Patents by Inventor Paul Ying-Fung Wu
Paul Ying-Fung Wu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230362147Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: ApplicationFiled: January 27, 2023Publication date: November 9, 2023Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20230281292Abstract: This disclosure provides techniques for recovering a root key from measurement of a circuit function. In some embodiments, a checkpointing feature is used to periodically mark measurements of this function and thereby track drift in the value of the root key over the life of a digital device; the checkpointing feature permits rollback of any measurement of the function in a manner that negates incremental drift and permits recovery of the root key for the life of a device (e.g., an IC circuit or product in which the IC is embedded). This disclosure also provides novel PUF designs and applications.Type: ApplicationFiled: December 3, 2022Publication date: September 7, 2023Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20230231840Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: ApplicationFiled: October 26, 2022Publication date: July 20, 2023Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20230195943Abstract: This disclosure provides techniques for permuting the performance of associative functions by circuitry of a digital device or processor in a manner that disrupts the effectiveness of side channel attacks. In specific embodiments, associative functions performed by math processing circuitry in such a device are permuted so as to mask/obfuscate a power signature and/or other externally-observable effects while providing an invariant result as an output. In still more detailed embodiments, a variable radix processor is used to provide conversion of an input operand to a permutation of associative functions. The radix can be varied across different products and/or can be dynamically varied during operation of a device, e.g., based on seeds from a random number generator. In still more detailed embodiments, conventional “double-and-add” or “square-and-multiply” execution units can be variably scripted to mask power signature and/or other patterns.Type: ApplicationFiled: November 30, 2022Publication date: June 22, 2023Inventors: Paul Ying-Fung Wu, Harry Leslie Tredennick
-
Publication number: 20230155825Abstract: The invention provides a device with cryptographic function, which includes: a hardware unit, exhibiting hardware-intrinsic properties; a key generating unit, generating a private key according to the hardware-intrinsic properties, and generating a public key according to the private key, for exchanging public keys with an outside device to convert communication payload information into first encrypted information based on the received public key; and a session operational unit, establishing a session key configured to encrypt the first encrypted information into second encrypted information to be transmitted between the cryptographic device with cryptographic function and the outside device. The key generating unit further optionally generates a secret key according to the hardware-intrinsic properties for securing data at rest in the cryptographic device.Type: ApplicationFiled: November 17, 2021Publication date: May 18, 2023Inventor: Paul Ying-Fung WU
-
Patent number: 11595368Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: GrantFiled: June 29, 2020Date of Patent: February 28, 2023Assignee: JONETIX CORPORATIONInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 11544371Abstract: This disclosure provides techniques for recovering a root key from measurement of a circuit function. In some embodiments, a checkpointing feature is used to periodically mark measurements of this function and thereby track drift in the value of the root key over the life of a digital device; the checkpointing feature permits rollback of any measurement of the function in a manner that negates incremental drift and permits recovery of the root key for the life of a device (e.g., an IC circuit or product in which the IC is embedded). This disclosure also provides novel PUF designs and applications.Type: GrantFiled: December 7, 2020Date of Patent: January 3, 2023Assignee: JONETIX CORPORATIONInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 11516201Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: GrantFiled: January 21, 2021Date of Patent: November 29, 2022Assignee: Jonetix CorporationInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20210320910Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: ApplicationFiled: January 21, 2021Publication date: October 14, 2021Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20210264014Abstract: This disclosure provides techniques for recovering a root key from measurement of a circuit function. In some embodiments, a checkpointing feature is used to periodically mark measurements of this function and thereby track drift in the value of the root key over the life of a digital device; the checkpointing feature permits rollback of any measurement of the function in a manner that negates incremental drift and permits recovery of the root key for the life of a device (e.g., an IC circuit or product in which the IC is embedded). This disclosure also provides novel PUF designs and applications.Type: ApplicationFiled: December 7, 2020Publication date: August 26, 2021Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 10931658Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: GrantFiled: August 6, 2019Date of Patent: February 23, 2021Assignee: Jonetix CorporationInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20210051139Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: ApplicationFiled: June 29, 2020Publication date: February 18, 2021Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 10891366Abstract: This disclosure provides techniques for recovering a root key from measurement of a circuit function. In some embodiments, a checkpointing feature is used to periodically mark measurements of this function and thereby track drift in the value of the root key over the life of a digital device; the checkpointing feature permits rollback of any measurement of the function in a manner that negates incremental drift and permits recovery of the root key for the life of a device (e.g., an IC circuit or product in which the IC is embedded). This disclosure also provides novel PUF designs and applications.Type: GrantFiled: August 11, 2018Date of Patent: January 12, 2021Assignee: JONETIX CORPORATIONInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 10742622Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: GrantFiled: January 31, 2019Date of Patent: August 11, 2020Assignee: JONETIX CORPORATIONInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20200153813Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: ApplicationFiled: August 6, 2019Publication date: May 14, 2020Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 10419416Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: GrantFiled: June 8, 2018Date of Patent: September 17, 2019Assignee: Jonetix CorporationInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20190260586Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: ApplicationFiled: January 31, 2019Publication date: August 22, 2019Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 10263779Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: GrantFiled: March 7, 2016Date of Patent: April 16, 2019Assignee: JONETIX CORPORATIONInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20190007390Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: ApplicationFiled: June 8, 2018Publication date: January 3, 2019Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Publication number: 20180337782Abstract: A first party uses a secret key to encrypt information, which is then sent through an untrusted connection to a second party. The second party, however, cannot decrypt the information on its own, and it relays the encrypted information through a secure network. The secure network includes one or more nodes linking the first and second parties through one or more trusted connections (“hops”); each hop features uses of a shared secret key unique to that hop. The first party's connection to the network (domain) receives the information relayed through the secure network by the second party, it decrypts that information according to the secret key of the first party, and it then retransmits the decrypted information to the second party using the secure hops. Techniques are provided for sharing a private session key, federated credentials, and private information.Type: ApplicationFiled: March 7, 2016Publication date: November 22, 2018Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick