Patents Examined by Gregory A Lane
-
Patent number: 9977899Abstract: In an aspect, a method can include generating a cyclic redundancy check code for a binary data item, using a generator polynomial; and masking, using polynomial addition, the binary data item with a binary mask. The method can also include at least one of: storing, by a microcircuit, the masked binary data item in a memory of an electronic device; or transferring, by the microcircuit, the masked data item to another device. The cyclic redundancy check code for the binary data item can be generated from the masked binary data item to prevent discovery of the binary data item by a side-channel attack during the generating the cyclic redundancy check. The binary mask can be a multiple of a random number and the generator polynomial, such that respective cyclic redundancy check code of the masked data item and the binary data item have a same result.Type: GrantFiled: March 26, 2013Date of Patent: May 22, 2018Assignee: Inside SecureInventors: Mylène Roussellet, Vincent Verneuil
-
Patent number: 9961075Abstract: A system for identity based ticketing is provided, wherein a user device sends a challenge to a terminal; the terminal updates a filter based on the challenge and sends the contents of the filter to the user device. The user device sends the contents of the filter, relating to the user device and the terminal, to a backend server; and the backend server derives from the contents of the filter information concerning user behavior.Type: GrantFiled: March 30, 2012Date of Patent: May 1, 2018Assignee: Nokia Technologies OyInventor: Jan-Erik Ekberg
-
Patent number: 9953157Abstract: An application creating apparatus generates first authentication information using an authentication element is provided. The apparatus includes an application module when the application module is created, inserts the first authentication information into the application module, and distributes the application module. A user digital device that executes the application module checks the authentication element and the first authentication information included in the application module, generates second authentication information for the authentication element, and determines whether to execute the application module based on a result of comparison between the first authentication information and the second authentication information.Type: GrantFiled: October 23, 2014Date of Patent: April 24, 2018Assignee: Samsung Electronics Co., Ltd.Inventors: Jae-Mok Hong, Jin-Ho Ko, Tae-Do Bae, Nam-Geol Lee
-
Patent number: 9954884Abstract: Embodiments of a system and method for a cyber modeling and simulation framework arc generally described herein. In some embodiments, an interface (212) for ingest of network and vulnerability data associated with a node of a targeted network, a network visualization device (232) for presenting the network data and the vulnerability data, and for creating a network model based on the network and vulnerability data, a threat analysis simulator (240) for launching threat attacks on the targeted network and for applying modeled defenses against the threat attacks, the threat analysis simulator producing simulation results (244) and a data farming module for performing data fanning on the simulation results using different scenarios to generate a farm of data for use in designing anti-cyber-attack strategies (280) for the targeted network.Type: GrantFiled: October 23, 2013Date of Patent: April 24, 2018Assignee: Raytheon CompanyInventors: Suzanne P. Hassell, Paul F. Beraud, III, Alen Cruz, Gangadhar Ganga, Brian J. Mastropietro, Travis C. Hester, David A. Hyde, Justin W. Toennies, Stephen R. Martin, Frank Pietryka, Niraj K. Srivastava
-
Patent number: 9948624Abstract: Disclosed is a key downloading method. The method comprises: sending a hardware series number (SN) and a first random number (Rnd1) to a key server; receiving a second random number (Rnd2), a first encrypted text (C1) and a key server working certificate (KSWCRT) sent by the key server; authenticating the validity of KSWCRT by using a KSRCRT; if valid, extracting a public key (PuKS) from the KSWCRT, and decrypting the first encrypted text (C1) by using the PuKS to obtain a third random number (Rnd1?); determining whether Rnd1 is consistent with Rnd1?; if consistent, encrypting the second random number (Rnd2) by using a terminal authentication public key (TKP_Pu) to generate a third encrypted text (C2?), and sending the C2? to the key server; receiving an key encrypted text (Ctmk) sent by the key server; and obtain a master key (TMK), and storing the TMK in a security control module.Type: GrantFiled: January 23, 2014Date of Patent: April 17, 2018Assignee: FUJIAN LANDI COMMERCIAL EQUIPMENT CO., LTDInventors: Wenlong Su, Luqiang Meng, Yixuan Hong
-
Patent number: 9942210Abstract: A method for key derivation may comprise: generating a second key based at least in part on a first key for a first connection between a user equipment and a first network node, in response to a decision to enter an idle mode; releasing the first connection to enter the idle mode; providing an identity of the user equipment to the first network node via a second network node, in response to initiating a setup procedure for a second connection between the user equipment and a second network node; and using the second key for the second connection, in response to receiving from the second network node an indication that the identity of the user equipment is successfully verified at the first network node.Type: GrantFiled: May 23, 2012Date of Patent: April 10, 2018Assignee: Nokia Technologies OyInventors: Yang Liu, Dajiang Zhang
-
Patent number: 9934379Abstract: Methods, systems, and computer readable media for detecting a compromised computing host are disclosed. According to one method, the method includes receiving one or more domain name system (DNS) non-existent domain (NX) messages associated with a computing host. The method also includes determining, using a host score associated with one or more unique DNS zones or domain names included in the one or more DNS NX messages, whether the computing host is compromised. The method further includes performing, in response to determining that the computing host is compromised, a mitigation action.Type: GrantFiled: March 5, 2014Date of Patent: April 3, 2018Assignee: The University of North Carolina at Chapel HillInventors: Fabian Monrose, Teryl Taylor, Srinivas Krishnan, John McHugh
-
Patent number: 9935768Abstract: A system on chip includes a central processing unit and a key manager coupled to the central processing unit. The key manager includes a random number generator configured to generate a key and a key memory configured to store the key and a user setting value associated with the key.Type: GrantFiled: April 11, 2014Date of Patent: April 3, 2018Assignee: Samsung Electronics Co., Ltd.Inventors: Hyesoo Lee, Jaechul Park, Yun-Ho Youm, Kyungae Kim, TongPyo Hong
-
Patent number: 9900158Abstract: A system for cryptographically authenticated communication, wherein an activation signal is sent from a communications device to a memory device (410). The memory device derives a random challenge from at least one physical property of the activation signal and sends it back to the communications device (420). A signature is computed using the received random challenge (440) and sent, together with a certificate, to the memory device (450).Type: GrantFiled: March 23, 2012Date of Patent: February 20, 2018Assignee: Nokia Technologies OyInventors: Vesa-Veikko Luukkala, Sampo Sovio, Harald Kaaja, Sergey Boldyrev, Ian Oliver
-
Patent number: 9886597Abstract: The invention relates to a data-processing method that includes encoding a plurality of data of n bits into code words having a predefined constant Hamming weight, characterized in that said method also includes using (4000) encryption operations or arithmetic operations on the resulting code word(s) and also in that encoding each datum includes: decomposing (100) the datum into a plurality of m bit sequences to be encoded, m strictly being less than n; encoding (300) each bit sequence into a partial code word, each having a predefined Hamming weight, such that the sum of the Hamming weights of the partial code words are equal to the Hamming weights of the code word; and concatenating (300) the partial code words such as to produce the code word corresponding to the datum. The invention also relates to a data transmission method and to an electronic circuit configured to implement said methods.Type: GrantFiled: January 17, 2014Date of Patent: February 6, 2018Assignee: MORPHOInventors: Julien Bringer, Victor Servant
-
Patent number: 9887983Abstract: A system, apparatus, method, and machine readable medium are described for implementing a composite authenticator. For example, an apparatus in accordance with one embodiment comprises: an authenticator for authenticating a user of the apparatus with a relying party, the authenticator comprising a plurality of authentication components; and component authentication logic to attest to the model and/or integrity of at least one authentication component to one or more of the other authentication components prior to allowing the authentication components to form the authenticator.Type: GrantFiled: October 29, 2013Date of Patent: February 6, 2018Assignee: Nok Nok Labs, Inc.Inventors: Rolf Lindemann, Davit Baghdasaryan
-
Patent number: 9871784Abstract: A computer implemented system and method for image based location specific password construction and authentication is provided. The system helps users to recognize the password in terms of objects in an image rather than recalling the alphanumeric passwords. A graph walk generator present in the system guides a user to take unique pictures/images/photographs from user's geographical location which helps the user to recognize password easily in future. The system helps in creating and maintaining a strong password by using pseudorandom image presenter. It also allows a user to aid his photographic memory to get authenticated to the system. Every user generates certain number of images by capturing images in vicinity and select objects from an image to create a password. A user authentication module present in the system then authenticates the user based on sequence of the objects within the captured image to provide one-time image based authentication.Type: GrantFiled: January 21, 2016Date of Patent: January 16, 2018Assignee: Tata Consultancy Services LimitedInventors: Sujit Devkar, Pankaj Harish Doke, Sylvan Lobo, Ankith Reddy
-
Patent number: 9864853Abstract: A method and structure for authenticating users of a system that prevents theft of passwords and re-use of passwords. The method and structure use one-time passwords and a Secure CPU technology that cryptographically protects a software module known as a Secure Object from other software on a system. The method and structure generate and validate one-time passwords within Secure Objects and use a communications mechanism to securely communicate passwords or information used to generate passwords that makes use of cryptography and the protected and unprotected regions of a Secure Object to provide strong end-to-end security.Type: GrantFiled: November 30, 2015Date of Patent: January 9, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Richard Harold Boivie
-
Patent number: 9843596Abstract: Detection of abnormalities in multi-dimensional data is performed by processing the multi-dimensional data to obtain a reduced dimension embedding matrix, using the reduced dimension embedding matrix to form a lower dimension (of at least 2D) embedded space, applying an out-of-sample extension procedure in the embedded space to compute coordinates of a newly arrived data point and using the computed coordinates of the newly arrived data point and Euclidean distances to determine whether the newly arrived data point is normal or abnormal.Type: GrantFiled: July 3, 2015Date of Patent: December 12, 2017Assignee: ThetaRay Ltd.Inventors: Amir Averbuch, Ronald R. Coifman, Gil David
-
Patent number: 9825764Abstract: Systems and methods for enhanced security of media are provided. Media security may be enhanced by improving the setup of encryption and/or decryption, by improving the performance of encryption and/or decryption, or by improving both. The calls related to enhanced security of media from an application in an emulated environment to a security module in the operating system hosting the emulated environment may be combined to reduce the overhead of accessing a security module. An application handling secure shell (SSH) communications may execute multiple calls to a cryptographic module in the host operating system. Because many calls to the cryptographic module during SSH communications follow patterns, two or more related calls may be combined into a single combined call to the cryptographic module. For example, a call to generate a server-to-client key and a call to generate a client-to-server key may be combined into a single call.Type: GrantFiled: February 26, 2014Date of Patent: November 21, 2017Assignee: Unisys CorporationInventors: Kevin Clayton, Peter Wilkes, Yuko Onishi, Raymond Campbell
-
Patent number: 9817996Abstract: An information receiving device according to the present invention includes: a request information generation unit which generates request information including actual behavior information which is behavior information representing an actual behavior of a user, and pseudo behavior information not representing an actual behavior of the user; a distribution information request unit which transmits the request information to an information distribution device, and receives distribution information distributed from the information distribution device on a basis of the transmission of the request information; and a distribution information selection unit which selects distribution information associated with the actual behavior information, out of the distribution information received by the distribution information request unit.Type: GrantFiled: March 7, 2014Date of Patent: November 14, 2017Assignee: NEC CORPORATIONInventor: Ryo Furukawa
-
Patent number: 9819493Abstract: Systems and methods for enhanced security of media are provided. Media security may be enhanced by improving the setup of encryption and/or decryption, by improving the performance of encryption and/or decryption, or by improving both. The calls related to enhanced security of media from an application in an emulated environment to a security module in the operating system hosting the emulated environment may be combined to reduce the overhead of accessing a security module. An application handling secure shell (SSH) communications may execute multiple calls to a cryptographic module in the host operating system. Because many calls to the cryptographic module during SSH communications follow patterns, two or more related calls may be combined into a single combined call to the cryptographic module. For example, a call to generate a server-to-client key and a call to generate a client-to-server key may be combined into a single call.Type: GrantFiled: February 26, 2014Date of Patent: November 14, 2017Assignee: Unisys CorporationInventors: Kevin Clayton, Peter Wilkes, Yuko Onishi, Raymond Campbell
-
Patent number: 9813380Abstract: Embodiments of the present invention provide a method, an apparatus, and a network system for a terminal to traverse a private network to communicate with a server in an IMS core network. The method includes: the terminal sets a source address of service data to be sent as a virtual IP address, sets a destination address of the service data to be sent as an address of an internal network server, and obtains a first service packet, where the virtual IP address is an address allocated by the IMS core network to the terminal, encapsulate the first service packet into a first tunnel packet, and send the first tunnel packet to the security tunnel gateway over a VPN tunnel between the terminal and a security tunnel gateway, then the security tunnel gateway sends the first service packet in the first tunnel packet to the internal network server.Type: GrantFiled: August 17, 2015Date of Patent: November 7, 2017Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Aiping Chen, Chengjiao Nie, Zhanbing Zhang
-
Patent number: 9805193Abstract: Generating a set of attempted external contacts associated with a malware sample is disclosed. A malware sample is executed, in an accelerated computing environment. In the accelerated computing environment, a guest time is advanced more quickly than a time by which a host time is advanced. A set of one or more attempted external contacts generated by the executing malware sample is recorded. The set of attempted external contacts is provided as output.Type: GrantFiled: December 18, 2014Date of Patent: October 31, 2017Assignee: Palo Alto Networks, Inc.Inventors: Ryan C. Salsamendi, Robert A. Seger
-
Patent number: 9806885Abstract: Cryptographic communication systems and methods can utilize a base interface and a channel interface. Plug-ins can be utilized to provide cryptographic functions configured for either a first customer or a second customer. The first customer can be a United States domestic customer and the second customer can be an international customer.Type: GrantFiled: September 26, 2014Date of Patent: October 31, 2017Assignee: ROCKWELL COLLINS, INC.Inventors: Joshua P. Breitbach, Mark R. Wagner, Adriane Rae Van Auken, Jerome L. Schmidt, Kevin M. Bayer