Patents Examined by Ho S. Song
  • Patent number: 6564320
    Abstract: A local server (202) locally hosts the provision of digital certificate services to a client (102); while a central server (104) provides the actual digital certificate services. The local server (202) transmits (304) a custom entry form (210) to the client (102). In response to the client's (102) use of the custom entry form (210), the client (102) transmits (306) a standard request for digital certificate services to a central server (104), possibly via the local server (202). The central server (104) fulfills (310) the request, generating a standard response. The standard response is transmitted (312) to the local server (202), which generates (314) a custom display of the results contained in the standard response. The custom display is transmitted (316) to the client (102), fulfilling the client's request. Information is provided (320,330), enabling the local server (202) to create (322) appropriate custom entry forms (210) and to generate (314) the custom display from the standard response.
    Type: Grant
    Filed: June 30, 1998
    Date of Patent: May 13, 2003
    Assignee: VeriSign, Inc.
    Inventors: Mahinda K. de Silva, Atul Tulshibagwale, Xinhong Yuan
  • Patent number: 6557104
    Abstract: A method and apparatus for secure processing of cryptographic keys, wherein a cryptographic key stored on a token is processed in a secure processor mode using a secure memory. A main system processor is initialized into a secure processing mode, which cannot be interrupted by other interrupts, during a power-on sequence. A user enters a Personal Identification Number (PIN) to unlock the cryptographic key stored on the token. The cryptographic key and associated cryptographic program are then loaded into the secure memory. The secure memory is locked to prevent access to the stored data from any other processes. The user is then prompted to remove the token and the processor exits the secure mode and the system continues normal boot-up operations. When an application requests security processing, the cryptographic program is executed by the processor in the secure mode such that no other programs or processes can observe the execution of the program.
    Type: Grant
    Filed: May 2, 1997
    Date of Patent: April 29, 2003
    Assignee: Phoenix Technologies Ltd.
    Inventors: Son Trung Vu, Quang Phan
  • Patent number: 6549626
    Abstract: A key such as a private key or key password of a private key is encrypted for storage, and may be decrypted if the private key becomes lost or unavailable. The key is encrypted by encoding, for example, by hashing, private information such as mother's maiden name and social security number, and the result is used as a key to encrypt the private key using DES or another symmetric encryption technique. The encrypted key is again encrypted, for example using asymmetric encryption, using the public key of a trusted party such as the certificate authority that generated the private key. The result may be stored as a key recovery file by the principal of the private key or another party. To decrypt the key recovery file, the private key corresponding to the public key used to encrypt the key recovery file is used to decrypt the key recovery file, for example by asymmetric decryption.
    Type: Grant
    Filed: October 20, 1997
    Date of Patent: April 15, 2003
    Assignee: Sun Microsystems, Inc.
    Inventor: Yahya Y Al-Salqan
  • Patent number: 6539480
    Abstract: A computing system having a security module to validate requests to reconfigure a computing system. The computing system includes a persistent store for holding information indicative of the current trusted authority. A security module executing on the computing system determines whether to grant a request to modify configuration data within the computing system as a function of the information within the persistent store. In one particular embodiment, the security module facilitates the secure transfer of trust from one trusted authority to another, such as from a manufacturer to a customer. In another embodiment the security module validates a request to overwrite configuration data such as the computer's boot image or compact verification data for validating the computer's boot image.
    Type: Grant
    Filed: December 31, 1998
    Date of Patent: March 25, 2003
    Assignee: Intel Corporation
    Inventor: Paul C. Drews
  • Patent number: 6539094
    Abstract: Data to be transmitted via a serial bus in conformity with the IEEE 1394 protocol are ciphered by a ciphering/deciphering circuit, and headers are attached thereto by a header sync detecting/generating circuit. And after further attachment of CRC code by a CRC detector/generator, the data are packetized into isochronous packets of an isochronous mode by a transmission/reception switching circuit, whereby transmission of the data can be performed with enhanced security. Out of cipher keys employed, a session key invariable in each session of the data is transmitted in each packet of an asynchronous mode, and a time variable updated in each session is transmitted in each packet of an isochronous mode. And the ciphered data obtained by depacketizing the packets of the isochronous mode are deciphered, so that the data transmitted with security can be deciphered exactly, and thus illegal use of the data can be prevented with certainty.
    Type: Grant
    Filed: April 14, 1998
    Date of Patent: March 25, 2003
    Assignee: Sony Corporation
    Inventors: Yoshio Osakabe, Makoto Sato, Yoshitomo Osawa, Tomoyuki Asano, Ryuji Ishiguro, Hisato Shima
  • Patent number: 6526509
    Abstract: The method provides that a session code (K) can be agreed between a first computer unit (U) and a second computer unit (N), without it being possible for any unauthorized third party to gain access to useful information relating to the codes or the identity of the first computer unit (U). This is achieved by embedding the principle of the El-Gamal code interchange in the method, with additional formation of a digital signature via a hash value of the session code (K) which is formed by the first computer unit (U).
    Type: Grant
    Filed: November 10, 1997
    Date of Patent: February 25, 2003
    Assignee: Siemens Aktiengesellschaft
    Inventors: Günther Horn, Klaus Müller, Volker Kessler
  • Patent number: 6523117
    Abstract: The user mounts a distributed storage medium in his or her terminal unit, selects desired information from stored information, and notifies the host central computer through a network. The host computer generates key information for use in deciphering the selected information by combining the identifier of the selected information, user identification, etc. and sends the key information to a user terminal unit. The user deciphers the selected information according to the transmitted key information, and then accesses the information.
    Type: Grant
    Filed: July 5, 1996
    Date of Patent: February 18, 2003
    Assignee: Fujitsu Limited
    Inventors: Hiroshi Oki, Seijun Tanikawa, Shinji Kamata
  • Patent number: 6523114
    Abstract: Arbitrary digital information is embedded within a stream of digital data, in a way that avoids detection by a casual observer and that allows a user to determine whether the digital data have been modified from their intended form. The embedded information may only be extracted as authorized and may be used to verify that the original digital data stream has not been modified.
    Type: Grant
    Filed: March 14, 2000
    Date of Patent: February 18, 2003
    Assignee: Sony Corporation
    Inventor: James M. Barton
  • Patent number: 6519341
    Abstract: An image processing apparatus separates input image data into low resolution image data and one or more auxiliary image data for interpolating the low resolution image data, and decrypts at least one of the separated auxiliary image data. The image processing apparatus also separates input image data into low resolution image data and at least one auxiliary image data for interpolating the low resolution image data and decodes the image data with at least one of the auxiliary image data being encrypted, and decrypts the encrypted auxiliary image data and synthesizes the low resolution image data with the auxiliary image data.
    Type: Grant
    Filed: June 18, 1999
    Date of Patent: February 11, 2003
    Assignee: Canon Kabushiki Kaisha
    Inventor: Masahiko Enari
  • Patent number: 6490683
    Abstract: A copy protecting method for an optical medium includes a writing step of writing watermark data as ECC data in a data storage area of a disk having a certain data stored therein.
    Type: Grant
    Filed: September 8, 1998
    Date of Patent: December 3, 2002
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hisashi Yamada, Hideo Ando, Tadashi Kojima, Kouichi Hirayama
  • Patent number: 6477646
    Abstract: An architecture and a method for a cryptography acceleration is disclosed that allows significant performance improvements without the use of external memory. Specifically, the chip architecture enables “cell-based” processing of random-length IP packets. The IP packets, which may be of variable and unknown size, are split into fixed-size “cells.” The fixed-sized cells are then processed and reassembled into packets. The cell-based packet processing architecture of the present invention allows the implementation of a processing pipeline that has known processing throughput and timing characteristics, thus making it possible to fetch and process the cells in a predictable time frame. The architecture is scalable and is also independent of the type of cryptography performed. The cells may be fetched ahead of time (pre-fetched) and the pipeline may be staged in such a manner that attached (local) memory is not required to store packet data or control parameters.
    Type: Grant
    Filed: February 23, 2000
    Date of Patent: November 5, 2002
    Assignee: Broadcom Corporation
    Inventors: Suresh Krishna, Christopher Owen
  • Patent number: 6477252
    Abstract: A video source device provides a basis value to a symmetric ciphering/deciphering process to a video sink device, to which the video source device is to provide a video content. The video source device ciphers the video content for transmission to the video sink device, including generation of a first cipher key through functional transformation of the basis value. The video source device further verifies periodically that the transmitted video content is indeed being symmetrically deciphered by the video sink device. The video sink device practices symmetric deciphering, including generation of a first decipher key through functional transformation of the basis value. The video sink device also provides verification values to the video source device to facilitate confirmation of symmetric deciphering. In one embodiment, the video source and sink devices further authenticate each other, including generation of an authentication key, which is used in the generation of the first cipher/decipher key.
    Type: Grant
    Filed: August 29, 1999
    Date of Patent: November 5, 2002
    Assignee: Intel Corporation
    Inventors: Robert W. Faber, David A. Lee, Brendan S. Traw, Gary L. Graunke
  • Patent number: 6473508
    Abstract: A method is provided for digital signature infrastructure that provides public keys which are effective only for verifying digital signatures, and are not effective for encrypting information in a way that is unrecoverable by law-enforcement entities. The method can be implemented in software, thus avoiding the need for tamper-proof hardware. The method has the property that signing private keys are not escrowed, since the corresponding public keys cannot be used effectively for criminal communications. As a result no one can impersonate the user; alternatively users can prove impersonations. Furthermore, the system is shadow public key resistant. A shadow public key is a public key which is not escrowed and which can be used for untappable communications. Therefore, the method presented here cannot be used to publish public keys which are not escrowed. All information displayed by the certificate authorities, and even the digital signatures of users, are shadow public key resistant.
    Type: Grant
    Filed: December 22, 1998
    Date of Patent: October 29, 2002
    Inventors: Adam Lucas Young, Marcel Mordechay Yung
  • Patent number: 6463535
    Abstract: A method to verify integrity of information and selectively determine whether the information is authorized to be executed by the platform. The information is downloaded to a platform operating in a pre-boot operational state.
    Type: Grant
    Filed: October 5, 1998
    Date of Patent: October 8, 2002
    Assignee: Intel Corporation
    Inventor: Paul C. Drews
  • Patent number: 6449722
    Abstract: A wireless device is provided with a plurality of connectivity options that enable it to connect to a carrier via alternative connectivity routes thereby providing access to value-added services and other information over plurality of connectivity routes. A user of the wireless device may select alternative connectivities when available based on dollar expense, available bandwidth, reliability, latency, or other considerations. Volume data delivery may be deferred until a more suitable connectivity route is established. With each change of connectivity the wireless device should reauthenticate itself. Reauthentication can be simplified by employing the previously authenticated route and leveraging the original authentication.
    Type: Grant
    Filed: July 8, 1998
    Date of Patent: September 10, 2002
    Assignee: Intel Corporation
    Inventors: Terry D. West, David G. England
  • Patent number: 6438691
    Abstract: A method of transmitting a message over a network from a sender to a receiver, comprises the steps of: taking a message (Coin) to be signed by the sender; signing the message into a digital signature (e, y) of the sender (steps 56,58), the digital signature being generated as a function of that message using public and secret signature generators (x, r) of the sender, a private key (s) of the sender, and other publicly known values (a, p, q); and transmitting the signed message over the network to the receiver (step 60); characterised in that: the message to be signed by the sender incorporates a first value (f(x)) which is a first predetermined function (such as a secure one-way hash function) of the sender's public signature generator (x) (step 48).
    Type: Grant
    Filed: October 1, 1998
    Date of Patent: August 20, 2002
    Assignee: Hewlett-Packard Company
    Inventor: Wenbo Mao
  • Patent number: 6400824
    Abstract: An imaging device integrating a photosensing array, at least one analog-to-digital converter, and an encryption circuit on a single substrate. An optical image can be directly converted into encrypted digital data prior to transmission the image off the chip.
    Type: Grant
    Filed: November 12, 1997
    Date of Patent: June 4, 2002
    Assignee: California Institute of Technology
    Inventors: Barmak Mansoorian, Eric R. Fossum
  • Patent number: 6400823
    Abstract: A method for generating system passwords derived from an external encryption algorithm and plain text user passwords entered during a secure power-on procedure. At some point during the secure power-up procedure, the computer system checks for the presence of an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. Following detection of the external token, the computer user is required to enter a user password. The user password is encrypted using the encryption algorithm contained in the external token, thereby creating a system password. The system password is then compared to a value stored in secure memory. If the two values match, the power-on sequence is completed and the user is allowed access to the computer system or individually secured resources.
    Type: Grant
    Filed: December 13, 1996
    Date of Patent: June 4, 2002
    Assignee: Compaq Computer Corporation
    Inventor: Michael F. Angelo
  • Patent number: 6401210
    Abstract: Management of files infected by computer viruses is accomplished by creating a first file in a directory, copying a virus infected file to the first file, scrambling contents of the first file, and deleting the virus infected file. A system for managing computer virus infected files includes scrambler logic to scramble the contents of a virus infected file to produce a scrambled virus infected file, a virus bin to safely store the scrambled virus infected file, and unscrambler logic to unscramble the scrambled virus infected file to reproduce the virus infected file for further analysis or cleaning.
    Type: Grant
    Filed: September 23, 1998
    Date of Patent: June 4, 2002
    Assignee: Intel Corporation
    Inventor: Randall F. Templeton
  • Patent number: 6397333
    Abstract: The copy protection system is a combination of a signature method and a coding or encryption method that uses a variable key. The data set is written only onto a predetermined device and it is released to a host for reading and deciphering only upon proper authorization. Copying of the encrypted data set is entirely useless, because the dataset is signed with a unique identification (e.g. the serial number) of the device.
    Type: Grant
    Filed: October 7, 1998
    Date of Patent: May 28, 2002
    Assignee: Infineon Technologies AG
    Inventors: Peter Söhne, Jörg Schepers, Dietmar Zaig, Michael Smola