Patents by Inventor Maxim Molchanov
Maxim Molchanov has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11470060Abstract: A handshake message includes a field containing random data that is filled with data used to derive keying material on the source and destination computers. The data may be elliptic curve data and may include a representation of the data used by the destination computer to verify that elliptic curve data is present. The data may additionally include data for deriving second keying material on a second destination computer that the first destination computer forwards to the second computer, receives a response, and returns data from the response as part of its own handshake message.Type: GrantFiled: December 5, 2019Date of Patent: October 11, 2022Assignee: Twingate, Inc.Inventors: Eugene Lapidous, Swair Mehta, Maxim Molchanov, Eduardo Panisset
-
Patent number: 11190492Abstract: An application using a VPN is programmed to transmit proxy traffic to a remote proxy server. Traffic to the proxy server is intercepted, shifted to user space, and processed according to one or more options. Traffic may be terminated by a local proxy that resolves domain names in traffic and requests referenced content. Intercepted traffic may include plain text data in headers that is encrypted before forwarding to a different proxy server. Traffic may be evaluated, such as a User Agent string in order to determine routing choices, such as blocking, throttling, local termination, transmitting through a VPN, or other options. Multiple VPNs may operate on the same user computer and proxy traffic may be intercepted and processed by transmitting it through a VPN, bypassing all VPNs, or routing through a different VPN.Type: GrantFiled: August 8, 2018Date of Patent: November 30, 2021Assignee: Twingate, Inc.Inventors: Eugene Lapidous, Sean Ghiocel, Maxim Molchanov, Eduardo Panisset
-
Patent number: 11088994Abstract: An application using a virtual private network (VPN) is programmed to transmit proxy traffic to a remote proxy server. Traffic to the proxy server is intercepted, shifted to user space, and processed according to one or more options. Traffic may be terminated by a local proxy that resolves domain names in traffic and requests referenced content. Intercepted traffic may include plain text data in headers that is encrypted before forwarding to a different proxy server. Traffic may be evaluated, such as a User Agent string in order to determine routing choices, such as blocking, throttling, local termination, transmitting through a VPN, or other options. Multiple VPNs may operate on the same user computer and proxy traffic may be intercepted and processed by transmitting it through a VPN, bypassing all VPNs, or routing through a different VPN.Type: GrantFiled: August 8, 2018Date of Patent: August 10, 2021Assignee: Twingate Inc.Inventors: Eugene Lapidous, Sean Ghiocel, Maxim Molchanov, Eduardo Panisset
-
Patent number: 10938786Abstract: An application using a VPN is programmed to transmit proxy traffic to a remote proxy server. Traffic to the proxy server is intercepted, shifted to user space, and processed according to one or more options. Traffic may be terminated by a local proxy that resolves domain names in traffic and requests referenced content. Intercepted traffic may include plain text data in headers that is encrypted before forwarding to a different proxy server. Traffic may be evaluated, such as a User Agent string in order to determine routing choices, such as blocking, throttling, local termination, transmitting through a VPN, or other options. Multiple VPNs may operate on the same user computer and proxy traffic may be intercepted and processed by transmitting it through a VPN, bypassing all VPNs, or routing through a different VPN.Type: GrantFiled: August 8, 2018Date of Patent: March 2, 2021Assignee: TWINGATE INC.Inventors: Eugene Lapidous, Sean Ghiocel, Maxim Molchanov, Eduardo Panisset
-
Patent number: 10812441Abstract: A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwards the content request. The content is received by the intermediary server, which returns it to the requesting application, such as by way of the VPR. Real IP addresses may be returned by the intermediary server such that subsequent content requests to the domain name may bypass the intermediary server. Content requests may be sent to the intermediary server, which may instruct the VPR to bypass the server when bypass is needed.Type: GrantFiled: October 2, 2018Date of Patent: October 20, 2020Assignee: PANGO INC.Inventors: Eugene Lapidous, Maxim Molchanov
-
Publication number: 20200228505Abstract: A handshake message includes a field containing random data that is filled with data used to derive keying material on the source and destination computers. The data may be elliptic curve data and may include a representation of the data used by the destination computer to verify that elliptic curve data is present. The data may additionally include data for deriving second keying material on a second destination computer that the first destination computer forwards to the second computer, receives a response, and returns data from the response as part of its own handshake message.Type: ApplicationFiled: December 5, 2019Publication date: July 16, 2020Inventors: Eugene Lapidous, Swair Mehta, Maxim Molchanov, Eduardo Panisset
-
Publication number: 20200228504Abstract: A handshake message includes a field containing random data that is filled with data used to derive keying material on the source and destination computers. The data may be elliptic curve data and may include a representation of the data used by the destination computer to verify that elliptic curve data is present. The data may additionally include data for deriving second keying material on a second destination computer that the first destination computer forwards to the second computer, receives a response, and returns data from the response as part of its own handshake message.Type: ApplicationFiled: December 5, 2019Publication date: July 16, 2020Inventors: Eugene Lapidous, Swair Mehta, Maxim Molchanov, Eduardo Panisset
-
Patent number: 10700995Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: GrantFiled: August 15, 2019Date of Patent: June 30, 2020Assignee: PANGO INC.Inventors: Eugene Lapidous, Maxim Molchanov
-
Publication number: 20200036653Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: ApplicationFiled: October 1, 2019Publication date: January 30, 2020Inventors: Eugene Lapidous, Maxim Molchanov
-
Publication number: 20190372910Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: ApplicationFiled: August 15, 2019Publication date: December 5, 2019Inventors: Eugene Lapidous, Maxim Molchanov
-
Patent number: 10469410Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: GrantFiled: June 28, 2018Date of Patent: November 5, 2019Assignee: ANCHORFREE INC.Inventors: Eugene Lapidous, Maxim Molchanov
-
Patent number: 10425356Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: GrantFiled: June 28, 2018Date of Patent: September 24, 2019Assignee: ANCHORFREE INC.Inventors: Eugene Lapidous, Maxim Molchanov
-
Patent number: 10404618Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: GrantFiled: October 10, 2018Date of Patent: September 3, 2019Assignee: ANCHORFREE INC.Inventors: Eugene Lapidous, Maxim Molchanov
-
Patent number: 10356040Abstract: A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwards the content request. The content is received by the intermediary server, which returns it to the requesting application, such as by way of the VPR. Real IP addresses may be returned by the intermediary server such that subsequent content requests to the domain name may bypass the intermediary server. Requests for certain domains, ports, and/or protocols may bypass the intermediary server such that the VPR resolves the domain names to real IP addresses.Type: GrantFiled: June 5, 2018Date of Patent: July 16, 2019Assignee: ANCHORFREE INC.Inventors: Eugene Lapidous, Maxim Molchanov, Eduardo Moura Panisset
-
Publication number: 20190173839Abstract: An application using a VPN is programmed to transmit proxy traffic to a remote proxy server. Traffic to the proxy server is intercepted, shifted to user space, and processed according to one or more options. Traffic may be terminated by a local proxy that resolves domain names in traffic and requests referenced content. Intercepted traffic may include plain text data in headers that is encrypted before forwarding to a different proxy server. Traffic may be evaluated, such as a User Agent string in order to determine routing choices, such as blocking, throttling, local termination, transmitting through a VPN, or other options. Multiple VPNs may operate on the same user computer and proxy traffic may be intercepted and processed by transmitting it through a VPN, bypassing all VPNs, or routing through a different VPN.Type: ApplicationFiled: August 8, 2018Publication date: June 6, 2019Inventors: Eugene Lapidous, Sean Ghiocel, Maxim Molchanov, Eduardo Panisset
-
Publication number: 20190173849Abstract: An application using a VPN is programmed to transmit proxy traffic to a remote proxy server. Traffic to the proxy server is intercepted, shifted to user space, and processed according to one or more options. Traffic may be terminated by a local proxy that resolves domain names in traffic and requests referenced content. Intercepted traffic may include plain text data in headers that is encrypted before forwarding to a different proxy server. Traffic may be evaluated, such as a User Agent string in order to determine routing choices, such as blocking, throttling, local termination, transmitting through a VPN, or other options. Multiple VPNs may operate on the same user computer and proxy traffic may be intercepted and processed by transmitting it through a VPN, bypassing all VPNs, or routing through a different VPN.Type: ApplicationFiled: August 8, 2018Publication date: June 6, 2019Inventors: Eugene Lapidous, Sean Ghiocel, Maxim Molchanov, Eduardo Panisset
-
Publication number: 20190173848Abstract: An application using a VPN is programmed to transmit proxy traffic to a remote proxy server. Traffic to the proxy server is intercepted, shifted to user space, and processed according to one or more options. Traffic may be terminated by a local proxy that resolves domain names in traffic and requests referenced content. Intercepted traffic may include plain text data in headers that is encrypted before forwarding to a different proxy server. Traffic may be evaluated, such as a User Agent string in order to determine routing choices, such as blocking, throttling, local termination, transmitting through a VPN, or other options. Multiple VPNs may operate on the same user computer and proxy traffic may be intercepted and processed by transmitting it through a VPN, bypassing all VPNs, or routing through a different VPN.Type: ApplicationFiled: August 8, 2018Publication date: June 6, 2019Inventors: Eugene Lapidous, Sean Ghiocel, Maxim Molchanov, Eduardo Panisset
-
Publication number: 20190044884Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: ApplicationFiled: October 10, 2018Publication date: February 7, 2019Inventors: Eugene Lapidous, Maxim Molchanov
-
Publication number: 20190036871Abstract: A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwards the content request. The content is received by the intermediary server, which returns it to the requesting application, such as by way of the VPR. Real IP addresses may be returned by the intermediary server such that subsequent content requests to the domain name may bypass the intermediary server. Content requests may be sent to the intermediary server, which may instruct the VPR to bypass the server when bypass is needed.Type: ApplicationFiled: October 2, 2018Publication date: January 31, 2019Inventors: Eugene Lapidous, Maxim Molchanov
-
Patent number: 10182020Abstract: A client and content provider are connected by a plurality of simultaneous transport connections. The number of the transport connections that are used to transfer data is selected based on the size of the data to be transferred and may change after transfer of data has commenced based on the amount of data left and the attributes of the transport connections. In another aspect, data to be transmitted over the transport connections is organized into frames such that each frame includes data from only one data stream. The frames are sized to be less than or equal to a control window of the transport connection over which they are transmitted. Each frame may be assigned to a transport connection in a round robin fashion or based on the size of the frame and the sizes of the control windows of the transport connections.Type: GrantFiled: September 1, 2016Date of Patent: January 15, 2019Assignee: ANCHORFREE INC.Inventors: Eugene Lapidous, Maxim Molchanov