Patents by Inventor Anna Lysyanskaya
Anna Lysyanskaya has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230409755Abstract: A system for secure data provenance for digital signals, wherein the system comprises a data capture unit, wherein the data capture unit is configured to capture a data signal from a data source, a processing unit communicatively connected to the data capture unit, wherein the processing unit is configured to calculate a plurality of measurements of the data signal as a function of a plurality of data attributes associated with the data signal, generate a digital signature as a function of the plurality of measurements, and assign the digital signature to the data signal, and a data verification module operatively connected to the processing unit, wherein the data verification module is configured to verify the data signal on a temporally sequential listing as a function of the digital signature, and wherein the system is registered on the temporally sequential listing.Type: ApplicationFiled: June 16, 2023Publication date: December 21, 2023Applicant: Ares Technologies, Inc.Inventors: Christian Wentz, Anna Lysyanskaya, Brian Martin
-
Patent number: 11831777Abstract: A secure computing hardware apparatus includes at least a secret generator module, the at least a secret generator module configured to generate a module-specific secret, and a device identifier circuit communicatively connected to the at least a secret generator, the device identifier circuit configured to produce at least an output comprising a secure proof of the module-specific secret. Secret generator module may implement one or more physically unclonable functions to generate the module-specific secret.Type: GrantFiled: January 3, 2022Date of Patent: November 28, 2023Assignee: Ares Technologies, Inc.Inventors: Christian T. Wentz, Anna Lysyanskaya
-
Patent number: 11757658Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: GrantFiled: March 21, 2022Date of Patent: September 12, 2023Assignee: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Patent number: 11593488Abstract: A system for a cryptographic agile bootloader for upgradable secure computing environment, the cryptographic agile bootloader comprising a computing device associated with a first bootloader is presented. The computing device includes a secure root of trust, the secure root of trust configured to produce a first secret and a second secret and a processor. The processor is configured to load a second bootloader, wherein the second bootloader is configured to generate a secret-specific public datum as a function of the second secret, wherein the secret-specific public datum further comprises a bootloader measurement, load a first bootloader, wherein the first bootloader is configured to sign the secret-specific public datum as a function of the first secret, and replace the first bootloader with the second bootloader.Type: GrantFiled: October 28, 2021Date of Patent: February 28, 2023Assignee: Ares Technologies, Inc.Inventors: Christian Wentz, Ilia Lebedev, Anna Lysyanskaya
-
Publication number: 20220337432Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: ApplicationFiled: March 21, 2022Publication date: October 20, 2022Applicant: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Patent number: 11374771Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: GrantFiled: March 24, 2020Date of Patent: June 28, 2022Assignee: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Publication number: 20220198018Abstract: A system for a cryptographic agile bootloader for upgradable secure computing environment, the cryptographic agile bootloader comprising a computing device associated with a first bootloader is presented. The computing device includes a secure root of trust, the secure root of trust configured to produce a first secret and a second secret and a processor. The processor is configured to load a second bootloader, wherein the second bootloader is configured to generate a secret-specific public datum as a function of the second secret, wherein the secret-specific public datum further comprises a bootloader measurement, load a first bootloader, wherein the first bootloader is configured to sign the secret-specific public datum as a function of the first secret, and replace the first bootloader with the second bootloader.Type: ApplicationFiled: October 28, 2021Publication date: June 23, 2022Applicant: Ares Technologies, Inc.Inventors: Christian Wentz, Ilia Lebedev, Anna Lysyanskaya
-
Publication number: 20220123937Abstract: A secure computing hardware apparatus includes at least a secret generator module, the at least a secret generator module configured to generate a module-specific secret, and a device identifier circuit communicatively connected to the at least a secret generator, the device identifier circuit configured to produce at least an output comprising a secure proof of the module-specific secret. Secret generator module may implement one or more physically unclonable functions to generate the module-specific secret.Type: ApplicationFiled: January 3, 2022Publication date: April 21, 2022Applicant: Ares Technologies, Inc.Inventors: Christian T. Wentz, Anna Lysyanskaya
-
Publication number: 20210184864Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: ApplicationFiled: March 24, 2020Publication date: June 17, 2021Applicant: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Patent number: 7543139Abstract: In accordance with the present invention, there is given methods, systems and apparatus for revoking a derived credential formed from an initial credential and an indication value within a network. An example method comprises the steps of: updating an accumulator value based on a plurality of user credential keys where each user credential key is associated with a user device entitled to the derived credential; providing public information that comprises a public key for verifying the initial credential and the accumulator value; an entity receiving from a user device derived-credential information comprising an initial-credential information and an indication-value information indicating that the user credential key is inherently included in the accumulator value, and request information; and, processing the request information in response to verifying by the entity that the initial-credential information and the indication-value information are valid.Type: GrantFiled: December 19, 2002Date of Patent: June 2, 2009Assignee: International Business Machines CorporationInventors: Jan Camenisch, Anna Lysyanskaya
-
Patent number: 7389416Abstract: In accordance with the present invention, there is provided a method for sharing a secret value x among n participating network devices via an asynchronous network. The n participating network devices comprises t faulty devices and k sub-devices capable of reconstructing the secret value x, wherein t<n/3 and k<n. The secret value x being provided by a distributor.Type: GrantFiled: February 15, 2002Date of Patent: June 17, 2008Assignee: International Business Machines CorporationInventors: Christian Cachin, Klaus Kursawe, Anna Lysyanskaya, Reto Strobl
-
Patent number: 7360080Abstract: The present invention relates to a method and system for securely proving ownership of pseudonymous or anonymous electronic credentials. A credential system is described consisting of users and organizations. An organization knows a user only by a pseudonym. The pseudonyms of the same user, established for use with different organizations, cannot be linked. An organization can issue a credential to a pseudonym, and the corresponding user can prove possession of this credential to another organization that knows him under another pseudonym. During the prove of possession of the credential nothing besides the fact that he owns such a credential is revealed. A refinement of the credential system provides credentials for unlimited use, so called multiple-show credentials, and credentials for one-time use, so called one-show credentials.Type: GrantFiled: November 2, 2001Date of Patent: April 15, 2008Assignee: International Business Machines CorporationInventors: Jan Leonhard Camnisch, Anna Lysyanskaya
-
Publication number: 20080034203Abstract: The present invention relates to a method and system for securely proving ownership of pseudonymous or anonymous electronic credentials. A credential system is described consisting of users and organizations. An organization knows a user only by a pseudonym. The pseudonyms of the same user, established for use with different organizations, cannot be linked. An organization can issue a credential to a pseudonym, and the corresponding user can prove possession of this credential to another organization that knows him under another pseudonym. During the prove of possession of the credential nothing besides the fact that he owns such a credential is revealed. A refinement of the credential system provides credentials for unlimited use, so called multiple-show credentials, and credentials for one-time use, so called one-show credentials.Type: ApplicationFiled: October 2, 2007Publication date: February 7, 2008Inventors: Jan Camnisch, Anna Lysyanskaya
-
Publication number: 20040139146Abstract: In accordance with the present invention, there is provided a method for sharing a secret value x among n participating network devices via an asynchronous network. The n participating network devices comprises t faulty devices and k sub-devices capable of reconstructing the secret value x, wherein t<n/3 and k<n. The secret value x being provided by a distributor.Type: ApplicationFiled: March 2, 2004Publication date: July 15, 2004Inventors: Christian Cachin, Klaus Kursawe, Anna Lysyanskaya, Reto Strobl
-
Publication number: 20030177352Abstract: In accordance with the present invention, there is given methods, systems and apparatus for revoking a derived credential formed from an initial credential and an indication value within a network. An example method comprises the steps of: updating an accumulator value based on a plurality of user credential keys where each user credential key is associated with a user device entitled to the derived credential; providing public information that comprises a public key for verifying the initial credential and the accumulator value; an entity receiving from a user device derived-credential information comprising an initial-credential information and an indication-value information indicating that the user credential key is inherently included in the accumulator value, and request information; and, processing the request information in response to verifying by the entity that the initial-credential information and the indication-value information are valid.Type: ApplicationFiled: December 19, 2002Publication date: September 18, 2003Applicant: International Business Machines CorporationInventors: Jan Camenisch, Anna Lysyanskaya
-
Publication number: 20020103999Abstract: The present invention relates to a method and system for securely proving ownership of pseudonymous or anonymous electronic credentials. A credential system is described consisting of users and organizations. An organization knows a user only by a pseudonym. The pseudonyms of the same user, established for use with different organizations, cannot be linked. An organization can issue a credential to a pseudonym, and the corresponding user can prove possession of this credential to another organization that knows him under another pseudonym. During the prove of possession of the credential nothing besides the fact that he owns such a credential is revealed. A refinement of the credential system provides credentials for unlimited use, so called multiple-show credentials, and credentials for one-time use, so called one-show credentials.Type: ApplicationFiled: November 2, 2001Publication date: August 1, 2002Applicant: International Business Machines CorporationInventors: Jan Leonhard Camnisch, Anna Lysyanskaya