Patents by Inventor Frederic Rivain

Frederic Rivain has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240283664
    Abstract: Examples of the present disclosure provide an authenticator system that protects secret authentication keys associated with relying parties to which a user is authenticating. Present systems and methods allow cross-platform and cross-device WebAuthn usage. Example systems employ a server-based secure enclave and secure tunnel communication between the browser application or mobile application and the secure enclave server. A user of a service provider of the authenticator system owns the secret authentication key, which is stored in an encrypted vault protected by a user secret and hosted by the service provider. Decrypting the secret key may be based on a key arrangement, where keys from the user, the service provider, and the secure enclave are used to successfully decrypt the secret authentication key within the secure enclave.
    Type: Application
    Filed: January 19, 2024
    Publication date: August 22, 2024
    Applicant: Dashlane SAS
    Inventors: Mohammed Ruhul Islam, Ludovic Widmer, Guillaume Maron, Cyril Leclerc, Corentin Mors, Frédéric Rivain
  • Patent number: 12052232
    Abstract: A system and method for providing secure Single-Sign-On (SSO) authentication in a zero-knowledge architecture. A first server component may operate as a first relying party in a first SSO flow. When the user of an application successfully authenticates to a first identity provider, a first part of a secret key may be provided to the application. Additionally, a second server component may operate as a second relying party in a second SSO flow. When the first part of the secret key is received by the application, authentication information may be provided to a second identity provider. Based on a successful authentication, a second part of the secret key may be provided to the application. The first and second parts of the secret key may be combined by the application to generate a final secret key that may be used to decipher encrypted user data.
    Type: Grant
    Filed: April 21, 2022
    Date of Patent: July 30, 2024
    Assignee: DASHLANE SAS
    Inventors: Quentin Barbe, Cyril Leclerc, Frederic Rivain, Guillaume Maron
  • Publication number: 20240012933
    Abstract: A system and method for protecting user data using a key escrow service. The key escrow service may be hosted by a service provider to integrate Identity Access Management (IAM) solutions, such as Single-Sign-On (SSO) and/or System for Cross-domain Identity Management (SCIM), with a zero-knowledge service, such as a password manager or other service handling sensitive user data. In examples, secure enclave technology may be used to allow the service provider to host and manage the key escrow service without being able to access any cryptographic key used and/or stored within a secure enclave. Accordingly, in some aspects, the service provider may have the ability to store users' secret keys for SSO and sharing keys for SCIM in a trusted, secure storage location without breaking the zero-knowledge principles of the infrastructure.
    Type: Application
    Filed: March 21, 2023
    Publication date: January 11, 2024
    Applicant: Dashlane SAS
    Inventors: Ludovic Widmer, Corentin Mors, Cyril Leclerc, Tony Oreglia, Guillaume Maron, Frédéric Rivain
  • Publication number: 20230038940
    Abstract: A system and method for providing secure Single-Sign-On (SSO) authentication in a zero-knowledge architecture. A first server component may operate as a first relying party in a first SSO flow. When the user of an application successfully authenticates to a first identity provider, a first part of a secret key may be provided to the application. Additionally, a second server component may operate as a second relying party in a second SSO flow. When the first part of the secret key is received by the application, authentication information may be provided to a second identity provider. Based on a successful authentication, a second part of the secret key may be provided to the application. The first and second parts of the secret key may be combined by the application to generate a final secret key that may be used to decipher encrypted user data.
    Type: Application
    Filed: April 21, 2022
    Publication date: February 9, 2023
    Applicant: DASHLANE SAS
    Inventors: Quentin Barbe, Cyril Leclerc, Frederic Rivain, Guillaume Maron
  • Patent number: 11080597
    Abstract: A method for autofilling an electronic form is provided. Elements of the electronic form are identified. A value for each identified elements of the electronic form is determined. The electronic form is automatically filled with the determined values. During the automatically filling of the electronic form, the determined value is provided in a field corresponding to each of the elements. A user input is received on the provided value. The received user input includes a correction to a first value provided in a first field of the electronic form. An autofill application is trained using the received user input.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: August 3, 2021
    Inventors: Manuel Dalle, Guillaume Maron, Frédéric Rivain, Laure Hugo, Kévin Miguet, Loïc Guychard, Damien Rajon
  • Patent number: 10904004
    Abstract: Examples of the present disclosure describe systems and methods relating to user-session management in a zero-knowledge environment. When a user authenticates with a computing service to begin a session, a credential-cipher key is used to encrypt the user's authentication credentials, thereby generating session-resume data. The computing service stores the credential-cipher key, such that it is not retained by the user's computing device. Accordingly, when the user resumes the session, a resume request is generated to retrieve the credential-cipher key from the computing service, wherein the request is validated before providing the key. Upon successful validation, the computing service provides the credential-cipher key, which is then used to decrypt the session-resume data and regain access to the user's authentication credentials.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: January 26, 2021
    Assignee: DASHLANE SAS
    Inventors: William Delmas, Guillaume Maron, Cyril Leclerc, Frédéric Rivain
  • Patent number: 10848312
    Abstract: Examples of the present disclosure describe systems and methods relating to a zero-knowledge architecture between multiple systems. In an example, multiple systems may provide an application. User data of the application may be encrypted using a cryptographic key to restrict access to the user data. In some examples, the cryptographic key may not be provided to the multiple systems, thereby providing a zero-knowledge architecture. In order to ensure a user may access the cryptographic key, the cryptographic key may be encrypted using a second cryptographic key. The encrypted representation of the cryptographic key may be provided to a first system, while the second cryptographic key may be provided to a second system. As a result, a user computing device may retrieve both the encrypted representation of the cryptographic key and the second cryptographic key from the first and second systems, respectively, in order to encrypt/decrypt user data.
    Type: Grant
    Filed: February 8, 2018
    Date of Patent: November 24, 2020
    Assignee: DASHLANE SAS
    Inventors: Frédéric Rivain, Guillaume Maron, Cyril Leclerc, Alexis Fogel, Rew Islam
  • Patent number: 10574648
    Abstract: Methods and systems for passwordless authenticating of a user are provided. A first request to access a first content is received from a first user of a first device. A first challenge is sent to the first device in response to the first request. The first challenge is resolved using a first private key associated with the first user for the first content. A first response, including a resolved challenge, is received from the first device. It is determined whether the first response is an acceptable response to the first challenge. Access to the first content is granted to the first user in response determining that the first response is an acceptable response.
    Type: Grant
    Filed: June 14, 2017
    Date of Patent: February 25, 2020
    Assignee: Dashlane SAS
    Inventors: Thomas Guillory, Guillaume Maron, Frédéric Rivain, Alexis Fogel
  • Patent number: 10432397
    Abstract: Examples of the present disclosure describe systems and methods relating to master password reset in a zero-knowledge architecture. A master password reset may be used to regain access to encrypted user data despite not having access to the master password associated with decrypting the user data. As an example, the user data may be encrypted using a local ciphering key, wherein the key may be encrypted using a master password and stored. A second copy of the key may be stored, wherein the second copy may be encrypted using a recovery key. The recovery key may then be stored by a third party. In a reset scenario in which the master password is forgotten, the recovery key may be retrieved from the third party and used to decrypt the second copy of the local ciphering key, thereby providing access to the encrypted user data without use of the master password.
    Type: Grant
    Filed: July 6, 2017
    Date of Patent: October 1, 2019
    Assignee: Dashlane SAS
    Inventors: Guillaume Maron, Frédéric Rivain, Alexis Fogel
  • Publication number: 20190268156
    Abstract: Examples of the present disclosure describe systems and methods relating to user-session management in a zero-knowledge environment. When a user authenticates with a computing service to begin a session, a credential-cipher key is used to encrypt the user's authentication credentials, thereby generating session-resume data. The computing service stores the credential-cipher key, such that it is not retained by the user's computing device. Accordingly, when the user resumes the session, a resume request is generated to retrieve the credential-cipher key from the computing service, wherein the request is validated before providing the key. Upon successful validation, the computing service provides the credential-cipher key, which is then used to decrypt the session-resume data and regain access to the user's authentication credentials.
    Type: Application
    Filed: August 6, 2018
    Publication date: August 29, 2019
    Applicant: Dashlane, Inc.
    Inventors: William Delmas, Guillaume Maron, Cyril Leclerc, Frédéric Rivain
  • Publication number: 20190149332
    Abstract: Examples of the present disclosure describe systems and methods relating to a zero-knowledge architecture between multiple systems. In an example, multiple systems may provide an application. User data of the application may be encrypted using a cryptographic key to restrict access to the user data. In some examples, the cryptographic key may not be provided to the multiple systems, thereby providing a zero-knowledge architecture. In order to ensure a user may access the cryptographic key, the cryptographic key may be encrypted using a second cryptographic key. The encrypted representation of the cryptographic key may be provided to a first system, while the second cryptographic key may be provided to a second system. As a result, a user computing device may retrieve both the encrypted representation of the cryptographic key and the second cryptographic key from the first and second systems, respectively, in order to encrypt/decrypt user data.
    Type: Application
    Filed: February 8, 2018
    Publication date: May 16, 2019
    Applicant: Dashlane, Inc.
    Inventors: Frédéric RIVAIN, Guillaume MARON, Cyril LECLERC, Alexis FOGEL, Rew ISLAM
  • Publication number: 20180323970
    Abstract: Examples of the present disclosure describe systems and methods relating to master password reset in a zero-knowledge architecture. A master password reset may be used to regain access to encrypted user data despite not having access to the master password associated with decrypting the user data. As an example, the user data may be encrypted using a local ciphering key, wherein the key may be encrypted using a master password and stored. A second copy of the key may be stored, wherein the second copy may be encrypted using a recovery key. The recovery key may then be stored by a third party. In a reset scenario in which the master password is forgotten, the recovery key may be retrieved from the third party and used to decrypt the second copy of the local ciphering key, thereby providing access to the encrypted user data without use of the master password.
    Type: Application
    Filed: July 6, 2017
    Publication date: November 8, 2018
    Applicant: Dashlane, Inc.
    Inventors: Guillaume Maron, Frédéric Rivain, Alexis Fogel
  • Publication number: 20180183777
    Abstract: Methods and systems for passwordless authenticating of a user are provided. A first request to access a first content is received from a first user of a first device. A first challenge is sent to the first device in response to the first request. The first challenge is resolved using a first private key associated with the first user for the first content. A first response, including a resolved challenge, is received from the first device. It is determined whether the first response is an acceptable response to the first challenge. Access to the first content is granted to the first user in response determining that the first response is an acceptable response.
    Type: Application
    Filed: June 14, 2017
    Publication date: June 28, 2018
    Applicant: Dashlane, Inc.
    Inventors: Thomas Guillory, Guillaume Maron, Frédéric Rivain, Alexis Fogel
  • Publication number: 20180181866
    Abstract: A method for autofilling an electronic form is provided. Elements of the electronic form are identified. A value for each identified elements of the electronic form is determined. The electronic form is automatically filled with the determined values. During the automatically filling of the electronic form, the determined value is provided in a field corresponding to each of the elements. A user input is received on the provided value. The received user input includes a correction to a first value provided in a first field of the electronic form. An autofill application is trained using the received user input.
    Type: Application
    Filed: November 28, 2017
    Publication date: June 28, 2018
    Applicant: Dashlane, Inc.
    Inventors: Manuel Dalle, Guillaume Maron, Frédéric Rivain, Laure Hugo, Kévin Miguet, Loïc Guychard, Damien Rajon