Patents by Inventor Marc Vauclair
Marc Vauclair has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11790069Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.Type: GrantFiled: April 5, 2022Date of Patent: October 17, 2023Assignee: NXP B.V.Inventors: Christine van Vredendaal, Hans de Jong, Marc Vauclair
-
Publication number: 20230289480Abstract: A method is provided for securely provisioning a plurality of integrated circuits (ICs) manufactured by a first entity for use in a plurality of manufactured product types manufactured by a second entity. Each IC of the plurality of ICs includes a key pair and a unique identifier (UID). The first entity generates a plurality of key pairs that are not related to the plurality of ICs. A plurality of product types is received from the second entity. A plurality of certificates is generated by the first entity using the UIDs and the key pairs. The plurality of certificates is transferred from a first computer system of the first entity to a second computer system under physical control of the second entity. The second entity injects the plurality of ICs with selected certificates of the plurality of certificates. Unused certificates may be deleted from the second computer system.Type: ApplicationFiled: March 2, 2023Publication date: September 14, 2023Inventors: Fabien Jacques Deboyser, Marc Vauclair
-
Patent number: 11501108Abstract: Various embodiments relate to a method of producing a machine learning model with a fingerprint that maps an input value to an output label, including: selecting a set of extra input values, wherein the set of extra input values does not intersect with a set of training labeled input values for the machine learning model; selecting a first set of artificially encoded output label values corresponding to each of the extra input values in the set of extra input values, wherein the first set of artificially encoded output label values are selected to indicate the fingerprint of a first machine learning model; and training the machine learning model using a combination of the extra input values with associated first set of artificially encoded output values and the set of training labeled input values to produce the first learning model with the fingerprint.Type: GrantFiled: July 24, 2018Date of Patent: November 15, 2022Assignee: NXP B.V.Inventors: Wilhelmus Petrus Adrianus Johannus Michiels, Gerardus Antonius Franciscus Derks, Marc Vauclair, Nikita Veshchikov
-
Publication number: 20220229892Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.Type: ApplicationFiled: April 5, 2022Publication date: July 21, 2022Inventors: Christine van Vredendaal, Hans de Jong, Marc Vauclair
-
Patent number: 11328045Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.Type: GrantFiled: January 27, 2020Date of Patent: May 10, 2022Assignee: NXP B.V.Inventors: Christine van Vredendaal, Hans de Jong, Marc Vauclair
-
Publication number: 20210232667Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.Type: ApplicationFiled: January 27, 2020Publication date: July 29, 2021Inventors: Christine van Vredendaal, Hans de Jong, Marc Vauclair
-
Patent number: 10762311Abstract: A method is provided for authenticating a device in a system having a blockchain. The method includes executing a one-side authentication of the device. The results of the one-side authentication are submitted to the blockchain at a first blockchain node of a plurality of blockchain nodes. The one-side authentication is later verified at a second blockchain node of the plurality of blockchain nodes. The device may be a tag in a radio frequency identification (RFID) system.Type: GrantFiled: January 29, 2019Date of Patent: September 1, 2020Assignee: NXP B.V.Inventors: Stefan Lemsitzer, Marc Vauclair
-
Publication number: 20200242313Abstract: A method is provided for authenticating a device in a system having a blockchain. The method includes executing a one-side authentication of the device. The results of the one-side authentication are submitted to the blockchain at a first blockchain node of a plurality of blockchain nodes. The one-side authentication is later verified at a second blockchain node of the plurality of blockchain nodes. The device may be a tag in a radio frequency identification (RFID) system.Type: ApplicationFiled: January 29, 2019Publication date: July 30, 2020Inventors: Stefan Lemsitzer, Marc Vauclair
-
Publication number: 20200034663Abstract: Various embodiments relate to a method of producing a machine learning model with a fingerprint that maps an input value to an output label, including: selecting a set of extra input values, wherein the set of extra input values does not intersect with a set of training labeled input values for the machine learning model; selecting a first set of artificially encoded output label values corresponding to each of the extra input values in the set of extra input values, wherein the first set of artificially encoded output label values are selected to indicate the fingerprint of a first machine learning model; and training the machine learning model using a combination of the extra input values with associated first set of artificially encoded output values and the set of training labeled input values to produce the first learning model with the fingerprint.Type: ApplicationFiled: July 24, 2018Publication date: January 30, 2020Inventors: Wilhelmus Petrus Adrianus Johannus MICHIELS, Gerardus Antonius Franciscu Derks, Marc Vauclair, Nikita Veshchikov
-
Patent number: 9823860Abstract: A portion of a reprogrammable storage device is used to implement permanent data storage. The storage device includes a plurality of electrically erasable memory elements and a controller. The plurality of electrically erasable memory elements are configured to store data. Each memory element is programmable a number of write cycles before reaching a write failure state. The controller is coupled to the plurality of memory elements. The controller includes a receiver and a write engine. The receiver receives an instruction to drive a selected memory element to the write failure state. The write engine repeatedly writes a data value, in a plurality of write operations, to the selected memory element until the write failure state of the selected memory element is established.Type: GrantFiled: March 14, 2014Date of Patent: November 21, 2017Assignee: NXP B.V.Inventors: Marc Vauclair, Philippe Teuwen
-
Patent number: 9298955Abstract: A proximity check ensures that a card is physically close to the reader device in order to inhibit relay attacks. The proximity check makes relay attacks more difficult because an additional channel must be intercepted and/or spoofed or relayed. This solution can be used for any kind of short-range communication, including Near Field Communications (NFC).Type: GrantFiled: November 4, 2011Date of Patent: March 29, 2016Assignee: NXP B.V.Inventors: Timo van Roermund, Jan Rene Brands, Lukasz Szostek, Marc Vauclair, Zoran Zivkovic
-
Publication number: 20150261458Abstract: A portion of a reprogrammable storage device is used to implement permanent data storage. The storage device includes a plurality of electrically erasable memory elements and a controller. The plurality of electrically erasable memory elements are configured to store data. Each memory element is programmable a number of write cycles before reaching a write failure state. The controller is coupled to the plurality of memory elements. The controller includes a receiver and a write engine. The receiver receives an instruction to drive a selected memory element to the write failure state. The write engine repeatedly writes a data value, in a plurality of write operations, to the selected memory element until the write failure state of the selected memory element is established.Type: ApplicationFiled: March 14, 2014Publication date: September 17, 2015Applicant: NXP B.V.Inventors: Marc Vauclair, Philippe Teuwen
-
Patent number: 8856500Abstract: A program is obfuscated by reordering its instructions. Original instruction addresses are mapped to target addresses in an irregular way, with position dependent address steps between the addresses of logically successive instructions. Preferably pseudo-random address steps are used, for example with address steps that have mutually opposite sign with equal frequency. The data processing device has an instruction flow control unit that updates instruction addresses according the position dependent address steps. The instruction flow control unit may comprise a circuit that contains secret information, which is not normally accessible from the outside, to control the updates. A lookup table may be used for example, with address steps, successor addresses or mapped address values. In an embodiment the mapping of original instruction addresses to target addresses may be visualized by means of a path (36) along points in an n-dimensional array, where n is greater than one.Type: GrantFiled: February 2, 2009Date of Patent: October 7, 2014Assignee: NXP B.V.Inventors: Marc Vauclair, Pieter J. Janssens
-
Patent number: 8813188Abstract: Pairing is achieved between a host communications device and a peripheral communications device, in order to establish an ad hoc wireless or wired network. A device identification, relating uniquely to the peripheral device, is displayed on the host device. In order to accept the pairing, the user confirms that the device identification displayed on the host device matches that printed on the peripheral device, and then completes the pairing procedure by pressing a key on the peripheral device, or, if Near Field Communication (NFC) techniques are implemented in the devices, by placing the peripheral device in contact with, or sufficiently close to, the host device. Thus, secure pairing is achieved, without requiring a complex user interface on the peripheral device.Type: GrantFiled: August 31, 2005Date of Patent: August 19, 2014Assignee: Koninklijke Philips N.V.Inventors: Marc Vauclair, Javier Serret Avila, Lionel Georges Etienne, Philippe Teuwen
-
Patent number: 8621187Abstract: A program is obfuscated by reordering its instructions. Original instruction addresses are mapped to target addresses. A cache efficient obfuscated program is realized by restricting target addresses of a sequence of instructions to a limited set of the disjoint ranges (33a-d) of target addresses, which are at lease half filled with instructions. Mapped address steps (34) are provided between the target addresses to which successive ones of the original instruction addresses are mapped. The address steps (34) include first address steps within at least a first one of the mutually disjoint ranges (33a-d). Between said first address steps, second address steps within at least a second one of the mutually disjoint ranges (33a-d). Thus, a deviation from successive addresses for logically successive instructions is realized.Type: GrantFiled: February 9, 2009Date of Patent: December 31, 2013Assignee: NXP, B.V.Inventor: Marc Vauclair
-
Patent number: 8516258Abstract: Current MAC algorithms impose a significant system performance requirement in order to process messages in real time. According to an exemplary embodiment of the present invention, a hardware implemented generator for generating a MAC is provided, that results in a significant improvement in hardware performance requirements for processing messages in real time. The engine is based on linear feedback shift registers which are adapted to generate secure MACs.Type: GrantFiled: February 24, 2006Date of Patent: August 20, 2013Assignee: NXP B.V.Inventors: Marc Vauclair, Serret Avila Javier, Ventzislav Nikov
-
Publication number: 20130116964Abstract: A proximity check ensures that a card is physically close to the reader device in order to inhibit relay attacks. The proximity check makes relay attacks more difficult because an additional channel must be intercepted and/or spoofed or relayed. This solution can be used for any kind of short-range communication, including Near Field Communications (NFC).Type: ApplicationFiled: November 4, 2011Publication date: May 9, 2013Applicant: NXP B.V.Inventors: Timo van Roermund, Jan Rene Brands, Lukasz Szostek, Marc Vauclair, Zoran Zivkovic
-
Publication number: 20100332759Abstract: A program is obfuscated by reordering its instructions. Original instruction addresses are mapped to target addresses. A cache efficient obfuscated program is realized by restricting target addresses of a sequence of instructions to a limited set of the disjoint ranges (33a-d) of target addresses, which are at lease half filled with instructions. Mapped address steps (34) are provided between the target addresses to which successive ones of the original instruction addresses are mapped. The address steps (34) include first address steps within at least a first one of the mutually disjoint ranges (33a-d). Between said first address steps, second address steps within at least a second one of the mutually disjoint ranges (33a-d). Thus, a deviation from successive addresses for logically successive instructions is realized.Type: ApplicationFiled: February 9, 2009Publication date: December 30, 2010Applicant: NXP B.V.Inventor: Marc Vauclair
-
Publication number: 20100325402Abstract: A program is obfuscated by reordering its instructions. Original instruction addresses are mapped to target addresses in an irregular way, with position dependent address steps between the addresses of logically successive instructions. Preferably pseudo-random address steps are used, for example with address steps that have mutually opposite sign with equal frequency. The data processing device has an instruction flow control unit that updates instruction addresses according the position dependent address steps. The instruction flow control unit may comprise a circuit that contains secret information, which is not normally accessible from the outside, to control the updates. A lookup table may be used for example, with address steps, successor addresses or mapped address values. In an embodiment the mapping of original instruction addresses to target addresses may be visualized by means of a path (36) along points in an n-dimensional array, where n is greater than one.Type: ApplicationFiled: February 2, 2009Publication date: December 23, 2010Applicant: NXP B.V.Inventors: Marc Vauclair, Pieter J. Janssens
-
Patent number: 7688982Abstract: A method, apparatus, and system for providing secure communication between a tamper resistant device (404) and a sink device (406) is disclosed. Encrypted content is received from a source device (402) at the tamper resistant device (404), wherein the content has been encrypted using a first key. The content is decrypted using the decrypted first key. A second key is received at the tamper resistant device (404) from the sink device (406), wherein the second key is encrypted using the public key of the tamper resistant device (404). The second key is decrypted using the private key of the tamper resistant device (404). The content is re-encrypted using the second key. The re-encrypted content is transmitted to the sink device (406).Type: GrantFiled: March 12, 2004Date of Patent: March 30, 2010Assignee: Koninklijke Philips Electronics N.V.Inventor: Marc Vauclair