Patents by Inventor Benjamin Che-Ming Jun
Benjamin Che-Ming Jun has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11895109Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.Type: GrantFiled: April 15, 2022Date of Patent: February 6, 2024Assignee: Cryptography Research, Inc.Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
-
Patent number: 11811908Abstract: Values and a sequence of operations associated with generating a key may be received. A determination may be made as to whether the sequence of operations associated with the key matches an authorized sequence of operations. The key may be outputted when the received sequence of operations matches the authorized sequence of operations and the key may not be outputted when the received sequence of operations does not match the authorized sequence of operations.Type: GrantFiled: February 10, 2020Date of Patent: November 7, 2023Assignee: Cryptography Research, Inc.Inventors: Megan Anneke Wachs, Ambuj Kumar, Benjamin Che-Ming Jun
-
Patent number: 11789625Abstract: A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.Type: GrantFiled: July 29, 2022Date of Patent: October 17, 2023Assignee: Cryptography Research, Inc.Inventors: Benjamin Che-Ming Jun, William Craig Rawlings, Ambuj Kumar, Mark Evan Marson
-
Patent number: 11765149Abstract: A first instruction to store an entity identification (ID) in a memory of a device may be received. The entity ID may be stored in the memory in response to receiving the first instruction. Furthermore, a second instruction to store a value based on a key in the memory of the device may be received. A determination may be made as to whether the value based on the key that is to be stored in the memory corresponds to the entity ID that is stored in the memory. The value based on the key may be stored in the memory of the device when the value based on the key corresponds to the entity ID.Type: GrantFiled: October 4, 2019Date of Patent: September 19, 2023Assignee: Cryptography Research, Inc.Inventors: Ambuj Kumar, Daniel Beitel, Benjamin Che-Ming Jun
-
Publication number: 20230047575Abstract: A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.Type: ApplicationFiled: July 29, 2022Publication date: February 16, 2023Inventors: Benjamin Che-Ming JUN, William Craig RAWLINGS, Ambuj KUMAR, Mark Evan MARSON
-
Publication number: 20220329587Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.Type: ApplicationFiled: April 15, 2022Publication date: October 13, 2022Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
-
Patent number: 11403014Abstract: A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.Type: GrantFiled: December 4, 2020Date of Patent: August 2, 2022Assignee: Cryptography Research, Inc.Inventors: Benjamin Che-Ming Jun, William Craig Rawlings, Ambuj Kumar, Mark Evan Marson
-
Patent number: 11310227Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.Type: GrantFiled: February 28, 2020Date of Patent: April 19, 2022Assignee: Cryptography Research, Inc.Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
-
Patent number: 11308196Abstract: Pairing data associated with a second device may be received at a first device. The pairing data may be received from a server. A first authentication proof may be generated based on the pairing data received from the server. A second authentication proof may be received from the second device. Furthermore, an authentication status of the second device may be updated based on a comparison of the first authentication proof that is based on the pairing data received from the server and the second authentication proof that is received from the second device.Type: GrantFiled: February 28, 2020Date of Patent: April 19, 2022Assignee: Cryptography Research, Inc.Inventors: Benjamin Che-Ming Jun, Matthew Evan Orzen, Joel Patrick Wittenauer, Steven C. Woo
-
Publication number: 20210173576Abstract: A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.Type: ApplicationFiled: December 4, 2020Publication date: June 10, 2021Inventors: Benjamin Che-Ming JUN, William Craig RAWLINGS, Ambuj KUMAR, Mark Evan MARSON
-
Patent number: 10860229Abstract: A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.Type: GrantFiled: August 31, 2015Date of Patent: December 8, 2020Assignee: CRYPTOGRAPHY RESEARCH INC.Inventors: Benjamin Che-Ming Jun, William Craig Rawlings, Ambuj Kumar, Mark Evan Marson
-
Publication number: 20200304287Abstract: Values and a sequence of operations associated with generating a key may be received. A determination may be made as to whether the sequence of operations associated with the key matches an authorized sequence of operations. The key may be outputted when the received sequence of operations matches the authorized sequence of operations and the key may not be outputted when the received sequence of operations does not match the authorized sequence of operations.Type: ApplicationFiled: February 10, 2020Publication date: September 24, 2020Inventors: Megan Anneke Wachs, Ambuj Kumar, Benjamin Che-Ming Jun
-
Patent number: 10771448Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.Type: GrantFiled: March 14, 2013Date of Patent: September 8, 2020Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventors: Paul Carl Kocher, Benjamin Che-Ming Jun, Andrew John Leiserson
-
Publication number: 20200272725Abstract: Pairing data associated with a second device may be received at a first device. The pairing data may be received from a server. A first authentication proof may be generated based on the pairing data received from the server. A second authentication proof may be received from the second device. Furthermore, an authentication status of the second device may be updated based on a comparison of the first authentication proof that is based on the pairing data received from the server and the second authentication proof that is received from the second device.Type: ApplicationFiled: February 28, 2020Publication date: August 27, 2020Inventors: Benjamin Che-Ming Jun, Matthew Evan Orzen, Joel Patrick Wittenauer, Steven C. Woo
-
Publication number: 20200267142Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.Type: ApplicationFiled: February 28, 2020Publication date: August 20, 2020Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
-
Patent number: 10666641Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example method includes receiving, by a root authority system, data identifying a command that affects operation of an integrated circuit, singing, by the root authority system, the command using a root authority key to create a root signed block (RSB), and providing the RSB to a security manager of the integrated circuit.Type: GrantFiled: September 21, 2018Date of Patent: May 26, 2020Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventors: Paul Carl Kocher, Benjamin Che-Ming Jun, Andrew John Leiserson
-
Publication number: 20200120077Abstract: A first instruction to store an entity identification (ID) in a memory of a device may be received. The entity ID may be stored in the memory in response to receiving the first instruction. Furthermore, a second instruction to store a value based on a key in the memory of the device may be received. A determination may be made as to whether the value based on the key that is to be stored in the memory corresponds to the entity ID that is stored in the memory. The value based on the key may be stored in the memory of the device when the value based on the key corresponds to the entity ID.Type: ApplicationFiled: October 4, 2019Publication date: April 16, 2020Inventors: Ambuj Kumar, Daniel Beitel, Benjamin Che-Ming Jun
-
Patent number: 10581838Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.Type: GrantFiled: June 11, 2018Date of Patent: March 3, 2020Assignee: Cryptography Research, Inc.Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
-
Patent number: 10579790Abstract: Pairing data associated with a second device may be received at a first device. The pairing data may be received from a server. A first authentication proof may be generated based on the pairing data received from the server. A second authentication proof may be received from the second device. Furthermore, an authentication status of the second device may be updated based on a comparison of the first authentication proof that is based on the pairing data received from the server and the second authentication proof that is received from the second device.Type: GrantFiled: June 21, 2018Date of Patent: March 3, 2020Assignee: Cryptography Research, Inc.Inventors: Benjamin Che-Ming Jun, Matthew Evan Orzen, Joel Patrick Wittenauer, Steven C. Woo
-
Patent number: 10560260Abstract: Values and a sequence of operations associated with generating a key may be received. A determination may be made as to whether the sequence of operations associated with the key matches an authorized sequence of operations. The key may be outputted when the received sequence of operations matches the authorized sequence of operations and the key may not be outputted when the received sequence of operations does not match the authorized sequence of operations.Type: GrantFiled: February 22, 2019Date of Patent: February 11, 2020Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventors: Megan Anneke Wachs, Ambuj Kumar, Benjamin Che-Ming Jun