Patents by Inventor Conrad Sauerwald
Conrad Sauerwald has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11880808Abstract: In one embodiment, a unique (or quasi unique) identifier can be received by an application store, or other on-line store, and the store can create a signed receipt that includes data desired from the unique identifier. This signed receipt is then transmitted to a device that is running the application obtained from the on-line store and the device can verify the receipt by deriving the unique (or quasi-unique) identifier from the signed receipt and comparing the derived identifier with the device identifier stored on the device, or the vendor identifier assigned to the application vendor.Type: GrantFiled: October 21, 2019Date of Patent: January 23, 2024Assignee: APPLE INC.Inventors: Thomas Matthieu Alsina, Scott T. Boyd, Michael Kuohao Chu, Augustin J. Farrugia, Gianpaolo Fasoli, Patrice O. Gautier, Sean B. Kelly, Payam Mirrashidi, Pedraum Pardehpoosh, Conrad Sauerwald, Kenneth W. Scott, Rajit Shinh, Braden Jacob Thomas, Andrew R. Whalley
-
Publication number: 20230385427Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.Type: ApplicationFiled: April 17, 2023Publication date: November 30, 2023Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
-
Publication number: 20230231718Abstract: A method of unlocking a second device using a first device is disclosed. The method can include: the first device pairing with the second device; establishing a trusted relationship with the second device; authenticating the first device using a device key; receiving a secret key from the second device; receiving a user input from an input/output device; and transmitting the received secret key to the second device to unlock the second device in response to receiving the user input, wherein establishing a trusted relationship with the second device comprises using a key generated from a hardware key associated with the first device to authenticate the device key.Type: ApplicationFiled: November 7, 2022Publication date: July 20, 2023Inventors: Conrad SAUERWALD, Alexander LEDWITH, John IAROCCI, Marc J. KROCHMAL, Wade BENSON, Gregory NOVICK, Noah WITHERSPOON
-
Patent number: 11630903Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.Type: GrantFiled: October 27, 2020Date of Patent: April 18, 2023Assignee: Apple Inc.Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
-
Patent number: 11601287Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.Type: GrantFiled: March 16, 2021Date of Patent: March 7, 2023Assignee: Apple Inc.Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
-
Patent number: 11329827Abstract: A method of unlocking a second device using a first device is disclosed. The method can include: the first device pairing with the second device; establishing a trusted relationship with the second device; authenticating the first device using a device key; receiving a secret key from the second device; receiving a user input from an input/output device; and transmitting the received secret key to the second device to unlock the second device in response to receiving the user input, wherein establishing a trusted relationship with the second device comprises using a key generated from a hardware key associated with the first device to authenticate the device key.Type: GrantFiled: October 5, 2016Date of Patent: May 10, 2022Assignee: Apple Inc.Inventors: Conrad Sauerwald, Alexander Ledwith, John Iarocci, Marc J. Krochmal, Wade Benson, Gregory Novick, Noah Witherspoon
-
Publication number: 20210281426Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.Type: ApplicationFiled: March 16, 2021Publication date: September 9, 2021Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
-
Patent number: 10951419Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.Type: GrantFiled: August 9, 2019Date of Patent: March 16, 2021Assignee: Apple Inc.Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
-
Patent number: 10853504Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.Type: GrantFiled: November 22, 2019Date of Patent: December 1, 2020Assignee: Apple Inc.Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
-
Publication number: 20200213133Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.Type: ApplicationFiled: August 9, 2019Publication date: July 2, 2020Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
-
Patent number: 10586260Abstract: In one embodiment, a unique (or quasi unique) identifier can be received by an application store, or other on-line store, and the store can create a signed receipt that includes data desired from the unique identifier. This signed receipt is then transmitted to a device that is running the application obtained from the on-line store and the device can verify the receipt by deriving the unique (or quasi-unique) identifier from the signed receipt and comparing the derived identifier with the device identifier stored on the device, or the vendor identifier assigned to the application vendor.Type: GrantFiled: November 2, 2012Date of Patent: March 10, 2020Assignee: Apple Inc.Inventors: Thomas Matthieu Alsina, Scott T. Boyd, Michael Kuohao Chu, Augustin J. Farrugia, Gianpaolo Fasoli, Patrice O. Gautier, Sean B. Kelly, Payam Mirrashidi, Pedraum Pardehpoosh, Conrad Sauerwald, Kenneth W. Scott, Rajit Shinh, Braden Jacob Thomas, Andrew R. Whalley
-
Publication number: 20200047865Abstract: In one embodiment, a unique (or quasi unique) identifier can be received by an application store, or other on-line store, and the store can create a signed receipt that includes data desired from the unique identifier. This signed receipt is then transmitted to a device that is running the application obtained from the on-line store and the device can verify the receipt by deriving the unique (or quasi-unique) identifier from the signed receipt and comparing the derived identifier with the device identifier stored on the device, or the vendor identifier assigned to the application vendor.Type: ApplicationFiled: October 21, 2019Publication date: February 13, 2020Inventors: Thomas Matthieu Alsina, Scott T. Boyd, Michael Kuohao Chu, Augustin J. Farrugia, Gianpaolo Fasoli, Patrice O. Gautier, Sean B. Kelly, Payam Mirrashidi, Pedraum Pardehpoosh, Conrad Sauerwald, Kenneth W. Scott, Rajit Shinh, Braden Jacob Thomas, Andrew R. Whalley
-
Patent number: 10536271Abstract: Systems and methods are disclosed for generating one or more hardware reference keys (HRK) on a computing device, and for attesting to the validity of the hardware reference keys. An initial hardware reference key can be a silicon attestation key (SIK) generated during manufacture of a computing system, such as a system-on-a-chip. The SIK can comprise an asymmetric key pair based at least in part on an identifier of the processing system type and a unique identifier of the processing system. The SIK can be signed by the computing system and stored thereon. The SIK can be used to generate further HRKs on the computing device that can attest to the processing system type of the computing device and an operating system version that was running when the HRK was generated. The computing device can generate an HRK attestation (HRKA) for each HRK generated on the computing system.Type: GrantFiled: February 16, 2017Date of Patent: January 14, 2020Assignee: Apple Inc.Inventors: Thomas P. Mensch, Conrad Sauerwald, Jerrold V. Hauck, Timothy R. Paaske, Zhimin Chen, Andrew R. Whalley
-
Patent number: 10521596Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.Type: GrantFiled: September 21, 2018Date of Patent: December 31, 2019Assignee: Apple Inc.Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
-
Patent number: 10423804Abstract: Techniques are disclosed relating to securely storing data in a computing device. In one embodiment, a computing device includes a secure circuit configured to maintain key bags for a plurality of users, each associated with a respective one of the plurality of users and including a first set of keys usable to decrypt a second set of encrypted keys for decrypting data associated with the respective user. The secure circuit is configured to receive an indication that an encrypted file of a first of the plurality of users is to be accessed and use a key in a key bag associated with the first user to decrypt an encrypted key of the second set of encrypted keys. The secure circuit is further configured to convey the decrypted key to a memory controller configured to decrypt the encrypted file upon retrieval from a memory.Type: GrantFiled: September 23, 2016Date of Patent: September 24, 2019Assignee: Apple Inc.Inventors: Wade Benson, Conrad Sauerwald, Mitchell D. Adler, Michael Brouwer, Timothee Geoghegan, Andrew R. Whalley, David P. Finkelstein, Yannick L. Sierra
-
Patent number: 10382210Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.Type: GrantFiled: September 23, 2016Date of Patent: August 13, 2019Assignee: Apple Inc.Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig A. Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
-
Patent number: 10349270Abstract: A method of establishing communications with a first device is disclosed. The method includes: the first device presenting connection information to a second device; receiving a response from a second device; establishing an association with the second device; transmitting, in response to a determination that the first device and the second device are connected for data, first data to the second device, the first data comprising addressing information for a server; receiving second data from the second device, the second data comprising second information for establishing communications with the first device; and configuring the first device to receive third data from a location remote to the first device using the second information from the second data.Type: GrantFiled: June 29, 2018Date of Patent: July 9, 2019Assignee: Apple Inc.Inventors: Tyler Hawkins, Christopher Wilson, Conrad Sauerwald, Gregory Novick, Neil G. Crane, Rudolph Van Der Merwe, Samuel Noble, Paul William Chinn
-
Publication number: 20190037393Abstract: A method of establishing communications with a first device is disclosed. The method includes: the first device presenting connection information to a second device; receiving a response from a second device; establishing an association with the second device; transmitting, in response to a determination that the first device and the second device are connected for data, first data to the second device, the first data comprising addressing information for a server; receiving second data from the second device, the second data comprising second information for establishing communications with the first device; and configuring the first device to receive third data from a location remote to the first device using the second information from the second data.Type: ApplicationFiled: June 29, 2018Publication date: January 31, 2019Inventors: Tyler HAWKINS, Christopher WILSON, Conrad SAUERWALD, Gregory NOVICK, Neil G. CRANE, Rudolph VAN DER MERWE, Samuel NOBLE, Paul William CHINN
-
Patent number: 10114956Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.Type: GrantFiled: January 2, 2018Date of Patent: October 30, 2018Assignee: Apple Inc.Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
-
Patent number: 10015668Abstract: A method of establishing communications with a first device is disclosed. The method includes: the first device presenting connection information to a second device; receiving a response from a second device; establishing an association with the second device; transmitting, in response to a determination that the first device and the second device are connected for data, first data to the second device, the first data comprising addressing information for a server; receiving second data from the second device, the second data comprising second information for establishing communications with the first device; and configuring the first device to receive third data from a location remote to the first device using the second information from the second data.Type: GrantFiled: January 16, 2018Date of Patent: July 3, 2018Assignee: Apple Inc.Inventors: Tyler Hawkins, Christopher Wilson, Conrad Sauerwald, Gregory Novick, Neil G. Crane, Rudolph Van Der Merwe, Samuel Noble, Paul William Chinn