Patents Assigned to Koolspan, Inc.
  • Publication number: 20090172412
    Abstract: A system for and method of registering devices an applications with cryptographic modules is presented. The system and method prevent devices and applications from operating in conjunction with cryptographic modules unless such devices and applications have previously been registered with the module.
    Type: Application
    Filed: November 26, 2008
    Publication date: July 2, 2009
    Applicant: KOOLSPAN, Inc.
    Inventors: Anthony Fascenda, Emil Sturniolo
  • Publication number: 20090169013
    Abstract: A system for and method of securely provisioning a module with cryptographic parameters, such as cryptographic keys and key tables, is presented. Such modules may be used to enable encrypted communications between mobile phones to which they are coupled. The system and method prevent a malevolent individual involved in manufacturing the modules from compromising the security of the module. In particular, the modules are provisioned by an entity different from the manufacturer.
    Type: Application
    Filed: November 26, 2008
    Publication date: July 2, 2009
    Applicant: KOOLSPAN, Inc.
    Inventors: Anthony Fascenda, Emil Sturniolo, Robert Cichielo, Paul Benware
  • Publication number: 20090122984
    Abstract: An system for and method of providing end-to-end encrypted real-time phone calls using a commodity mobile phone and without requiring service provider cooperation is presented. The system and method improve upon prior art techniques by omitting any requirement for mobile phones that are specially manufactured to include end-to-end encryption functionality.
    Type: Application
    Filed: December 5, 2007
    Publication date: May 14, 2009
    Applicant: KOOLSPAN, INC.
    Inventors: Anthony C. Fascenda, Emil Sturniolo, Paul Benware, Robert Cichielo
  • Publication number: 20080313458
    Abstract: A method of per-packet keying for encrypting and decrypting data transferred between two or more parties, each party having knowledge of a shared key that allows a per-packet key to differ for each packet is provided. Avoiding the use of a static session key during encryption offers several advantages over existing encryption methods. For example, rejecting packets received with duplicate sequence numbers, or sequence numbers that are beyond a specified deviation range mitigates Replay Attacks.
    Type: Application
    Filed: June 15, 2007
    Publication date: December 18, 2008
    Applicant: KOOLSPAN, INC.
    Inventors: Anthony C. FASCENDA, Emil STURNIOLO
  • Publication number: 20080313464
    Abstract: A method of encrypting broadcast and multicast data communicated between two or more parties, each party having knowledge of a shared key, is provided. The key is calculated using values, some of which are communicated between the parties, so that the shared key is not itself transferred. Avoiding the transfer of the key offers several advantages over existing encryption methods.
    Type: Application
    Filed: June 15, 2007
    Publication date: December 18, 2008
    Applicant: KOOLSPAN, INC.
    Inventors: Anthony C. Fascenda, Emil Sturniolo
  • Publication number: 20080152140
    Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.
    Type: Application
    Filed: December 13, 2007
    Publication date: June 26, 2008
    Applicant: KOOLSPAN, Inc.
    Inventor: Anthony C. FASCENDA
  • Publication number: 20080104399
    Abstract: The invention provides a secure Wi-Fi communications method and system. In an embodiment of the invention, unique physical keys, or tokens, are installed at an access point and each client device of the network. Each key comprises a unique serial number and a common network send cryptographic key and a common network receive cryptographic key used only during the authentication phase by all components on the LAN. Each client key further includes a secret cryptographic key unique to each client device. During authentication, two random numbers are generated per communications session and are known by both sides of the wireless channel. Only the random numbers are sent across the wireless channel and in each case these numbers are encrypted. A transposed cryptographic key is derived from the unique secret cryptographic key using the random numbers generated during authentication. Thus, both sides of the wireless channel know the transposed cryptographic key without it ever being transmitted between the two.
    Type: Application
    Filed: December 13, 2007
    Publication date: May 1, 2008
    Applicant: KOOLSPAN, Inc.
    Inventor: Anthony FASCENDA
  • Publication number: 20080052511
    Abstract: A system for and method of providing encrypted network communications is presented. The system and method involve creating encrypted frames used for secure communications between cooperating peers that are the same size as the original unencrypted frames. The system and method thus provide secure communications with essentially the same transmission characteristics as non-encrypted communications.
    Type: Application
    Filed: March 15, 2007
    Publication date: February 28, 2008
    Applicant: KOOLSPAN, INC.
    Inventors: Anthony Fascenda, James Gibbons
  • Patent number: 7325133
    Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.
    Type: Grant
    Filed: October 15, 2004
    Date of Patent: January 29, 2008
    Assignee: Koolspan, Inc.
    Inventor: Anthony C. Fascenda
  • Patent number: 7325134
    Abstract: The invention provides a secure Wi-Fi communications method and system. In an embodiment of the invention, unique physical keys, or tokens, are installed at an access point and each client device of the network. Each key comprises a unique serial number and a common network send cryptographic key and a common network receive cryptographic key used only during the authentication phase by all components on the LAN. Each client key further includes a secret cryptographic key unique to each client device. During authentication, two random numbers are generated per communications session and are known by both sides of the wireless channel. Only the random numbers are sent across the wireless channel and in each case these numbers are encrypted. A transposed cryptographic key is derived from the unique secret cryptographic key using the random numbers generated during authentication. Thus, both sides of the wireless channel know the transposed cryptographic key without it ever being transmitted between the two.
    Type: Grant
    Filed: October 7, 2003
    Date of Patent: January 29, 2008
    Assignee: Koolspan, Inc.
    Inventor: Anthony C. Fascenda
  • Publication number: 20050188194
    Abstract: The present invention provides a technique for automatically establishing efficient, remote, secure client connections to one or more locations using a smart card enabled client driver and a smart card enabled network edge device (“Subnet Box”) capable of establishing an end-to-end hardware encrypted tunnel between itself and the client. In an embodiment of the invention, a method of establishing a secure communications tunnel comprises the steps of: authenticating a remote client to a subnet box on a private network, wherein the remote client is connected to the subnet box via a public network, establishing a tunnel between the remote client and the subnet box, and encapsulating all traffic in the tunnel, wherein the tunnel is established only when a unique physical token is coupled to the remote device. The unique physical token comprises a smartcard and is configured to be inserted into a communications port of the remote device.
    Type: Application
    Filed: December 2, 2004
    Publication date: August 25, 2005
    Applicant: KOOLSPAN, Inc.
    Inventor: Anthony Fascenda
  • Publication number: 20050102509
    Abstract: The present invention discloses a technique provisioning network cryptographic keys to a client when direct physical transfer is not feasible. In an embodiment of the invention, a client token generates a temporary key encrypted with a first secret key known only in a master token database and passes this on to an enterprise network token of a network to which service is requested. The enterprise network token then further encrypts the encrypted temporary key with a second secret key and passes that on to the master token database. Since the second secret key is also known by the master token database, the originally encrypted temporary key can be securely decoded only by a master token coupled to the master token database. The decrypted temporary key can then be re-encrypted with a key known only by the enterprise network token and the master token, and returned to the enterprise network token.
    Type: Application
    Filed: December 2, 2004
    Publication date: May 12, 2005
    Applicant: KOOLSPAN, Inc.
    Inventor: Anthony Fascenda
  • Publication number: 20050074122
    Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.
    Type: Application
    Filed: October 15, 2004
    Publication date: April 7, 2005
    Applicant: KOOLSPAN, Inc.
    Inventor: Anthony Fascenda