Patents by Inventor Daniel R. L. Brown
Daniel R. L. Brown has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9490974Abstract: Devices and methods are provided for managing identity-based decryption of digital content. A message sender (“Alice”) uses a random key (Krand) to encrypt message content for a message recipient (“Bob”). Then Alice uses the public key of a message decryption service provider (“Carmen”) to generate a wrapped key ciphertext comprising the Krand and authentication information associated with Bob. Alice then sends a message text containing the encrypted message content and the wrapped key ciphertext to Bob, who in turn sends the wrapped key ciphertext to Carmen along with his authentication information. Carmen then uses her private key to process the wrapped key ciphertext to decrypt the Krand and Bob's authentication information. If the authentication information provided by Bob matches the decrypted authentication information, then Carmen sends the decrypted Krand to Bob, who uses it to decrypt the encrypted message content.Type: GrantFiled: March 29, 2012Date of Patent: November 8, 2016Assignee: Certicom Corp.Inventor: Daniel R. L. Brown
-
Patent number: 9002003Abstract: A password protocol uses a multiple word password and provides prompts to a user allowing the user to select the next word in the password from a set of words. The selection of a word causes a client to perform a cryptographic operation and generate a new selection of words. After the password is completely entered, a key is generated from the words selected.Type: GrantFiled: November 29, 2007Date of Patent: April 7, 2015Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Marinus Struik
-
Patent number: 8891756Abstract: Elliptic curve hash functions are provided which do not require a pre-existing hash function, such as that required by the MuHash. The elliptic curve hash functions can be built from scratch and are collision free and can be incremental. In one embodiment, rather than a pre-existing hash function, the identity function with padding is used; and in another embodiment, rather than a pre-existing hash function, a block cipher with a fixed non-secret key is used.Type: GrantFiled: October 30, 2009Date of Patent: November 18, 2014Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Matthew J. Campagna, Marinus Struik
-
Patent number: 8880888Abstract: A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.Type: GrantFiled: May 10, 2010Date of Patent: November 4, 2014Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Scott A. Vanstone
-
Patent number: 8782400Abstract: A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points.Type: GrantFiled: June 13, 2012Date of Patent: July 15, 2014Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Patent number: 8639931Abstract: The generation of a shared secret key K in the implementation of a key agreement protocol, for example MQV, may be optimized for accelerated computation by selecting the ephemeral public key and the long-term public key of a correspondent to be identical. One correspondent determines whether the pair of public keys of the other correspondent are identical. If it is, a simplified representation of the shared key K is used which reduces the number of scalar multiplication operations for an additive group or exponentiation operations for a multiplicative group. Further optimization may be obtained by performing simultaneous scalar multiplication or simultaneous exponentiation in the computation of K.Type: GrantFiled: December 16, 2009Date of Patent: January 28, 2014Assignee: Certicom Corp.Inventor: Daniel R. L. Brown
-
Patent number: 8634562Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: GrantFiled: September 14, 2012Date of Patent: January 21, 2014Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Robert P. Gallant, Daniel R. L. Brown
-
Patent number: 8588409Abstract: Methods for choosing groups for a static Diffie-Hellman key agreement protocol to inhibit active attacks by an adversary are provided. In mod p groups, an even h is chosen of value approximately ( 9/16)(log2n)2, values r and n are determined using sieving and primality testing on r and n, and a value t is found to compute p=tn+1 wherein p is prime. In elliptic curve groups defined over a binary filed, a random curve is chosen, the number of points on the curve is counted and this number is checked for value of 2n wherein n is prime and n?1 meets preferred criteria. In elliptic curve groups defined over a prime field of order q, a value n=hr+1 is computed, wherein n is prime and n?1 meets preferred criteria, and a complex multiplication method is applied on n to produce a value q and an elliptic curve E defined over q and having an order n.Type: GrantFiled: November 14, 2005Date of Patent: November 19, 2013Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone
-
Publication number: 20130246805Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: ApplicationFiled: September 14, 2012Publication date: September 19, 2013Applicant: CERTICOM CORP.Inventors: Scott A. VANSTONE, Robert P. GALLANT, Daniel R.L. BROWN
-
Patent number: 8396213Abstract: An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.Type: GrantFiled: January 23, 2006Date of Patent: March 12, 2013Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Scott A. Vanstone
-
Patent number: 8335317Abstract: Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.Type: GrantFiled: November 14, 2005Date of Patent: December 18, 2012Assignee: Certicom Corp.Inventors: Scott A. Vanstone, Robert P. Gallant, Daniel R. L. Brown
-
Publication number: 20120314855Abstract: A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points.Type: ApplicationFiled: June 13, 2012Publication date: December 13, 2012Applicant: Certicom Corp.Inventors: Daniel R.L Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Publication number: 20120254616Abstract: Devices and methods are provided for managing identity-based decryption of digital content. A message sender (“Alice”) uses a random key (Krand) to encrypt message content for a message recipient (“Bob”). Then Alice uses the public key of a message decryption service provider (“Carmen”) to generate a wrapped key ciphertext comprising the Krand and authentication information associated with Bob. Alice then sends a message text containing the encrypted message content and the wrapped key ciphertext to Bob, who in turn sends the wrapped key ciphertext to Carmen along with his authentication information. Carmen then uses her private key to process the wrapped key ciphertext to decrypt the Krand and Bob's authentication information. If the authentication information provided by Bob matches the decrypted authentication information, then Carmen sends the decrypted Krand to Bob, who uses it to decrypt the encrypted message content.Type: ApplicationFiled: March 29, 2012Publication date: October 4, 2012Applicant: CERTICOM CORPORATIONInventor: Daniel R.L. Brown
-
Publication number: 20110060909Abstract: The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions.Type: ApplicationFiled: November 12, 2010Publication date: March 10, 2011Applicant: CERTICOM CORP.Inventors: Daniel R.L. Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Patent number: 7844051Abstract: The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions.Type: GrantFiled: November 14, 2005Date of Patent: November 30, 2010Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone, Marinus Struik
-
Publication number: 20100278333Abstract: A method of performing a cryptographic operation on a point in an elliptic curve cryptosystem using an elliptic curve. The method comprises the steps of obtaining information that uniquely identifies the elliptic curve and performing computations on the point to obtain the result of the cryptographic operation. The computations use the information. The computations produce an incorrect result if the point is not on the elliptic curve.Type: ApplicationFiled: July 14, 2010Publication date: November 4, 2010Applicant: CERTICOM CORP.Inventors: Scott A. Vanstone, Daniel R. L. Brown
-
Publication number: 20100250945Abstract: A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.Type: ApplicationFiled: May 10, 2010Publication date: September 30, 2010Applicant: Certicom Corp.Inventors: Daniel R.L. Brown, Scott A. Vanstone
-
Publication number: 20100189253Abstract: A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.Type: ApplicationFiled: April 1, 2010Publication date: July 29, 2010Applicant: Certicom Corp.Inventors: Daniel R.L. Brown, Scott A. Vanstone
-
Publication number: 20100153728Abstract: The generation of a shared secret key K in the implementation of a key agreement protocol, for example MQV, may be optimized for accelerated computation by selecting the ephemeral public key and the long-term public key of a correspondent to be identical. One correspondent determines whether the pair of public keys of the other correspondent are identical. If it is, a simplified representation of the shared key K is used which reduces the number of scalar multiplication operations for an additive group or exponentiation operations for a multiplicative group. Further optimisation may be obtained by performing simultaneous scalar multiplication or simultaneous exponentiation in the computation of K.Type: ApplicationFiled: December 16, 2009Publication date: June 17, 2010Applicant: CERTICOM CORP.Inventor: Daniel R.L. Brown
-
Patent number: 7720221Abstract: A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.Type: GrantFiled: May 19, 2006Date of Patent: May 18, 2010Assignee: Certicom Corp.Inventors: Daniel R. L. Brown, Scott A. Vanstone