Patents by Inventor Helmut Scherzer
Helmut Scherzer has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9450949Abstract: A method for access control to a computer with a mobile end device relies on using contactless interfaces. An authentication to the computer is carried out with the mobile end device and upon a successful authentication the access to the computer is granted or maintained. For preparing the authentication, a certificate is loaded into the mobile end device from a portable data carrier separate from the mobile end device. For authentication, authentication data comprising the certificate or obtained from the certificate are provided to the computer from the mobile end device via the contactless interfaces.Type: GrantFiled: February 26, 2013Date of Patent: September 20, 2016Assignee: GIESECKE & DEVRIENT GMBHInventors: Helmut Scherzer, Klaus Finkenzeller
-
Publication number: 20150026790Abstract: A method for access control to a computer with a mobile end device relies on using contactless interfaces. An authentication to the computer is carried out with the mobile end device and upon a successful authentication the access to the computer is granted or maintained. For preparing the authentication, a certificate is loaded into the mobile end device from a portable data carrier separate from the mobile end device. For authentication, authentication data comprising the certificate or obtained from the certificate are provided to the computer from the mobile end device via the contactless interfaces.Type: ApplicationFiled: February 26, 2013Publication date: January 22, 2015Applicant: GIESECKE & DEVRIENT GMBHInventors: Helmut Scherzer, Klaus Finkenzeller
-
Patent number: 8826027Abstract: A method and a display preparation unit are proposed for the execution of a transaction during which transaction data are processed which have to be confirmed by a user. The display preparation unit has a converter unit which converts transaction data to be interpreted into pixel values and displays them on a monitor, an interface of its own for directly attaching an input unit via which a user confirms displayed transaction data, as well as a crypto unit for generating a signature for a record of confirmed transaction data. In a variant the confirmation can be effected by the crypto unit generating and displaying a random number which has to be inputted by the user via a conventionally attached input unit.Type: GrantFiled: August 6, 2012Date of Patent: September 2, 2014Assignee: Giesecke & Devrient GmbHInventors: Helmut Scherzer, Hans-Jürgen Roth, Michael Baldischweiler
-
Patent number: 8625797Abstract: There is proposed a method for enabling a service made available by an electronic device (100), wherein a registration request (114) is generated (S3) by the device (100) and sent (S7) to the registration server (300). The registration server (300) thereupon generates (S8) a registration confirmation (305) and sends (S9) it to the device (100), where the service is finally enabled by receiving and saving (S10) of the registration confirmation (305) on the device (100). In this connection, a trustworthy authority (200) sets up (S6, S12) a timeframe on the registration server (300) such that the registration server (300) sends (S9) a registration confirmation (305) only for a registration request (114) received within the timeframe, and the device (100) sends (S7) the registration request (114) to the registration server (300) within the timeframe.Type: GrantFiled: June 22, 2009Date of Patent: January 7, 2014Assignee: Giesecke & Devrient GmbHInventors: Stephan Spitz, Helmut Scherzer, Thorsten Urhahn, Hans Borgs
-
Patent number: 8423702Abstract: A method, system, and computer-usable medium for operating a mobile computer system. In response to receiving a write request, a control system attempts to write data associated with said write request to a non-volatile memory cache coupled to said hard disk drive. In response to determining the non-volatile memory cache cannot accommodate the data, the control system starts the hard disk drive. The control system writes contents of the non-volatile memory cache to the hard disk drive, after starting the hard disk drive. In response to determining the non-volatile memory cache can accommodate said data, the control system writes the data to the non-volatile memory cache.Type: GrantFiled: December 9, 2005Date of Patent: April 16, 2013Assignee: International Business Machines CorporationInventor: Helmut Scherzer
-
Publication number: 20130042109Abstract: A method and a display preparation unit are proposed for the execution of a transaction during which transaction data are processed which have to be confirmed by a user. The display preparation unit has a converter unit which converts transaction data to be interpreted into pixel values and displays them on a monitor, an interface of its own for directly attaching an input unit via which a user confirms displayed transaction data, as well as a crypto unit for generating a signature for a record of confirmed transaction data. In a variant the confirmation can be effected by the crypto unit generating and displaying a random number which has to be inputted by the user via a conventionally attached input unit.Type: ApplicationFiled: August 6, 2012Publication date: February 14, 2013Inventors: Helmut SCHERZER, Hans-Jürgen ROTH, Michael BALDISCHWEILER
-
Patent number: 8239683Abstract: A method and a display preparation unit are proposed for the execution of a transaction during which transaction data are processed which have to be confirmed by a user. The display preparation unit (20) has a converter unit (29) which converts transaction data to be interpreted into pixel values and displays them on a monitor (6), an interface of its own for directly attaching an input unit (7) via which a user confirms displayed transaction data, as well as a crypto unit (31) for generating a signature for a record of confirmed transaction data. In a variant the confirmation can be effected by the crypto unit (31) generating and displaying a random number which has to be inputted by the user via a conventionally attached input unit (14).Type: GrantFiled: March 14, 2008Date of Patent: August 7, 2012Assignee: Giesecke & Devrient GmbHInventors: Helmut Scherzer, Hans-Jürgen Roth, Michael Baldischweiler
-
Publication number: 20120110321Abstract: In a method in a portable end device (10), data (70E) received from an external data processing apparatus (100) which are prepared according to a communication protocol stack and, in so doing, cryptographically secured according to a security protocol (32) are handled. According to the invention, the received data (70E) are, in so doing, handled in an unsecured data handling environment (14) of the end device (10) according to communication protocols (22; 24; 26) of the communication protocol stack that are below the security protocol (32), and handled in a secured data handling environment (16) of the end device (10) at least according to the security protocol (32).Type: ApplicationFiled: October 13, 2009Publication date: May 3, 2012Inventors: Stephan Splitz, Hermann Sterzinger, Helmut Scherzer, Hans Josef Borgs, Thorsten Urhahn
-
Patent number: 8135766Abstract: A random number generator (RNG) resistant to side channel attacks includes an activation pseudo random number generator (APRNG) having an activation output connected to an activation seed input to provide a next seed to the activation seed input. A second random number generator includes a second seed input, which receives the next seed and a random data output, which outputs random data in accordance with the next seed. An input seed memory is connected to the activation seed input and a feedback connection from the activation output so that the next seed is stored in the input seed memory to be used by the APRNG as the activation seed input at a next startup cycle.Type: GrantFiled: June 2, 2008Date of Patent: March 13, 2012Assignee: International Business Machines CorporationInventors: Suresh Narayana Chari, Vincenzo Valentino Diluoffo, Paul Ashley Karger, Elaine Rivette Palmer, Tal Rabin, Josyula Ramachandra Rao, Pankaj Rohatgi, Helmut Scherzer, Michael Steiner, David Claude Toll
-
Publication number: 20110091039Abstract: There is proposed a method for enabling a service made available by an electronic device (100), wherein a registration request (114) is generated (S3) by the device (100) and sent (S7) to the registration server (300). The registration server (300) thereupon generates (S8) a registration confirmation (305) and sends (S9) it to the device (100), where the service is finally enabled by receiving and saving (S10) of the registration confirmation (305) on the device (100). In this connection, a trustworthy authority (200) sets up (S6, S12) a timeframe on the registration server (300) such that the registration server (300) sends (S9) a registration confirmation (305) only for a registration request (114) received within the timeframe, and the device (100) sends (S7) the registration request (114) to the registration server (300) within the timeframe.Type: ApplicationFiled: June 22, 2009Publication date: April 21, 2011Inventors: Stephan Spitz, Helmut Scherzer, Thorsten Urhahn, Hans Borgs
-
Publication number: 20100077222Abstract: A method and a display preparation unit are proposed for the execution of a transaction during which transaction data are processed which have to be confirmed by a user. The display preparation unit (20) has a converter unit (29) which converts transaction data to be interpreted into pixel values and displays them on a monitor (6), an interface of its own for directly attaching an input unit (7) via which a user confirms displayed transaction data, as well as a crypto unit (31) for generating a signature for a record of confirmed transaction data. In a variant the confirmation can be effected by the crypto unit (31) generating and displaying a random number which has to be inputted by the user via a conventionally attached input unit (14).Type: ApplicationFiled: March 14, 2008Publication date: March 25, 2010Inventors: Helmut Scherzer, Hans-Jürgen Roth, Michael Baldischweiler
-
Patent number: 7562050Abstract: The present invention relates to an electronic purse data carrier for performing monetary transactions and a method for managing electronic payments with such a carrier. The purse stores one or more payment units each having a respective monetary value, whereby each of said payment units has a respective unique payment unit-ID and comprises an age information evaluable for delimiting the use of it. In particular said information defines a dynamically changing age level. This can be used to force purse owners to return each electronic monetary unit back to the issuing party after a specified cycle measured in time or transactions has passed in order to validate the authenticy, and in particular in order to test for possibly duplicated monetary units.Type: GrantFiled: November 29, 2001Date of Patent: July 14, 2009Assignee: International Business Machines CorporationInventor: Helmut Scherzer
-
Patent number: 7496616Abstract: A random number generator (RNG) resistant to side channel attacks includes an activation pseudo random number generator (APRNG) having an activation output connected to an activation seed input to provide a next seed to the activation seed input. A second random number generator includes a second seed input, which receives the next seed and a random data output, which outputs random data in accordance with the next seed. An input seed memory is connected to the activation seed input and a feedback connection from the activation output so that the next seed is stored in the input seed memory to be used by the APRNG as the activation seed input at a next startup cycle.Type: GrantFiled: November 12, 2004Date of Patent: February 24, 2009Assignee: International Business Machines CorporationInventors: Suresh Narayana Chari, Vincenzo Valentino Diluoffo, Paul Ashley Karger, Elaine Rivette Palmer, Tal Rabin, Josyula Ramachandra Rao, Pankaj Rohatgi, Helmut Scherzer, Michael Steiner, David Claude Toll
-
Publication number: 20090049111Abstract: A random number generator (RNG) resistant to side channel attacks includes an activation pseudo random number generator (APRNG) having an activation output connected to an activation seed input to provide a next seed to the activation seed input. A second random number generator includes a second seed input, which receives the next seed and a random data output, which outputs random data in accordance with the next seed. An input seed memory is connected to the activation seed input and a feedback connection from the activation output so that the next seed is stored in the input seed memory to be used by the APRNG as the activation seed input at a next startup cycle.Type: ApplicationFiled: June 2, 2008Publication date: February 19, 2009Inventors: Suresh Narayana Chari, Vincenzo Valentino Diluoffo, Paul Ashley Karger, Elaine Rivette Palmer, Tal Rabin, Josyula Ramachandra Rao, Pankaj Rohatgi, Helmut Scherzer, Michael Steiner, David Claude Toll
-
Patent number: 7167964Abstract: The basic idea comprised of the present invention is to provide two sets of descriptors having each at least three descriptors and each set is used in an alternating manner for defining the location of source and target of the copy operations which are to be performed during the defragmentation procedure. The defragmentation procedure is performed as a sequence of copy operations on copy chunks, i.e., a certain number of sequentially arranged bytes to be copied being part of a valid data block to be copied. In each of said copy operations in said sequence the values which are assigned to said descriptors Change. According to a characterizing feature of the present invention during the whole sequence of copy operations comprised of the defragmentation process one of the two sets of descriptors holds information which is usable for restoring the contents of a copy chunk in case of a power break during a copy operation on said copy chunk. Thus, defragmenting is a safe procedure, and data integrity is assured.Type: GrantFiled: March 23, 2000Date of Patent: January 23, 2007Assignee: International Business Machines CorporationInventor: Helmut Scherzer
-
Patent number: 7142670Abstract: Methods, apparatus and computer software and hardware products providing method, apparatus and system solutions for implementing table lookups in a side-channel attack resistant manner. Embodiments are provided for devices and situations where there is limited amount of RAM memory available or restrictions on memory addressing. The solutions solve problems associated with look up tables with large indices, as well as problems associated with looking up large sized tables or a collection of tables of large cumulative size, in limited devices, in an efficient side-channel attack resistant manner. These solutions provide defenses against both first-order side channel attacks as well as higher-order side channel attacks. One aspect of the present invention is the creation of one or more random tables which are used possibly in conjunction with other tables to perform a table lookup.Type: GrantFiled: August 31, 2001Date of Patent: November 28, 2006Assignee: International Business Machines CorporationInventors: Suresh N. Chari, Josyula R. Rao, Pankaj Rohatgi, Helmut Scherzer
-
Publication number: 20060129757Abstract: A method, system, and computer-usable medium for operating a mobile computer system. In response to receiving a write request, a control system attempts to write data associated with said write request to a non-volatile memory cache coupled to said hard disk drive. In response to determining the non-volatile memory cache cannot accommodate the data, the control system starts the hard disk drive. The control system writes contents of the non-volatile memory cache to the hard disk drive, after starting the hard disk drive. In response to determining the non-volatile memory cache can accommodate said data, the control system writes the data to the non-volatile memory cache.Type: ApplicationFiled: December 9, 2005Publication date: June 15, 2006Inventor: Helmut Scherzer
-
Publication number: 20060116970Abstract: A new system to grant or refuse access to a system, comprising a portable access device communicating with a terminal of an access point, wherein the portable access device comprises a storage means. A set of trust parameters is stored on the storage means, the set of trust parameters being used to evaluate the amount of service and/or functionality of the system being granted to the user presenting the trust parameters on the portable access device, wherein the evaluation and the decision, whether to grant or refuse access to the system is made as a result of computation of the trust parameters without revealing the identity of the user.Type: ApplicationFiled: November 15, 2005Publication date: June 1, 2006Inventors: Helmut Scherzer, Elaine Palmer
-
Publication number: 20060104443Abstract: A random number generator (RNG) resistant to side channel attacks includes an activation pseudo random number generator (APRNG) having an activation output connected to an activation seed input to provide a next seed to the activation seed input. A second random number generator includes a second seed input, which receives the next seed and a random data output, which outputs random data in accordance with the next seed. An input seed memory is connected to the activation seed input and a feedback connection from the activation output so that the next seed is stored in the input seed memory to be used by the APRNG as the activation seed input at a next startup cycle.Type: ApplicationFiled: November 12, 2004Publication date: May 18, 2006Inventors: Suresh Chari, Vincenzo Diluoffo, Paul Karger, Elaine Palmer, Tal Rabin, Josyula Rao, Pankaj Rohatgi, Helmut Scherzer, Michael Steiner, David Toll
-
Patent number: 6978446Abstract: A method for changing an operation performed by an electronic device includes defining a process flow chart of the operation to be performed by the electronic device, the process flow chart having one or more primitive actions, the operation having one or more components, the primitive action operating on the components to produce an output. The method further includes determining a number of information dispersal units for each of the components. For each of the components, defining a set of information dispersal units, transforming one or more of the primitive actions of the operation using a transform function to create a transformed primitive action, and applying each of the transformed primitive actions to all the respective sets of information dispersal units to produce a transformed set of transformed information dispersal units.Type: GrantFiled: March 27, 2002Date of Patent: December 20, 2005Assignee: International Business Machines CorporationInventors: Bruce Roy Archambeault, Josyula R. Rao, Pankaj Rohatgi, Helmut Scherzer