Method and device for executing cryptographic computation

IPC classes for russian patent Method and device for executing cryptographic computation (RU 2403682):

H04L9/14 - using a plurality of keys or algorithms

Another patents in same IPC classes:

Method for generation and verification of collective electronic digital signature that certifies electronic document / 2402880

Method for generation and verification of electronic digital signature (EDS) includes the following sequence of actions: combination of n≥2 secret keys is generated in the form of multidigit binary numbers (MBN) k₁, k₂,…,k_n, using secret keys, n open keys P₁, P₂, …, P_n are generated, at least one electronic document presented by MBN is received, depending on received electronic document and on value of at least two secret keys, electronic digital sinature Q is generated in the form of two or more MBN, collective open key is generated depending on T open keys where a₁, a₂,…,a_m are natural numbers, 2≤m≤n, a_j≤n and j = 1, 2,…,m, the first A and second B verification MBN are generated, besides at least one of verification MBN is generated depending on collective open key. MBN A and B are compared. If their parametres coincide, conclusion on authenticity of electronic digital signature is made.

Signing and verifying authenticity of session initiation protocol routing headers / 2378773

Group of inventions relates to apparatus for signing and verifying authenticity of session initiation protocol routing headers for authentication of routing commands. Described are a method, a computer readable carrier having instructions which are executed by a computer, and a computer readable carrier on which is stored a data structure for signing and verifying authenticity of session initiation protocol (SIP) routing headers. A SIP node can receive a SIP request which includes a message header. A signature can be generated based on at least part of the message header, and a header element of the SIP node. The signature can then be inserted into the header element of the SIP node.

Method for generation and authentication of electronic digital signature that certifies electronic document / 2369974

Invention is related to the field of cryptographic devices of electronic digital signature (EDS). Substance of invention consists in the fact that method for generation and authentication of EDS includes the following sequence of actions: secret key is generated in the form of multi-digit binary number (MBN) x, secret key is used to generate open key Y in the form of MBN size vector m, where 2≤m<64, electronic document (ED) is received, represented by MBN H, depending on received electronic document and on value of secret key, EDS Q is generated in the form of two MBNs, depending on EDS, ED and open key, the first A and second B authenticating MBN are generated, MBN A and B are compared. When they parametres coincide, conclusion is made on authenticity of electronic digital signature.

Method for generation and authentication of electronic digital signature that certifies electronic document / 2369973

Invention is related to the field of cryptographic devices. Substance of invention consists in the fact that method for generation and authentication of EDS includes the following sequence of actions: secret key is generated in the form of multi-digit binary number (MBN) x, secret key is used to generate open key Y in the form of MBN size vector w x w, where 2≤m<32, electronic document (ED) is received, represented by MBN H, depending on received electronic document and on value of secret key, EDS Q is generated in the form of two MBNs, depending on Q, Y and H, the first A and second B authenticating MBN are generated, MBN A and B are compared. When they parametres coincide, conclusion is made on authenticity of electronic digital signature.

Method for generation and authentication of electronic digital signature that certifies electronic document / 2369972

Invention is related to the field of cryptographic devices. Substance of invention consists in the fact that method for generation and authentication of EDS includes the following sequence of actions: combination of n≥2 secret keys is generated in the form of multi-digit binary numbers (MBN) x₁, x₂,…, x_n, secret keys are used to generate n open keys Y₁, Y₂, …, Y_n in the form of MBN size matrices w x w, where 2≤w<32, at least one electronic document (ED) is received, represented by MBN H, depending on received electronic document and on value of at least two secret keys, EDS Q is generated in the form of two MBNs, depending on m open keys where α₁, α₂, …, α_m - natural numbers, 2≤m≤n, α_j≤n and j=1, 2, …, m, the first A and second B authenticating MBN are generated depending on EDS and ED, besides one of authenticating MBN is generated depending on collective open key. MBN A and B are compared. When they parametres coincide, conclusion is made on authenticity of electronic digital signature.

System and method for authentication in communication system / 2367098

Invention relates to mobile communication. A mobile station (MS), base station (BS) and an authentication, authorisation and account server (AAA) receive the first master session key through first EAP authentication for the mobile station (MS) in a "EAP-in-EAP" connection. After the first EAP authentication, a second master session key (MSK) is received through second EAP authentication for the mobile station (MS) in a "EAP-in-EAP" connection. An authorisation key is generated based on use of the first and second pairs of master keys, generated through truncation of the first and second master session keys, respectively.

Polarisation quantum cryptosystem / 2360367

Present invention relates to quantum cryptosystems and can be used for generating secret keys, used for encoding information in quantum data transfer systems. The polarisation quantum cryptosystem has transmitting and receiving sides. The transmitting side comprises a first unit for generating a secret key, the output of which is the first output of the cryptosystem, first and second random number generators, single photon laser and a polarisation modulator. The receiving side comprises a second unit for generating a secret key, the output of which is the second output of the cryptosystem, a third random number generator, polarisation beam splitter, fixed mirror, and first and second photon detectors. The data exchange input/output of the second unit for generating secret key is connected to the first non-classified communication channel. The polarisation quantum cryptosystem also contains a polarisation modulator, first quantum communication channel, second non-classified communication channel, device for measuring the complete set of Bell states, second quantum communication channel, source of polarisation-mixed up photon pairs and a third quantum communication channel.

Efficient encryption and authentication for data processing systems / 2340108

Set of positions for plain text and/or set of positions for ciphered text is used for determining which data units will be used for generating values (470) of the control total of the input value and values (475) of the control total of the output value and these control totals are then used for generating an authentication tag.

Efficient coding and identification for data processing systems / 2336646

Claimed method and device relate to information protection systems. The objective is achieved by skipping coding of some data along with identification of all data. Different identification unit definitions are used depending on whether the unit is positioned as open or encoded text. Then identification units are combined to form control amount which is encoded to form identification tag.

Text ciphering method / 2302702

Novelty is use of equally-probable-value analytic function during certain interval, generation of chaotic digital sequence of analytic-function characters, and generation of ciphering field around it, each of whose characters presenting digital group of several numbers; how many numbers in group depends on amount of message being transferred.

Data protection method / 2263407

According to invention, biometric parameter is prepared and this biometric parameter is digitized with receipt of authentication data of digitizes biometric parameter, different, because on basis of authentication data of digitized biometric parameter encoded codeword is decoded and by decoding of codeword on basis of authentication data of digitized biometric parameter and on basis of method for correcting error with certain arbitrarily set volume used in encoding theory, secret data are restored.

Method for generation of encoding-decoding key / 2277759

Method includes generating two binary vectors of numbers a and p, having certain parameters, transferred by means of unprotected communication channel to each user of network, and generation by network users independently from each other of secret keys and generation of open keys by network users by means of transformation of binary vectors of secret key and numbers a and p, to obstruct possible determining of secret keys, and also common secret sub-keys of network users, while for determining secret sub-keys K it is required to know binary checksum vector of transferred message ξ, which changes for each communication session in random fashion. Utilization of checksum for source message during generation of protection key allows to prevent imposing of false information and to determine errors in transferred message, while possibility of determining of secret keys and common secret sub-keys of network users is excluded even when using cryptanalysis method with known open text. Instead of generation of binary checksum vector for transferred message binary hash function vector may be generated for transferred message or a random binary vector, for example, by using random numbers generator in conjunction with timer indications.

Method and system for distributed program development for programmable portable information medium / 2289157

Initial program text is created on user's computer, transferred to information medium issuer's computer, where initial text is compiled and assembled; executable program code is created, which is enciphered and converted to transport code, which is downloaded to information medium through user's computer. At the same time during preliminary assembly information medium is equipped with instrumental program means for restoring executable program code from transport code, which is presented in intermediate format. Also system for distributed development of executed program for portable information medium, and information medium are disclosed.

Method for generation of encryption/decryption key / 2295199

For realization of method at transferring side of communication guiding a random series is generated in form of three blocks X₁,X₂,X₃ with lengths of k₁,k₂,k₃ respectively. Series is transferred with errors via communication channel (Y₁,Y₂,Y₃ - received blocks). Blocks of checking symbols C₁ and C₂ are formed for blocks X₁ and X₂. Message S_C1+C2 is formed by concatenating blocks C₁ and C₂. Authenticator w for received message is formed, using a checking code and block Y₃. Blocks of checking symbols C₁ and C₂ are selected from received message S_C1+C2. from blocks Y₁, Y₂ received in advance via communication channel with errors and blocks of checking symbols C₁ and C₂ decoded blocks . Encryption/decryption keys are generated at receiving and transferring communication guiding sides by hashing block X₁ at transferring communication guiding side and decoded block at receiving communication guiding side.

Method for initialization of chip-card / 2295836

Disclosed further is method for inputting initialization data IND into chip-card, in accordance to which encrypted authentication value is transferred and decrypted with production of at least one key ENK for unblocking chip-card. This key ENK for unblocking chip-card is compared to key ENK' for unblocking chip-card stored in chip-card. If both aforementioned keys match, initialization data EIND, IND are transferred into chip-card, which are recorded into its energy-independent memorizing device.

Text ciphering method / 2302702

Efficient coding and identification for data processing systems / 2336646

Efficient encryption and authentication for data processing systems / 2340108

Polarisation quantum cryptosystem / 2360367

System and method for authentication in communication system / 2367098

FIELD: information technology.

SUBSTANCE: key is generated in an electronic component for a specific cryptographic algorithm. For this purpose a prime number P is stored in memory of the electronic component and at least one secret prime number is generated. In order to generate a secret prime number at step /a/ two integers p₁' and p₂' whose sum is equal to a number p' are randomly selected; at step /b/ it is determined (12) whether the number p' is a prime number, on the basis of a combination of the stored prime number P with the numbers p₁' and p₂' so as to maintain said number p' secret; at step /c/ if the number p' is determined to be a prime number, numbers p₁' and p₂' are stored (14) in the memory of the electronic component, otherwise steps /a/ and /b/ are repeated.

EFFECT: higher efficiency of key generation method.

16 cl, 2 dwg

The present invention relates to cryptography and, in particular, to protect the secrecy of the keys used in cryptographic algorithms.

Cryptographic algorithms are used, in particular, to encrypt data and/or decrypt the data. Such algorithms can also be used for many other purposes. Indeed, they can also be used to perform the signature or authentication of certain information. They can also be used in the field set the date and time when you boot the computer devices.

Typically, such algorithms contains a sequence of several operations or calculations that are applied consistently for one to encrypt this with the purpose of receiving this encrypted or encrypted with this in order to obtain the decrypted this.

Among these algorithms, some are based on the use of secret keys, while others are based on a mixed-use keys for common use or public keys and secret keys.

For example, the following sections illustrate the application of these algorithms to encrypt and decrypt data.

According to the General principle of such applications of cryptographic public-key algorithms public key available to anyone, and anyone can send the data is, encrypted with the public key; however, only the owner of the corresponding private key can decrypt the data.

Protection of a cryptographic algorithm public key based on the fact that knowledge of the public key does not allow you to find the appropriate secret keys and thus it is not possible to decrypt the data.

Thus, the known method of public key cryptography, called RSA by the first letters of the names of its creators Rivest, Shamir, Adelman. This method is the oldest and the most common in this area.

According to this method, choose four numbers, denoted by p, q, e and d. Numbers p and q are two different primes. Generate randomly.

The number of d and e examine the following equation:

e*d=1 modulo(p-1)(q-1).

In this case, you can use the Euclidean algorithm to generate the d on the basis of e, p and q by calculations well known to specialists.

Then the number obtained from the products of numbers p and q, denote n (module).

Thus, the pair of numbers n and e forms a key for General use, while the pair of numbers n and d forms a key individual use.

Then to send the appropriate integer M in the range of 0 to n-1, calculate intended to send a corresponding encoded With using with abusage equation:

C=M^emodulo n

Upon receiving the encoded message From the owner of the secret key, computes an intermediate value of the number D:

D=C^dmodulo n

Then get the original plaintext message M using the following equation:

D=M^de=M modulo n

Thus, taking into account all the above, it can be noted that such public-key algorithms are based on the generation of Prime numbers. In particular, public-key algorithms such as RSA may require the generation of very large Prime numbers. So, you may need to generate Prime numbers, containing about 500 digits.

In the algorithms of type RSA noted that the module n belongs to the public key and can, therefore, be known to all; while the number d must remain secret to protect algorithm. However, the number d is obtained from the numbers p and q. Therefore, to protect these algorithms require that the numbers p and q remained secret.

Typically, cryptographic e-card generation of these keys is happening in the environment are protected from any attacks, such as a plant for manufacturing an electronic component, which executes a cryptographic algorithm.

Therefore, in such conditions, the numbers p and q can be manipulated very easily, without fear kaki is any attacks, in order to determine their value and the subsequent incursion of the algorithm. Thus, as a rule, different ways of generating keys involve the manipulation of these numbers p and q.

In these conditions it is possible to use various methods known in the art, to generate Prime numbers.

However, to perform some tasks may need to generate such keys in an unsecured environment where it is possible attacks with the aim of breaking the secrecy of the used key cryptographic algorithm.

Currently, there are many known types of attacks.

So, some attacks are based on information leaks detected during the execution of certain stages of encryption. Typically, these attacks are based on the correlation between information leakage detected during the processing of a cryptographic algorithm to any given key or keys (attacks by analyzing the current consumption, electromagnetic radiation, time calculations, and so on).

In these conditions it is extremely important to observe appropriate precautions to preserve the secret of the above numbers p and q.

A known method of generating numbers p and q, allowing you to keep these numbers secret. Indeed, in the article "Efficient Generation of Shared RSA keys", written by Dan Boneham and Matthew Franklin, th is presumed to generate the numbers p and q simultaneously and secretly.

One of the tasks of this method is to separate the generation of primes by several participants. Thus, these participants perform calculations that allow them to generate two Prime numbers, not knowing these simple numbers, the participants know only the product of these numbers.

According to this method, the number of p and q is chosen randomly and simultaneously. Then, on the basis of their works decide whether chosen so two numbers are Prime numbers. To preserve the secrecy of the numbers p and q, these numbers are not directly manipulated.

Indeed, in particular, randomly choose four integers R_andp_b, q_aand q_bthe number R is the sum of the number of R_andand p_band the number q is the sum of the number of q_aand the number of q_b.

After that, check whether the numbers p and q primes on the basis of their works, by manipulating the numbers R_andp_b, q_aand q_b.

If the numbers p and q are not simple, repeated random selection of the other two numbers p and q, until the selected number of p and q will not be defined as a simple number.

This solution can be very complex calculations and significantly reduces the effectiveness of the ways to generate keys.

The present invention is to propose solutions, azuolausio to address these shortcomings.

The first object of the present invention is a method of generating a key for a cryptographic algorithm in an electronic component, in memory of which enter a Prime number P.

The method comprises the operation of generating at least one secret Prime numbers, and this operation contains the following successive stages:

// randomly choose two integers p₁' and p₂'the amount of which is equal to the number R';

/b/ determines whether the specified number p' is a Prime number, based on the combination stored in the memory of a Prime number P with the specified numbers of p₁' and R₂';

// if you decide that the number p' is a Prime number, p₁' and R₂' injected into the storage device of the electronic component; otherwise, repeating steps /a/ and /b/.

Because of this distinctive feature, you can secretly and effectively to generate a Prime number p'.

Indeed, generated thus the number p' is not manipulated directly through the various stages of the method, and manipulate only integers p₁' and R₂'. Therefore, the possibility of cracking the secret number R' by attacks on the algorithm during the step of generating this a Prime number p'.

In addition, this generation of Prime numbers is effective because it provides the sequence to generate a few simple numbers. More likely is a random selection of one of the primes, than a random selection of multiple primes at the same time, as suggested in the article "Efficient Generation of Shared RSA keys".

This method in accordance with the present invention preferably can be applied to any method of generating a key for a particular cryptographic algorithm in an electronic component, if the algorithm requires the generation of secret Prime numbers or even a few secret Prime numbers.

Step /b/ can be implemented using any type of test on simplicity, allowing to define a simple integer based on the combination of this integer with a Prime number.

Typically, such tests for primality are probabilistic algorithms. They allow you to determine whether an integer is a Prime number, with a very high degree of probability.

In an embodiment of the present invention define the first integer p₁and the second integer R₂thus, in order stored in memory Prime number P was equal to the sum of certain integers p₁and p₂. In this case, the step /b/ is carried out on the basis of operations on the numbers of p₁p₂p₁' and p₂'.

Thus, during the generation of the secret Prime numbers p' in the test phase n the primality R' preferably does not manipulate any Prime number P, neither the number of p', which negates the potential attack on the secrecy of the number of R' during this stage of generation.

You can randomly determine the first and second integers p₁and p₂.

Step /b/ can be done using a test for primality, based on a combination of test type Solovey-Strassen and test type of Miller-Rabin. For example, the test for primality can be based on a test of simplicity, is described in the article "Efficient Generation of Shared RSA keys" Dan Boneh and Matthew Franklin in section 3, "Distributed Primality Test. Indeed, this test is based on simplicity, on the one hand, to test for primality Solovey-Strassen and, on the other hand, to test the simplicity of the Rabin-Miller. Test for primality Solovey-Strassen described in the document Ralovera and Ustrasana "A fast monte carlo test for primality", 1977. Test for ease of Rabin-Miller described in the document Mabina "Probabilistic algorithm for testing primality", 1980.

In an embodiment of the present invention, the efficiency of this method increase, including before the step /b/ next step:

/A1/ on the basis of the operations performed with the numbers of p₁' and p₂'check that the number p' is not divided into one or more of certain primes.

In this case, repeat the steps /a/ and /A1/, if the number p' is divided into one particular of the Prime numbers.

This phase /A1/ is of particular interest when t is buesa to generate large Prime numbers. Indeed, this stage makes it easy to exclude some numbers before making the step /b/, which is more difficult to implement.

In an embodiment of the present invention, the step (A1) includes the following steps for a simple number, strictly greater than 1:

- randomly choose the first integer of integers in the range from 0 to y-1 and the second integer d among integers in the range from 1 to y-1;

- determine the number of u using the following equation:

u=c+dp₁' modulo y;

- determine the number of v using the following equation:

v=c-dp₂' modulo y;

- determine, shares whether p on the y, depending on the difference between the number of u and the number of v.

Some cryptographic algorithms require the generation of several secret primes. In this case, you can easily apply the method according to a variant implementation of the invention as many times as required to generate Prime numbers. Thus, it is possible to generate at least two Prime numbers sequentially by repeating steps /a/to/with/ to create an asymmetric key pair.

The second object of the present invention is an electronic component generating a key for a particular cryptographic algorithm.

The component contains:

block selection made with the possibility of the case is inogo choice of two integers p ₁' and R₂'whose sum is a number R';

- a storage device for storing Prime numbers P and for memorizing numbers p₁' and R₂'when determining that the sum of these numbers p₁' and p₂' is a Prime number;

block decisions made with the possibility to decide whether the number p' is a Prime number, based on a combination between in-memory Prime number P and the specified numbers of p₁' and R₂'.

Unit may determine the first integer p₁and the second integer R₂thus, in order stored in memory Prime number P was equal to the amount specified certain integers p₁and R₂; and block decisions may decide whether the number p' is an integer on the basis of the operations performed on the numbers of p₁, R₂p₁' and R₂'.

In an embodiment of the present invention, the block selection determines the first and second integers p₁and R₂accident.

Preferably the block solutions applies the test of simplicity, based on a combination of test type Solovey-Strassen and test the type of the Miller-Rabin and proposed in the article "Efficient Generation of Shared RSA keys".

Preferably, the block selection pre-control based on the operations performed on the numbers of p₁' and R₂'to check that h is St R' is not divisible by one or more of certain primes.

In this case, the block selection repeats the random selection of two integers p₁' and R₂'if p' is divided into a certain Prime number.

In an embodiment of the present invention to implement preliminary control is relatively simple number y is strictly greater than 1, the block selection further comprises:

tools made with the possibility of random selection of the first number from among integers in the range from 0 to y-1 and the second integer d among integers in the range from 1 to y-1;

- means is arranged to determine the number and using the following equation:

u=c+dp₁' modulo y;

- means is arranged to determine the number of v using the following equation:

v=c-dp₂' modulo y;

means, configured to determine, shares whether p on the y, depending on the difference between the number of u and the number of v.

Other distinctive features, objectives and advantages of the present invention will be more apparent from the following description of one of the variants of its implementation.

This description is presented with reference to the following accompanying drawings:

Figure 1 - the main stages of the method of generating a key according to a variant implementation of the present invention.

Figure 2 - diagram of the electronic component according to a variant of execution of this image is to be placed.

In an embodiment of the present invention a method of generating a key for a cryptographic algorithm is intended for use in an electronic component.

Pre-electronic component enters into the storage device the first number, denoted by R.

Figure 1 shows the main steps of the method according to a variant implementation of the invention.

On stage 11 to produce a random selection of two integers, denoted by p₁' and R₂'. Then on the stage 12 to decide whether a Prime number, sum, denoted by p', the two selected numbers. This stage, therefore, to keep secret the number of R'. Thus, it is preferable at this stage, the number of p' as such is not manipulated. The definition of simplicity, the number of R' carried out by means of operations on the numbers of p₁' and R₂'.

After that, in step 13, if it is determined that the number p' is a Prime number, repeat the previous steps 11 and 12.

If, on the contrary, it is found that this number is a Prime number, then p₁' and R₂' are entered into memory.

This method can be repeated whenever you need to generate a secret Prime numbers.

At step 12, you can apply any test on simplicity, which allows you to decide if a number is a combination of two simple cise is, because this test does not include operations that may jeopardize the privacy of one of these two numbers works. Such tests on the simplicity of well known and readily available to specialists. Preferably these tests on simplicity can allow you to solve on the basis of the product of the n Prime numbers P and the number of p', which is the result of the sum of random number p₁' and R₂'whether the number p' is a Prime number. This test contains operations on the numbers of p₁' and R₂'but does not contain any operations carried out directly on the number of p'.

For example, the test for primality can be based on a combination of test type Solovey-Strassen and test type of Miller-Rabin, as suggested in the article "Efficient Generation of Shared RSA keys".

In this case, the P present in the form of two numbers, denoted by p₁and R₂. This decomposition can be done randomly or arbitrarily.

This test allows you to decide whether the number m is the product of two primes p and P', where m satisfies the equation:

m=(p₁+p₂)*(p₁'+p₂')

where

P=p₁+p₂

and

p'=p₁'+p₂'.

Thus, without direct manipulation of the numbers p and P', we can decide whether these numbers p and P' is a Prime number.

It is noted that in this embodiment, the number m can manipul is encoded without fear, because it is not a secret.

As described in detail in the article "Efficient Generation of Shared RSA keys", in this test it is assumed that the different numbers correspond to the following characteristics:

p₁=3 mod 4

and

p₁'=3 mod 4

then

p₂=0 mod 4

and

p₂'=0 mod 4

To prevent attacks on the secrecy of the number of R' during this phase, preferably in the numbers of p₁, R₂p₁' and p₁' produce the following operations.

First, randomly select the numbers and among the integers from 1 to m-1.

Then compute the Jacobi symbol relative to the selected number of m, denoted by (a/m).

Then, if the computed thus the Jacobi symbol is different from 1, repeat step a random choice of a number.

If the Jacobi symbol equal to 1, go to next step

In this case produce a first intermediate calculation on the numbers m, p₁and p₂' get the number of u that meets the following equation:

After that, produce a second intermediate calculation on the numbers m, p₁and p₂and get the number of v that meets the following equation:

After that, check whether the following equation:

u=+/-v mod m

If this equation is correct to conclude that m is the product of two integers Ri R' with a certain probability.

In an embodiment of the present invention P is a Prime number previously entered into the memory device's electronic components. Therefore, using this type of test, you can decide whether or not the number p' is a Prime number, without resorting to the operations directly on the number of p'.

In an embodiment of the present invention, to increase the likelihood of the stage 12 on the numbers of p₁' and R₂'for whom the sum is an integer, before stage 12 can be stage, pre-allowing you to simply and effectively exclude some numbers.

Thus, we can consider the set of Prime numbers. Then before stage 12 is required to determine if a number is divisible p' is a Prime number, denoted by at. To do this randomly chosen integer among integers from 0 to y-1 and an integer d among integers from 1 to-1.

After that make two of the following intermediate calculations:

u=C+dp₁' modulo y

v=C-dp₂' modulo y

In this case, you can check whether the following equation:

u-v=0 modulo y

If this equation is correct to conclude that the number p' is divided by y.

Figure 2 shows the scheme of an electronic component according to a variant of implementation of the present invention.

This component contains 21 unit 22 of the choice made with the possibility of random selection of the two integers p ₁' and p₂'whose total is the number of p'.

He further comprises a storage device 23 for insertion into the memory of the primes P and integers p₁' and p₂'if you decide that the sum of these numbers is p₁' and p₂' is a Prime number.

It also contains a block solutions are designed to solve, whether the number p' is a Prime number, on the basis of the combination is entered into the memory of a Prime number P with the numbers of p₁' and p₂'.

So, have a way of generating a key, designed for efficient and secret serial generate Prime numbers or more Prime numbers.

1. The method of generating a key for a cryptographic algorithm in an electronic component (21), in which the storage device specified electronic components enter a Prime number P, with the specified method comprises the operation of generating at least one secret Prime numbers, with the specified operation includes the following successive stages:
// randomly choose (11) two integers p₁' and p₂'the amount of which is equal to the number R';
/b/ solve (12)whether the number p' is a Prime number, based on the combination stored in the memory of a Prime number P with the specified numbers of p₁' and p₂';
// if you decide that the number of R' I what is a Prime number, p₁' and R₂' enter (14) in a storage device of the electronic component; otherwise, repeating steps /a/ and /b/.

2. The method according to claim 1, which define the first integer p₁and the second integer R₂thus, in order stored in memory Prime number P was equal to the sum of certain integers p₁and R₂; and in which the step /b/ is carried out on the basis of operations on the numbers of p₁p₂p₁' and R₂'.

3. The method according to any of the preceding paragraphs, in which the first and second integers p₁and R₂determine randomly.

4. The method according to claim 1, in which step /b/ is carried out with the help of test for primality, based on a combination of test type Solovey-Strassen and test type of Miller-Rabin.

5. The method according to claim 1, additionally containing, before step /b/ next step:
/A1/ on the basis of the operations performed with the numbers of p₁' and R₂'check that the number p' is not divided into one or more of certain primes,
in which repeating steps /a/ and /A1/, if the number p' is divided into one of these certain primes.

6. The method according to claim 5, in which step (A1) includes the following steps for a simple number, strictly greater than 1:
randomly choose the first integer of integers in the range from 0 to y-1 and the second integer number is about d among integers in the range from 1 to y-1;
determine the number of u using the following equation:
u=c+dp₁'modulo y;
determine the number of v using the following equation:
v=c-dp₂'modulo y;
determine, shares whether p on the y, depending on the difference between the number of u and the number of v.

7. The method according to claim 1, wherein generating at least two Prime numbers sequentially by repeating steps /a/to/with/ to create an asymmetric key pair.

8. The method according to claim 1, wherein the cryptographic algorithm is an RSA algorithm.

9. Electronic component (21) of generating a key for a particular cryptographic algorithm, with the specified component contains:
block (22) of the choice made with the possibility of random selection of two integers p₁' and R₂'whose sum is a number R';
storage device (23) for storing Prime numbers P and for memorizing numbers p₁' and R₂'when determining that the sum of these numbers p₁' and R₂' is a Prime number;
block (24) solution made with the possibility to decide whether the number p' is a Prime number, based on a combination between in-memory Prime number P and the specified numbers of p₁' and R₂'.

10. Electronic component according to claim 9, in which the block (22) of the selection determines the first integer p₁and the second integer R₂so XP is nasaesa in memory Prime number P was equal to the amount specified certain integers p ₁and R₂;
in which block (23) decisions may decide whether the number p' is an integer, based on the operations performed on the numbers of p₁, R₂p₁' and p₂'.

11. The electronic component of claim 10, in which the block (22) of the selection determines the first and second integers p₁and R₂accident.

12. Electronic component according to claim 9, in which the block (23) the solution applies the test of simplicity, based on a combination of test type Solovey-Strassen and test type of Miller-Rabin.

13. Electronic component according to claim 9, in which the block (22) select the pre-control based on the operations performed on the numbers of p₁' and R₂'to check that the number p' is not divisible by one or more of certain primes; and in which the block (22) of choice repeats the random selection of two integers p₁' and R₂'if p' is divided into a certain Prime number.

14. Electronic component according to claim 9, in which to implement preliminary control for a Prime number, strictly greater than 1 unit (22) of selecting further comprises:
tools made with the possibility of random selection of the first number from among integers in the range from 0 to y-1 and the second integer d among integers in the range from 1 to y-1;
means arranged to determine the number and with the help of following the th equations:
u=c+dp₁'modulo y;
means arranged to determine the number of v using the following equation:
v=c-dp₂'modulo y;
means configured to determine, shares whether p on the y, depending on the difference between the number of u and the number of v.

15. Electronic component according to claim 9, in which consistently generate several primes p'.

16. Electronic component according to claim 9, in which cryptographic algorithm is an RSA algorithm.