Patents by Inventor David M'Raihi

David M'Raihi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190114399
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable media for enforcing application usage policies. As part of an application purchase transaction, the application distributor creates a unique proof of purchase receipt. This receipt can be bundled with the application and delivered to the purchaser. Each machine can maintain an authorization file that lists the users authorized to use applications on that machine. A system configured to practice the method verifies that a user is authorized to use an application on a machine based on an application proof of purchase receipt and the authorization file. If the application proof of purchase receipt and the authorization file are both valid, the system checks if the user account identifier in the receipt is contained in the authorization file. If so, the user can be considered authorized to use the application on the machine.
    Type: Application
    Filed: October 31, 2018
    Publication date: April 18, 2019
    Inventors: Jean-Pierre CIUDAD, Augustin J. FARRUGIA, David M'RAIHI, Bertrand Mollinier TOUBLET, Gianpaolo FASOLI, Nicholas T. SULLIVAN
  • Patent number: 10237246
    Abstract: A communication server, interacting with an organization system having users that wish to communicate securely, provides secure communication capability to the users, without the communication server itself having access to unencrypted content of the user communications or to cryptographic keys that would allow the communication server to derive the unencrypted content. Thus, the communication server that provides the secure communication capability need not itself be trusted by the users with access to communicated content. To achieve this, the various entities communicate to exchange cryptographic keys in such a manner that the communication server never obtains usable copies of the cryptographic keys.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: March 19, 2019
    Assignee: SYMPHONY COMMUNICATION SERVICES HOLDINGS LLC
    Inventors: Serkan Mulayin, David M'Raihi, Tim Casey, Michael Harmon, Jon McLachlan
  • Publication number: 20180260430
    Abstract: A secure storage module of a client device interacts with a set of secure storage servers to securely store data items of the client on the servers, such that no individual server has the data in readable (non-obfuscated) form. Additionally, the client secure storage module and the servers interact to allow the client device to read a given portion of the original data items from the servers, such that none of the servers can determine which portion of the original data is being requested. Similarly, the interactions of the client secure storage module and the servers allows the client device to update a given portion of the original data on the servers to a new value, such that none of the servers can determine which portion is being updated and that none of the servers can determine either the prior value or new value or the difference between the new value and the prior value.
    Type: Application
    Filed: March 10, 2017
    Publication date: September 13, 2018
    Inventors: Christian Tschudin, David M'Raihi
  • Patent number: 9792089
    Abstract: A random number generator uses a looped circuit that produces pulses dependent on manufacturing variations and noise, and fed into a counting circuit. In certain embodiments, the technology can be merged with a Physical Unclonable Function (PUF) such that a single circuit provides both 1) bits that are unique to each chip that remain fairly similar each time they are queried on the same chip; as well as 2) bits that are random, i.e., different each time the randomness is queried, even on the same device.
    Type: Grant
    Filed: September 10, 2014
    Date of Patent: October 17, 2017
    Assignee: Verayo, Inc.
    Inventors: Meng-Day (Mandel) Yu, David M'raihi
  • Patent number: 9712532
    Abstract: A method of providing web site verification information to a user can include receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also can include accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further can include transmitting a positive identifier to the requester if the host name is associated with a Trust Services customer and transmitting a negative identifier to the requester if the host name is not associated with a Trust Services customer. In a specific embodiment, the Trust Services include issuance of digital certificates.
    Type: Grant
    Filed: June 3, 2013
    Date of Patent: July 18, 2017
    Assignee: Symantec Corporation
    Inventors: Gary Krall, Barry Ferg, David M'Raihi, Nicolas Popp
  • Publication number: 20160127346
    Abstract: The disclosed invention is a system and method that allows for authentication of a user to a network using a token. The user can use movements or gesture that are recorded by an accelerometer and the token interacts with a device and authenticates the user to the system. The token may be part of the device or stand alone. The various aspects of the present invention capture a novel design for an authentication token that authenticated the token and the user of the token.
    Type: Application
    Filed: June 2, 2014
    Publication date: May 5, 2016
    Applicant: Verayo, Inc.
    Inventors: William Henry BARES, David M'RAIHI, Eric DUPRAT
  • Publication number: 20160127365
    Abstract: The disclosed invention is a system and method that allows for authentication of a user to a network using a token. The token interacts with a device and authenticates the user to the system using lower power consumption and minimal bandwidth user for communication. The token may be part of the device or stand alone. The various aspects of the present invention capture a novel design for an authentication token that eliminates the need for user interaction with the token.
    Type: Application
    Filed: June 3, 2014
    Publication date: May 5, 2016
    Applicant: Verayo, Inc.
    Inventors: William Henry BARES, David M'RAIHI
  • Patent number: 9264234
    Abstract: In the field of computer and data security, the identifier (ID) of a computing device is protected by providing a secure signature used to verify the ID. The signature is computed from the ID using a “White Box” cryptographic process and a hash function. This provides a signature that is computationally easy to verify but difficult or impossible to generate by a hacker (unauthorized user). This method of first creating the signature and later verifying the identifier using the signature and the associated computing apparatus are thereby useful for protection against hacking of such identifiers of computing devices.
    Type: Grant
    Filed: January 24, 2012
    Date of Patent: February 16, 2016
    Assignee: APPLE INC.
    Inventors: Augustin J. Farrugia, David M'Raihi, Mathieu Ciet, Thomas Icart
  • Patent number: 9258124
    Abstract: A system and method for generating a One Time Password (OTP) based upon a value TEC that can change based both upon the occurrence of an event and the passage of time. The OTP can be computed at a token and sent to a verifier. The verifier stores exact or estimated parameters necessary to compute one or more expected OTPs from the token, including TEC. The value TEC can be synchronized between the token and the verifier.
    Type: Grant
    Filed: April 21, 2006
    Date of Patent: February 9, 2016
    Assignee: Symantec Corporation
    Inventor: David M'Raihi
  • Patent number: 9185108
    Abstract: A scalable system and method for authenticating entities such as consumers to entities with a diverse set of authentication requirements, such as merchants, banks, vendors, other consumers, and so on. An authentication credential such as a token can be shared among several resources as a way to authenticate the credential owner.
    Type: Grant
    Filed: May 5, 2006
    Date of Patent: November 10, 2015
    Assignee: Symantec Corporation
    Inventors: David M'Raihi, Siddharth Bajaj, Nicolas Popp
  • Patent number: 9026788
    Abstract: In a centralized credential management system, website credentials are stored in a vault storage at a vault. The website credentials are encrypted based upon a key not available to the vault and are for authenticating a user to a third party website. Through a client, a user authenticates to the vault and retrieves the encrypted website credentials and parameters and code for properly injecting the credentials into a website authentication form. The website credentials are decrypted at the client and injected into the authentication form using the parameters and code.
    Type: Grant
    Filed: April 25, 2013
    Date of Patent: May 5, 2015
    Assignee: Symantec Corporation
    Inventors: Barry Ferg, Gary Krall, David M'Raihi, Nicolas Popp
  • Publication number: 20150074157
    Abstract: A random number generator uses a looped circuit that produces pulses dependent on manufacturing variations and noise, and fed into a counting circuit. In certain embodiments, the technology can be merged with a Physical Unclonable Function (PUF) such that a single circuit provides both 1) bits that are unique to each chip that remain fairly similar each time they are queried on the same chip; as well as 2) bits that are random, i.e., different each time the randomness is queried, even on the same device.
    Type: Application
    Filed: September 10, 2014
    Publication date: March 12, 2015
    Inventors: Meng-Day (Mandel) YU, David M'RAIHI
  • Patent number: 8908866
    Abstract: A method and apparatus to provide a cryptographic protocol for secure authentication, privacy, and anonymity. The protocol, in one embodiment, is designed to be implemented in a small number of logic gates, executed quickly on simple devices, and provide military grade security.
    Type: Grant
    Filed: April 13, 2012
    Date of Patent: December 9, 2014
    Assignee: Symantec Corporation
    Inventors: Joseph A. Adler, David M'Raihi
  • Publication number: 20140331288
    Abstract: A system and methods are disclosed that limiting the number of challenge/response pairs available to an adversary. In accordance with the various aspects of the present invention, gate the access to an authentication module with a gatekeeper. The system can create a challenge/response protocol whereby the amount of challenge/response information leaked is controlled by the server. The device cannot leak challenge/response pairs when the device is in the possession of or being queried by an adversary or false device.
    Type: Application
    Filed: May 1, 2014
    Publication date: November 6, 2014
    Applicant: VERAYO, INC.
    Inventors: Meng-Day (Mandel) YU, David M'RAIHI
  • Publication number: 20140301551
    Abstract: A method and apparatus to provide a cryptographic protocol for secure authentication, privacy, and anonymity. The protocol, in one embodiment, is designed to be implemented in a small number of logic gates, executed quickly on simple devices, and provide military grade security.
    Type: Application
    Filed: April 13, 2012
    Publication date: October 9, 2014
    Applicant: Symantec Corporation
    Inventors: Joseph A. Adler, David M'Raihi
  • Publication number: 20140237622
    Abstract: A system and method for protecting a software program from unauthorized modification or exploitation. A software security mechanism according to the present invention is difficult for a hacker or cracker to detect and/or defeat, but does not impose excessive runtime overhead on the host software program. The present invention further comprises a system and method for automating the injection of a software security mechanism according to the present invention into a host software program.
    Type: Application
    Filed: August 12, 2013
    Publication date: August 21, 2014
    Applicant: Arxan Technologies, Inc.
    Inventors: Hoi Chang, Florian Kerschbaum, Kyle Faulkner, David M'Raihi, Michael Joseph Mehlberg
  • Patent number: 8762723
    Abstract: An approach to cryptographic security uses a “fuzzy” credential, in contrast to a “hard” credential, to eliminate cryptographic algorithmic repeatability on a device that may be subject to physical attacks. By eliminating repeatability performed at an algorithmic (e.g., gate or software) level, a device inherently lacks one of the fundamental setup assumptions associated with certain classes of side channel, fault injection, timing, and related attacks, thus helps to protect the system against such attacks while preserving the cryptographic security of the system.
    Type: Grant
    Filed: July 6, 2012
    Date of Patent: June 24, 2014
    Assignee: Verayo, Inc.
    Inventors: Meng-Day Yu, Srinivas Devadas, David M'Raihi, Eric Duprat
  • Patent number: 8751806
    Abstract: A method and apparatus to authenticate limited processing-power systems (LPPS) using elliptic cryptography within a well known elliptic curve E, over a well known finite field F ((E(F)). The apparatus comprises a random number generator to choose a random value b, of a similar order of magnitude to the order of E(F). The apparatus further comprises a challenge calculator to calculate a value C=bP and send the challenge to the LPPS, where P is a point on the elliptic curve E(F) which was used as a basis for generating a private key, a, for the LPPS. The apparatus further comprising an RFID reader to receive a challenge response, R=aC=abP from the LPPS, and a crypto calculator to calculate bQ, based on a public key, Q, of the LPPS. The apparatus further comprising a comparison logic to authenticate the LPPS if bQ=aC=abP.
    Type: Grant
    Filed: January 11, 2012
    Date of Patent: June 10, 2014
    Assignee: Symantec Corporation
    Inventors: Joseph A. Adler, David M'Raihi
  • Patent number: 8615809
    Abstract: A web site can be authenticated by a third party authentication service. A user designates an authentication device that is a shared secret between the user and the authentication service. A web site page includes a URL that points to the authentication service. The URL includes a digital signature by the web site. When the user receives the page, the user's browser issues a request to the authentication service, which attempts to authenticate the digital signature. If the authentication is successful, it sends the authentication device to the user computer.
    Type: Grant
    Filed: November 10, 2011
    Date of Patent: December 24, 2013
    Assignee: Symantec Corporation
    Inventors: Siddharth Bajaj, Roxana Alina Bradescu, Jeffrey Burstein, David M'Raihi, Nicolas Popp
  • Publication number: 20130298211
    Abstract: The disclosed invention is a system and method that allows for authentication of a user to a network using a token. The token interacts with a device and authenticates the user to the system. The token may be part of the device or stand alone. The various aspects of the present invention capture a novel design for an authentication token that eliminates the need for user interaction with the token.
    Type: Application
    Filed: April 2, 2013
    Publication date: November 7, 2013
    Applicant: VERAYO, INC.
    Inventors: David M'Raihi, Srinivas Devadas, WILLIAM HENRY BARES, Meng-Day Mandel Yu, ZDENEK SIDNEY PARAL