Patents by Inventor Kerry Maletsky
Kerry Maletsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11876791Abstract: Systems, methods, circuits and computer-readable mediums for message authentication with secure code verification are provided. In one aspect, a system includes a client device storing a code and a security device coupled to the client device. The security device is configured to receive a property of the code generated by the client device, verify correctness of the property of the code based on information associated with an authorized code to determine that the code is authorized, the information being stored within the security device. In response to determining that the code is authorized, the security device enables to access data stored within the security device and generate a property of a message based on the data.Type: GrantFiled: March 30, 2020Date of Patent: January 16, 2024Assignee: Amtel CorporationInventors: Kerry Maletsky, Oscar Sanchez, Nicolas Schieli
-
Publication number: 20230020278Abstract: Systems, methods, and devices of the disclosure relate, generally, to secure boot assist for devices. In one or more embodiments, a first device includes firmware that needs to be verified as secure as part of a secure boot process, and a second device assists the first device to secure the secure boot process. In some embodiments the second device verifies security of the firmware responsive to security data provided by the first device, or verifies security of a program provided by the first device, the program for verifying security of the firmware. In some embodiments the second device provides a program for verifying security of the firmware to the first device.Type: ApplicationFiled: September 26, 2022Publication date: January 19, 2023Inventors: Kerry Maletsky, David Paul Arnold, Nicolas Auguste Constant Schieli, Bryan Hunt
-
Patent number: 11455397Abstract: Systems, methods, and devices of the disclosure relate, generally, to secure boot assist for devices. In one or more embodiments, a first device includes firmware that needs to be verified as secure as part of a secure boot process, and a second device assists the first device to secure the secure boot process. In some embodiments the second device verifies security of the firmware responsive to security data provided by the first device, or verifies security of a program provided by the first device, the program for verifying security of the firmware. In some embodiments the second device provides a program for verifying security of the firmware to the first device.Type: GrantFiled: March 26, 2019Date of Patent: September 27, 2022Assignee: Microchip Technology IncorporatedInventors: Kerry Maletsky, David Paul Arnold, Nicolas Auguste Constant Schieli, Bryan Hunt
-
Publication number: 20200236097Abstract: Systems, methods, circuits and computer-readable mediums for message authentication with secure code verification are provided. In one aspect, a system includes a client device storing a code and a security device coupled to the client device. The security device is configured to receive a property of the code generated by the client device, verify correctness of the property of the code based on information associated with an authorized code to determine that the code is authorized, the information being stored within the security device. In response to determining that the code is authorized, the security device enables to access data stored within the security device and generate a property of a message based on the data.Type: ApplicationFiled: March 30, 2020Publication date: July 23, 2020Inventors: Kerry Maletsky, Oscar Sanchez, Nicolas Schieli
-
Publication number: 20200151336Abstract: Systems, methods, and devices of the disclosure relate, generally, to secure boot assist for devices. In one or more embodiments, a first device includes firmware that needs to be verified as secure as part of a secure boot process, and a second device assists the first device to secure the secure boot process. In some embodiments the second device verifies security of the firmware responsive to security data provided by the first device, or verifies security of a program provided by the first device, the program for verifying security of the firmware. In some embodiments the second device provides a program for verifying security of the firmware to the first device.Type: ApplicationFiled: March 26, 2019Publication date: May 14, 2020Inventors: Kerry Maletsky, David Paul Arnold, Nicolas Auguste Constant Schieli, Bryan Hunt
-
Patent number: 10616197Abstract: Systems, methods, circuits and computer-readable mediums for message authentication with secure code verification are provided. In one aspect, a system includes a client device storing a code and a security device coupled to the client device. The security device is configured to receive a property of the code generated by the client device, verify correctness of the property of the code based on information associated with the code to determine that the code is an authorized code, the information being stored within the security device. In response to determining that the code is the authorized code, the security device enables to access data stored within the security device and generate a property of a message based on the data.Type: GrantFiled: April 18, 2016Date of Patent: April 7, 2020Assignee: Atmel CorporationInventors: Kerry Maletsky, Oscar Sanchez, Nicolas Schieli
-
Patent number: 10311005Abstract: Systems, methods, circuits and computer-readable mediums for a network message translator are disclosed. In an embodiment, a device includes a host processor and a translator. The host processor is configured to process messages and the translator is operable to: receive a first message from the host processor, the first message having a first frame format that is associated with a data time window; translate the first message into a first translated message having a second frame format such that the first translated message includes additional bits based on the second frame format; and sending the first translated message on a bus based on the second frame format such that the first translated message is sent on the bus during the data time window.Type: GrantFiled: April 15, 2016Date of Patent: June 4, 2019Assignee: Atmel CorporationInventors: Kerry Maletsky, Nicolas Schieli, Timothy Grai
-
Publication number: 20170300444Abstract: Systems, methods, circuits and computer-readable mediums for a network message translator are disclosed. In an embodiment, a device includes a host processor and a translator. The host processor is configured to process messages and the translator is operable to: receive a first message from the host processor, the first message having a first frame format that is associated with a data time window; translate the first message into a first translated message having a second frame format such that the first translated message includes additional bits based on the second frame format; and sending the first translated message on a bus based on the second frame format such that the first translated message is sent on the bus during the data time window.Type: ApplicationFiled: April 15, 2016Publication date: October 19, 2017Applicant: Atmel CorporationInventors: Kerry Maletsky, Nicolas Schieli, Timothy Grai
-
Publication number: 20170302640Abstract: Systems, methods, circuits and computer-readable mediums for message authentication with secure code verification are provided. In one aspect, a system includes a client device storing a code and a security device coupled to the client device. The security device is configured to receive a property of the code generated by the client device, verify correctness of the property of the code based on information associated with the code to determine that the code is an authorized code, the information being stored within the security device. In response to determining that the code is the authorized code, the security device enables to access data stored within the security device and generate a property of a message based on the data.Type: ApplicationFiled: April 18, 2016Publication date: October 19, 2017Inventors: Kerry Maletsky, Oscar Sanchez, Nicolas Schieli
-
Patent number: 9323950Abstract: An integrated circuit device comprises a processor and a secure protection zone with security properties that can be verified by a remote device communicating with the integrated circuit device. The secure protection zone includes a persistent storage that is configured for storing cryptographic keys and data. The secure protection zone also includes instructions that are configured for causing the processor to perform cryptographic operations using the cryptographic keys. In addition, the secure protection zone includes an ephemeral memory that is configured for storing information associated with the cryptographic operations. The instructions are configured for causing the processor to perform the cryptographic operations on the data stored in the persistent storage and the information in the ephemeral memory as part of a secure communication exchange with the remote device.Type: GrantFiled: July 19, 2012Date of Patent: April 26, 2016Assignee: Atmel CorporationInventors: Kerry Maletsky, David Durant, Balaji Badam, Michael Seymour
-
Patent number: 9076002Abstract: A hardware authentication device is disclosed that uses a cryptographic signature verification operation to authorize a subsequent cryptographic operation to be performed using the same or different keys and stores that authorization status in protected memory. The cryptographic algorithm may be an ECDSA signature, SHA-based Message Authentication Code (MAC) or any other cryptographic algorithm. The authorization status may be stored for a number of uses for a period of time or until a certain event occurs. In some implementations, the authorization status and the key that was authorized are stored in the same protected location in memory to preserve their relation to each other and prevent modification of either of them. Depending on system policy, the authorization mechanism might be a static stored external token that authorizes key use or an authorization process that is regenerated using a random (e.g., unique) number.Type: GrantFiled: March 7, 2013Date of Patent: July 7, 2015Assignee: Atmel CorporationInventors: Kerry Maletsky, Balaji Badam
-
Patent number: 8909929Abstract: Systems and techniques for performing cryptographic operations based on public key validity registers are described. A described system includes a controller and a memory structure to store one or more public keys. The memory structure includes one or more validity registers that respectively correspond to the one or more public keys. The controller has exclusive write access to the validity register. The controller can be configured to perform an authentication of a public key, write an authentication status value to the corresponding validity register based on a result of the authentication, and perform one or more cryptographic operations using the public key that are conditional on the validity register indicating an authenticated status for the public key.Type: GrantFiled: May 31, 2012Date of Patent: December 9, 2014Assignee: Atmel CorporationInventors: Balaji Badam, Kerry Maletsky, David Durant
-
Publication number: 20140258729Abstract: A hardware authentication device is disclosed that uses a cryptographic signature verification operation to authorize a subsequent cryptographic operation to be performed using the same or different keys and stores that authorization status in protected memory. The cryptographic algorithm may be an ECDSA signature, SHA-based Message Authentication Code (MAC) or any other cryptographic algorithm. The authorization status may be stored for a number of uses for a period of time or until a certain event occurs. In some implementations, the authorization status and the key that was authorized are stored in the same protected location in memory to preserve their relation to each other and prevent modification of either of them. Depending on system policy, the authorization mechanism might be a static stored external token that authorizes key use or an authorization process that is regenerated using a random (e.g., unique) number.Type: ApplicationFiled: March 7, 2013Publication date: September 11, 2014Applicant: ATMEL CORPORATIONInventors: Kerry Maletsky, Balaji Badam
-
Patent number: 8707037Abstract: Apparatus, systems, and methods send an interrogation command from an interrogation and timing apparatus to a timed identification (TID) apparatus. The TID apparatus receives the interrogation command, performs a series of logical operations to calculate a response, and returns the response within a maximum length of time established by the interrogation and timing apparatus. The interrogation and timing apparatus confirms that the length of time between sending the interrogation command and receiving the response is within the maximum length of time and that the response is correct. If so, the TID apparatus is authenticated. Additional embodiments are disclosed and claimed.Type: GrantFiled: April 17, 2008Date of Patent: April 22, 2014Assignee: Atmel CorporationInventor: Kerry Maletsky
-
Publication number: 20140089670Abstract: Methods and systems are disclosed for verifying the use of a client device by a host device in a secure system. In one aspect, a method for authenticating a client device includes receiving, by the client device, a message from a host device, accessing, by the client device, a private key and a unique code stored on the client device, where the unique code is different than the private key, generating, by the client device, a digital signature for the message using the private key and the unique code, and providing, by the client device, the digital signature to the host device for verification of the use of the client device by the host device.Type: ApplicationFiled: September 27, 2012Publication date: March 27, 2014Applicant: Atmel CorporationInventors: Kerry Maletsky, David Durant, Balaji Badam, Michael J. Seymour
-
Patent number: 8677145Abstract: A method and device include a power pin, a ground pin, and a communications pin. A communications module receives power from the power pin and utilizes an edge counting communication protocol over the communication pin.Type: GrantFiled: February 27, 2009Date of Patent: March 18, 2014Assignee: Atmel CorporationInventors: Kerry Maletsky, David Durant, John Landreman, Balaji Badam
-
Publication number: 20140025944Abstract: An integrated circuit device comprises a processor and a secure protection zone with security properties that can be verified by a remote device communicating with the integrated circuit device. The secure protection zone includes a persistent storage that is configured for storing cryptographic keys and data. The secure protection zone also includes instructions that are configured for causing the processor to perform cryptographic operations using the cryptographic keys. In addition, the secure protection zone includes an ephemeral memory that is configured for storing information associated with the cryptographic operations. The instructions are configured for causing the processor to perform the cryptographic operations on the data stored in the persistent storage and the information in the ephemeral memory as part of a secure communication exchange with the remote device.Type: ApplicationFiled: July 19, 2012Publication date: January 23, 2014Applicant: ATMEL CORPORATIONInventors: Kerry Maletsky, David Durant, Balaji Badam, Michael Seymour
-
Publication number: 20130326219Abstract: Systems and techniques for performing cryptographic operations based on public key validity registers are described. A described system includes a controller and a memory structure to store one or more public keys. The memory structure includes one or more validity registers that respectively correspond to the one or more public keys. The controller has exclusive write access to the validity register. The controller can be configured to perform an authentication of a public key, write an authentication status value to the corresponding validity register based on a result of the authentication, and perform one or more cryptographic operations using the public key that are conditional on the validity register indicating an authenticated status for the public key.Type: ApplicationFiled: May 31, 2012Publication date: December 5, 2013Applicant: ATMEL CORPORATIONInventors: BALAJI BADAM, KERRY MALETSKY, DAVID DURANT
-
Publication number: 20100223476Abstract: A method and device include a power pin, a ground pin, and a communications pin. A communications module receives power from the power pin and utilizes an edge counting communication protocol over the communication pin.Type: ApplicationFiled: February 27, 2009Publication date: September 2, 2010Applicant: Atmel CorporationInventors: Kerry Maletsky, David Durant, John Landreman, Balaji Badam
-
Publication number: 20090265411Abstract: Apparatus, systems, and methods send an interrogation command from an interrogation and timing apparatus to a timed identification (TID) apparatus. The TID apparatus receives the interrogation command, performs a series of logical operations to calculate a response, and returns the response within a maximum length of time established by the interrogation and timing apparatus. The interrogation and timing apparatus confirms that the length of time between sending the interrogation command and receiving the response is within the maximum length of time and that the response is correct. If so, the TID apparatus is authenticated. Additional embodiments are disclosed and claimed.Type: ApplicationFiled: April 17, 2008Publication date: October 22, 2009Applicant: Atmel CorporationInventor: Kerry Maletsky