Patents Examined by Kristine L. Kincaid
  • Patent number: 11516024
    Abstract: A semiconductor device includes a memory, a random number generation circuit, and a control circuit. The memory stores key information, and the random number generation circuit generates first and second random number signals. The control circuit generates sixth and seventh random number signals from the first random number signal and the key information, generates encrypted update data from update data using the seventh random number signal, transmits the first and second random number signals as request signals to an external terminal device, receives, from the external device, first and second response signals as response signals in response to the request signals, generates an eighth random number signal using the first response signal, the second and the sixth random number signals as input signals, and provides the encrypted update data for the external terminal device when the second response signal coincides with the eighth random number signal.
    Type: Grant
    Filed: January 19, 2018
    Date of Patent: November 29, 2022
    Assignees: RENESAS ELECTRONICS CORPORATION, MITSUBISHI ELECTRIC CORPORATION
    Inventors: Daisuke Moriyama, Daisuke Suzuki
  • Patent number: 11516207
    Abstract: A method for facilitating a provision of a certificate that securely verifies an identification of an application is provided. The method includes: validating a bootstrap identity that identifies the application at a time of invocation; generating a first token that is signed with a first private key and transmitting the signed first token to the application; receiving, from an external server, a request for a public key to be used for verifying the first private key; and transmitting the requested public key to the external server in order to prompt the external server to provide the certificate to the application. When prompted to provide the certificate to the application, the external server generates a second token that is signed with a second private key and transmits the certificate in conjunction with the signed second token to the application. The private keys are never shared with the application.
    Type: Grant
    Filed: June 2, 2020
    Date of Patent: November 29, 2022
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Adrian Asher, Kabron Austin Kline, Tamila Fathi, Jared Dean Mitten, Carl Dashfield
  • Patent number: 11509484
    Abstract: Systems and methods relating to settlement of securities without revealing ownership including the end owner are described. In some implementations, ownership or control of a security may be managed by using group membership technology to revoke the signing rights of the seller and adding signing rights to the buyer. Group membership with group signatures allow for one group public key and a plurality of private keys, where each private key is associated with a group member. Signatures create by different group members are indistinguishable to verifiers but a group manager is able to determine which member has signed, link member signatures, implement controls and/or limits, and revoke and add signatory capability when needed. In some implementations, revocation of signatory capability is done with the cooperation of a Digital Certificate Authority.
    Type: Grant
    Filed: December 18, 2019
    Date of Patent: November 22, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Phillip H. Griffin
  • Patent number: 11487865
    Abstract: A method for facilitating credential management in a Structured Query Language (SQL) Server Integration Services (SSIS) environment is provided. The method includes identifying a credential update trigger event; accessing a user credential at an electronic password vault (EPV) in response to the credential update trigger event, the user credential including at least one string; parsing the user credential to identify a username and a password that are associated with the user credential; splitting the user credential into the username and the password; updating the password; and storing the updated password in a SSIS database.
    Type: Grant
    Filed: June 24, 2020
    Date of Patent: November 1, 2022
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventor: Jason Harmon
  • Patent number: 11487888
    Abstract: The disclosed computer-implemented method may include (i) identifying a neural network that comprises an interconnected set of nodes organized in a set of layers represented by a plurality of matrices that each comprise a plurality of weights, where each weight represents a connection between a node in the interconnected set of nodes that resides in one layer in the set of layers and an additional node in the set of interconnected nodes that resides in a different layer in the set of layers, (ii) encrypting, using an encryption cipher, the plurality of weights, (iii) detecting that execution of the neural network has been initiated, and (iv) decrypting, using the encryption cipher, the plurality of weights in response to detecting that the execution of the neural network has been initiated. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: November 1, 2022
    Assignee: Meta Platforms, Inc.
    Inventors: Nadav Rotem, Abdulkadir Utku Diril, Mikhail Smelyanskiy, Jong Soo Park, Roman Levenstein
  • Patent number: 11483139
    Abstract: Systems, computer program products, and methods are described herein for secure data transmission using fully homomorphic encryption. The present invention is configured to electronically retrieve a data file from a source computing device, wherein the data file in encrypted using a public key; initiate a homomorphic engine on the data file, wherein the homomorphic engine comprises one or more homomorphic encryption algorithms; generate, using a first homomorphic encryption algorithm, a header and a trailer for the data file; generate, using the first homomorphic encryption algorithm, a unique row for the data file; generate an evaluation key based on at least generating the header, the trailer, and the unique row for the data file; append the header, the trailer, and the unique row to the data file to generate an appended data file; and transmit the appended data file to a target computing device.
    Type: Grant
    Filed: August 7, 2020
    Date of Patent: October 25, 2022
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Madhusudhanan Krishnamoorthy, Lingaraj Sabat
  • Patent number: 11481481
    Abstract: An information processing apparatus includes a display unit that displays plural images consisting of one or more correct answer images selected from a candidate set, which consists of images not including images corresponding to public information of a user in an image group owned by the user, and one or more incorrect answer images other than the one or more correct answer images, and an image authentication unit that performs authentication of the user by having the user select at least one or more of the correct answer images from the plural displayed images.
    Type: Grant
    Filed: September 17, 2019
    Date of Patent: October 25, 2022
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Katsuji Tokie
  • Patent number: 11483162
    Abstract: Systems and methods relating to settlement of securities without revealing ownership including the end owner are described. In some implementations, ownership or control of a security may be managed by using group membership technology to revoke the signing rights of the seller and adding signing rights to the buyer. Group membership with group signatures allow for one group public key and a plurality of private keys, where each private key is associated with a group member. Signatures create by different group members are indistinguishable to verifiers but a group manager is able to determine which member has signed, link member signatures, implement controls and/or limits, and revoke and add signatory capability when needed. In some implementations, revocation of signatory capability is done with the cooperation of a Digital Certificate Authority.
    Type: Grant
    Filed: December 18, 2019
    Date of Patent: October 25, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Phillip H. Griffin
  • Patent number: 11469878
    Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that perform homomorphic computations on encrypted third-party data within a distributed computing environment. For example, an apparatus receives a homomorphic public key and encrypted transaction data characterizing an exchange of data from a computing system, and encrypts modelling data associated with a first predictive model using the homomorphic public key. The apparatus may perform homomorphic computations that apply the first predictive model to the encrypted transaction data in accordance with the encrypted first modelling data, and transmit an encrypted first output of the homomorphic computations to the computing system, which may decrypt the encrypted first output using a homomorphic private key and generate decrypted output data indicative of a predicted likelihood that the data exchange represents fraudulent activity.
    Type: Grant
    Filed: January 24, 2020
    Date of Patent: October 11, 2022
    Assignee: The Toronto-Dominion Bank
    Inventors: Alexey Shpurov, Lovell Hodge, Brian Andrew Lam, Leslie Carol Thomas
  • Patent number: 11463242
    Abstract: A method, a computer program product, and a system for removing padding oracles in encryption techniques. The method includes padding a plaintext message using a padding scheme producing a padded plaintext message. The method also includes encrypting the padded plaintext message using a block cipher generating an encrypted data block of fixed-size as well as a hash value. The method further includes randomly generating an ephemeral key and an initialization vector. The method also includes prepending the hash value, the ephemeral key, and the initialization vector to the encrypted data block. The method includes performing an encryption technique to the encrypted data block prepended with the hash value, the ephemeral key, and the initialization vector.
    Type: Grant
    Filed: May 19, 2020
    Date of Patent: October 4, 2022
    Assignee: International Business Machines Corporation
    Inventors: Michael W. Gray, Narayana Aditya Madineni, Matthew Green, Simon D. McMahon, Leigh S. McLean
  • Patent number: 11463456
    Abstract: An incident manager application (IM) for responding to data security incidents in enterprise networks is disclosed. An IM tracks the incidents in an enterprise network by storing incident objects and incident artifact (IA) metadata created for the incidents, where the incident objects and IAs include information concerning the incidents. Incident response team (IRT) personnel of the enterprise networks can define action conditions within the IM that are associated with the incident objects. When the information within the incident objects and/or IAs meets the defined action conditions, the IM includes the objects that cause the action conditions to be satisfied in messages. Devices such as user account databases and configuration servers within the enterprise network can then download the messages and execute actions that reference the objects extracted from the downloaded messages to implement a response to the incidents.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: October 4, 2022
    Inventors: Allen Hadden, Kenneth Allen Rogers
  • Patent number: 11457021
    Abstract: Systems and methods perform selective rate limiting with a distributed set of agents and a remote controller. An agent receives a packet from a client, and inspects the packet using different rules. Each rule may include at least one different (i) rule definition with traffic dimensions identifying a different attack, (ii) signal with which to identify attack traffic matching the rule definition, (iii) threshold specifying a condition, and (iv) action to implement based on the condition of the threshold being satisfied. The agent provides the signal in response to the packet matching the traffic dimensions from the rule definition of a particular rule. The controller updates a value linked to the signal and a client identifier of the client, and implements the action of the particular rule across the distributed set of agents in response to the value satisfying the condition for the particular rule threshold.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: September 27, 2022
    Assignee: Fastly, Inc.
    Inventors: Nicholas Galbreath, Robert Gibson, Marc Harrison
  • Patent number: 11451536
    Abstract: Described are various embodiments of a system for monitoring a physical user presence during an authenticated user access session at an access point. In one embodiment, the system comprises a wireless digital user authentication device (UAD) operable to wirelessly establish the authenticated user access session, periodically communicate an authenticated presence code to actively maintain the session and acquire motion-related data during the session to capture a UAD departure motion representative of the user departing from the access point. The system further comprises a digital application operatively associated with the access point and operable to wirelessly establish the session with the UAD upon arrival at the access point, and periodically receive the authenticated presence code to maintain the authenticated user access session. The authenticated user session is terminated upon identifying the UAD departure motion from said the motion-related data.
    Type: Grant
    Filed: October 25, 2019
    Date of Patent: September 20, 2022
    Assignee: NYMI INC.
    Inventors: Stuart Keith MacLean, Abhishek Ranjan
  • Patent number: 11451372
    Abstract: An encryption device (50) generates a ciphertext ct encrypted from information x with using an encryption token etk. A decryption key generation device (60) generates a decryption key dk from a user secret key sk in which a vector y is set, with using a decryption token dtk corresponding to the encryption token etk. A privacy-preserving analysis device (70) decrypts the ciphertext ct generated by the encryption device (50), by means of the decryption key dk generated by the decryption key generation device (60), so as to generate a result of computation over the vector x and the vector y.
    Type: Grant
    Filed: January 17, 2018
    Date of Patent: September 20, 2022
    Assignee: MITSUBISHI ELECTRIC CORPORATION
    Inventors: Yutaka Kawai, Takato Hirano, Yoshihiro Koseki
  • Patent number: 11444771
    Abstract: The disclosed embodiments are related to securely updating a semiconductor device and in particular to a key management system. In one embodiment, a method is disclosed comprising storing a plurality of activation codes, each of the activation codes associated with a respective unique identifier (UID) of semiconductor device; receiving, over a network, a request to generate a new storage root key (SRK), the request including a response code and a requested UID; identifying a selected activation code from the plurality of activation codes based on the requested UID; generating the SHRSRK value using the response code and the selected activation code; associating the SHRSRK value with the requested UID and storing the SHRSRK value; and returning an acknowledgement in response to the request.
    Type: Grant
    Filed: September 8, 2020
    Date of Patent: September 13, 2022
    Assignee: Micron Technology, Inc.
    Inventor: Lance W. Dover
  • Patent number: 11411938
    Abstract: The technology disclosed herein provides a proof-of-work key wrapping system that uses integrated key fragments to cryptographically control access to data. An example method may include encrypting a first cryptographic key to produce a wrapped key, wherein the first cryptographic key enables a computing device to access content; determining a plurality of key fragments of a second cryptographic key, wherein the second cryptographic key is for decrypting the wrapped key and at least one of the plurality of key fragments is derived using one of the key fragments as input; selecting a set of cryptographic attributes for deriving the plurality of key fragments, wherein the set of cryptographic attributes are selected in view of a characteristic of the computing device; and providing the wrapped key and the set of cryptographic attributes to the computing device, the set of cryptographic attributes facilitating determination of the second cryptographic key.
    Type: Grant
    Filed: August 19, 2019
    Date of Patent: August 9, 2022
    Assignee: Red Hat, Inc.
    Inventors: Michael Hingston Mclaughlin Bursell, Nathaniel Philip McCallum, Peter M. Jones, John David Strunk
  • Patent number: 11405782
    Abstract: Methods and apparatus for securing access to an encrypted personal data store on a mobile device. In some embodiments, a universal integrated circuit card (UICC) processor receives, from a mobile device processor of a mobile device having an encrypted Personal Data Store (PDS), a PDS access request associated with a mobile application, then determines that access control rules are stored in at least one access control rules database and transmits to the mobile device processor, the access control rules governing access to the data in the encrypted PDS. The process also includes the UICC processor receiving a request for a symmetric shared secret and transmitting the symmetric shared secret to the mobile device processor for use in accessing the PID of the user stored in the encrypted PDS in accordance with the access control rules.
    Type: Grant
    Filed: July 10, 2020
    Date of Patent: August 2, 2022
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Ashfaq Kamal
  • Patent number: 11372953
    Abstract: A communication device is installed in between a client terminal and a web server which performs communication with the client terminal. The communication device includes a memory, and processing circuitry coupled to the memory and configured to of information included in communication between the web server and the client terminal, perform obfuscation with respect to information related to web application, and send communication, which includes information obfuscated at the performing, to destination.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: June 28, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Nariyoshi Chida, Yo Kanemoto, Kazufumi Aoki
  • Patent number: 11363005
    Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.
    Type: Grant
    Filed: December 4, 2019
    Date of Patent: June 14, 2022
    Assignee: Journey.ai
    Inventors: Brett Shockley, Alexander John Shockley, Michael Joseph Frendo, Shmuel Shaffer, Kenneth Keiter, James M. Behmke
  • Patent number: 11356442
    Abstract: A wearable device-based identity authentication method and system, comprising: a user terminal initiates an authentication request to a target server and provides device information of the user terminal, the target server generates a temporary session, and sends a temporary session ID and the device information to a quantum key distribution network; the quantum key distribution network generates identification information, searches a wearable device bound to the user terminal, and sends the identification information to the wearable device; the wearable device receives and provides the identification information to the user terminal, the user terminal acquires the identification information, and sends verification information to the wearable device and then to the quantum key distribution network; the quantum key distribution network generates an authentication result and sends to the target server; and the target server generates an identification authentication result and sends to the user terminal.
    Type: Grant
    Filed: February 28, 2019
    Date of Patent: June 7, 2022
    Assignees: QUANTUMCTEK CO., LTD., SHANDONG INSTITUTE OF QUANTUM SCIENCE AND TECHNOLOGY CO., LTD.
    Inventors: Yong Zhao, Chunhua Liu