Patents by Inventor Eli Biham
Eli Biham has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220182229Abstract: One of the main obstacles of securing industrial control systems is the lack of an appropriate security model that is both implementable by vendors and addresses the inherent security and usability issues needed by organizations. Current solutions such as device passwords and IPSec lack scalable key management infrastructure and fine granularity access control mechanisms. A security model for industrial control systems that supports organizational level authorizations and authentication requirements, while hiding the low-level details (e.g., keys and passwords) from the users is disclosed. It also enables easy addition and removal of PLCs, engineering station, HMI devices and users, and assigning permission to them. A major advantage is its support for hybrid ICS systems, characterized by co-existence of legacy devices and new devices, while using the same protocol. Devices may communicate therein either natively, or by a connected converter.Type: ApplicationFiled: December 7, 2021Publication date: June 9, 2022Applicant: Technion Research & Development Foundation LimitedInventors: Eli BIHAM, Sara BITAN-ERLICH, Alon DANKNER
-
Patent number: 11245550Abstract: A system for authenticating messages transmitted on a bus based on physical location of transmitting units, comprising a reflector adapted to inject a plurality of reflection signals at a first point of a line topology bus, each in response to each of a plurality of messages transmitted by a plurality of bus connected units and a probe adapted to intercept the messages and the reflection signals at a second point of the bus. The probe calculates propagation timing between a reception time of the message and a reception time of an associated reflection signal transmitted in response to the message and determines validity of the message according to a match between the calculated propagation timing and a predefined propagation timings associated with the bus connected units. Wherein the bus connected units are statically connected to the bus between the first point and the second point.Type: GrantFiled: December 18, 2018Date of Patent: February 8, 2022Assignee: Technion Research & Development Foundation LimitedInventors: Eli Biham, Eli Gavril, Sara Bitan-Erlich
-
Publication number: 20200403825Abstract: A system for authenticating messages transmitted on a bus based on physical location of transmitting units, comprising a reflector adapted to inject a plurality of reflection signals at a first point of a line topology bus, each in response to each of a plurality of messages transmitted by a plurality of bus connected units and a probe adapted to intercept the messages and the reflection signals at a second point of the bus. The probe calculates propagation timing between a reception time of the message and a reception time of an associated reflection signal transmitted in response to the message and determines validity of the message according to a match between the calculated propagation timing and a predefined propagation timings associated with the bus connected units. Wherein the bus connected units are statically connected to the bus between the first point and the second point.Type: ApplicationFiled: December 18, 2018Publication date: December 24, 2020Applicant: Technion Research & Development Foundation LimitedInventors: Eli BIHAM, Eli GAVRIL, Sara BITAN-ERLICH
-
Patent number: 9680644Abstract: Authenticating a user by presenting an authentication instruction to an individual via any computing device output interfaces, the authentication instruction selected from an identity authentication profile, receiving a response to the authentication instruction via any input methods supported by the computing device, the response including content provided through the performance of an action, determining a current action measurement for characteristics associated with the action, and a current content measurement for characteristics associated with the content, where the characteristics are associated with the authentication instruction, determining that each of the measurements matches a corresponding benchmark associated with the authentication instruction to within a predefined tolerance, where the benchmarks are selected from the identity authentication profile and performing the presenting, receiving, and determining steps for each of a predefined number of authentication instructions selected from theType: GrantFiled: July 25, 2014Date of Patent: June 13, 2017Assignee: TECHNION RESEARCH AND DEVELOPMENT FOUNDATION LIMITEDInventors: Rafael Chen, Shay Kutten, Eli Biham
-
Patent number: 9038192Abstract: A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.Type: GrantFiled: September 20, 2012Date of Patent: May 19, 2015Inventors: Elad Barkan, Eli Biham
-
Publication number: 20150033310Abstract: Authenticating a user by presenting an authentication instruction to an individual via any computing device output interfaces, the authentication instruction selected from an identity authentication profile, receiving a response to the authentication instruction via any input methods supported by the computing device, the response including content provided through the performance of an action, determining a current action measurement for characteristics associated with the action, and a current content measurement for characteristics associated with the content, where the characteristics are associated with the authentication instruction, determining that each of the measurements matches a corresponding benchmark associated with the authentication instruction to within a predefined tolerance, where the benchmarks are selected from the identity authentication profile and performing the presenting, receiving, and determining steps for each of a predefined number of authentication instructions selected from theType: ApplicationFiled: July 25, 2014Publication date: January 29, 2015Inventors: RAFAEL CHEN, SHAY KUTTEN, ELI BIHAM
-
Publication number: 20130083918Abstract: A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.Type: ApplicationFiled: September 20, 2012Publication date: April 4, 2013Inventors: Elad Barkan, Eli Biham
-
Patent number: 8295477Abstract: A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.Type: GrantFiled: July 18, 2011Date of Patent: October 23, 2012Inventors: Elad Barkan, Eli Biham
-
Publication number: 20110280393Abstract: A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.Type: ApplicationFiled: July 18, 2011Publication date: November 17, 2011Inventors: Elad Barkan, Eli Biham
-
Patent number: 8009826Abstract: In a cellular interception system, an information processing method for converting information of several cellular-network wireless messages from a first encrypted format under a session key, where each message is encrypted by a cellular ciphering algorithm chosen out of a collection of one or more cellular ciphering algorithms under the session key, to a second unencrypted format comprising: (A) divide the messages in the first format into two sets; the first set containing messages encrypted under the same encryption algorithm, and a second set containing the remaining messages. (B) subject the messages in the first set to a ciphertext-only cryptanalysis of a cellular encryption algorithm to recover the session key. (C) for each message in the second set, subject the message together with the recovered session key to the corresponding cellular ciphering algorithm to receive the message's information in the second format.Type: GrantFiled: April 30, 2004Date of Patent: August 30, 2011Inventors: Elad Barkan, Eli Biham
-
Publication number: 20070147621Abstract: A cryptanalysis method comprising: (A)Perfonning a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers par t of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on A5/2 comprises trying all the possible values for R4o, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internai state of R1, R2, and R3; Together with R4, this pives the the full internai state which gives a suggestion for the key.Type: ApplicationFiled: April 30, 2004Publication date: June 28, 2007Inventors: Elad Barkan, Eli Biham