Patents by Inventor Phil CHI
Phil CHI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20040230814Abstract: A method, system and computer program product for digesting data in storage of a computing environment. The digesting computes a condensed representation of a message or data stored in the computer storage. A COMPUTE INTERMEDIATE MESSAGE DIGEST (KIMD) and a COMPUTE LAST MESSAGE DIGEST (KLMD) instruction are disclosed which specify a unit of storage to be digested by a secure hashing algorithm.Type: ApplicationFiled: May 12, 2003Publication date: November 18, 2004Applicant: International Business Machines CorporationInventors: Shawn D. Lundvall, Ronald M. Smith, Phil Chi-Chung Yeh
-
Patent number: 6339824Abstract: Public key security control (PKSC) is provided for a cryptographic module by means of digitally signed communications between the module and one or authorities with whom it interacts. Authorities interact with the crypto module by means of unsigned queries seeking nonsecret information or signed commands for performing specified operations. Each command signed by an authority also contains a transaction sequence number (TSN), which must match a corresponding number stored by the crypto module for the authority. The TSN for each authority is initially generated randomly and is incremented for each command accepted from that authority. A signature requirement array (SRA) controls the number of signatures required to validate each command type. Upon receiving a signed command from one or more authorities, the SRA is examined to determine whether a required number of authorities permitted to sign the command have signed the command for each signature requirement specification defined for that command type.Type: GrantFiled: June 30, 1997Date of Patent: January 15, 2002Assignee: International Business Machines CorporationInventors: Ronald M. Smith, Sr., Edward J. D'Avignon, Robert S. DeBellis, Randall J. Easter, Lucina L. Green, Michael J. Kelly, William A. Merz, Vincent A. Spano, Phil Chi-Chung Yeh
-
Patent number: 6333983Abstract: A method and apparatus for decrypting an input block encrypted under a predetermined key in a cryptographic system having a cryptographic facility providing cryptographic functions for transforming blocks of data. The cryptographic functions include an encryption function for encrypting a block under a predetermined key and a transformation function for transforming a block encrypted under a first key to the same block encrypted under a second key. The cryptographic functions have at least one key pair with the property that successive encryption of a block under the keys of the pair regenerates the block in clear form. The input block is first transformed into an intermediate block encrypted under one of the key pair using the transformation function. The intermediate block is then further encrypted under the other of the key pair using the encryption function to generate an output block successively encrypted under the keys of pair, thereby to regenerate the input block in clear form.Type: GrantFiled: December 16, 1997Date of Patent: December 25, 2001Assignee: International Business Machines CorporationInventors: Margaret C. Enichen, Ronald M. Smith, Sr., Phil Chi-Chung Yeh
-
Patent number: 6330612Abstract: A method and apparatus for serializing access by n entities to a shared resource in an information handling system. A waiter list is defined as a circular list of n bits, each of which is assigned to an entity. When a bit is false (0) it indicates that the corresponding entity is not waiting for the lock; when the bit is true (1) it indicates the corresponding entity is waiting for the lock. A next waiter indicator (NWI) is also defined that contains a value from 0 to n inclusive; a value of 0 indicates that there are currently no waiters, while a value from 1 to n indicates the next waiter to whom the lock will be granted. The waiter list is initialized to zeros to indicate there are no waiters. When an entity requests a lock that cannot be granted, the entity is made a waiter by setting the corresponding bit in the waiter list to one. If the next waiter indicator is zero, indicating that there were previously no waiters for the lock, the indicator is set to identify the requesting entity as the next waiter.Type: GrantFiled: August 28, 1998Date of Patent: December 11, 2001Assignee: International Business Machines CorporationInventors: Mark A. Boonie, Peter G. Sutton, Wendell W. Wilkinson, Phil Chi-Chung Yeh
-
Publication number: 20010001155Abstract: Public key security control (PKSC) is provided for a cryptographic module by means of digitally signed communications between the module and one or authorities with whom it interacts. Authorities interact with the crypto module by means of unsigned queries seeking nonsecret information or signed commands for performing specified operations. Each command signed by an authority also contains a transaction sequence number (TSN), which must match a corresponding number stored by the crypto module for the authority. The TSN for each authority is initially generated randomly and is incremented for each command accepted from that authority. A signature requirement array (SRA) controls the number of signatures required to validate each command type. Upon receiving a signed command from one or more authorities, the SRA is examined to determine whether a required number of authorities permitted to sign the command have signed the command for each signature requirement specification defined for that command type.Type: ApplicationFiled: December 27, 2000Publication date: May 10, 2001Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ronald M. Smith, Edward J. D'Avignon, Robert S. DeBellis, Randall J. Easter, Lucina L. Green, Michael J. Kelly, William A. Merz, Vincent A. Spano, Phil Chi-Chung Yeh
-
Patent number: 6144744Abstract: Objects such as master keys or object protection keys that are kept in a protected environment of a crypto module are securely transferred between modules by means of transport keys. The transport keys are generated by public key procedures and are inaccessible outside the modules. Master keys are encrypted under the transport key within the protected environment of the source module, transmitted in encrypted form to the target module, and decrypted with the transport key within the protected environment of the target module. Object protection keys that are encrypted under a first master key kept in the protected environment of the source module are decrypted with the first master within the protected environment of the source module before being encrypted under the transport key. The object protection keys are encrypted under a second master key within the protected environment of the target module after being decrypted with the transport key.Type: GrantFiled: June 30, 1997Date of Patent: November 7, 2000Assignee: International Business Machines CorporationInventors: Ronald M. Smith, Sr., Edward J. D'Avignon, Robert S. DeBellis, Phil Chi-Chung Yeh
-
Patent number: 6108425Abstract: The capabilities of a cryptographic module are controlled by a crypto configuration control (CCC) register that is initialized by one or more self-signed commands that are preformulated and signed with the digital signature key of the crypto module itself. The crypto module accepts a self-signed command only if the self-signature can be validated using the signature verification key of the module. In one implementation, the final configuration is determined by a single self-signed command. In another implementation, a first self-signed command is used to create an temporary configuration that allows one or more initialization authorities to issue additional commands fixing the final configuration. The self-signed commands are maintained separately from the crypto module and are distributed to the end user either physically or electronically.Type: GrantFiled: June 30, 1997Date of Patent: August 22, 2000Assignee: International Business Machines CorporationInventors: Ronald M. Smith, Sr., Edward J. D'Avignon, Robert S. DeBellis, Randall J. Easter, Lucina L. Green, Michael J. Kelly, Vincent A. Spano, Phil Chi-Chung Yeh
-
Patent number: 6104810Abstract: Pseudorandom numbers are generated in a cryptographic module in a cryptographically strong manner by combining a time-dependent value with a secret value and passing the result through a one-way hash function to generate a hash value from which a random number is generated. The secret value is continually updated whenever the cryptographic module is idle by a first feedback function that generates an updated secret value as a one-way function of the current secret value and the time-dependent value. In addition, the secret value is updated on the occurrence of a predetermined external event by a second feedback function that generates an updated secret value as a one-way function of the current secret value, the time-dependent value and an externally supplied value.Type: GrantFiled: May 15, 1997Date of Patent: August 15, 2000Assignee: International Business Machines CorporationInventors: Robert S. DeBellis, Ronald M. Smith, Sr., Phil Chi-Chung Yeh
-
Patent number: 6061703Abstract: Pseudorandom numbers are generated in a cryptographic module in a cryptographically strong manner by combining a time-dependent value with a secret value and passing the result through a one-way hash function to generate a hash value from which a random number is generated. The secret value is continually updated whenever the cryptographic module is idle by a first feedback function that generates an updated secret value as a one-way function of the current secret value and the time-dependent value. In addition, the secret value is updated on the occurrence of a predetermined external event by a second feedback function that generates an updated secret value as a one-way function of the current secret value, the time-dependent value and an externally supplied value.Type: GrantFiled: May 15, 1997Date of Patent: May 9, 2000Assignee: International Business Machines CorporationInventors: Robert S. DeBellis, Ronald M. Smith, Sr., Phil Chi-Chung Yeh
-
Patent number: 6044388Abstract: Pseudorandom numbers are generated in a cryptographic module in a cryptographically strong manner by combining a time-dependent value with a secret value and passing the result through a one-way hash function to generate a hash value from which a random number is generated. The secret value is continually updated whenever the cryptographic module is idle by a first feedback function that generates an updated secret value as a one-way function of the current secret value and the time-dependent value. In addition, the secret value is updated on the occurrence of a predetermined external event by a second feedback function that generates an updated secret value as a one-way function of the current secret value, the time-dependent value and an externally supplied value.Type: GrantFiled: May 15, 1997Date of Patent: March 28, 2000Assignee: International Business Machine CorporationInventors: Robert S. DeBellis, Ronald M. Smith, Sr., Phil Chi-Chung Yeh