Patents by Inventor Thomas Icart
Thomas Icart has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11728972Abstract: Embodiments described herein enable the generation of cryptographic material for ranging operations in a manner that reduces and obfuscates potential correlations between leaked and secret information. One embodiment provides for an apparatus including a ranging module having one or more ranging sensors. The ranging module is coupled to a secure processing system through a hardware interface to receive at least one encrypted ranging session key, the ranging module to decrypt the at least one encrypted ranging session key to generate a ranging session key, generate a sparse ranging input, derive a message session key based on the ranging session key, and derive a derived ranging key via a key derivation cascade applied to the message session key and the sparse ranging input, the derived ranging key to encrypt data transmitted during a ranging session.Type: GrantFiled: June 24, 2022Date of Patent: August 15, 2023Assignee: Apple Inc.Inventors: Yannick L. Sierra, Zhimin Chen, Thomas Icart
-
Publication number: 20220399994Abstract: Embodiments described herein enable the generation of cryptographic material for ranging operations in a manner that reduces and obfuscates potential correlations between leaked and secret information. One embodiment provides for an apparatus including a ranging module having one or more ranging sensors. The ranging module is coupled to a secure processing system through a hardware interface to receive at least one encrypted ranging session key, the ranging module to decrypt the at least one encrypted ranging session key to generate a ranging session key, generate a sparse ranging input, derive a message session key based on the ranging session key, and derive a derived ranging key via a key derivation cascade applied to the message session key and the sparse ranging input, the derived ranging key to encrypt data transmitted during a ranging session.Type: ApplicationFiled: June 24, 2022Publication date: December 15, 2022Applicant: APPLE INC.Inventors: Yannick L. Sierra, Zhimin Chen, Thomas Icart
-
Publication number: 20220326957Abstract: Techniques are disclosed relating to protecting branch prediction information. In various embodiments, an integrated circuit includes branch prediction logic having a table that maintains a plurality of entries storing encrypted target address information for branch instructions. The branch prediction logic is configured to receive machine context information for a branch instruction having a target address being predicted by the branch prediction logic, the machine context information including a program counter associated with the branch instruction. The branch prediction logic is configured to use the machine context information to decrypt encrypted target address information stored in one of the plurality of entries identified based on the program counter.Type: ApplicationFiled: May 2, 2022Publication date: October 13, 2022Inventors: Steven A. Myers, Jeffry E. Gonion, Yannick L. Sierra, Thomas Icart
-
Patent number: 11405185Abstract: Embodiments described herein enable the generation of cryptographic material for ranging operations in a manner that reduces and obfuscates potential correlations between leaked and secret information. One embodiment provides for an apparatus including a ranging module having one or more ranging sensors. The ranging module is coupled to a secure processing system through a hardware interface to receive at least one encrypted ranging session key, the ranging module to decrypt the at least one encrypted ranging session key to generate a ranging session key, generate a sparse ranging input, derive a message session key based on the ranging session key, and derive a derived ranging key via a key derivation cascade applied to the message session key and the sparse ranging input, the derived ranging key to encrypt data transmitted during a ranging session.Type: GrantFiled: July 3, 2018Date of Patent: August 2, 2022Assignee: APPLE INC.Inventors: Yannick L. Sierra, Zhimin Chen, Thomas Icart
-
Patent number: 11321095Abstract: Techniques are disclosed relating to protecting branch prediction information. In various embodiments, an integrated circuit includes branch prediction logic having a table that maintains a plurality of entries storing encrypted target address information for branch instructions. The branch prediction logic is configured to receive machine context information for a branch instruction having a target address being predicted by the branch prediction logic, the machine context information including a program counter associated with the branch instruction. The branch prediction logic is configured to use the machine context information to decrypt encrypted target address information stored in one of the plurality of entries identified based on the program counter.Type: GrantFiled: October 25, 2019Date of Patent: May 3, 2022Assignee: Apple Inc.Inventors: Steven A. Myers, Jeffry E. Gonion, Yannick L. Sierra, Thomas Icart
-
Patent number: 11177955Abstract: One embodiment provides for an electronic device, comprising a network interface, a memory coupled with the network interface, at least one application processor coupled with the memory, the at least one processor to execute instructions stored in the memory, and a secure processor including a cryptographic engine, wherein the cryptographic engine is to generate a sealed encrypted message to be transmitted via the network interface, the sealed encrypted message encrypted on behalf of the at least one application processor and includes a signature to enable integrity verification of the sealed encrypted message, the signature generated based on an identity key of the electronic device and data including ciphertext of the encrypted message and a public key of a recipient of the sealed encrypted message.Type: GrantFiled: July 31, 2019Date of Patent: November 16, 2021Assignee: Apple Inc.Inventors: Frederic Jacobs, Thomas Icart, Yannick L. Sierra
-
Patent number: 11025596Abstract: Data items such as files or database records associated with particular applications (such as messaging applications and other applications) can be stored in one or more remote locations, such as a cloud storage system, and synchronized with other devices. The remote storage can be configured such that each application executing on a client device can only view data items stored at the remote location to which the application has permission to access. An access manager on each client device enforces application specific access policies. Storage at the remote location can be secured for each application associated with a user or user account, for example, using isolated containers. The cloud storage of data can be anonymized and anonymous group data can be stored in the cloud storage.Type: GrantFiled: February 28, 2018Date of Patent: June 1, 2021Assignee: Apple Inc.Inventors: Benoit Chevallier-Mames, Thomas Icart, Mathieu Ciet, Oliver J. Hunt, Yannick Sierra, Gokul Thirumalai, Roberto Garcia
-
Publication number: 20200336303Abstract: Embodiments described herein enable the generation of cryptographic material for ranging operations in a manner that reduces and obfuscates potential correlations between leaked and secret information. One embodiment provides for an apparatus including a ranging module having one or more ranging sensors. The ranging module is coupled to a secure processing system through a hardware interface to receive at least one encrypted ranging session key, the ranging module to decrypt the at least one encrypted ranging session key to generate a ranging session key, generate a sparse ranging input, derive a message session key based on the ranging session key, and derive a derived ranging key via a key derivation cascade applied to the message session key and the sparse ranging input, the derived ranging key to encrypt data transmitted during a ranging session.Type: ApplicationFiled: July 3, 2018Publication date: October 22, 2020Inventors: Yannick L. Sierra, Zhimin Chen, Thomas Icart
-
Publication number: 20200235929Abstract: One embodiment provides for an electronic device, comprising a network interface, a memory coupled with the network interface, at least one application processor coupled with the memory, the at least one processor to execute instructions stored in the memory, and a secure processor including a cryptographic engine, wherein the cryptographic engine is to generate a sealed encrypted message to be transmitted via the network interface, the sealed encrypted message encrypted on behalf of the at least one application processor and includes a signature to enable integrity verification of the sealed encrypted message, the signature generated based on an identity key of the electronic device and data including ciphertext of the encrypted message and a public key of a recipient of the sealed encrypted message.Type: ApplicationFiled: July 31, 2019Publication date: July 23, 2020Inventors: Frederic Jacobs, Thomas Icart, Yannick L. Sierra
-
Publication number: 20200192673Abstract: Techniques are disclosed relating to protecting branch prediction information. In various embodiments, an integrated circuit includes branch prediction logic having a table that maintains a plurality of entries storing encrypted target address information for branch instructions. The branch prediction logic is configured to receive machine context information for a branch instruction having a target address being predicted by the branch prediction logic, the machine context information including a program counter associated with the branch instruction. The branch prediction logic is configured to use the machine context information to decrypt encrypted target address information stored in one of the plurality of entries identified based on the program counter.Type: ApplicationFiled: October 25, 2019Publication date: June 18, 2020Inventors: Steven A. Myers, Jeffry E. Gonion, Yannick L. Sierra, Thomas Icart
-
Patent number: 10164772Abstract: The disclosed hash and message padding functions are based on the permutation composition problem. To compute a hash of a message using permutation composition based hashing, the message is split into equal size blocks. For each block, a permutation composition value is computed. The block permutation composition values are then combined through composition to generate an overall permutation composition value. The hash of the message is then based on the overall permutation composition value. To pad a message using permutation composition based padding, the message is split into equal size blocks. For each block, a permutation composition value is computed and the permutation composition value is added to the block. The padded blocks are then recombined to generate the padded message.Type: GrantFiled: May 30, 2014Date of Patent: December 25, 2018Assignee: Apple Inc.Inventors: Mathieu Ciet, Augustin J. Farrugia, Thomas Icart
-
Patent number: 10027483Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t))·f(X2(t))·f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.Type: GrantFiled: August 7, 2017Date of Patent: July 17, 2018Assignee: MORPHOInventors: Thomas Icart, Jean-Sebastien Coron
-
Patent number: 9866371Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X) and from polynomials satisfying: ?f(X1(t))·f(X2(t))=U(t)2 in the finite body Fq, irrespective of the parameter t, q=3 mod 4. A value of the parameter t is obtained and the point P is determined by: (i) calculating X1=X1 (t), X2=X2(t) and U=U(t); (ii) testing whether the term f(X?1) is a squared term in the finite body Fq and, if so, calculating the square root of the term f(X1), the point P having X1 as abscissa and Y1, the square root of the term f(X1), as ordinate; (iii) otherwise, calculating the square root of the term f(X2), the point P having X2, as abscissa and Y2, the square root of the term f(X2), as ordinate. The point P is useful in encryption, scrambling, signature, authentication or identification cryptographic applications.Type: GrantFiled: June 9, 2016Date of Patent: January 9, 2018Assignee: MORPHOInventor: Thomas Icart
-
Publication number: 20170359176Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t))·f(X2(t))·f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.Type: ApplicationFiled: August 7, 2017Publication date: December 14, 2017Inventors: Thomas Icart, Jean-Sebastien Coron
-
Patent number: 9774443Abstract: Some embodiments provide a method for performing a cryptographic process. The method receives first and second cipher keys. The method generates a set of subkeys corresponding to each of the first and second cipher keys. The set of subkeys for the first cipher key is dependent on the first cipher key and the second cipher key. The method performs the cryptographic process by using the generated sets of subkeys.Type: GrantFiled: March 4, 2015Date of Patent: September 26, 2017Assignee: Apple Inc.Inventors: Benoit Chevallier-Mames, Bruno Kindarji, Thomas Icart, Augustin J. Farrugia, Mathieu Ciet
-
Publication number: 20170214527Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X) and from polynomials satisfying: ?f(X1(t))·f(X2(t))=U(t)2 in the finite body Fq, irrespective of the parameter t, q=3 mod 4. A value of the parameter t is obtained and the point P is determined by: (i) calculating X1=X1(t), X2=X2(t) and U=U(t); (ii) testing whether the term f(X?1) is a squared term in the finite body Fq and, if so, calculating the square root of the term f(X1), the point P having X1 as abscissa and Y1, the square root of the term f(X1), as ordinate; (iii) otherwise, calculating the square root of the term f(X2), the point P having X2, as abscissa and Y2, the square root of the term f(X2), as ordinate. The point P is useful in encryption, scrambling, signature, authentication or identification cryptographic applications.Type: ApplicationFiled: June 9, 2016Publication date: July 27, 2017Inventor: Thomas Icart
-
Patent number: 9716586Abstract: Methods, media, and systems for, in one embodiment, protecting one or more keys in an encryption and/or decryption process can use precomputed values in the process such that at least a portion of the one or more keys is not used or exposed in the process. In one example of a method, internal states of an AES encryption process are saved for use in a counter mode stream cipher operation in which the key used in the AES encryption process is not exposed or used.Type: GrantFiled: January 19, 2016Date of Patent: July 25, 2017Assignee: Apple Inc.Inventors: Benoit Chevallier-Mames, Mathieu Ciet, Thomas Icart, Bruno Kindarji, Augustin J. Farrugia
-
Publication number: 20170207918Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t))·f(X2(t))·f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.Type: ApplicationFiled: June 9, 2016Publication date: July 20, 2017Inventors: Thomas Icart, Jean-Sebastien Coron
-
Patent number: 9692592Abstract: Some embodiments provide a method for performing an iterative block cipher. Line rotations and column rotations are combined to have a diversity of representations of the AES state. These protections can be performed either in static mode where the rotations are directly included in the code and the tables or in dynamic mode where the rotations are chosen randomly at execution time, depending on some entropic context variables. The two modes can also be advantageously combined together.Type: GrantFiled: September 27, 2015Date of Patent: June 27, 2017Assignee: Apple Inc.Inventors: Bruno Kindarji, Benoit Chevallier-Mames, Mathieu Ciet, Augustin J. Farrugia, Thomas Icart
-
Patent number: 9639673Abstract: The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion.Type: GrantFiled: June 17, 2014Date of Patent: May 2, 2017Assignee: Apple Inc.Inventors: Pierre Betouin, Augustin J. Farrugia, Benoit Chevallier-Mames, Bruno Kindarji, Cédric Tessier, Jean-Baptiste Aviat, Mathieu Ciet, Thomas Icart