Patents Assigned to Koolspan, Inc.
-
Publication number: 20090172412Abstract: A system for and method of registering devices an applications with cryptographic modules is presented. The system and method prevent devices and applications from operating in conjunction with cryptographic modules unless such devices and applications have previously been registered with the module.Type: ApplicationFiled: November 26, 2008Publication date: July 2, 2009Applicant: KOOLSPAN, Inc.Inventors: Anthony Fascenda, Emil Sturniolo
-
Publication number: 20090169013Abstract: A system for and method of securely provisioning a module with cryptographic parameters, such as cryptographic keys and key tables, is presented. Such modules may be used to enable encrypted communications between mobile phones to which they are coupled. The system and method prevent a malevolent individual involved in manufacturing the modules from compromising the security of the module. In particular, the modules are provisioned by an entity different from the manufacturer.Type: ApplicationFiled: November 26, 2008Publication date: July 2, 2009Applicant: KOOLSPAN, Inc.Inventors: Anthony Fascenda, Emil Sturniolo, Robert Cichielo, Paul Benware
-
Publication number: 20090122984Abstract: An system for and method of providing end-to-end encrypted real-time phone calls using a commodity mobile phone and without requiring service provider cooperation is presented. The system and method improve upon prior art techniques by omitting any requirement for mobile phones that are specially manufactured to include end-to-end encryption functionality.Type: ApplicationFiled: December 5, 2007Publication date: May 14, 2009Applicant: KOOLSPAN, INC.Inventors: Anthony C. Fascenda, Emil Sturniolo, Paul Benware, Robert Cichielo
-
Publication number: 20080313464Abstract: A method of encrypting broadcast and multicast data communicated between two or more parties, each party having knowledge of a shared key, is provided. The key is calculated using values, some of which are communicated between the parties, so that the shared key is not itself transferred. Avoiding the transfer of the key offers several advantages over existing encryption methods.Type: ApplicationFiled: June 15, 2007Publication date: December 18, 2008Applicant: KOOLSPAN, INC.Inventors: Anthony C. Fascenda, Emil Sturniolo
-
Publication number: 20080313458Abstract: A method of per-packet keying for encrypting and decrypting data transferred between two or more parties, each party having knowledge of a shared key that allows a per-packet key to differ for each packet is provided. Avoiding the use of a static session key during encryption offers several advantages over existing encryption methods. For example, rejecting packets received with duplicate sequence numbers, or sequence numbers that are beyond a specified deviation range mitigates Replay Attacks.Type: ApplicationFiled: June 15, 2007Publication date: December 18, 2008Applicant: KOOLSPAN, INC.Inventors: Anthony C. FASCENDA, Emil STURNIOLO
-
Publication number: 20080152140Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.Type: ApplicationFiled: December 13, 2007Publication date: June 26, 2008Applicant: KOOLSPAN, Inc.Inventor: Anthony C. FASCENDA
-
Publication number: 20080104399Abstract: The invention provides a secure Wi-Fi communications method and system. In an embodiment of the invention, unique physical keys, or tokens, are installed at an access point and each client device of the network. Each key comprises a unique serial number and a common network send cryptographic key and a common network receive cryptographic key used only during the authentication phase by all components on the LAN. Each client key further includes a secret cryptographic key unique to each client device. During authentication, two random numbers are generated per communications session and are known by both sides of the wireless channel. Only the random numbers are sent across the wireless channel and in each case these numbers are encrypted. A transposed cryptographic key is derived from the unique secret cryptographic key using the random numbers generated during authentication. Thus, both sides of the wireless channel know the transposed cryptographic key without it ever being transmitted between the two.Type: ApplicationFiled: December 13, 2007Publication date: May 1, 2008Applicant: KOOLSPAN, Inc.Inventor: Anthony FASCENDA
-
Publication number: 20080052511Abstract: A system for and method of providing encrypted network communications is presented. The system and method involve creating encrypted frames used for secure communications between cooperating peers that are the same size as the original unencrypted frames. The system and method thus provide secure communications with essentially the same transmission characteristics as non-encrypted communications.Type: ApplicationFiled: March 15, 2007Publication date: February 28, 2008Applicant: KOOLSPAN, INC.Inventors: Anthony Fascenda, James Gibbons
-
Patent number: 7325133Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.Type: GrantFiled: October 15, 2004Date of Patent: January 29, 2008Assignee: Koolspan, Inc.Inventor: Anthony C. Fascenda
-
Patent number: 7325134Abstract: The invention provides a secure Wi-Fi communications method and system. In an embodiment of the invention, unique physical keys, or tokens, are installed at an access point and each client device of the network. Each key comprises a unique serial number and a common network send cryptographic key and a common network receive cryptographic key used only during the authentication phase by all components on the LAN. Each client key further includes a secret cryptographic key unique to each client device. During authentication, two random numbers are generated per communications session and are known by both sides of the wireless channel. Only the random numbers are sent across the wireless channel and in each case these numbers are encrypted. A transposed cryptographic key is derived from the unique secret cryptographic key using the random numbers generated during authentication. Thus, both sides of the wireless channel know the transposed cryptographic key without it ever being transmitted between the two.Type: GrantFiled: October 7, 2003Date of Patent: January 29, 2008Assignee: Koolspan, Inc.Inventor: Anthony C. Fascenda
-
Publication number: 20050188194Abstract: The present invention provides a technique for automatically establishing efficient, remote, secure client connections to one or more locations using a smart card enabled client driver and a smart card enabled network edge device (“Subnet Box”) capable of establishing an end-to-end hardware encrypted tunnel between itself and the client. In an embodiment of the invention, a method of establishing a secure communications tunnel comprises the steps of: authenticating a remote client to a subnet box on a private network, wherein the remote client is connected to the subnet box via a public network, establishing a tunnel between the remote client and the subnet box, and encapsulating all traffic in the tunnel, wherein the tunnel is established only when a unique physical token is coupled to the remote device. The unique physical token comprises a smartcard and is configured to be inserted into a communications port of the remote device.Type: ApplicationFiled: December 2, 2004Publication date: August 25, 2005Applicant: KOOLSPAN, Inc.Inventor: Anthony Fascenda
-
Publication number: 20050102509Abstract: The present invention discloses a technique provisioning network cryptographic keys to a client when direct physical transfer is not feasible. In an embodiment of the invention, a client token generates a temporary key encrypted with a first secret key known only in a master token database and passes this on to an enterprise network token of a network to which service is requested. The enterprise network token then further encrypts the encrypted temporary key with a second secret key and passes that on to the master token database. Since the second secret key is also known by the master token database, the originally encrypted temporary key can be securely decoded only by a master token coupled to the master token database. The decrypted temporary key can then be re-encrypted with a key known only by the enterprise network token and the master token, and returned to the enterprise network token.Type: ApplicationFiled: December 2, 2004Publication date: May 12, 2005Applicant: KOOLSPAN, Inc.Inventor: Anthony Fascenda
-
Publication number: 20050074122Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.Type: ApplicationFiled: October 15, 2004Publication date: April 7, 2005Applicant: KOOLSPAN, Inc.Inventor: Anthony Fascenda