to internal information is added during signature verification, so that the forged signature attack can be revisited effectively. The multivariable signature method particularly comprises three stages of data pre-processing, signature generation and signature verification. By taking a multivariable public key cryptosystem as a theoretical basis, a message signature and verification scheme is established according to a multivariable polynomial equation set in a finite field, so that the model defect of the conventional multivariable signature scheme is overcome, and under the condition of resisting a quantum attack, signature verification not only is dependent on public key verification, but also involves a user's legal private key. Therefore, the multivariable signature method can provide a basic technological support for information security of the quantum computer era and establishment of a trust system, and is suitable for secure digital signature in the quantum computer era; and moreover, due to relatively high efficiency and security, the multivariable signature method is particularly suitable for occasions where memory space and operation time are limited.