Patents by Inventor Mira Belenkiy
Mira Belenkiy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11757658Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: GrantFiled: March 21, 2022Date of Patent: September 12, 2023Assignee: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Publication number: 20220337432Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: ApplicationFiled: March 21, 2022Publication date: October 20, 2022Applicant: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Patent number: 11374771Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: GrantFiled: March 24, 2020Date of Patent: June 28, 2022Assignee: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Publication number: 20210184864Abstract: A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.Type: ApplicationFiled: March 24, 2020Publication date: June 17, 2021Applicant: Ares Technologies, Inc.Inventors: Christian T. Wentz, Mira Belenkiy, Anna Lysyanskaya, Ilia Lebedev
-
Patent number: 10027631Abstract: Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user.Type: GrantFiled: March 23, 2015Date of Patent: July 17, 2018Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Mira Belenkiy, Tolga Acar, Henry Nelson Jerez, Alptekin Kupcu
-
Patent number: 9526007Abstract: Location brokering technique embodiments are presented that employ sensor data captured by a user's mobile device to determine the device's location, encrypt the location data and store it in a database. The location data is encrypted in such a way that it is possible to determine when a user's mobile device is currently in the same vicinity as another user's mobile device who is a member of the same group as the first user. However, the actual location and relative mobility or immobility of the users cannot be ascertained except by the users themselves via a decryption procedure or by trusted components. Services are provided can read the stored encrypted location data, processes it to determine if group members are in the same vicinity, and either respond to user queries about the location of other members of a group the user belongs to, or push this information to appropriate users.Type: GrantFiled: March 24, 2014Date of Patent: December 20, 2016Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Mira Belenkiy, Henry Nelson Jerez, Thomas Michael Roeder, Matt Dyor
-
Publication number: 20150195257Abstract: Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user.Type: ApplicationFiled: March 23, 2015Publication date: July 9, 2015Inventors: Mira Belenkiy, Tolga Acar, Henry Nelson Jerez, Alptekin Kupcu
-
Patent number: 9015489Abstract: Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user.Type: GrantFiled: April 7, 2010Date of Patent: April 21, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Mira Belenkiy, Tolga Acar, Henry Nelson Jerez Morales, Alptekin Kupcu
-
Publication number: 20140205097Abstract: Location brokering technique embodiments are presented that employ sensor data captured by a user's mobile device to determine the device's location, encrypt the location data and store it in a database. The location data is encrypted in such a way that it is possible to determine when a user's mobile device is currently in the same vicinity as another user's mobile device who is a member of the same group as the first user. However, the actual location and relative mobility or immobility of the users cannot be ascertained except by the users themselves via a decryption procedure or by trusted components. Services are provided can read the stored encrypted location data, processes it to determine if group members are in the same vicinity, and either respond to user queries about the location of other members of a group the user belongs to, or push this information to appropriate users.Type: ApplicationFiled: March 24, 2014Publication date: July 24, 2014Applicant: Microsoft CorporationInventors: Mira Belenkiy, Henry Nelson Jerez, Thomas Michael Roeder, Matt Dyor
-
Patent number: 8693689Abstract: Location brokering technique embodiments are presented that employ sensor data captured by a user's mobile device to determine the device's location, encrypt the location data and store it in a database. The location data is encrypted in such a way that it is possible to determine when a user's mobile device is currently in the same vicinity as another user's mobile device who is a member of the same group. However, the actual location and relative mobility or immobility of the users cannot be ascertained except by the users themselves via a decryption procedure or by trusted components. Services are provided can read the stored encrypted location data, processes it to determine if group members are in the same vicinity, and either respond to user queries about the location of other members of a group the user belongs to, or push this information to appropriate users.Type: GrantFiled: November 1, 2010Date of Patent: April 8, 2014Assignee: Microsoft CorporationInventors: Mira Belenkiy, Henry Nelson Jerez Morales, Thomas Michael Roeder, Matt Dyor
-
Patent number: 8325924Abstract: In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided.Type: GrantFiled: February 19, 2009Date of Patent: December 4, 2012Assignee: Microsoft CorporationInventors: Tolga Acar, Josh Benaloh, Niels Thomas Ferguson, Carl M. Ellison, Mira Belenkiy, Duy Lan Nguyen
-
Publication number: 20120106738Abstract: Location brokering technique embodiments are presented that employ sensor data captured by a user's mobile device to determine the device's location, encrypt the location data and store it in a database. The location data is encrypted in such a way that it is possible to determine when a user's mobile device is currently in the same vicinity as another user's mobile device who is a member of the same group as the first user. However, the actual location and relative mobility or immobility of the users cannot be ascertained except by the users themselves via a decryption procedure or by trusted components. Services are provided can read the stored encrypted location data, processes it to determine if group members are in the same vicinity, and either respond to user queries about the location of other members of a group the user belongs to, or push this information to appropriate users.Type: ApplicationFiled: November 1, 2010Publication date: May 3, 2012Applicant: Microsoft CorporationInventors: Mira Belenkiy, Henry Nelson Jerez Morales, Thomas Michael Roeder, Matt Dyor
-
Publication number: 20110252229Abstract: Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user.Type: ApplicationFiled: April 7, 2010Publication date: October 13, 2011Applicant: MICROSOFT CORPORATIONInventors: Mira Belenkiy, Tolga Acar, Henry Nelson Jerez Morales, Alptekin Kupcu
-
Publication number: 20100208898Abstract: In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided.Type: ApplicationFiled: February 19, 2009Publication date: August 19, 2010Applicant: MICROSOFT CORPORATIONInventors: Tolga Acar, Josh Benaloh, Niels Thomas Ferguson, Carl M. Ellison, Mira Belenkiy, Duy Lan Nguyen