Patents Examined by Gail O. Hayes
  • Patent number: 6400823
    Abstract: A method for generating system passwords derived from an external encryption algorithm and plain text user passwords entered during a secure power-on procedure. At some point during the secure power-up procedure, the computer system checks for the presence of an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. Following detection of the external token, the computer user is required to enter a user password. The user password is encrypted using the encryption algorithm contained in the external token, thereby creating a system password. The system password is then compared to a value stored in secure memory. If the two values match, the power-on sequence is completed and the user is allowed access to the computer system or individually secured resources.
    Type: Grant
    Filed: December 13, 1996
    Date of Patent: June 4, 2002
    Assignee: Compaq Computer Corporation
    Inventor: Michael F. Angelo
  • Patent number: 6212638
    Abstract: A method for generating authentication identification symbols, such as numbers, letters, etc., generates sequences of unpredictable symbols which are employed by vendors of various types of goods to authenticate the goods. Using special mathematical functions, an agent generates a first unpredictable subset of symbols to be supplied to a vendor for marking the vendor's goods. The subset is unpredictable in that knowledge of one or more symbols in the subset cannot be employed to predict other symbols in the subset. Preferably, the vendor then selects another subset of symbols from the first subset, and the symbols in this sub-subset are employed for marking the vendor's goods. The unpredictability of the symbol sequences prevents a counterfeiter from being able to predict other symbols in the sequence. In addition, the vendor's use of a sub-subset of symbols prevents the agent from knowing which of the original subset of symbols the vendor is employing to mark the goods.
    Type: Grant
    Filed: December 2, 1997
    Date of Patent: April 3, 2001
    Inventors: George C. Lee, Zhong Liang
  • Patent number: 6209094
    Abstract: Watermark data is encoded in a digitized signal by forming a noise threshold spectrum which represents a maximum amount of imperceptible noise, spread-spectrum chipping the noise threshold spectrum with a relatively endless stream of pseudo-random bits to form a basis signal, dividing the basis signal into segments, and filtering the segments to smooth segment boundaries. The data encoded in the watermark signal is precoded to make the watermark data inversion robust and is convolutional encoded to further increase the likelihood that the watermark data will subsequently be retrievable notwithstanding lossy processing of the watermarked signal. Watermark data is encoded in a basis signal by division of the basis signal into segments and inverting the basis signal in segments corresponding to watermark data bits with a first logical value and not inverting the basis signal in segment corresponding to watermark data bits with a different logical value.
    Type: Grant
    Filed: October 14, 1998
    Date of Patent: March 27, 2001
    Assignee: Liquid Audio Inc.
    Inventors: Earl Levine, Jason S. Brownell
  • Patent number: 6205436
    Abstract: A system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.
    Type: Grant
    Filed: August 21, 1998
    Date of Patent: March 20, 2001
    Assignee: Citibank, N.A.
    Inventor: Sholom S. Rosen
  • Patent number: 6205249
    Abstract: Multiple transform utilization and applications for secure digital watermarking. In one embodiment of the present invention, digital blocks in digital information to be protected are transformed into the frequency domain using a fast Fourier transform. A plurality of frequencies and associated amplitudes are identified for each of the transformed digital blocks and a subset of the identified amplitudes is selected for each of the digital blocks using a primary mask from a key. Message information is selected from a message using a transformation table generated with a convolution mask. The chosen message information is encoded into each of the transformed digital blocks by altering the selected amplitudes based on the selected message information.
    Type: Grant
    Filed: April 2, 1998
    Date of Patent: March 20, 2001
    Inventor: Scott A. Moskowitz
  • Patent number: 6201871
    Abstract: The invention provides technology that improves the security of the A-Keys in a wireless communications system. The technology effectively prevents any human access to the A-Keys and eliminates cloning. The invention improves the security and integrity of the wireless communications system. A secure processor exchanges random numbers with a wireless communications device to generate the A-Key. The secure processor then encrypts the A-Key and transfers the encrypted A-Key to an authentication system. When the authentication system generates or updates the SSD, the authentication system transfers the encrypted A-Key and other information to the secure processor. The secure processor decrypts the A-Key and calculates the SSD. The secure processor transfers the SSD to the authentication system for use in authenticating the wireless communications device.
    Type: Grant
    Filed: August 19, 1998
    Date of Patent: March 13, 2001
    Assignee: Qualcomm Incorporated
    Inventors: Phil J. Bostley, III, Raghavan Srinivasan, Andrew D. Eckhardt
  • Patent number: 6199045
    Abstract: A system for providing position-related information to a mobile user includes a mobile unit and a central site server. The mobile unit includes circuitry for determining present position information from position signals which may emanate from, for example, GPS satellites. The mobile unit further includes circuitry for establishing a wireless bidirectional communications link with the central site server via a terrestrial network, which may be accessed via a cellular telephone network. The central site server includes circuitry for receiving the present position information from the mobile unit. A table stored at the central site server includes different response information in correspondence with possible positions of the mobile unit. The response information may further be in correspondence with user preferences.
    Type: Grant
    Filed: August 15, 1996
    Date of Patent: March 6, 2001
    Assignee: Spatial Adventures, Inc.
    Inventors: Michael L. Giniger, Warren Scott Hilton
  • Patent number: 6188766
    Abstract: The present invention provides an apparatus and method for confirming, timestamping, and archiving documents using telecopiers (e.g., facsimile machines). A user sends a document to a timestamping service via facsimile, which archives the transmission with a timestamp. A submission receipt, containing size-reduced images of the submission and a document identification value (DIV), is prepared and sent to the sender. The DIV can later be submitted to the timestamping service to obtain verification that the document was received at the indicated time. In addition, the invention allows for various other forms of document transmission, document identification, and timestamp verification. The invention is thus useful in any situation where it is desired to prove that a document was in existence at a given time. Other embodiments of the invention provide senders of facsimile and telecopier transmissions with confirmation that their transmissions were received successfully.
    Type: Grant
    Filed: March 5, 1997
    Date of Patent: February 13, 2001
    Assignee: Cryptography Research, Inc.
    Inventor: Paul C. Kocher
  • Patent number: 6189095
    Abstract: The present invention provides a technique, system, and computer program for a symmetric key block cipher. This cipher uses multiple stages with a modified Type-3 Feistel network, and a modified Unbalanced Type-1 Feistel network in an expansion box forward function. The cipher allows the block size, key size, number of rounds of expansion, and number of stages of ciphering to vary. The modified Type-3 cipher modifies the word used as input to the expansion box in certain rounds, to speed the diffusion properties of the ciphering. The modified Type-3 and Type-1 ciphers are interleaved, and provide excellent resistance to both linear and differential attacks. The variable-length subkeys and the S-box can be precomputed. A minimal amount of computer storage is required to implement this cipher, which can be implemented equally well in hardware or software (or some combination thereof).
    Type: Grant
    Filed: June 5, 1998
    Date of Patent: February 13, 2001
    Assignee: International Business Machines Corporation
    Inventors: Don Coppersmith, Rosario Gennaro, Shai Halevi, Charanjit S. Jutla, Stephen M. Matyas, Jr., Luke James O'Connor, Mohammed Peyravian, David Robert Safford, Nevenko Zunic
  • Patent number: 6183140
    Abstract: An interactive knowledge based system for monitoring international tax status has a residency status analyzer and a tax treaty analyzer that cooperate to determine the residency status of an individual, based on the individual's visa history, travel to and from the US, and the applicability of any treaty for the individual. The residency analyzer evaluates visa history, travel and days in the US, as well as type of activity and any applicable treaty's tie-breaker rule to determine if residency status is affected and sets indicators accordingly. The tax treaty analyzer performs an income type analysis to determine if income is from employment services, self-employment, or scholarship and fellowship grants. The tax treaty analyzer evaluates the applicable treaty for the presence and terms of a saving clause.
    Type: Grant
    Filed: April 17, 1995
    Date of Patent: February 6, 2001
    Assignee: Windstar Technologies, Inc.
    Inventors: Paula Singer, Gary Singer
  • Patent number: 6185304
    Abstract: The present invention provides a technique, system, and computer program for a symmetric key block cipher. Variable block sizes and key sizes are supported, as well as a variable number of rounds. The cipher uses multiple stages of processing, where the stages have different structures and different subround functions, to provide excellent resistance to both linear and differential attacks. Feistel Type-3 networks are used, with different networks during different stages. The number of rounds may vary among stages. Subkeys are used in some, but not all, stages. The variable-length keys can be precomputed. A novel manner of using multiplication in a cipher is defined.
    Type: Grant
    Filed: February 23, 1998
    Date of Patent: February 6, 2001
    Assignee: International Business Machines Corporation
    Inventors: Don Coppersmith, Rosario Gennaro, Shai Halevi, Charanjit S. Jutla, Stephen M. Matyas, Jr., Luke James O'Connor, Mohammed Peyravian, David Robert Safford, Nevenko Zunic
  • Patent number: 6185679
    Abstract: The present invention provides a technique, system, and computer program for a symmetric key block cipher. Variable block sizes and key sizes are supported, as well as a variable number of rounds. The cipher uses multiple stages of processing, where the stages have different structures and different subround functions, to provide excellent resistance to both linear and differential attacks. Feistel Type-1 and Type-3 are both used, each during different stages. The number of rounds may vary among stages. Subkeys are used in some, but not all, stages. The variable-length keys can be precomputed. A novel manner of using data-dependent rotation in a cipher is defined.
    Type: Grant
    Filed: February 23, 1998
    Date of Patent: February 6, 2001
    Assignee: International Business Machines Corporation
    Inventors: Don Coppersmith, Rosario Gennaro, Shai Halevi, Charanjit S. Jutla, Stephen M. Matyas, Jr., Luke James O'Connor, Mohammed Peyravian, David Robert Safford, Nevenko Zunic
  • Patent number: 6185682
    Abstract: An authentication system is disclosed that includes at least one station and a host. Each station having a memory for storing a plurality of authentication items. An authentication control element, such as a key, is constructed from a part of the authentication items which is selected for each message. An authenticator authenticates the message substantially under the control of the authentication control element constructed for the message. The authenticated message is sent to the host. The host having a memory for storing the authentication items of each station. The authentication control element is determined from the received authenticated message. A verifier is used for, under control of the authentication control element, verifying the authenticity of the received message.
    Type: Grant
    Filed: June 3, 1998
    Date of Patent: February 6, 2001
    Assignee: U.S. Philips Corporation
    Inventor: Wei J. Tang
  • Patent number: 6185685
    Abstract: A multi-stage login procedure and system involves a first stage in which a login ID and a public key (encrypted) is transmitted from a client computer to a server computer and a key-exchange key (encrypted) is provided from the server computer to the client computer. In a second stage, a first split symmetric key and a server authentication string is generated and encrypted by the client computer and then transmitted to the server computer. In addition, the server computer generates a second split symmetric key and combines the same with the first split symmetric key to obtain a complete symmetric key for encrypting further communications from the server to the client computer. The server also generates a client authentication string, encrypts the same and transmits the encrypted string, the server authentication string (encrypted and incremented) and the second split symmetric key (encrypted) to the client computer.
    Type: Grant
    Filed: December 11, 1997
    Date of Patent: February 6, 2001
    Assignee: International Business Machines Corporation
    Inventors: Stephen P. Morgan, Lance W. Russell, Benjamin Clay Reed
  • Patent number: 6175923
    Abstract: A secure system using a continuously-changing key that depends on the user's body part. A preferred embodiment obtains an image of the user's fingerprint and cements it according to a random generator. Only part of the image and not all of the image is sent at one time. The random segmentation insures that part of the image that is sent continuously varies from time to time. Therefore, an unauthorized receiver can receive only part but not all of the image. That only part of the image which is received will usually not be the same at the second as it is at the first time. Therefore, a received code cannot later be used to fool the system with the same credit card.
    Type: Grant
    Filed: December 8, 1998
    Date of Patent: January 16, 2001
    Assignee: Senetas Corporation Limited
    Inventor: Kenneth S. Bailey
  • Patent number: 6167516
    Abstract: A device receives at one input (2) data of a file to be processed, and includes a processing module (5) which at the start of receiving the file, react by three operative stages. These stages include first stage of inserting data blocks from the file into a source memory (MS), after transformation, a second continuous stage of processing each data block of the file, transformed and inserted into the source memory (MS), and a third stage of generating a signature from the transformed, inserted and processed blocks.
    Type: Grant
    Filed: November 25, 1997
    Date of Patent: December 26, 2000
    Assignees: Inria Institut National de Recherche en Informatique et en Automatique Cogenit, Compagnie Generale d'Informatique et de Tele-Communications
    Inventors: Paul Camion, Nicolas Sendrier, Fran.cedilla.ois Cordier, Pierre Kalfon
  • Patent number: 6167517
    Abstract: One embodiment of the present invention provides a method for authenticating an identity of a user in order to secure access to a host system. In this embodiment, the host system receives an identifier for the user from a client system. This identifier is used to retrieve a template containing biometric data associated with the user, and this template is returned to the client. The client then gathers a biometric sample from the user, and compares this biometric sample with the template to produce a comparison result. Next, the client computes a message digest using the template, the comparison result and an encryption key, and sends the message digest to the host system. This computation takes places within a secure hardware module within the client computing system that contains a secure encryption key in order to guard against malicious users on the client system.
    Type: Grant
    Filed: April 9, 1998
    Date of Patent: December 26, 2000
    Assignee: Oracle Corporation
    Inventors: Gary Gilchrist, Steven D. Viavant
  • Patent number: 6163841
    Abstract: A technique for generating, for a given message to be signed, an authentic cryptographic signature that can be authenticated, by a recipient of the signed message, as having originated from a signor of the message; and appropriately authenticating such a signature. Specifically, this technique, given a message, such as, e.g., a numerical product copy identifier (83, 93), forms an authentic signature (87, 97), based on public-key cryptosystem, through use of generator value selected from points on an elliptic curve over a finite field. The authentic signature is generated using the generator value in conjunction with three keys; namely, a public key, a private key and a secret key, and thus substantially increases the security associated with cryptographic signatures generated through a conventional two-key public-key cryptosystem. A unique product copy indicia can be formed by concatenating the identifier, for a given product copy, with its corresponding authentic signature.
    Type: Grant
    Filed: June 23, 1998
    Date of Patent: December 19, 2000
    Assignee: Microsoft Corporation
    Inventors: Ramarathnam R. Venkatesan, Peter L. Montgomery
  • Patent number: 6160891
    Abstract: A key such as a private key or key password of a private key is encrypted for storage, and may be decrypted if the private key becomes lost or unavailable. The key is encrypted by encoding, for example, by hashing, private information such as mother's maiden name and social security number, and the result is used as a key to encrypt the private key using DES or another symmetric encryption technique. The encrypted key is again encrypted, for example using asymmetric encryption, using the public key of a trusted party such as the certificate authority that generated the private key. The result may be stored as a key recovery file by the principal of the private key or another party. To decrypt the key recovery file, the private key corresponding to the public key used to encrypt the key recovery file is used to decrypt the key recovery file, for example by asymmetric decryption.
    Type: Grant
    Filed: October 20, 1997
    Date of Patent: December 12, 2000
    Assignee: Sun Microsystems, Inc.
    Inventor: Yahya Y Al-Salqan
  • Patent number: 6151677
    Abstract: A security module that is preferably tokenless and is used in telephone communications (e.g., cellular) to secure a transmitted bit stream. The module provides traffic encryption, key exchange, key protection, and algorithm protection. The module provides encryption and key processing using a programmable information security architecture (PISA). Preferably, the module does not use a physical device, such as a key or a card, to unlock the security features, and preferably, the security features all reside within the security module and not on a physical device, such as a key or a card. Instead, a personal identification number (PIN) is used to unlock the security features.
    Type: Grant
    Filed: October 6, 1998
    Date of Patent: November 21, 2000
    Assignee: L-3 Communications Corporation
    Inventors: Paul Alan Walter, Ellwood Patrick McGrogan, Jr., Mike Kleidermacher