Patents by Inventor Mitchell D. Adler

Mitchell D. Adler has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11528129
    Abstract: Some embodiments of the subject technology provide a novel system for synchronizing content items among a group of peer devices. The content synchronizing system of some embodiments includes the group of peer devices and a set of one or more synchronizing servers communicatively connected with the peer devices through one or more networks. In some embodiments, the synchronizing system uses a star architecture, in which each peer device offloads its synchronization operations to the synchronizing server set. Without establishing a peer-to-peer communication with any other peer device, the particular peer device in these embodiments supplies an encrypted content item set along with the N?1 encryptions of a content key used to encrypt the content item set to the synchronizing server set so that this server set can distribute the encrypted content item set and an encrypted content key to each of the N?1 peer devices.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: December 13, 2022
    Assignee: Apple Inc.
    Inventors: Per Love Hornquist Astrand, Benjamin I. Williamson, Keaton F. Mowery, Mitchell D. Adler, Michelle A. Auricchio, Luke T. Hiesterman
  • Patent number: 11444766
    Abstract: Some embodiments provide a method for a first device to join a group of related devices. The method receives input of a password for an account with a centralized entity and a code generated by a second device in the group. When the second device determines that the code input on the first device matches the generated code, the method receives an authentication code from the second device for authorizing the first device with the entity as a valid device for the account. The method uses the password and information regarding the first device to generate an application to the group. After sending the application to the second device, the method receives information from the second device that enables the first device to add itself to the group. The second device verifies the generated application, and the method uses the information received from the second device to join the group.
    Type: Grant
    Filed: March 5, 2019
    Date of Patent: September 13, 2022
    Assignee: Apple Inc.
    Inventors: Yannick L. Sierra, Mitchell D. Adler
  • Patent number: 11438322
    Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.
    Type: Grant
    Filed: January 31, 2019
    Date of Patent: September 6, 2022
    Assignee: Apple Inc.
    Inventors: Wade Benson, Marc J. Krochmal, Alexander R. Ledwith, John Iarocci, Jerrold V. Hauck, Michael Brouwer, Mitchell D. Adler, Yannick L. Sierra
  • Patent number: 11250118
    Abstract: In some embodiments, a first device performs ranging operations to allow a user to perform one or more operations on the first device without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account that is authorized to perform operations on the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the operations to be performed on the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the operation is authorized on the first device.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: February 15, 2022
    Assignee: Apple Inc.
    Inventors: Alexander R. Ledwith, Wade Benson, Marc J. Krochmal, John J. Iarocci, Jerrold V. Hauck, Michael Brouwer, Mitchell D. Adler, Yannick L. Sierra, Libor Sykora, Jiri Margaritov
  • Patent number: 11176237
    Abstract: In some embodiments, a first device performs ranging operations to allow a user to access the first device under one of several user accounts without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account under which a user can access (e.g., can log into) the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the user is allowed to access the first device under the first user account. In some embodiments, the substitute interaction occurs while the first device is logged into under a second user account.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: November 16, 2021
    Assignee: Apple Inc.
    Inventors: Wade Benson, Alexander R. Ledwith, Marc J. Krochmal, John J. Iarocci, Jerrold V. Hauck, Michael Brouwer, Mitchell D. Adler, Yannick L. Sierra, Libor Sykora
  • Patent number: 11178127
    Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.
    Type: Grant
    Filed: April 26, 2017
    Date of Patent: November 16, 2021
    Assignee: Apple Inc.
    Inventors: Wade Benson, Marc J. Krochmal, Alexander R. Ledwith, John Iarocci, Jerrold V. Hauck, Michael Brouwer, Mitchell D. Adler, Yannick L. Sierra
  • Patent number: 11063748
    Abstract: Some embodiments of the subject technology provide a novel system for synchronizing content items among a group of peer devices. The content synchronizing system of some embodiments includes the group of peer devices and a set of one or more synchronizing servers communicatively connected with the peer devices through one or more networks. In some embodiments, the synchronizing system uses a star architecture, in which each peer device offloads its synchronization operations to the synchronizing server set. Without establishing a peer-to-peer communication with any other peer device, the particular peer device in these embodiments supplies an encrypted content item set along with the N?1 encryptions of a content key used to encrypt the content item set to the synchronizing server set so that this server set can distribute the encrypted content item set and an encrypted content key to each of the N?1 peer devices.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: July 13, 2021
    Assignee: Apple Inc.
    Inventors: Per Love Hornquist Astrand, Benjamin I. Williamson, Keaton F. Mowery, Mitchell D. Adler, Michelle A. Auricchio, Luke T. Hiesterman
  • Patent number: 11057210
    Abstract: A user device can segment a secret (e.g., a data recovery key) into a master segment and a shared segment such that possession of both segments is necessary and sufficient to reconstruct the secret. The user device can provide the master segment to a server system. The user device can further segment the shared segment to generate a set of M shares such that any subset of the shares that includes at least a threshold number t of the shares can be used to reconstruct the shared segment, while fewer than t shares provide no information about the shared segment. The M shares can be distributed to shareholder devices. To reconstruct the secret, a recovery device can obtain the master segment and at least t of the M shares, then reconstruct the secret.
    Type: Grant
    Filed: August 26, 2019
    Date of Patent: July 6, 2021
    Assignee: Apple Inc.
    Inventors: Yannick L. Sierra, Mitchell D. Adler
  • Patent number: 11025412
    Abstract: Some embodiments of the subject technology provide a novel system for synchronizing content items among a group of peer devices. The content synchronizing system of some embodiments includes the group of peer devices and a set of one or more synchronizing servers communicatively connected with the peer devices through one or more networks. In some embodiments, the synchronizing system uses a star architecture, in which each peer device offloads its synchronization operations to the synchronizing server set. Without establishing a peer-to-peer communication with any other peer device, the particular peer device in these embodiments supplies an encrypted content item set along with the N?1 encryptions of a content key used to encrypt the content item set to the synchronizing server set so that this server set can distribute the encrypted content item set and an encrypted content key to each of the N?1 peer devices.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: June 1, 2021
    Assignee: Apple Inc.
    Inventors: Per Love Hornquist Astrand, Benjamin I. Williamson, Keaton F. Mowery, Mitchell D. Adler, Michelle A. Auricchio, Luke T. Hiesterman
  • Patent number: 10872042
    Abstract: Some embodiments provide, for a particular device in a set of related devices, a method for backing up data synchronized between the set of related devices. The method stores the backup data encrypted with a set of data encryption keys. The method also stores the set of data encryption keys encrypted with a master recovery key. The method also stores several copies of master recovery key data, each copy of the master recovery key data encrypted with a public key of a different one of the related devices. The backup data is only recoverable by accessing a private key of any one of the related devices.
    Type: Grant
    Filed: February 5, 2018
    Date of Patent: December 22, 2020
    Assignee: Apple Inc.
    Inventors: Michael D. Ford, Jerrold V. Hauck, Matthew G. Watson, Mitchell D. Adler, Dallas B. De Atley, James Wilson
  • Patent number: 10853504
    Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
    Type: Grant
    Filed: November 22, 2019
    Date of Patent: December 1, 2020
    Assignee: Apple Inc.
    Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
  • Patent number: 10771545
    Abstract: Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.
    Type: Grant
    Filed: November 8, 2018
    Date of Patent: September 8, 2020
    Assignee: Apple Inc.
    Inventors: Mitchell D. Adler, Michael Brouwer, Dallas De Atley
  • Patent number: 10747435
    Abstract: Some embodiments provide a method for a first device to synchronize a set of data items with a second device. The method receives a request to synchronize the set of data items stored on the first device with the second device. The method determines a subset of the synchronization data items stored on the first device that belong to at least one synchronization sub-group in which the second device participates. Participation in at least one of the synchronization sub-groups is defined based on membership in at least one verification sub-group. The first and second devices are part of a set of related devices with several different verification sub-groups. The method sends only the subset of the synchronization data items that belong to at least one synchronization sub-group in which the second device participates to the second device using a secure channel.
    Type: Grant
    Filed: January 17, 2019
    Date of Patent: August 18, 2020
    Assignee: Apple Inc.
    Inventors: Mitchell D. Adler, Michael Brouwer, Andrew R. Whalley, John C. Hurley, Richard F. Murphy, David P. Finkelstein
  • Patent number: 10708049
    Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: July 7, 2020
    Assignee: Apple Inc.
    Inventors: Dallas B. De Atley, Jerrold V. Hauck, Mitchell D. Adler
  • Patent number: 10686767
    Abstract: Some embodiments provide convenient auto-authentication for user data on a primary device, while still providing a significant level of security, by taking advantage of existing security and cryptographic measures used to communicate with a secondary device. The primary device of some embodiments encrypts the user data on the primary device using a cryptographic key based on a set of keys received from the secondary device. In some embodiments, the primary device encrypts authentication data, or a local key generated from the authentication data, using a remote key received from the secondary device, and encrypts the user data with the local key. In some embodiments, the keys received from the secondary device are an existing set of keys for establishing an encrypted channel of communication for transmitting digital rights management (DRM) protected content according to a DRM protection scheme.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: June 16, 2020
    Assignee: Apple Inc.
    Inventors: Mitchell D. Adler, Andrew Roger Whalley
  • Patent number: 10652736
    Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.
    Type: Grant
    Filed: February 19, 2019
    Date of Patent: May 12, 2020
    Assignee: Apple Inc.
    Inventors: Mitchell D. Adler, Yannick L. Sierra, Ganesha A. G. Batta, Michael Giles, Akshay M Srivatsa, Craig P. Dooley, Sriram Hariharan, Robert D. Watson
  • Patent number: 10546293
    Abstract: A system for provisioning credentials onto an electronic device is provided. The system may include a payment network subsystem, a service provider subsystem, and one or more user devices that can be used to perform mobile transactions at a merchant terminal. The user device may communicate with the service provider subsystem in order to obtained commerce credentials from the payment network subsystem. The user device may include a secure element and a corresponding trusted processor. The trusted processor may generate a random authorization number and inject that number into the secure element. Mobile payments should only be completed if the random authorization number on the secure element matches the random authorization number at the trusted processor. The trusted processor may be configured to efface the previous random authorization number and generate a new random authorization number when detecting a potential change in ownership at the user device.
    Type: Grant
    Filed: September 2, 2014
    Date of Patent: January 28, 2020
    Assignee: Apple Inc.
    Inventors: Ahmer A. Khan, Jerrold V. Hauck, George R. Dicker, Jeffrey C. Lee, Mitchell D Adler, Wade Benson
  • Patent number: 10521596
    Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: December 31, 2019
    Assignee: Apple Inc.
    Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
  • Publication number: 20190347007
    Abstract: Some embodiments provide a method for a first device that identifies definitions of different groups of devices, each of which is defined by a set of properties required for a device to be a member. The method monitors properties of the first device to determine when the device is eligible for membership in a group. When the first device is eligible for membership in a first group of which the device is not a member, the method sends an application for membership in the first group signed with at least a private key of the device to at least one other device that is a member of the first group. When the first device becomes ineligible for membership in a second group of which the first device is a member, the method removes the device from the second group and notifies other devices that are members of the second group.
    Type: Application
    Filed: May 30, 2019
    Publication date: November 14, 2019
    Inventors: Mitchell D. ADLER, Michael BROUWER, Andrew R. WHALLEY, John C. HURLEY, Richard F. MURPHY, David P. FINKELSTEIN
  • Publication number: 20190318074
    Abstract: In some embodiments, a first device performs ranging operations to allow a user to perform one or more operations on the first device without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account that is authorized to perform operations on the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the operations to be performed on the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the operation is authorized on the first device.
    Type: Application
    Filed: April 18, 2019
    Publication date: October 17, 2019
    Inventors: Alexander R. LEDWITH, Wade BENSON, Marc J. KROCHMAL, John J. IAROCCI, Jerrold V. HAUCK, Michael BROUWER, Mitchell D. ADLER, Yannick L. SIERRA, Libor SYKORA, Jiri MARGARITOV