Patents by Inventor Jerrold V. Hauck

Jerrold V. Hauck has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10440034
    Abstract: Methods and apparatus for detecting fraudulent device operation. In one exemplary embodiment of the present disclosure, a device is issued a user access control client that is uniquely associated with a shared secret that is securely stored within the network and the access control client. Subsequent efforts to activate or deactivate the access control client require verification of the shared secret. Each change in state includes a change to the shared secret. Consequently, requests for a change to state which do not have the proper shared secret will be disregarded, and/or flagged as fraudulent.
    Type: Grant
    Filed: February 7, 2013
    Date of Patent: October 8, 2019
    Assignee: Apple Inc.
    Inventors: Jerrold Von Hauck, Li Li, Stephan V. Schell
  • Publication number: 20190296905
    Abstract: A device may include a secure processor and a secure memory coupled to the secure processor. The secure memory may be inaccessible to other device systems. The secure processor may store some keys and/or entropy values in the secure memory and other keys and/or entropy values outside the secure memory. The keys and/or entropy values stored outside the secure memory may be encrypted using information stored inside the secure memory.
    Type: Application
    Filed: June 10, 2019
    Publication date: September 26, 2019
    Inventors: Kumar Saurav, Jerrold V. Hauck, Yannick L. Sierra, Charles E. Gray, Roberto G. Yepez, Samuel Gosselin, Petr Kostka, Wade Benson
  • Patent number: 10409600
    Abstract: In an embodiment, a processor includes hardware circuitry and/or supports instructions which may be used to detect that a return address or jump address has been modified since it was written to memory. In response to detecting the modification, the processor may be configured to signal an exception or otherwise initiate error handling to prevent execution at the modified address. In an embodiment, the processor may perform a cryptographic sign operation on the return address/jump address before writing the signed return address/jump address to memory and the signature may be verified before the to address is used as a return target or jump target. Security of the system may be improved by foiling ROP/JOP attacks.
    Type: Grant
    Filed: July 5, 2016
    Date of Patent: September 10, 2019
    Assignee: Apple Inc.
    Inventors: Yannick L. Sierra, Jeffry E. Gonion, Thomas Roche, Jerrold V. Hauck
  • Patent number: 10410568
    Abstract: A data processing system can store a long-term history of pixel luminance values in a secure memory and use those values to create burn-in compensation values that are used to mitigate burn-in effect on a display. The long-term history can be updated over time with new, accumulated pixel luminance values.
    Type: Grant
    Filed: January 18, 2018
    Date of Patent: September 10, 2019
    Assignee: Apple Inc.
    Inventors: Paul S. Drzaic, Ross Thompson, Guy Cote, Christopher P. Tann, Jerrold V. Hauck, Yifan Zhang, Jean-Pierre Guillou, Ian C. Hendry, Vanessa C. Heppolette, Tae-Wook Koh, Arthur L. Spence
  • Patent number: 10410569
    Abstract: A data processing system can store a long-term history of pixel luminance values in a secure memory and use those values to create burn-in compensation values that are used to mitigate burn-in effect on a display. The long-term history can be updated over time with new, accumulated pixel luminance values.
    Type: Grant
    Filed: January 18, 2018
    Date of Patent: September 10, 2019
    Assignee: Apple Inc.
    Inventors: Paul S. Drzaic, Ross Thompson, Guy Cote, Christopher P. Tann, Jerrold V. Hauck, Yifan Zhang, Jean-Pierre Guillou, Ian C. Hendry, Vanessa C. Heppolette, Tae-Wook Koh, Arthur L. Spence
  • Publication number: 20190251546
    Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.
    Type: Application
    Filed: April 25, 2019
    Publication date: August 15, 2019
    Inventors: Ahmer A. Khan, Gregory B. Novick, Jerrold V. Hauck, Saket R. Vora, Yehonatan Perez
  • Patent number: 10382210
    Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: August 13, 2019
    Assignee: Apple Inc.
    Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig A. Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
  • Patent number: 10372932
    Abstract: In various embodiments, methods, devices and systems for securely generating, sealing, and restoring factory-generated calibration and provisioning data for an electronic device are described, in which calibration and provisioning data for an electronic device are generated in a distributed manner and stored on a storage system. The calibration data can be retrieved from the storage system during device assembly and finalized calibration and provisioning data for each electronic device can be stored to the storage system. In one embodiment, a sealing server, to attest to the authenticity of the factory generated data, seals the finalized calibration data. In one embodiment, an electronic device can access a data store containing the factory-generated data and can update or restore calibration or provisioning data for the device from the data store.
    Type: Grant
    Filed: January 6, 2017
    Date of Patent: August 6, 2019
    Assignee: Apple Inc.
    Inventors: Thomas P. Mensch, Jason D. Gosnell, Jerrold V. Hauck, Muralidhar S. Vempaty, Dallas B. De Atley
  • Publication number: 20190236254
    Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.
    Type: Application
    Filed: April 1, 2019
    Publication date: August 1, 2019
    Inventors: Lucia E. Ballard, Jerrold V. Hauck, Deepti S. Prakash, Jan Cibulka, Ivan Krstic
  • Publication number: 20190182041
    Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.
    Type: Application
    Filed: November 9, 2018
    Publication date: June 13, 2019
    Inventors: Dallas B. DE ATLEY, Jerrold V. HAUCK, Mitchell D. ADLER
  • Patent number: 10320563
    Abstract: A device may include a secure processor and a secure memory coupled to the secure processor. The secure memory may be inaccessible to other device systems. The secure processor may store some keys and/or entropy values in the secure memory and other keys and/or entropy values outside the secure memory. The keys and/or entropy values stored outside the secure memory may be encrypted using information stored inside the secure memory.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: June 11, 2019
    Assignee: Apple Inc.
    Inventors: Kumar Saurav, Jerrold V. Hauck, Yannick L. Sierra, Charles E. Gray, Robert Yepez, Samuel Gosselin, Petr Kostka, Wade Benson
  • Publication number: 20190171465
    Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.
    Type: Application
    Filed: January 31, 2019
    Publication date: June 6, 2019
    Inventors: Wade BENSON, Marc J. KROCHMAL, Alexander R. LEDWITH, John IAROCCI, Jerrold V. HAUCK, Michael BROUWER, Mitchell D. ADLER, Yannick L. SIERRA
  • Patent number: 10289996
    Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.
    Type: Grant
    Filed: January 8, 2018
    Date of Patent: May 14, 2019
    Assignee: Apple Inc.
    Inventors: Ahmer A. Khan, Gregory B. Novick, Jerrold V. Hauck, Saket R. Vora, Yehonatan Perez
  • Publication number: 20190116619
    Abstract: A secure ranging system can use a secure processing system to deliver one or more ranging keys to a ranging radio on a device, and the ranging radio can derive locally at the system ranging codes based on the ranging keys. A deterministic random number generator can derive the ranging codes using the ranging key and one or more session parameters, and each device (e.g. a cellular telephone and another device) can independently derive the ranging codes and derive them contemporaneously with their use in ranging operations.
    Type: Application
    Filed: April 14, 2017
    Publication date: April 18, 2019
    Inventors: Jerrold V. HAUCK, Alejandro J. MARQUEZ, Timothy R. PAASKE, Indranil S. SEN, Herve SIBERT, Yannick L. SIERRA, Raman S. THIARA
  • Patent number: 10251054
    Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a PCF, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.
    Type: Grant
    Filed: September 8, 2017
    Date of Patent: April 2, 2019
    Assignee: APPLE INC.
    Inventors: Mehdi Ziat, Christopher Sharp, Kevin P. McLaughlin, Li Li, Jerrold V. Hauck, Yousuf H. Vaid
  • Publication number: 20190042718
    Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.
    Type: Application
    Filed: July 31, 2018
    Publication date: February 7, 2019
    Inventors: Deepti S. Prakash, Lucia E. Ballard, Jerrold V. Hauck, Feng Tang, Etai Littwin, Pavan Kumar Ansosalu Vasu, Gideon Littwin, Thorsten Gernoth, Lucie Kucerova, Petr Kostka, Steven P. Hotelling, Eitan Hirsh, Tal Kaitz, Jonathan Pokrass, Andrei Kolin, Moshe Laifenfeld, Matthew C. Waldon, Thomas P. Mensch, Lynn R. Youngs, Christopher G. Zeleznik, Michael R. Malone, Ziv Hendel, Ivan Krstic, Anup K. Sharma, Kelsey Y. Ho
  • Publication number: 20190044723
    Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.
    Type: Application
    Filed: July 31, 2018
    Publication date: February 7, 2019
    Inventors: Deepti S. Prakash, Lucia E. Ballard, Jerrold V. Hauck, Feng Tang, Etai Littwin, Pavan Kumar Ansosalu Vasu, Gideon Littwin, Thorsten Gernoth, Lucie Kucerova, Petr Kostka, Steven P. Hotelling, Eitan Hirsh, Tal Kaitz, Jonathan Pokrass, Andrei Kolin, Moshe Laifenfeld, Matthew C. Waldon, Thomas P. Mensch, Lynn R. Youngs, Christopher G. Zeleznik, Michael R. Malone, Ziv Hendel, Ivan Krstic, Anup K. Sharma
  • Publication number: 20190013939
    Abstract: Techniques are disclosed relating to relating to a public key infrastructure (PKI). In one embodiment, an integrated circuit is disclosed that includes at least one processor and a secure circuit isolated from access by the processor except through a mailbox mechanism. The secure circuit is configured to generate a key pair having a public key and a private key, and to issue, to a certificate authority (CA), a certificate signing request (CSR) for a certificate corresponding to the key pair. In some embodiments, the secure circuit may be configured to receive, via the mailbox mechanism, a first request from an application executing on the processor to issue a certificate to the application. The secure circuit may also be configured to perform, in response to a second request, a cryptographic operation using a public key circuit included in the secure circuit.
    Type: Application
    Filed: September 17, 2018
    Publication date: January 10, 2019
    Inventors: Wade Benson, Libor Sykora, Vratislav Kuzela, Michael Brouwer, Andrew R. Whalley, Jerrold V. Hauck, David Finkelstein, Thomas Mensch
  • Patent number: 10153900
    Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.
    Type: Grant
    Filed: October 11, 2017
    Date of Patent: December 11, 2018
    Assignee: Apple Inc.
    Inventors: Dallas B. De Atley, Jerrold V. Hauck, Mitchell D. Adler
  • Publication number: 20180350295
    Abstract: A data processing system can store a long-term history of pixel luminance values in a secure memory and use those values to create burn-in compensation values that are used to mitigate burn-in effect on a display. The long-term history can be updated over time with new, accumulated pixel luminance values.
    Type: Application
    Filed: January 18, 2018
    Publication date: December 6, 2018
    Inventors: PAUL S. DRZAIC, TAE-WOOK KOH, ROSS THOMPSON, GUY COTE, CHRISTOPHER P. TANN, JERROLD V. HAUCK, YIFAN ZHANG, JEAN-PIERRE GUILLOU, IAN C. HENDRY, VANESSA C. HEPPOLETTE, ARTHUR L. SPENCE