Patents by Inventor Michael J. Rosenow

Michael J. Rosenow has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 5301247
    Abstract: A method for initiating secure communications between two stations. In this method, a first portion of a session data encryption key (DEK1) is randomly generated by an EDU in one of the stations. The DEK1 is then encrypted using a key exchange key (KEK) selected from a table as a function of a check value determined by applying the DEK1 to encrypt a predefined zero function. The encrypted DEK1 is transmitted to the other station, along with an encrypted EDU ID number for the station that generated the DEK1 and a cyclic redundancy check (CRC) value of the KEK table. The encrypted table entry value used to define the KEK is decrypted at the other station, and a check is made to determine if the KEK table CRC and the EDU ID are correct. If not, communication is terminated.
    Type: Grant
    Filed: July 23, 1992
    Date of Patent: April 5, 1994
    Assignee: Crest Industries, Inc.
    Inventors: Harry R. Rasmussen, Jack D. LaBounty, Michael J. Rosenow
  • Patent number: 5237611
    Abstract: An encryption/decryption unit (EDU) that handles management of encryption keys used in the secure exchange of data over non-secure communication links. Each EDU includes a central processing unit (CPU) that controls its operation, random access memory (RAM) in which tables of key exchange keys (KEKs) are stored, and a data encryption standard (DES) coprocessor that implements a data encryption algorithm developed by the U.S. National Bureau of Standards--all comprising a module that is embedded in a potting material. Attempts to remove the potting material either by mechanical or solvent means are likely to result in loss of the data and program code stored in the module. The CPU includes special circuitry enabling it to operate in an encrypted mode so that it can not be interrogated to discover the program or data stored therein. This program enables the EDU to establish secure communications with another similar EDU over a non-secure link.
    Type: Grant
    Filed: July 23, 1992
    Date of Patent: August 17, 1993
    Assignee: Crest Industries, Inc.
    Inventors: Harry R. Rasmussen, Jack D. LaBounty, Michael J. Rosenow
  • Patent number: 5222136
    Abstract: A system for exchanging encrypted data between selected devices at stations comprising a network. The system includes an encrypted communications device (ECOM) (12) that selectively encrypts data from one of a plurality of different devices. With the ECOM, a user selectively encrypts voice transmissions from a telephone, facsimile transmissions produced by a facsimile machine, or data transmissions, either from a personal computer (PC) or from a modem connected to a PC for transmission over non-secure telephone lines (18) to another such device connected to an ECOM at the other location. The receiving ECOM initiates secure communications by encrypting a portion of a data encryption key (DEK) that is transmitted back to the first ECOM, which decrypts it and then generates a second portion of the DEK for transmission back to the receiving ECOM. These two portions are then exclusively ORed (XORed) together by each ECOM to determine the DEK for use in encrypting and decrypting data during the current session.
    Type: Grant
    Filed: July 23, 1992
    Date of Patent: June 22, 1993
    Assignee: Crest Industries, Inc.
    Inventors: Harry R. Rasmussen, Jack D. LaBounty, Michael J. Rosenow, John D. Hoskinson, Joseph G. Maurin
  • Patent number: 5128996
    Abstract: A data encryption device with a plurality of data encryption boards for encrypting data is provided. In a preferred embodiment, the data encryption device has a monitor processor connected to a parallel bus. Each data encryption board has a parallel port for connection to the parallel bus and a serial port for connection to a host computer. Each data encryption board operates independently of the other data encryption boards. A plurality of data encryption boards may be connected to the bus. In operation, a host computer sends data to a data encryption board. The data encryption board encrypts the data and sends the encrypted data to the host processor. The monitor processor and the data encryption boards are preferably in the same housing unit with a tamper detection mechanism.
    Type: Grant
    Filed: December 9, 1988
    Date of Patent: July 7, 1992
    Assignee: The Exchange System Limited Partnership
    Inventors: Michael J. Rosenow, Scott B. Hamilton, Thomas M. Bass
  • Patent number: 5123047
    Abstract: An apparatus and method for loading a replacement computer program into a data encryption device having a central processing unit and a memory. The central processing unit is responsive to interrupt requests and operatively connected to a communications port. The memory has memory locations, and is partitioned into a data memory space and a program memory space, with the program memory space being read-only. The replacement computer program has a main entry point, and a load address which is the memory location at which the replacement computer program is to be loaded. When the occurence of an interrupt request, indicating a request to load the replacement computer porgram into the memory, is detected, the execution of a loaded computer program at a memory location is interrupted. Control is transferred to an interrupt routine. The replacement computer program is received through the communications port, and stored in the memory. The replacement computer program replaces the loaded computer program.
    Type: Grant
    Filed: January 25, 1991
    Date of Patent: June 16, 1992
    Assignee: The Exchange System Limited Partnership
    Inventor: Michael J. Rosenow
  • Patent number: 5022076
    Abstract: An improved fault tolerant processor arrangement is described. In accordance with this invention, redundant processors are coupled in parallel in a master/slave configuration wherein means are provided for disabling the respective outputs of the processors. The master processor includes means for generating a periodic pulse which is detected by the slave processor. As long as the periodic pulse is detected by the slave processor, the output of the master processor remains enabled and the output of the slave processor is disabled. If the periodic pulse is not detected by the slave processor, the slave processor disables the output of the master processor wherein the output of the slave processor becomes enabled.
    Type: Grant
    Filed: December 9, 1988
    Date of Patent: June 4, 1991
    Assignee: The Exchange System Limited Partnership
    Inventors: Michael J. Rosenow, Scott B. Hamilton, Thomas M. Bass
  • Patent number: 5008936
    Abstract: An improved method and system for backing-up secure files in a data encryption unit is described. In accordance with the teachings of this invention, encrypted files are read from the memory of a first encryption device and stored in a temporary location. The encrypted files are then re-encrypted under a predefined encryption key and stored in a removable non-volatile memory device. To restore a file, the re-encrypted files are read from the non-volatile memory device, decrypted under the predefined key and stored in the temporary memory location. The recovered files are then loaded into memory of the first device from the temporary memory location. The present invention further includes means for destroying the contents of the non-volatile storage device upon the detection of tampering therewith.
    Type: Grant
    Filed: December 9, 1988
    Date of Patent: April 16, 1991
    Assignee: The Exchange System Limited Partnership
    Inventors: Scott B. Hamilton, Michael J. Rosenow
  • Patent number: 4997288
    Abstract: An improved fault-tolerant arrangement for use in a multichannel data encryption unit is disclosed. In accordance with the teachings of this invention, a data encryption system includes a plurality of data encryption devices and a host computer and display system wherein a data bus which couples the host computer and data encryption devices includes first and second power supply lines. Each of the respective data encryption devices includes means for automatically deriving power from either of the first or second power supply lines based on the presence of power thereon. Accordingly, fault-tolerant operation is provided wherein the respective data encryption devices continue operating even in the event of the failure of the host computer.
    Type: Grant
    Filed: December 9, 1988
    Date of Patent: March 5, 1991
    Assignee: The Exchange System Limited Partnership
    Inventor: Michael J. Rosenow