Joseph H Silverman

Author:

Joseph Silverman

ISBN #:

0195209141

Author:

Joseph Silverman

ISBN #:

0080216285

Author:

Joseph Silverman

ISBN #:

0080250254

Author:

Joseph Silverman

ISBN #:

3446157840

Author:

Joseph H. Silverman

ISBN #:

0130309540

Author:

Joseph H. Silverman

ISBN #:

0131861379

Author:

Joseph H. Silverman

ISBN #:

0132637995

Author:

Joseph H. Silverman

ISBN #:

0520016483

US Patent:

6959085, Oct 25, 2005

Filed:

May 3, 2000

Appl. No.:

09/564112

Inventors:

Jeffrey Hoffstein - Pawtucket RI, US
Joseph H. Silverman - Needham MA, US
Daniel Lieman - Columbia MO, US

Assignee:

NTRU Cryptosystems, Inc. - Burlington MA

International Classification:

H04L009/00

US Classification:

380 30, 380 2, 380 28, 380100, 713156, 713168, 713171, 713176, 713180

Abstract:

A method for authenticating, by a second user, the identity of a first user, that includes a challenge communication from the second user to the first user, a response communication from the first user to the second user, and a verification by the second user, includes the steps: selection by the first user of a private key f in a ring R and a public key that includes φ(f) in a ring B that is mapped from f using the ring homomorphism φ: R→B, and publication by the first user of the public key; generation of the challenge communication by the second user that includes selection of a challenge c in the ring R; generation of the response communication by the first user that includes computation of a response comprising h in the ring R, where h is a function of c and f; and performing of a verification by the second user that includes determination of φ(c) from c, φ(h) from h, and an evaluation that depends on φ(h), φ(c) and φ(f).

US Patent:

7031468, Apr 18, 2006

Filed:

Aug 24, 2001

Appl. No.:

09/939531

Inventors:

Jeffrey Hoffstein - Pawtucket RI, US
Joseph H. Silverman - Needham MA, US

Assignee:

NTRU Cryptosystems, Inc. - Burlington MA

International Classification:

H04L 9/00
G06F 1/02

US Classification:

380 28, 380 44, 708255

Abstract:

A method for performing a cryptographic operation involving transforming digital information is described. A digital operator is provided that has a component selected from a large set of elements. The component is expanded into a plurality of factors, each factor having a low Hamming weight. Digital information is transformed using the digital operator. Computer readable medium embody instructions for the method.

US Patent:

7308097, Dec 11, 2007

Filed:

Dec 6, 2002

Appl. No.:

10/313082

Inventors:

Jeffrey Hoffstein - Pawtucket RI, US
Nicholas A. Howgrave-Graham - Arlington MA, US
Jill C. Pipher - Pawtucket RI, US
Joseph H. Silverman - Needham MA, US
William J. Whyte - Somerville MA, US

Assignee:

NTRU Cryptosystems, Inc. - Acton MA

International Classification:

H04K 1/00
H04L 9/00

US Classification:

380 28, 380 30, 380 44, 380282, 380285, 380277, 713170, 713176, 713180, 713181

Abstract:

A method, system and apparatus for performing user identification, digital signatures and other secure communication functions in which keys are chosen essentially at random from a large set of vectors and key lengths are comparable to the key lengths in other common identification and digital signature schemes at comparable security levels. The signing technique of an embodiment of the identification/digital signature scheme hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring; while the verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties.

US Patent:

7913088, Mar 22, 2011

Filed:

Nov 20, 2007

Appl. No.:

11/986101

Inventors:

Jeffrey Hoffstein - Pawtucket RI, US
Nicholas A. Howgrave-Graham - Arlington MA, US
Jill C. Pipher - Pawtucket RI, US
Joseph H. Silverman - Needham MA, US
William J. Whyte - Somerville MA, US

Assignee:

NTRU Cryptosystmes, Inc. - Wilmington MA

International Classification:

H04L 9/00

US Classification:

713180

Abstract:

A signing technique of a disclosed identification/digital signature method hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring, while a disclosed verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties. In an embodiment of the identification/digital signature scheme hereof that employs a quotient ring of polynomials, the security also relies on the experimentally observed fact that for most lattices, it is very difficult to find a vector whose length is only a little bit longer than the shortest vector, and it is also difficult to find a lattice vector that is quite close to a randomly chosen nonlattice vector.

US Patent:

20020136401, Sep 26, 2002

Filed:

Mar 20, 2001

Appl. No.:

09/812917

Inventors:

Jeffrey Hoffstein - Pawtucket RI, US
Jill Pipher - Pawtucket RI, US
Joseph Silverman - Needham MA, US

International Classification:

H04K001/00

US Classification:

380/030000, 380/028000

Abstract:

Methods, systems and computer readable media for signing and verifying a digital message m are described. First, ideals p and q of a ring R are selected. Elements f and g of the ring R are generated, followed by generating an element F, which is an inverse of f, in the ring R. A public key h is produced, where h is equal to a product that can be calculated using g and F. Then, a private key that includes f is produced. A digital signature s is signed to the message m using the private key. The digital signature is verified by confirming one or more specified conditions using the message m and the public key h. A second user also can authenticate the identity of a first user. A challenge communication that includes selection of a challenge m in the ring R is generated by the second user. A response communication that includes computation of a response s in the ring R, where s is a function of m and f, is generated by the first user. A verification that includes confirming one or more specified conditions using the response s, the challenge m and the public key h is performed by the second user. Also described are methods, systems and computer readable media for authenticating the identity of a first user by a second user using similar technology.

US Patent:

60815973, Jun 27, 2000

Filed:

Aug 19, 1997

Appl. No.:

8/914449

Inventors:

Jeffrey Hoffstein - Pawtucket RI
Jill Pipher - Pawtucket RI
Joseph H. Silverman - Needham MA

Assignee:

NTRU Cryptosystems, Inc. - Pawtucket RI

International Classification:

H04L 928
H04L 930

US Classification:

380 28

Abstract:

The public key encryption system of the present invention has short and easily created encryption keys and wherein the encoding and decoding processes are performed extremely rapidly, and has low memory requirements. The encoding and decoding processes use both the addition and multiplication operations in a ring modulo with two different ideals. The cryptosystem of the present invention allows encryption keys to be chosen essentially at random from a large set of binary vectors, for which key lengths are comparable to the key lengths of the most widely used prior art cryptosystems. The present invention features an appropriate security level (. about. 2. sup. 80), with encoding and decoding processes ranging from approximately one to two orders of magnitude faster than the prior art, particularly the exponentiation cryptosystems.

US Patent:

62981374, Oct 2, 2001

Filed:

Apr 5, 2000

Appl. No.:

9/543708

Inventors:

Jeffrey Hoffstein - Pawtucket RI
Jill Pipher - Pawtucket RI
Joseph H. Silverman - Needham MA

Assignee:

NTRU Cryptosystems, Inc. - Burlington MA

International Classification:

H04L 930
H04L 928
H04L 908

US Classification:

380 30

Abstract:

A method of communicating information between users of a communications system includes the following steps: generating a ring R, ideals P and Q in R, a set of coset representatives C. sub. Q for the ring R modulo the ideal Q, and a set of coset representatives C. sub. p for the ring R modulo the ideal P; generating at least one public key element h. sub. 1,. . . , h. sub. k in the ring R as a function of at least two private key elements. function. sub. 1,. . . . function. sub. n in R and the ideal Q of the first user; and transmitting from a first user to a second user a description of the ring R, the ideal Q, the ideal P, and the elements h. sub. 1,. . . , h. sub. k in R; generating an element e in R as a function of the ideals P and Q, the public key elements h. sub. 1,. . . , h. sub. k, a private message element m in R, and at least one private random element. o slashed. sub. 1,. . . ,. o slashed. sub. l of the second user; and transmitting the element e from the second user to the first user, such that the first user can determine the message element m by computing a result A in R of evaluating a function F of e,. function. sub. 1,. . . ,. function. sub.

US Patent:

20200228309, Jul 16, 2020

Filed:

Jan 15, 2020

Appl. No.:

16/743826

Inventors:

- Providence RI, US
Joseph H. SILVERMAN - Needham MA, US

International Classification:

H04L 9/00
G06F 17/16
H04L 9/06

Abstract:

Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring F[x] and selecting a polynomial h(y) of exact degree n in a ring F[y]. The method includes constructing an isomorphism from the ring F[x]/(f(x)) to the ring F[y]/(h(y)) and constructing an inverse isomorphism from the ring F[y]/(h(y)) to the ring F[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring F[x]/(f(x)) to the ring F[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.