Patents by Inventor Joppe Willem Bos
Joppe Willem Bos has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11409845Abstract: A method is provided for detecting copying of a machine learning model. A plurality of inputs is provided to a first machine learning model. The first machine learning model provides a plurality of output values. A sequence of bits of a master input is divided into a plurality of subsets of bits. The master input may be an image. Each subset of the plurality of subsets of bits corresponds to one of the plurality of output values. An ordered sequence of the inputs is generated based on the plurality of subsets of bits. The ordered sequence of the inputs is inputted to a second machine learning model. It is then determined if output values from the second machine learning model reproduces the predetermined master input. If the predetermined master input is reproduced, the second machine learning model is a copy of the first machine learning model.Type: GrantFiled: January 17, 2019Date of Patent: August 9, 2022Assignee: NXP B.V.Inventors: Nikita Veshchikov, Joppe Willem Bos, Simon Johann Friedberger
-
Patent number: 11409843Abstract: A method is provided for protecting a software program from copying. The method includes providing a first implementation of the software program. A second implementation of the software program is then provided. The second implementation provides a same functionality as the first implementation, and wherein the second implementation includes a plurality of dummy operations to increase a number of operations and an execution time of the second implementation compared to the first implementation. The dummy operations are encoded. The second implementation may then be compared to another software program to determine if the another software program is a copy of the first implementation of the software program. This allows a copy of the first implementation to be detected without disclosing the first implementation.Type: GrantFiled: October 10, 2019Date of Patent: August 9, 2022Assignee: NXP B.V.Inventors: Nikita Veshchikov, Joppe Willem Bos, Simon Johann Friedberger, Christine van Vredendaal
-
Publication number: 20220231831Abstract: Various embodiments relate to a method and system for securely comparing a first and second polynomial, including: selecting a first subset of coefficients of the first polynomial and a second subset of corresponding coefficients of the second polynomial, wherein the coefficients of the first polynomial are split into shares and the first and second polynomials have coefficients; subtracting the second subset of coefficients from one of the shares of the first subset of coefficients; reducing the number of elements in the first subset of coefficients to elements by combining groups of / elements together; generating a random number for each of the elements of the reduced subset of coefficients; summing the product of each of the elements of the reduced subset of coefficients with their respective random numbers; summing the shares of the sum of the products; and generating an output indicating that the first polynomial does not equal the second polynomial when the sum does not equal zero.Type: ApplicationFiled: January 21, 2021Publication date: July 21, 2022Inventors: Tobias Schneider, Joppe Willem Bos, Joost Roland Renes, Christine van Vredendaal
-
Patent number: 11270227Abstract: A method is provided for managing a machine learning system. In the method, a database is provided for storing a plurality of data elements. A plurality of machine learning models is trained using assigned subsets of the plurality of data elements. The outputs of the plurality of machine learning models is provided to an aggregator. During inference operation of the machine learning system, the aggregator determines a final output based on outputs from the plurality of models. If it is determined that an assigned subset must be changed because, for example, a record must be deleted, then the data element is removed from the selected assigned subset. The affected machine learning model associated with the changed assigned subset is removed, and retrained using the changed assigned subset.Type: GrantFiled: October 1, 2018Date of Patent: March 8, 2022Assignee: NXP B.V.Inventors: Nikita Veshchikov, Joppe Willem Bos, Wilhelmus Petrus Adrianus Johannus Michiels
-
Patent number: 11206136Abstract: A method is provided for multiplying two polynomials. In the method, first and second polynomials are evaluated at 2t inputs, where t is greater than or equal to one, and where each input is a fixed power of two 2l/(2t) multiplied with a different power of a primitive root of unity, thereby creating 2 times 2t integers, where l is an integer such that 2l is at least as large as the largest coefficient of the resulting product multiplying the first and second polynomials. The 2 times 2t integers are then multiplied pairwise, and a modular reduction is performed to get 2t integers. A linear combination of the 2t integers multiplied with primitive roots of unity is computed to get 2t integers whose limbs in the base 2l-bit representation correspond to coefficients of the product of the first and second polynomials. The method can be implemented on a processor designed for performing RSA and/or ECC type cryptographic operations.Type: GrantFiled: May 27, 2020Date of Patent: December 21, 2021Assignee: NXP B.V.Inventors: Joost Roland Renes, Joppe Willem Bos, Tobias Schneider, Christine van Vredendaal
-
Patent number: 11206130Abstract: Various embodiments relate to a method of generating a shared secret for use in a symmetric cipher, including: receiving, by a processor, an encoded key Enc(K) and a white-box implementation of the symmetric cipher, where the encoded key Enc(K) is used in the white-box implementation; selecting, by the processor, homomorphic functions ? and ? and the values c1 and c3 such that Enc(K)?c1=Enc(K?c3); and transmitting, by the processor, ? and c3 to another device.Type: GrantFiled: July 31, 2018Date of Patent: December 21, 2021Assignee: NXP B.V.Inventors: Joppe Willem Bos, Rudi Verslegers, Wilhelmus Petrus Adrianus Johannus Michiels
-
Publication number: 20210377026Abstract: A method is provided for multiplying two polynomials. In the method, first and second polynomials are evaluated at 2t inputs, where t is greater than or equal to one, and where each input is a fixed power of two multiplied with a different power of a primitive root of unity, thereby creating 2 times 2t integers, where is an integer such that is at least as large as the largest coefficient of the resulting product multiplying the first and second polynomials. The 2 times 2t integers are then multiplied pairwise, and a modular reduction is performed to get 2t integers. A linear combination of the 2t integers multiplied with primitive roots of unity is computed to get 2t integers whose limbs in the base -bit representation correspond to coefficients of the product of the first and second polynomials. The method can be implemented on a processor designed for performing RSA and/or ECC type cryptographic operations.Type: ApplicationFiled: May 27, 2020Publication date: December 2, 2021Inventors: Joost Roland Renes, Joppe Willem Bos, Tobias Schneider, Christine van Vredendaal
-
Publication number: 20210133362Abstract: A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.Type: ApplicationFiled: October 27, 2020Publication date: May 6, 2021Inventors: Marcel Medwed, Tobias Schneider, Ventzislav Nikov, Jorge Miguel Ventuzelos Pereira, Rudi Verslegers, Nikita Veshchikov, Joppe Willem Bos, Jan Hoogerbrugge
-
Publication number: 20210110002Abstract: A method is provided for protecting a software program from copying. The method includes providing a first implementation of the software program. A second implementation of the software program is then provided. The second implementation provides a same functionality as the first implementation, and wherein the second implementation includes a plurality of dummy operations to increase a number of operations and an execution time of the second implementation compared to the first implementation. The dummy operations are encoded. The second implementation may then be compared to another software program to determine if the another software program is a copy of the first implementation of the software program. This allows a copy of the first implementation to be detected without disclosing the first implementation.Type: ApplicationFiled: October 10, 2019Publication date: April 15, 2021Inventors: Nikita Veshchikov, Joppe Willem Bos, Simon Johann Friedberger, Christine van Vredendaal
-
Publication number: 20210073685Abstract: A detection of compromised devices through comparison of machine learning models is provided, according to certain aspects, by a data-aggregation circuit, and a computer server. The data-aggregation circuit is used to assimilate respective sets of output data from at least one of a plurality of circuits to create a new data set, the respective sets of output data being related in that each set of output data is in response to a common data set processed by the machine learning circuitry in the at least one of the plurality of circuits. The computer server uses the new data set to indicate whether one of the machine-learning circuitries may be compromised.Type: ApplicationFiled: September 9, 2019Publication date: March 11, 2021Inventors: Nikita Veshchikov, Joppe Willem Bos
-
Publication number: 20210073684Abstract: A combination of machine learning models is provided, according to certain aspects, by a data-aggregation circuit, and a computer server. The data-aggregation circuit is used to assimilate respective sets of output data from at least one of a plurality of circuits to create a new data set, the respective sets of output data being related in that each set of output data is in response to a common data set processed by the machine learning circuitry in the at least one of the plurality of circuits. The computer server uses the new data set to train machine learning operations in at least one of the plurality of circuits.Type: ApplicationFiled: September 9, 2019Publication date: March 11, 2021Inventors: Nikita Veshchikov, Joppe Willem Bos
-
Publication number: 20210064933Abstract: Various embodiments relate to a method for detecting anomalies in a system by an anomaly detector, including: receiving a trained machine learning model that detects anomalies; receiving a set of new inputs from the to the anomaly detector from the system; setting a label for each of the set of new inputs to a value indicating normal operation of the system; training a new anomaly detection model using incremental learning to update the trained machine learning model using the labeled set of new inputs; receiving a set of past model inputs with an associated label; producing a verification set by inputting the set of past model inputs into the new anomaly detection model; and comparing the verification set with the labelled past model inputs to determine if an anomaly is present.Type: ApplicationFiled: August 28, 2019Publication date: March 4, 2021Inventors: Joppe Willem BOS, Nikita VESHCHIKOV
-
Publication number: 20210034721Abstract: A method and data processing system are provided for determining if a machine learning model has been copied. The machine learning model has a plurality of nodes, the plurality of nodes is organized as a plurality of interconnected layers, and the plurality of interconnected layers includes an input layer and an output layer. The output layer has a predetermined number of output nodes for classifying input samples into a predetermined number of categories, where each output node corresponds to a category. An additional watermarking node is added to the output layer. The model is trained to classify the input data into the predetermined number of categories and into an additional category for the additional node. The additional node may be added to another model to determine if the another model is a copy or clone of the ML model.Type: ApplicationFiled: August 2, 2019Publication date: February 4, 2021Inventors: Joppe Willem Bos, Simon Johann Friedberger, Nikita Veshchikov, Christine van Vredendaal
-
Publication number: 20210019663Abstract: A method for processing information includes transforming first information based on a first function, transforming second information based on a second function, processing the first transformed information using a first machine-learning model to generate a first result, processing the second transformed information using a second machine-learning model to generate a second result, and aggregating the first result and the second result to generate a decision. The first and second information may be the same information. The first function may be different from the second function. The first machine-learning model may be based on a first algorithm, and the second machine-learning algorithm may be based on a second algorithm.Type: ApplicationFiled: July 16, 2019Publication date: January 21, 2021Inventors: Nikita VESHCHIKOV, Joppe Willem BOS, Simon Johann FRIEDBERGER, Brian ERMANS
-
Publication number: 20210019661Abstract: A method is provided for detecting copying of a machine learning model. In the method, the first machine learning model is divided into a plurality of portions. Intermediate outputs from a hidden layer of a selected one of the plurality of portions is compared to corresponding outputs from a second machine learning model to detect the copying. Alternately, a first seal may be generated using the plurality of inputs and the intermediate outputs from nodes of the selected portion. A second seal from a suspected copy that has been generated the same way is compared to the first seal to detect the copying. If the first and second seals are the same, then there is a high likelihood that the suspected copy is an actual copy. By using the method, only the intermediate outputs of the machine learning model outputs have to be disclosed to others, thus protecting the confidentiality of the model.Type: ApplicationFiled: July 15, 2019Publication date: January 21, 2021Inventors: JOPPE WILLEM BOS, SIMON JOHANN FRIEDBERGER, NIKITA VESHCHIKOV, CHRISTINE VAN VREDENDAAL
-
Patent number: 10873459Abstract: A white-box system for authenticating a user-supplied password, including: a password database including a salt value and an authentication value for each user; a white-box implementation of a symmetric cipher configured to produce an encrypted value by encrypting the user-supplied password using the salt value associated with the user as an encoded secret key; and a comparator configured to compare the encrypted value with the authentication value associated with the user to verify the user-supplied password.Type: GrantFiled: September 24, 2018Date of Patent: December 22, 2020Assignee: NXP B.V.Inventors: Joppe Willem Bos, Rudi Verslegers, Wilhelmus Petrus Adrianus Johannus Michiels
-
Patent number: 10790991Abstract: A white-box system and method for producing a digital signature of a message m, including: a white-box implementation of a symmetric cipher configured to produce a deterministic nonce value by encrypting the message m using a secret key; and a digital signature algorithm configured to produce a digital signature of the message m based upon the deterministic nonce, the message m, and a secret signing key.Type: GrantFiled: August 30, 2018Date of Patent: September 29, 2020Assignee: NXP B.V.Inventors: Joppe Willem Bos, Florian Boehl
-
Publication number: 20200293941Abstract: A method and data processing system for making a machine learning model more resistant to adversarial examples are provided. In the method, an input for a machine learning model is provided. A randomly generated mask is added to the input to produce a modified input. The modified input is provided to the machine learning model. The randomly generated mask negates the effect of a perturbation added to the input for causing the input to be an adversarial example. The method may be implemented using the data processing system.Type: ApplicationFiled: March 11, 2019Publication date: September 17, 2020Inventors: Joppe Willem Bos, Simon Johann Friedberger, Christiaan Kuipers, Vincent Verneuil, Nikita Veshchikov, Christine Van Vredendaal, Brian Ermans
-
Publication number: 20200233936Abstract: A method is provided for detecting copying of a machine learning model. A plurality of inputs is provided to a first machine learning model. The first machine learning model provides a plurality of output values. A sequence of bits of a master input is divided into a plurality of subsets of bits. The master input may be an image. Each subset of the plurality of subsets of bits corresponds to one of the plurality of output values. An ordered sequence of the inputs is generated based on the plurality of subsets of bits. The ordered sequence of the inputs is inputted to a second machine learning model. It is then determined if output values from the second machine learning model reproduces the predetermined master input. If the predetermined master input is reproduced, the second machine learning model is a copy of the first machine learning model.Type: ApplicationFiled: January 17, 2019Publication date: July 23, 2020Inventors: NIKITA VESHCHIKOV, JOPPE WILLEM BOS, SIMON JOHANN FRIEDBERGER
-
Patent number: 10680818Abstract: Various embodiments relate to a method of encrypting a message m using a Paillier cryptosystem, including: computing a ciphertext c based upon the message m, N, and r, where N is the product of two distinct primes p and q, and r is randomly chosen such that r?[1, N); computing a first verification value based upon u and N, where u is randomly chosen such that u?[1, N); computing a second verification value s based upon u, r, the ciphertext c, the verification value, and a hash function H.Type: GrantFiled: April 12, 2018Date of Patent: June 9, 2020Assignee: NXPInventors: Joppe Willem Bos, Marc Joye