# Thomas Icart, Paris FR

## Thomas Icart, Paris FR

Patent application number | Description | Published |
---|---|---|

20100284538 | Control of an Entity to be Controlled by a Control Entity - A control entity communicates with an entity to be controlled so as to effect a control, a secret key being associated with the control entity. These entities share public parameters, a second public parameter being a combination of a first public parameter of the said plurality with the secret key. At the level of the entity to be controlled, a random value is generated, a first message is transmitted to the control entity, this first message comprising at least one value obtained by combining the first public parameter with the random value; and a second message is transmitted to the control entity, this second message comprising at least one value obtained by combining the first random value, a secret key of the entity to be controlled and a value received from the control entity. One of the values included in the first or the second message is based on the second public parameter. | 11-11-2010 |

20110213972 | METHOD OF EXECUTING A CRYPTOGRAPHIC CALCULATION - A cryptographic calculation is executed in an electronic component, according to a cryptographic algorithm including at least one application of a one-way function which is disabled upon an intrusion into the electronic component. The one-way function is based on a first affine operation corresponding to a first secret key. The one-way function is applied, by obtaining ( | 09-01-2011 |

20110274269 | ENCODING POINTS OF AN ELLIPTIC CURVE - The method comprises, in an electronic component, carrying out a cryptographic calculation that includes the step of obtaining points P on an elliptic curve following the equation Y | 11-10-2011 |

20120045050 | Apparatus and method for block cipher process for insecure environments - Method and apparatus for increasing security of a cryptographic algorithm such as deciphering, enciphering, or a digital signature using a block type cipher such as AES implemented for instance in a “whitebox” model with the cipher key either known or unknown at the compilation time. This method is secure for use in entrusted environments, particularly for securing cryptographic keys. The look up tables characteristic of such algorithms are protected against attack here by making all such tables of the same size and indistinguishable, and further by masking the output values of such tables, typically where the tables carry out a permutation function or a logical exclusive OR operation. | 02-23-2012 |

20120082307 | CRYPTOGRAPHY ON A ELLIPTICAL CURVE - A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y | 04-05-2012 |

20120093309 | CRYPTOGRAPHY ON A SIMPLIFIED ELLIPTICAL CURVE - A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y | 04-19-2012 |

20120134493 | CRYPTOGRAPHY BY PARAMETERIZING ON ELLIPTIC CURVE - A device is controlled by a controller on the basis of a password. A determination is made at the device or at the controller, on the basis of a random value r | 05-31-2012 |

20120155638 | SECURING KEYS OF A CIPHER USING PROPERTIES OF THE CIPHER PROCESS - In the field of computer enabled cryptography, such as a block cipher, the cipher is hardened against an attack by protecting the cipher key, by applying to it a predetermined linear permutation before using one key to encrypt or decrypt a message. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key, or where each user session has its own key. | 06-21-2012 |

20120159186 | SECURING THE IMPLEMENTATION OF A CRYPTOGRAPHIC PROCESS USING KEY EXPANSION - In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by protecting the cipher key by means of a key expansion process which obscures the cipher and/or the round keys by increasing their lengths to provide an expanded version of the keys for carrying out encryption or decryption using the cipher. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key, or where each user session has its own key. | 06-21-2012 |

20120204038 | PERFORMING BOOLEAN LOGIC OPERATIONS USING ARITHMETIC OPERATIONS BY CODE OBFUSCATION - Method and apparatus for obfuscating computer software code, to protect against reverse-engineering of the code. The obfuscation here is of the part of the code that performs a Boolean logic operation such as an exclusive OR on two (or more) data variables. In the obfuscated code, each of the two variables is first modified by applying to it a function which deconstructs the value of each of the variables, and then the exclusive OR operation is replaced by an arithmetic operation such as addition, subtraction, or multiplication, which is performed on the two deconstructed variables. The non-obfuscated result is recovered by applying a third function to the value generated by the arithmetic operation. This obfuscation is typically carried out by suitably annotating (modifying) the original source code. | 08-09-2012 |

20120254625 | PROTECTING STATES OF A CRYPTOGRAPHIC PROCESS USING GROUP AUTOMORPHISMS - In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by a protection process which obscures the cipher states and/or the round keys using the properties of group field automorphisms and applying multiplicative masks (instead of conventional XOR masks) to the states of the cipher, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by eliminating XOR operations with improved masking techniques and increasing complexity of reverse engineering and of attacks. | 10-04-2012 |

20120311338 | SECURE AUTHENTICATION OF IDENTIFICATION FOR COMPUTING DEVICES - In the field of computer and data security, the identifier (ID) of a computing device is protected by providing a secure signature used to verify the ID. The signature is computed from the ID using a “White Box” cryptographic process and a hash function. This provides a signature that is computationally easy to verify but difficult or impossible to generate by a hacker (unauthorized user). This method of first creating the signature and later verifying the identifier using the signature and the associated computing apparatus are thereby useful for protection against hacking of such identifiers of computing devices. | 12-06-2012 |

20130010963 | MULTIPLICATIVE SPLITS TO PROTECT CIPHER KEYS - In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by a protection process which obscures the round keys using the properties of group field automorphisms and applying masks to the states of the cipher, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by eliminating S-box operations, together with improved masking techniques and increasing the cipher's complexity against reverse engineering and key storage attacks. | 01-10-2013 |

20130016836 | CRYPTOGRAPHIC PROCESS EXECUTION PROTECTING AN INPUT VALUE AGAINST ATTACKS - A cryptographic process (such as the AES cipher) which uses table look up operations (TLUs) is hardened against reverse engineering attacks intended to recover the table contents and thereby the cipher key. This hardening involves removing any one-to-one correspondence between the TLU inputs and outputs, by altering the output of the TLU dynamically, e.g. at each execution (call) of the TLU. This is done by increasing the size of the tables, applying a dynamically determined mask value to the table input and/or output, or using an inverse of the table. | 01-17-2013 |

20130061061 | PROTECTING LOOK UP TABLES BY MIXING CODE AND OPERATIONS - In the field of computer enabled cryptography, such as a cipher using lookup tables, the cipher is hardened against an attack by a protection process which obscures the lookup tables using the properties of bijective functions and applying masks to the tables' input and output values, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by obfuscating lookup table data, thereby increasing the cipher's complexity against reverse engineering and other attacks. | 03-07-2013 |

20130067211 | OPERATIONAL MODE FOR BLOCK CIPHERS - In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of sequenced rounds, the cipher is hardened against attack by a protection process. The protection process uses block lengths that are larger or smaller than and not an integer multiple of those of an associated standard cipher, and without using message padding. This is operative in conjunction with standard block ciphers such as the AES, DES or triple DES ciphers, and also with various block cipher cryptographic modes such as CBC or EBC. | 03-14-2013 |

20130067212 | SECURING IMPLEMENTATION OF CRYPTOGRAPHIC ALGORITHMS USING ADDITIONAL ROUNDS - In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of sequenced rounds, the cipher is hardened against an attack by a protection process which adds rounds to the cipher process. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm (process), including the algorithm's internal state during its execution. In one version, a specific number of rounds are added over those of a standard version of the cipher to both encryption and the complementary decryption. The added rounds are inserted immediately after the last of the standard rounds in the sequence. In another version, the added rounds are one or more opposing paired rounds of encryption/decryption or decryption/encryption which effectively cancel each other out, and may be inserted anywhere in the sequence of standard rounds. | 03-14-2013 |

20130108038 | SYSTEM AND METHOD FOR A COLLATZ BASED HASH FUNCTION | 05-02-2013 |

20130232578 | METHOD AND APPARATUS FOR OBFUSCATING PROGRAM SOURCE CODES - First source code of a computer program having a plurality of lines of instructions is received. An obfuscation process is performed on the first source code, including at least two of a shuffling operation, a fertilizing operation, an aggregating operation, and a neutralizing operation. Second source code is generated based on the obfuscation process, where the second source code, when executed by a processor, produces an identical result as the first source code. | 09-05-2013 |

20130259226 | METHODS AND APPARATUS FOR CORRELATION PROTECTED PROCESSING OF CRYPTOGRAPHIC OPERATIONS - A method and an apparatus that generate a plurality of elements randomly as a split representation of an input used to provide an output data cryptographically representing an input data are described. The input may correspond to a result of a combination operation on the elements. Cryptographic operations may be performed on the input data and the elements to generate a plurality of data elements without providing data correlated with the key. The combination operation may be performed on the data elements for the output data. | 10-03-2013 |

20130326230 | METHODS AND APPARATUS FOR DATA HASHING BASED ON NON-LINEAR OPERATIONS - A method and an apparatus that provides a hard problem based hashing mechanism to improve security of hash functions are described. The hashing mechanism can include a custom padding and/or a post processing to a hashed value strengthened via operations specifying a hard problem. In one embodiment, a new hash function may be provided or defined directly without introducing or relying on existing hash functions to embed security features based on this hard problem. The new hash functions can be used in usual constructions implying hash functions. For example, the standard HMAC construction could be applied on these hash functions, standard signature algorithms or authentication protocol, etc. | 12-05-2013 |

20140165030 | METHODS AND APPARATUS FOR CORRELATION PROTECTED PROCESSING OF DATA OPERATIONS - A method and an apparatus for receiving a first source code having a code block to update the first source code with multiple copies of the code block to protect against correlation attacks are described. The code block can perform one or more operations for execution based on the first source code. The operations can be performed via a random one of the copies of the code block. A second source code based on the updated first source code can be generated to be executed by a processor to produce an identical result as the first source code. | 06-12-2014 |

20140165208 | METHOD AND APPARATUS FOR DYNAMIC OBFUSCATION OF STATIC DATA - A method and an apparatus that provide rewriting code to dynamically mask program data statically embedded in a first code are described. The program data can be used in multiple instructions in the first code. A code location (e.g. an optimal code location) in the first code can be determined for injecting the rewriting code. The code location may be included in two or more execution paths of first code. Each execution path can have at least one of the instructions using the program data. A second code may be generated based on the first code inserted with the rewriting code at the optimal code location. The second code can include instructions using the program data dynamically masked by the rewriting code. When executed by a processor, the first code and the second code can generate identical results. | 06-12-2014 |

20140301546 | PRECOMPUTING INTERNAL AES STATES IN COUNTER MODE TO PROTECT KEYS USED IN AES COMPUTATIONS - Methods, media, and systems for, in one embodiment, protecting one or more keys in an encryption and/or decryption process can use precomputed values in the process such that at least a portion of the one or more keys is not used or exposed in the process. In one example of a method, internal states of an AES encryption process are saved for use in a counter mode stream cipher operation in which the key used in the AES encryption process is not exposed or used. | 10-09-2014 |

20140314229 | CRYPTOGRAPHY ON A SIMPLIFIED ELLIPTICAL CURVE - A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y | 10-23-2014 |

20140314230 | CRYPTOGRAPHY ON AN ELLIPTICAL CURVE - A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y | 10-23-2014 |

20140348323 | PROTECTING AGAINST WHITE BOX ATTACKS USING COLUMN ROTATION - Various embodiments of a computer-implemented method of information security using block cipher column rotations are described. The cipher state column rotations provide resistance to white box side channel memory correlation attacks designed to reverse-engineer a symmetric cipher key associated with the information security system. The column rotation operations can be performed on the cipher state of a block cipher, and then removed from the result, to provide obfuscation of the data when in memory, while not impacting the resulting output of the cipher or decipher operation. The method additionally includes performing a first rotation of an iteration specific cipher subkey according to the first rotation index, performing an iteration of the block cipher operations on the cipher state matrix, and rotating the columns of the cipher state matrix according to an inverse of the first rotation index. | 11-27-2014 |