Patents Assigned to Certicom Corp.
-
Patent number: 9917695Abstract: A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block.Type: GrantFiled: March 11, 2013Date of Patent: March 13, 2018Assignees: BlackBerry Limited, Certicom Corp.Inventors: Atsushi Yamada, Gregory Marc Zaverucha
-
Patent number: 9900861Abstract: A method for a device to determine that it has been lost is provided. The method comprises the device determining its current location, the device comparing its current location to a plurality of stored locations, and the device determining that it has been lost when its current location is a stored location that has been designated as a location where the device is unlikely to be located or is not a stored location that has been designated as a location where the device is likely to be located.Type: GrantFiled: July 14, 2016Date of Patent: February 20, 2018Assignee: Certicom Corp.Inventor: Daniel Richard L. Brown
-
Patent number: 9871776Abstract: A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to the communication network and the trusted network.Type: GrantFiled: May 11, 2016Date of Patent: January 16, 2018Assignee: Certicom Corp.Inventors: Scott Alexander Vanstone, Marinus Struik
-
Patent number: 9871827Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, a method of signalling an interception time period is described. At least one keying information used by a KMF to regenerate a key is stored. A start_interception message is signaled from an ADMF to a CSCF. A halt_message is signaled from the ADMF to the CSCF.Type: GrantFiled: August 1, 2016Date of Patent: January 16, 2018Assignees: BlackBerry Limited, Certicom Corp.Inventors: Matthew John Campagnan, Gregory Marc Zaverucha, Michael Eoin Buckley
-
Patent number: 9866396Abstract: There is provided a method for secure communications. The method includes a computing device receiving a notification comprising a message, a counter value, a signature signed by a signer and based on the message and the counter value, and an indication of the signer. The device obtains a current counter value based on an identity of the signer, checks the signature and compares the counter value with the current counter value; and, if the counter comparison and the signature checking is successful, accepting the message.Type: GrantFiled: July 29, 2016Date of Patent: January 9, 2018Assignee: BlackBerry Limited and Certicom Corp.Inventors: Michael Eoin Buckley, Robert John Lambert, Nevine Maurice Nassif Ebeid
-
Patent number: 9864851Abstract: A system, device and method for authenticating a user. The system, device and method may employ a computing device for providing credentials required for access to an on-line resource available over a network. The computing device may connect to the on-line resource to register a user. The computing device may receive from the on-line resource at least one request for a credential to identify the user. In response to the request, the computing device may generate a random credential, store the random credential in association with an on-line resource identifier and the request in a data store accessible to the computing device and, submit the random credential to the on-line resource to register the user.Type: GrantFiled: July 28, 2011Date of Patent: January 9, 2018Assignees: BlackBerry Limited, Certicom Corp.Inventors: Neil Patrick Adams, Scott Alexander Vanstone, Daniel Richard L. Brown, Dinah Lea Marie Davis, Christopher Labrador, Alfred John Menezes
-
Patent number: 9825919Abstract: In some aspects, an encryption method comprises encrypting a first portion of a message using a first secret key. The first secret key is generated based on the public key of an entity. A one-way function is used to generate a second secret key from the first secret key, and the first secret key is subsequently discarded. A second portion of the message is encrypted using the second secret key. The encrypted first portion of the message and the encrypted second portion of the message are provided to the entity.Type: GrantFiled: November 2, 2015Date of Patent: November 21, 2017Assignees: BlackBerry Limited, Certicom Corp.Inventors: Robert John Lambert, Daniel Richard L. Brown, Atsushi Yamada
-
Patent number: 9819686Abstract: A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.Type: GrantFiled: July 20, 2016Date of Patent: November 14, 2017Assignee: Certicom Corp.Inventor: Marinus Struik
-
Patent number: 9813249Abstract: A method of requesting and issuing a certificate from certification authority for use by an initiating correspondent with a registration authority is provided. The initiating correspondent makes a request for a certificate to the registration authority, and the registration authority sends the request to a certificate authority, which issues the certificate to the registration authority. The certificate is stored at a location in a directory and this location is associated with a pointer such as uniform resource locator (URL) that is derived from information contained in the certificate request. The initiating correspondent computes the location using the same information and forwards it to other corespondents. The other correspondents can then locate the certificate to authenticate the public key of the initiating correspondent.Type: GrantFiled: August 13, 2014Date of Patent: November 7, 2017Assignee: Certicom Corp.Inventors: Paul Neil Fahn, James Semple
-
Publication number: 20170310681Abstract: A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check.Type: ApplicationFiled: May 15, 2017Publication date: October 26, 2017Applicant: Certicom Corp.Inventor: Marinus Struik
-
Patent number: 9774609Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.Type: GrantFiled: January 8, 2016Date of Patent: September 26, 2017Assignee: Certicom Corp.Inventor: Marinus Struik
-
Patent number: 9734322Abstract: A system and method of providing authenticity to a radio frequency identification (RFID) tag are provided. The method comprises generating a plurality of digital signatures, wherein each digital signature is generated using an index value unique to that digital signature and using information associated with the RFID tag; and storing the plurality of digital signatures on the RFID tag in association with respective index values to enable a desired digital signature to be selected according to a provided index value. Also provided are a system and method of enabling an RFID reader to authenticate an RFID tag, which utilize a challenge comprising an index value to request one of the stored signature and authenticating same. Also provided is an RFID tag that is configured to participate in the challenge-response protocol.Type: GrantFiled: June 30, 2014Date of Patent: August 15, 2017Assignee: Certicom Corp.Inventor: Daniel Richard L. Brown
-
Patent number: 9727720Abstract: Challenge-response authentication protocols are disclosed herein, including systems and methods for a first device to authenticate a second device. In one embodiment, the following operations are performed by the first device: (a) sending to the second device: (i) a challenge value corresponding to an expected response value known by the first device, and (ii) a hiding value; (b) receiving from the second device a masked response value; (c) obtaining an expected masked response value from the expected response value and the hiding value; and (d) determining whether the expected masked response value matches the masked response value received from the second device. The operations from the perspective of the second device are also disclosed, which in some embodiments include computing the masked response value using the challenge value, the hiding value, and secret information known to the second device.Type: GrantFiled: November 30, 2012Date of Patent: August 8, 2017Assignee: Certicom Corp.Inventor: Robert John Lambert
-
Patent number: 9698993Abstract: Methods, systems, and computer programs for producing hash values are disclosed. A prefix-free value is obtained based on input data. The prefix-free value can be based on an implicit certificate, a message to be signed, a message to be verified, or other suitable information. A hash value is obtained by applying a hash function to the prefix-free value. The hash value is used in a cryptographic scheme. In some instances, a public key or a private key is generated based on the hash value. In some instances, a digital signature is generated based on the hash value, or a digital signature is verified based on the hash value, as appropriate.Type: GrantFiled: September 4, 2014Date of Patent: July 4, 2017Assignee: Certicom Corp.Inventors: Gregory Marc Zaverucha, David William Kravitz
-
Patent number: 9692737Abstract: A system and method for controlling a production process for producing a product is provided in which overproduction may be inhibited by introducing a separation of duties within a production process. Typically a producer will contract out the various stages of a production process to multiple contractors. In general, separation of duties involves purposefully separating production stages, for silicon chips or other products, so that the end product has been handled or “touched”, by each subcontractor, in order for the end product to be fully functional.Type: GrantFiled: February 28, 2007Date of Patent: June 27, 2017Assignee: CERTICOM CORP.Inventors: Anthony J. Walters, Brian Neill, Tony Rosati, Ashok Vadekar, Daniel O'Loughlin
-
Patent number: 9692591Abstract: A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used.Type: GrantFiled: May 18, 2015Date of Patent: June 27, 2017Assignee: Certicom Corp.Inventor: Marinus Struik
-
Patent number: 9678896Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.Type: GrantFiled: October 26, 2015Date of Patent: June 13, 2017Assignee: Certicom Corp.Inventors: Daniel Francis O'Loughlin, Keelan Smith, Jay Scott Fuller, William Lundy Lattin, Marinus Struik, Yuri Poeluev, Matthew John Campagna, Thomas Rudolf Stiemerling, Wei Cheng Joseph Ku
-
Patent number: 9667634Abstract: A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check.Type: GrantFiled: January 31, 2014Date of Patent: May 30, 2017Assignee: Certicom Corp.Inventor: Marinus Struik
-
Patent number: 9654981Abstract: Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, information is wirelessly transmitted from a first mobile device to a second mobile device. The information permits the second mobile device to detect proximity of the first mobile device. In some implementations, the information can be wirelessly transmitted by a proximity-activated wireless interface, such as, for example, a Near Field Communication (NFC) interface. In response to the information, the first mobile device receives a message and a first authentication value wirelessly transmitted from the second mobile device to the first mobile device. A second authentication value is generated at the first mobile device based on the message and the shared secret value. Integrity of the message is verified based on comparing the first authentication value and the second authentication value.Type: GrantFiled: July 11, 2011Date of Patent: May 16, 2017Assignees: BlackBerry Limited, Certicom Corp.Inventors: Mihal Lazaridis, Mark E. Pecen, Scott Alexander Vanstone, Matthew John Campagna, Anthony Rosati
-
Patent number: 9640012Abstract: A protocol appropriate for smartcard purchase applications such as those that might be completed between a terminal or ATM and a users personal card is disclosed The protocol provides a signature scheme which allows the card to authenticate the terminal without unnecessary signature verification which is an computationally intense operation for the smart card. The only signature verification required is that of the terminal identification (as signed by the certifying authority, or CA, which is essential to any such protocol). In the preferred embodiment, the protocol provides the card and terminal from fraudulent attacks from impostor devices, either a card or terminal.Type: GrantFiled: December 18, 2007Date of Patent: May 2, 2017Assignee: Certicom Corp.Inventor: Scott A. Vanstone