Patents Examined by Lisa C Lewis
  • Patent number: 12041173
    Abstract: Each tenant of a secure web gateway (SWG) is issued a secret key. A user accesses a unique secret key derived from the tenant's secret key and loads the secret key into an application which generates time-based one time passwords (TOTPs). When the SWG receives a connection request from a client and cannot decrypt the network traffic, the SWG challenges the client request and indicates an authentication scheme to be used. The client obtains user credentials, constructs a response to the challenge based on the authentication scheme, and issues a connection request to the SWG which indicates the response. The SWG determines an expected response based on a locally generated TOTP and the secret key of the corresponding tenant. If the expected response matches the provided response, the SWG authenticates the user, allows the connection request, and whitelists the client for a period longer than the lifetime of the TOTP.
    Type: Grant
    Filed: August 17, 2023
    Date of Patent: July 16, 2024
    Assignee: Palo Alto Networks, Inc.
    Inventor: Mohit Sahni
  • Patent number: 12041172
    Abstract: Systems, methods, apparatuses, and computer-readable media for cryptographic authentication to control access to storage devices. An applet executing on a processor of a contactless card may receive, via a wireless communications interface of the contactless card, a request to access a storage device of the contactless card, where the storage device is in a locked state. The applet may generate a cryptogram based on the request and transmit the cryptogram to a computing device via the wireless communications interface. The applet may receive, from the computing device, an indication specifying that a server decrypted the cryptogram. The applet may transmit, to a controller of the storage device and based on the indication specifying that the server decrypted the cryptogram, an indication specifying to unlock the storage device. The controller may transition the storage device from the locked state to an unlocked state based on the indication received from the applet.
    Type: Grant
    Filed: June 25, 2021
    Date of Patent: July 16, 2024
    Assignee: Capital One Services, LLC
    Inventors: Bryant Yee, Mykhaylo Bulgakov, George Bergeron
  • Patent number: 12015971
    Abstract: A method of processing a Domain Name Server, DNS, query received from a User Equipment, UE, in a telecommunication network, wherein said method comprises the steps of receiving (102), by a User Plane Function, UPF, an encrypted message from said UE, determining (103), by said UPF, that said encrypted message is an encrypted DNS query by establishing that a destination address in said encrypted message corresponds to an address of a DNS server comprised by said telecommunication network, and forwarding (104), by said UPF, said encrypted DNS query to said DNS server.
    Type: Grant
    Filed: July 11, 2018
    Date of Patent: June 18, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Miguel Angel Puente Pestaña, Miguel Angel Muñoz De La Torre Alonso, Maria Luisa Mas Rosique
  • Patent number: 12013950
    Abstract: An analysis engine of an anomaly detection system receives an input captured by a monitoring device, determines, based on a currently used anomaly detection model, that the input represents an object or event that should not be classified as an anomaly, and determines, based on a previously used model, that the input was previously classified as an anomaly. In response, the analysis engine determines a respective classification result for the input based on additional models used between the currently and previously used models, determines, based on the respective classification results, that it is likely that the anomaly detection system has been deliberately re-trained to falsely classify the input, and initiates an action to correctly classify the input as representing an object or event that should be classified as an anomaly. The anomaly detection models and classification results may be stored in a training repository for the anomaly detection system.
    Type: Grant
    Filed: December 31, 2019
    Date of Patent: June 18, 2024
    Inventors: Pawel Jurzak, Grzegorz Kaplita, Wojciech Kucharski, Stefan Koprowski
  • Patent number: 12010221
    Abstract: A method of communicating a secret (k0, k1) on the Bitcoin blockchain is disclosed. The method comprises sending information identifying secrets selectable by the recipient and receiving a first public key (Ui) of an elliptic curve cryptography system, corresponding to a first secret (Si) selected for access by the recipient and for which a first private key (m) is accessible to the recipient. A second public key (U1-i) is received, corresponding to a second secret not selected for access by the recipient, wherein a corresponding second private key is not available to the recipient. First and second secrets encrypted by means of the respective first and second public keys (X0, X1) are sent to the recipient, wherein the first secret is accessible to the recipient by means of the first private key, the second secret is inaccessible to the recipient, and the sender is unable to distinguish between the first and second secrets.
    Type: Grant
    Filed: September 18, 2022
    Date of Patent: June 11, 2024
    Assignee: nChain Licensing AG
    Inventor: Craig Steven Wright
  • Patent number: 11991269
    Abstract: There is provided a system, method, and computing device for distribution of cryptographic key generation data in a secure network, the secure network comprising a security server and one or more clients. The method including: receiving or generating indexed random data; communicating at least a portion of the indexed random data to one of the clients; and receiving or communicating the indices of the portions of the indexed random data shared with the client, a portion of the indexed random data is used for cryptographic key generation for encrypted communication between the client and another client. In some cases, the above is repeated for each client, wherein the indexed random data is unique for each client.
    Type: Grant
    Filed: October 20, 2023
    Date of Patent: May 21, 2024
    Inventors: Manfred Von Willich, Mattia Montagna, Hoi-Kwong Lo, Paul O'Leary
  • Patent number: 11985238
    Abstract: Embodiments disclose a vehicle-mounted device upgrade method and a related device. The method may be applied to an intelligent vehicle, the intelligent vehicle includes a vehicle-mounted control device, and the method may include: receiving, by the vehicle-mounted control device, a first partial key sent by the communications device; restoring, by the vehicle-mounted control device, a first key by using the first partial key and a second partial key that is stored on the vehicle-mounted control device; and performing, by the vehicle-mounted control device, secure processing on a first upgrade file by using the first key, to obtain the securely processed first upgrade file, where the secure processing includes generating first message authentication code (MAC), and the securely processed first upgrade file includes the first upgrade file and the first MAC. According to this application, the vehicle-mounted device can be securely and efficiently upgraded.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: May 14, 2024
    Assignee: Huawei International Pte. Ltd.
    Inventors: Yanjiang Yang, Zhuo Wei, Hsiao-Ying Lin, He Wei, Junqiang Shen
  • Patent number: 11961074
    Abstract: A method performed by a trusted network device and a network device for transmitting a trusted state representation of a state of a DLT network to one or more network devices is described. The trusted network device determines a state indicator. The state indicator is a representation of a state of the DLT network at a given time. The trusted network device transmits to one or more network devices a beacon message including the state indicator. The beacon message is signed based on authentication information associated with the trusted network device. The state indicator is to be used by the one or more network devices as a trusted current state of the DLT network.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: April 16, 2024
    Inventors: Santeri Paavolainen, Abu Shohel Ahmed
  • Patent number: 11956345
    Abstract: Aspects of the present disclosure involve a method and a system to support execution of the method to obtain a first N cryptographic key, receive a key diversification information comprising a first plurality of bits, obtain an expanded key diversification information (EKDI) comprising a second plurality of bits, wherein a number of bits in the second plurality of bits is greater than a number of bits in the first plurality of bits, and wherein a value of each bit of the second plurality of bits is deterministically obtained in view of values of the first plurality of bits, and apply, by the processing device, a key derivation function to the first cryptographic key and the EKDI to obtain a second cryptographic key.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: April 9, 2024
    Inventors: Michael Alexander Hamburg, Denis Alexandrovich Pochuev
  • Patent number: 11949778
    Abstract: Systems and methods herein describe privacy preserving multi-touch attribution. The described systems access a plurality of impression events and a plurality of conversion events, and for each impression event and each conversion event, wherein each impression event and each conversion event are associated with user identifiers, the described systems generates a hashed user identifier based on the associated user identifier, initiates a key agreement protocol comprising a key, generates an encrypted identifier by encrypting the hashed user identifier with the key, and stores the encrypted identifier.
    Type: Grant
    Filed: September 16, 2021
    Date of Patent: April 2, 2024
    Assignee: Snap Inc.
    Inventors: Samarth Chopra, Amit Datta, Apoorvaa Deshpande
  • Patent number: 11917084
    Abstract: Described herein is a system and method for validating media integrity using asymmetric key cryptography utilizing a public/private cryptographic key pair. The private key is kept secret and is known to an originator and/or publisher of a media file. The public key is added to the media file and is used to validate integrity of the media file, that is, that content of the media file (e.g., portion(s), frame(s)) has not been altered since publication of the media file. By validating integrity of the media file, strong proof that the media file came from an owner of the keypair (e.g., had possession of the private key) can be obtained, for example, resolving issues of trust and/or authenticity common in altered content. In some embodiments, information regarding an origin of the content can further be determined.
    Type: Grant
    Filed: August 8, 2022
    Date of Patent: February 27, 2024
    Inventors: Rebecca Nicole Burke-Aguero, Samuel John Wenker, Andrew Lee Jenks, Isha Sharma
  • Patent number: 11907380
    Abstract: In an approach, a process stores a matrix of multibit values for a computation in an analog multiply-accumulate unit including at least one crossbar array of binary analog memory cells connected between respective pairs of word- and bit-lines of the array, where: bits of each multibit value are stored in cells connected along a word-line, and corresponding bits of values in a column of the matrix are stored in cells connected along a bit-line. In each of one or more computation stages for a cryptographic element, the process supplies a set of polynomial coefficients of an element bitwise to respective word-lines of the unit to obtain analog accumulation signals on the respective bit-lines. The process converts the analog signals to digital. The process processes the digital signals obtained from successive bits of the polynomial coefficients in each of the stages to obtain a computation result for the cryptographic element.
    Type: Grant
    Filed: May 17, 2021
    Date of Patent: February 20, 2024
    Assignee: International Business Machines Corporation
    Inventors: Nandakumar Sasidharan Rajalekshmi, Flavio A. Bergamaschi, Evangelos Stavros Eleftheriou
  • Patent number: 11902418
    Abstract: A registration device (500) accepts plaintext, attribute information of a user having an authority of referring to the plaintext, and a registration key for use in generating a user key for generating a search query. The registration device generates aggregate information indicating one or more aggregate values, by aggregating a plurality of attribute values included in the attribute information. The registration device generates generalized information indicating a plurality of generalized values for each aggregate value by generalizing each aggregate value included in the aggregate information. The registration device generates ciphertext data including the plaintext encrypted, by using the plaintext, the attribute information, the generalized information, and the registration key. The registration device registers the ciphertext data in a database.
    Type: Grant
    Filed: May 23, 2022
    Date of Patent: February 13, 2024
    Assignee: Mitsubishi Electric Corporation
    Inventors: Takato Hirano, Yutaka Kawai, Yoshihiro Koseki, Satoshi Yasuda
  • Patent number: 11893577
    Abstract: Aspects of the disclosure relate to storing sensitive information. A computing platform may split a signature key into shares, which may be used to regenerate the signature key. The computing platform may encrypt these shares using corresponding SEKs, and may subsequently encrypt the SEKs using corresponding operator keys. The computing platform may distribute the operator keys to user devices via corresponding HSMs. The computing platform may store the encrypted shares, encrypted SEKs, and identifiers of the user devices. The computing platform may receive requests for the encrypted SEKs from the user devices, and may send the respective encrypted SEKs accordingly. The user devices may return, to the computing platform, corresponding decrypted SEKs. The computing platform may use the SEKs to decrypt the encrypted shares, which may then be used to reconstruct the signature key.
    Type: Grant
    Filed: November 24, 2021
    Date of Patent: February 6, 2024
    Assignee: Coinbase, Inc.
    Inventors: Jeremy Suurkivi, Andrew Pau, Jayasudha Jayakumaran
  • Patent number: 11888993
    Abstract: A vehicle-to-everything terminal provides a vehicle-to-everything server with a security credential that can prove an identity of the vehicle-to-everything terminal, and requests the vehicle-to-everything server to apply for a certificate for the vehicle-to-everything terminal. The security credential may be a token preconfigured in the vehicle-to-everything terminal, or may be a digital signature of the vehicle. The vehicle-to-everything server performs identity verification on the vehicle-to-everything terminal based on the security credential. After the verification succeeds, the vehicle-to-everything server selects a proper certificate server to apply for a certificate for the vehicle-to-everything terminal.
    Type: Grant
    Filed: April 6, 2021
    Date of Patent: January 30, 2024
    Inventors: Jintao Zhu, Yucai Peng
  • Patent number: 11869112
    Abstract: Embodiments of this application provide a watermark embedding method applicable to a three-dimensional (3D) field. By combining vertex data of an original 3D model and vertex data of a 3D watermark, and combining material data of the original 3D model and material data of the 3D watermark, the original 3D model and the 3D watermark can be synthesized into a 3D model. In addition, before and after watermark embedding, an appearance of the original 3D model can remain unchanged. This avoids impact of watermark embedding on the appearance and use value of the 3D model, and ensures a display effect of the 3D model. Further, a function of encrypting the embedded 3D watermark may be implemented, and the 3D watermark cannot be easily removed or modified. This can effectively ensure the copyright of the original 3D model, and better promote a digital asset such as the 3D model.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: January 9, 2024
    Inventors: Pei Zhang, Zhongyong Cheng, Wenjin Zou, Guangjie Li
  • Patent number: 11870908
    Abstract: This invention enables asynchronous encrypted communication under a protection of a simple password which must be communicated out-of-band. The password is easily communicable in-person, by telephone or by a text message. The invention assumes that one of the parties has an online device, such as a smartphone. After the encrypted session has been established, it can be used for a variety of cryptographic applications, such as encrypting or decrypting messages, sharing of cryptographic keys, and verifying data. The invention also has the secondary benefit of authenticating both parties to each other.
    Type: Grant
    Filed: April 4, 2023
    Date of Patent: January 9, 2024
    Inventor: Boris Reitman
  • Patent number: 11861042
    Abstract: An individual data unit for enhancing the security of a user data record is provided that includes a processor and a memory configured to store data. The individual data unit is associated with a network and the memory is in communication with the processor. The memory has instructions stored thereon which, when read and executed by the processor cause the individual data unit to perform basic operations only. The basic operations include communicating securely with computing devices, computer systems, and a central user data server. Moreover, the basic operations include receiving a user data record, storing the user data record, retrieving the user data record, and transmitting the user data record. The individual data unit can be located in a geographic location associated with the user which can be different than the geographic locations of the computer systems and the central user data server.
    Type: Grant
    Filed: December 10, 2022
    Date of Patent: January 2, 2024
    Inventor: Richard Jay Langley
  • Patent number: 11863670
    Abstract: Disclosed are memory encryption systems and methods that rotate encryption keys for robust resistance against side-channel-analysis (SCA)-based attacks on communication paths between an encryption engine within a trust boundary and an external memory component. A key data structure has a plurality of keys that are used to encrypt a plurality of memory blocks in the external memory. The memory blocks encrypted with the oldest key of the key data structure are identified. Encrypted data is read from the identified memory blocks. The encrypted data is decrypted from the identified memory blocks. The data is then re-encrypted using the selected key that is newer than the oldest key, and re-written to the identified memory blocks.
    Type: Grant
    Filed: April 4, 2020
    Date of Patent: January 2, 2024
    Assignee: Cryptography Research, Inc.
    Inventors: Mark Evan Marson, Michael Hutter, Bart Stevens
  • Patent number: 11838431
    Abstract: A method is suggested for providing a response, wherein the method comprises: obtaining a challenge from a host, determining the response based on the challenge, determining an auxiliary value based on the response or the challenge, providing the auxiliary value to the host, obtaining a random value from the host, checking the validity of the challenge based on the random value, and providing the response to the host only if the challenge is valid. Also, corresponding methods running on the host and system are provided. Further, corresponding devices, hosts and systems are suggested.
    Type: Grant
    Filed: October 20, 2022
    Date of Patent: December 5, 2023
    Assignee: Infineon Technologies AG
    Inventors: Thomas Poeppelmann, Rainer Urian