Patents by Inventor Cem Paya

Cem Paya has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10373129
    Abstract: The present invention generally relates to a method, system and program product for generating a stable value digital asset tied to a blockchain.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: August 6, 2019
    Assignee: Winklevoss IP, LLC
    Inventors: Daniel William Halley James, Brandon Arvanaghi, Cem Paya, Eric Winer, Cameron Howard Winklevoss, Tyler Howard Winklevoss
  • Publication number: 20190166113
    Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.
    Type: Application
    Filed: January 8, 2019
    Publication date: May 30, 2019
    Inventors: Ismail Cem Paya, Kevin Nguyen
  • Publication number: 20190156052
    Abstract: An online computer system including a database uses an encrypted table that allows for write protection its contents. Middleware logic operating on the system acts as an interface for access to the database, so that any business logic on the system accesses the database through simple procedural calls to the middleware rather than directly to the database itself. The middleware logic abstracts logic that helps implement write protection with the encrypted table. Data to be encrypted that has been traditionally written to other tables is migrated to the encrypted table, where the data encrypted using an authenticated encryption with additional data (AEAD) algorithm. To implement AEAD, the original table, column, and primary key indicating where the data would have otherwise been stored are together used as additional authenticated data (AAD). This tuple of information is also stored in the encrypted table.
    Type: Application
    Filed: January 24, 2019
    Publication date: May 23, 2019
    Inventors: Ismail Cem Paya, Nelson Aurel Gauthier, Kevin Nguyen
  • Patent number: 10229286
    Abstract: An online computer system including a database uses an encrypted table that allows for write protection its contents. Middleware logic operating on the system acts as an interface for access to the database, so that any business logic on the system accesses the database through simple procedural calls to the middleware rather than directly to the database itself. The middleware logic abstracts logic that helps implement write protection with the encrypted table. Data to be encrypted that has been traditionally written to other tables is migrated to the encrypted table, where the data encrypted using an authenticated encryption with additional data (AEAD) algorithm. To implement AEAD, the original table, column, and primary key indicating where the data would have otherwise been stored are together used as additional authenticated data (AAD). This tuple of information is also stored in the encrypted table.
    Type: Grant
    Filed: June 22, 2017
    Date of Patent: March 12, 2019
    Assignee: Airbnb, Inc.
    Inventors: Ismail Cem Paya, Nelson Aurel Gauthier, Kevin Nguyen
  • Patent number: 10205720
    Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.
    Type: Grant
    Filed: September 6, 2017
    Date of Patent: February 12, 2019
    Assignee: Airbnb, Inc.
    Inventors: Ismail Cem Paya, Kevin Nguyen
  • Patent number: 10063548
    Abstract: Particular systems, methods, and program products for web-based security systems for user authentication and processing in a distributed computing environment are disclosed. A computing sub-system may receive an electronic processing request and a first signed data packet having a first payload that was hashed and encrypted using a first private key. The first payload may comprise first processing output and a first timestamp. The sub-system may verify the first signed data packet by decrypting it using a first public key. The sub-system may execute computing operations to satisfy the electronic processing request, producing second processing output. The sub-system may configure a data packet with a second payload comprising at least the second processing output and a second timestamp. The sub-system may encrypt the second payload using a second private key producing a second signed data packet. The sub-system may transmit to a second sub-system the second signed data packet.
    Type: Grant
    Filed: February 27, 2018
    Date of Patent: August 28, 2018
    Assignee: Winklevoss IP, LLC
    Inventors: Andrew Laucius, Cem Paya, Eric Winer
  • Patent number: 9942231
    Abstract: Particular systems, methods, and program products for web-based security systems for user authentication and processing in a distributed computing environment are disclosed. A computing sub-system may receive an electronic processing request and a first signed data packet having a first payload that was hashed and encrypted using a first private key. The first payload may comprise first processing output and a first timestamp. The sub-system may verify the first signed data packet by decrypting it using a first public key. The sub-system may execute computing operations to satisfy the electronic processing request, producing second processing output. The sub-system may configure a data packet with a second payload comprising at least the second processing output and a second timestamp. The sub-system may encrypt the second payload using a second private key producing a second signed data packet. The sub-system may transmit to a second sub-system the second signed data packet.
    Type: Grant
    Filed: November 20, 2017
    Date of Patent: April 10, 2018
    Assignee: Winklevoss IP, LLC
    Inventors: Andrew Laucius, Cem Paya, Eric Winer
  • Publication number: 20180013748
    Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.
    Type: Application
    Filed: September 6, 2017
    Publication date: January 11, 2018
    Inventors: Ismail Cem Paya, Kevin Nguyen
  • Patent number: 9853977
    Abstract: Particular systems, methods, and program products for web-based security systems for user authentication and processing in a distributed computing environment are disclosed. A computing sub-system may receive an electronic processing request and a first signed data packet having a first payload that was hashed and encrypted using a first private key. The first payload may comprise first processing output and a first timestamp. The sub-system may verify the first signed data packet by decrypting it using a first public key. The sub-system may execute computing operations to satisfy the electronic processing request, producing second processing output. The sub-system may configure a data packet with a second payload comprising at least the second processing output and a second timestamp. The sub-system may encrypt the second payload using a second private key producing a second signed data packet. The sub-system may transmit to a second sub-system the second signed data packet.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: December 26, 2017
    Assignee: WINKLEVOSS IP, LLC
    Inventors: Andrew Laucius, Cem Paya, Eric Winer
  • Publication number: 20170286714
    Abstract: An online computer system including a database uses an encrypted table that allows for write protection its contents. Middleware logic operating on the system acts as an interface for access to the database, so that any business logic on the system accesses the database through simple procedural calls to the middleware rather than directly to the database itself. The middleware logic abstracts logic that helps implement write protection with the encrypted table. Data to be encrypted that has been traditionally written to other tables is migrated to the encrypted table, where the data encrypted using an authenticated encryption with additional data (AEAD) algorithm. To implement AEAD, the original table, column, and primary key indicating where the data would have otherwise been stored are together used as additional authenticated data (AAD). This tuple of information is also stored in the encrypted table.
    Type: Application
    Filed: June 22, 2017
    Publication date: October 5, 2017
    Inventors: Ismail Cem Paya, Nelson Aurel Gauthier, Kevin Nguyen
  • Patent number: 9774591
    Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.
    Type: Grant
    Filed: October 15, 2014
    Date of Patent: September 26, 2017
    Assignee: Airbnb, Inc.
    Inventors: Ismail Cem Paya, Kevin Nguyen
  • Publication number: 20170255936
    Abstract: Systems and methods can secure personal identification numbers associated with secure elements within mobile devices. A host application of the mobile device can receive a personal identification number (PIN) or user PIN from a user. The application can generate one or more random PIN components. The application can compute a PIN for the secure element based upon the user PIN and each of the one or more random components. The SE can be configured using the PIN computed for the secure element. Each of the one or more random components may be stored in one or more distinct, diverse locations. In addition to entering the correct user PIN, each of the one or more random components must be retrieved from the diverse locations in order to reconstruct the PIN for the secure element whenever performing a transaction using the secure element.
    Type: Application
    Filed: May 19, 2017
    Publication date: September 7, 2017
    Inventors: Ismail Cem Paya, Robert Lieh-Yuan Tsai
  • Patent number: 9727742
    Abstract: An online computer system including a database uses an encrypted table that allows for write protection its contents. Middleware logic operating on the system acts as an interface for access to the database, so that any business logic on the system accesses the database through simple procedural calls to the middleware rather than directly to the database itself. The middleware logic abstracts logic that helps implement write protection with the encrypted table. Data to be encrypted that has been traditionally written to other tables is migrated to the encrypted table, where the data encrypted using an authenticated encryption with additional data (AEAD) algorithm. To implement AEAD, the original table, column, and primary key indicating where the data would have otherwise been stored are together used as additional authenticated data (AAD). This tuple of information is also stored in the encrypted table.
    Type: Grant
    Filed: March 30, 2015
    Date of Patent: August 8, 2017
    Assignee: Airbnb, Inc.
    Inventors: Ismail Cem Paya, Nelson Aurel Gauthier, Kevin Nguyen
  • Patent number: 9684898
    Abstract: Systems and methods can secure personal identification numbers associated with secure elements within mobile devices. A host application of the mobile device can receive a personal identification number (PIN) or user PIN from a user. The application can generate one or more random PIN components. The application can compute a PIN for the secure element based upon the user PIN and each of the one or more random components. The SE can be configured using the PIN computed for the secure element. Each of the one or more random components may be stored in one or more distinct, diverse locations. In addition to entering the correct user PIN, each of the one or more random components must be retrieved from the diverse locations in order to reconstruct the PIN for the secure element whenever performing a transaction using the secure element.
    Type: Grant
    Filed: September 25, 2013
    Date of Patent: June 20, 2017
    Assignee: GOOGLE INC.
    Inventors: Ismail Cem Paya, Robert Lieh-Yuan Tsai
  • Patent number: 9673984
    Abstract: Scalable session management is achieved by generating a cookie that includes an encrypted session key and encrypted cookie data. The cookie data is encrypted using the session key. The session key is then signed and encrypted using one or more public/private key pairs. The encrypted session key can be decrypted and verified using the same private/public key pair(s). Once verified, the decrypted session key can then be used to decrypt and verify the encrypted cookie data. A first server having the private/public key pair(s) may generate the cookie using a randomly generated session key. A second server having the same private/public key pair(s) may decrypt and verify the cookie even if the session key is not initially installed on the second server. A session key cache may be used to provide session key lookup to save public/private key operations on the servers.
    Type: Grant
    Filed: October 31, 2013
    Date of Patent: June 6, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Wei Jiang, Adam Back, John D. Whited, Yordan I. Rouskov, Ismail Cem Paya, Wei-QUiang Michael Guo
  • Publication number: 20170048210
    Abstract: A re-programmable wireless device can store data securely and use near field communication (NFC) to exchange functionality data and/or program code from a central server system through a mobile device. A user requests a new re-programmable wireless device or a new re-programmable wireless device function via an application on the mobile device. The central server system transmits program code and a public key used to identify the re-programmable wireless device to the mobile device, which functions as a pass-through conduit for the information, storing it until the devices are synced. A NFC communication channel is created, and the mobile device authenticates the re-programmable wireless device by cross-referencing the public key received from the central server system with the public key transmitted by the re-programmable wireless device once the communication channel is established.
    Type: Application
    Filed: October 28, 2016
    Publication date: February 16, 2017
    Inventors: Sarel Kobus Jooste, Shane Farmer, Ismail Cem Paya
  • Patent number: 9516006
    Abstract: A re-programmable wireless cryptographic device can store data securely and use near field communication (NFC) to exchange functionality data and/or program code from a central server system through a mobile device. A user requests a new cryptographic device or a new device function via an application on the mobile device. The central server system transmits program code and a public key used to identify the cryptographic device to the mobile device, which functions as a pass-through conduit for the information, storing it until the devices are synced. A NFC communication channel is created, and the mobile device authenticates the cryptographic device by cross-referencing the public key received from the central server system with the public key transmitted by the cryptographic device once the communication channel is established. Upon authentication, the cryptographic device is synced with the mobile device, and the mobile device passes the program code to the cryptographic device.
    Type: Grant
    Filed: October 23, 2013
    Date of Patent: December 6, 2016
    Assignee: GOOGLE INC.
    Inventors: Sarel Kobus Jooste, Shane Farmer, Ismail Cem Paya
  • Publication number: 20160292427
    Abstract: An online computer system including a database uses an encrypted table that allows for write protection its contents. Middleware logic operating on the system acts as an interface for access to the database, so that any business logic on the system accesses the database through simple procedural calls to the middleware rather than directly to the database itself. The middleware logic abstracts logic that helps implement write protection with the encrypted table. Data to be encrypted that has been traditionally written to other tables is migrated to the encrypted table, where the data encrypted using an authenticated encryption with additional data (AEAD) algorithm. To implement AEAD, the original table, column, and primary key indicating where the data would have otherwise been stored are together used as additional authenticated data (AAD). This tuple of information is also stored in the encrypted table.
    Type: Application
    Filed: March 30, 2015
    Publication date: October 6, 2016
    Inventors: Ismail Cem Paya, Nelson Aurel Gauthier, Kevin Nguyen
  • Publication number: 20160112396
    Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.
    Type: Application
    Filed: October 15, 2014
    Publication date: April 21, 2016
    Inventors: Ismail Cem Paya, Kevin Nguyen
  • Publication number: 20150113271
    Abstract: A re-programmable wireless cryptographic device can store data securely and use near field communication (NFC) to exchange functionality data and/or program code from a central server system through a mobile device. A user requests a new cryptographic device or a new device function via an application on the mobile device. The central server system transmits program code and a public key used to identify the cryptographic device to the mobile device, which functions as a pass-through conduit for the information, storing it until the devices are synced. A NFC communication channel is created, and the mobile device authenticates the cryptographic device by cross-referencing the public key received from the central server system with the public key transmitted by the cryptographic device once the communication channel is established. Upon authentication, the cryptographic device is synced with the mobile device, and the mobile device passes the program code to the cryptographic device.
    Type: Application
    Filed: October 23, 2013
    Publication date: April 23, 2015
    Applicant: GOOGLE INC.
    Inventors: Sarel Kobus Jooste, Shane Farmer, Ismail Cem Paya