Patents by Inventor Benjamin Che

Benjamin Che has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20170063814
    Abstract: Values and a sequence of operations associated with generating a key may be received. A determination may be made as to whether the sequence of operations associated with the key matches an authorized sequence of operations. The key may be outputted when the received sequence of operations matches the authorized sequence of operations and the key may not be outputted when the received sequence of operations does not match the authorized sequence of operations.
    Type: Application
    Filed: July 24, 2015
    Publication date: March 2, 2017
    Inventors: Megan Anneke Wachs, Ambuj Kumar, Benjamin Che-Ming Jun
  • Patent number: 9584509
    Abstract: The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.
    Type: Grant
    Filed: November 6, 2014
    Date of Patent: February 28, 2017
    Assignee: CRYPTOGRAPHY RESEARCH, INC.
    Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev, Ambuj Kumar
  • Patent number: 9553722
    Abstract: A first key associated with a plurality of devices may be received. Furthermore, a second key associated with a single device may be received. The first key associated with the plurality of devices may be modified based on a device identification of the single device. Additionally, a primary key may be generated based on the modified first key and the second key.
    Type: Grant
    Filed: July 6, 2015
    Date of Patent: January 24, 2017
    Assignee: CRYPTOGRAPHY RESEARCH, INC.
    Inventors: Benjamin Che-Ming Jun, Ambuj Kumar
  • Patent number: 9544304
    Abstract: The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.
    Type: Grant
    Filed: November 6, 2014
    Date of Patent: January 10, 2017
    Assignee: CRYPTOGRAPHY RESEARCH, INC.
    Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev, Ambuj Kumar
  • Publication number: 20160028722
    Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example method includes receiving, by a root authority system, data identifying a command that affects operation of an integrated circuit, singing, by the root authority system, the command using a root authority key to create a root signed block (RSB), and providing the RSB to a security manager of the integrated circuit.
    Type: Application
    Filed: September 30, 2015
    Publication date: January 28, 2016
    Inventors: Paul Carl Kocher, Benjamin Che-Ming Jun, Andrew John Leiserson
  • Publication number: 20160013939
    Abstract: A first key associated with a plurality of devices may be received. Furthermore, a second key associated with a single device may be received. The first key associated with the plurality of devices may be modified based on a device identification of the single device. Additionally, a primary key may be generated based on the modified first key and the second key.
    Type: Application
    Filed: July 6, 2015
    Publication date: January 14, 2016
    Inventors: Benjamin Che-Ming Jun, Ambuj Kumar
  • Publication number: 20150326567
    Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a command to create a Module and executes a Module Template to generate the Module in response to the command. The Module is deployed to an Appliance device. A set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device. The Appliance device is configured to distribute the data asset to a cryptographic manager (CM) core of the target device.
    Type: Application
    Filed: November 6, 2014
    Publication date: November 12, 2015
    Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
  • Publication number: 20150326540
    Abstract: The embodiments described herein describe technologies for pre-computed data (PCD) asset generation and secure deployment of the PCD asset to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to generate a unique PCD asset for a target device. In response, the RA device generates the PCD asset and packages the PCD asset for secure deployment of the PCD asset to the target device and to be used exclusively by the target device. The RA device deploys the packaged PCD asset in a CM system for identification and tracking of the target device.
    Type: Application
    Filed: November 6, 2014
    Publication date: November 12, 2015
    Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
  • Publication number: 20150326541
    Abstract: The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.
    Type: Application
    Filed: November 6, 2014
    Publication date: November 12, 2015
    Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev, Ambuj Kumar
  • Publication number: 20150312046
    Abstract: A request associated with a revocation of a key may be received. A hash value corresponding to the key that is stored in a memory may be identified. Furthermore, the hash value that is stored in the memory may be corrupted in response to the request associated with the revocation of the key.
    Type: Application
    Filed: April 15, 2015
    Publication date: October 29, 2015
    Inventors: Ambuj Kumar, Benjamin Che-Ming Jun
  • Publication number: 20150278506
    Abstract: Pairing data associated with a second device may be received at a first device. The pairing data may be received from a server. A first authentication proof may be generated based on the pairing data received from the server. A second authentication proof may be received from the second device. Furthermore, an authentication status of the second device may be updated based on a comparison of the first authentication proof that is based on the pairing data received from the server and the second authentication proof that is received from the second device.
    Type: Application
    Filed: March 26, 2015
    Publication date: October 1, 2015
    Inventors: Benjamin Che-Ming Jun, Matthew Evan Orzen, Joel Patrick Wittenauer, Steven C. Woo
  • Patent number: 9002746
    Abstract: Aspects of the present disclosure relate to managing licenses for playback of digital content. A license management device may create licenses that determine the number of playback devices that can be authorized by the license. Each license may be included in a corresponding digital content. In addition, each license may be distributed to a set of playback devices. Thereafter, a playback device may playback digital content that includes a license when the playback device stores a matching license. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content. Playback devices can store multiple licenses, which allows playback devices to belong to multiple sets of playback devices authorized to playback various digital content. In one embodiment digital content files can contain multiple licenses to allow the content files to be shared by multiple sets of playback devices.
    Type: Grant
    Filed: May 7, 2012
    Date of Patent: April 7, 2015
    Assignee: Audible, Inc.
    Inventors: Guy A. Story, Jr., Rozsa E. Kovesdi, Ajit V. Rajasekharan, Benjamin Che-Ming Jun
  • Publication number: 20140044265
    Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.
    Type: Application
    Filed: March 14, 2013
    Publication date: February 13, 2014
    Applicant: Cryptography Research, Inc.
    Inventors: Paul Carl Kocher, Benjamin Che-Ming Jun, Andrew John Leiserson
  • Publication number: 20120255037
    Abstract: Aspects of the present disclosure relate to managing licenses for playback of digital content. A license management device may create licenses that determine the number of playback devices that can be authorized by the license. Each license may be included in a corresponding digital content. In addition, each license may be distributed to a set of playback devices. Thereafter, a playback device may playback digital content that includes a license when the playback device stores a matching license. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content. Playback devices can store multiple licenses, which allows playback devices to belong to multiple sets of playback devices authorized to playback various digital content. In one embodiment digital content files can contain multiple licenses to allow the content files to be shared by multiple sets of playback devices.
    Type: Application
    Filed: May 7, 2012
    Publication date: October 4, 2012
    Applicant: Audible
    Inventors: Guy A. Story, JR., Rozsa E. Kovesdi, Ajit V. Rajasekharan, Benjamin Che-Ming Jun
  • Patent number: 8175977
    Abstract: A method and apparatus for digital content license management is disclosed that provides one or more license management devices that manage licenses for playback of digital content. The license management devices create licenses having an associated cardinality that determines the number of playback devices that can be authorized by the license. The license is stored in a set of playback devices, where the number of playback devices in the set corresponds to the cardinality of the license. The license is also included in digital content that the license authorizes for playback. Playback devices that have a license that matches a license included in the digital content are authorized to play the digital content. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content.
    Type: Grant
    Filed: December 28, 1998
    Date of Patent: May 8, 2012
    Assignee: Audible
    Inventors: Guy A. Story, Jr., Rozsa E. Kovesdi, Ajit V. Rajasekharan, Benjamin Che-Ming Jun
  • Patent number: 8131646
    Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.
    Type: Grant
    Filed: October 31, 2007
    Date of Patent: March 6, 2012
    Assignee: Rovi Solutions Corporation
    Inventors: Paul Carl Kocher, Joshua Michael Jaffe, Benjamin Che-Ming Jun, Carter Cyrus Laren, Peter Kelley Pearson, Nathaniel James Lawson
  • Patent number: 7996913
    Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.
    Type: Grant
    Filed: October 31, 2007
    Date of Patent: August 9, 2011
    Assignee: Rovi Solutions Corporation
    Inventors: Paul Carl Kocher, Joshua Michael Jaffe, Benjamin Che-Ming Jun, Carter Cyrus Laren, Peter Kelley Pearson, Nathaniel James Lawson
  • Patent number: 7984511
    Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.
    Type: Grant
    Filed: October 31, 2007
    Date of Patent: July 19, 2011
    Assignee: Rovi Solutions Corporation
    Inventors: Paul Carl Kocher, Joshua Michael Jaffe, Benjamin Che-Ming Jun, Carter Cyrus Laren, Peter Kelley Pearson, Nathaniel James Lawson
  • Patent number: 7917643
    Abstract: Aspects of the present disclosure relate to a computer system that can transfer a digital information file to a removable media storage. The digital information file can include targeting information, which may include combined descrambling information and information identifying a mobile playback device. The mobile playback device can render the targeted digital information file if the information identifying the mobile playback device included in the targeting information corresponds to an identifier of the mobile playback device, so as to allow the mobile playback device to descramble the targeted digital information file using the descrambling information.
    Type: Grant
    Filed: November 12, 2004
    Date of Patent: March 29, 2011
    Assignee: Audible, Inc.
    Inventors: Howard Wolfish, Igor Grebnev, Benjamin Che-Ming Jun, Guy Story, Alexander Galkin
  • Patent number: 7778420
    Abstract: In an exemplary embodiment, digital content is mastered as a combination of encrypted data and data processing operations that enable use in approved playback environments. Player devices having a processing environment compatible with the content's data processing operations are able to decrypt and play the content. Players can also provide content with basic functions, such as loading data from media, performing network communications, determining playback environment configuration, controlling decryption/playback, and/or performing cryptographic operations using the player's keys. These functions allow the content to implement and enforce its own security policies. If pirates compromise individual players or content titles, new content can be mastered with new security features that block the old attacks. A selective decryption capability can also be provided, enabling on-the-fly watermark insertion so that attacks can be traced back to a particular player.
    Type: Grant
    Filed: October 31, 2007
    Date of Patent: August 17, 2010
    Assignee: Rovi Solutions Corporation
    Inventors: Paul Carl Kocher, Joshua Michael Jaffe, Benjamin Che-Ming Jun, Matthew Thomas Carter, Peter Kelley Pearson