Patents by Inventor Pratyay Mukherjee

Pratyay Mukherjee has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220286290
    Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.
    Type: Application
    Filed: May 25, 2022
    Publication date: September 8, 2022
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan
  • Patent number: 11438152
    Abstract: Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit the commitment to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitment and their respective secret share, and likewise generate a partial signature based on the commitment and their respective verification share. The partial computations and partial signatures may be transmitted to the client computer. The client computer may use the partial computations and partial signatures to generate a cryptographic key and verification signature respectively. The client computer may use the cryptographic key to encrypt or decrypt a message.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: September 6, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Pratyay Mukherjee, Shashank Agrawal, Peter Rindal, Atul Luykx, Wei Dai
  • Patent number: 11431487
    Abstract: Systems and methods for adaptive attack resistant distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess multiple secret shares corresponding to distinct secret values, which may be used in the process of encrypting or decrypting data. The client computer may generate multiple commitments and transmit those commitments to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitments and their respective secret shares. The partial computations may be transmitted to the client computer. The client computer may use the partial computations to generate a cryptographic key. The client computer may use the cryptographic key to encrypt a message or decrypt ciphertext.
    Type: Grant
    Filed: April 28, 2020
    Date of Patent: August 30, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventor: Pratyay Mukherjee
  • Patent number: 11411738
    Abstract: Systems, methods, and apparatuses of using biometric information to authenticate a first device of a user to a second device are described herein. A method includes storing, by the first device, a first key share of a private key and a first template share of a biometric template of the user. The second device stores a public key, and one or more other devices of the user store other key shares and other template shares. The first device receives a challenge message from the second device, measures biometric features of the user to obtain a measurement vector, and sends the measurement vector and the challenge message to the other devices. The first device receives partial computations, generated using a respective template share, key share, and the challenge message, from the other devices, uses them to generate a signature of the challenge message and send the signature to the second device.
    Type: Grant
    Filed: October 4, 2019
    Date of Patent: August 9, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Shashank Agrawal, Saikrishna Badrinarayanan, Payman Mohassel, Pratyay Mukherjee
  • Patent number: 11368308
    Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.
    Type: Grant
    Filed: January 9, 2020
    Date of Patent: June 21, 2022
    Assignee: Visa International Service Association
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan
  • Publication number: 20220131698
    Abstract: Secure protocols for external-facing authentication are provided for both user templates stored on their devices and the biometric measurement captured by external sensors of an access device. The protocols provide different levels of security, ranging from passive security with some leakage to active security with no leakage. A packing technique is also provided. Zero-knowledge techniques are used during enrollment to validate a norm of user templates and knowledge of the plaintext biometric template. One enrolled, the verifier can sign the encrypted template for use in a later matching phase with an access device.
    Type: Application
    Filed: October 23, 2020
    Publication date: April 28, 2022
    Inventors: Saikrishna Badrinarayanan, Peter Rindal, Pratyay Mukherjee
  • Publication number: 20220086003
    Abstract: Systems, methods, and apparatuses for protecting a secret on a device with limited memory, while still providing tamper resistance, are described. To achieve security, an encoding computer can apply a memory-hard function MHF to a secret S and determine a result Y, then determine a proof ? for the result Y. Then, the encoding computer can send a codeword C comprising the secret S and the proof ? to a decoding computer. The decoding computer can retrieve the codeword C from persistent memory and parse the secret S and the proof ?. The decoding device can use transient memory to decode the codeword C by verifying the proof ? was generated with the secret S and the result Y. When the correctness of the result Y is verified, the decoding device can apply a cryptographic function to input data using the secret S then reset the transient memory.
    Type: Application
    Filed: November 23, 2021
    Publication date: March 17, 2022
    Inventors: Pratyay Mukherjee, Binyi Chen, Yilei Chen
  • Publication number: 20220044233
    Abstract: A method, system, and computer program product generate, with a payment network, a first value (a) and a second value (ga), the second value (ga) based on the first value (a) and a generator value (g); generate, with the payment network, a plurality of random merchant numbers (mi) for a respective plurality of merchant banks; determine, with the payment network, a merchant product (M) based on a product of the plurality of random merchant numbers (mi); generate, with the payment network, a public key (pki) based on the second value (ga), the merchant product (M), and the random merchant number (mi) and a random key (rki) based on the merchant product (M) and the random merchant number (mi) for each respective merchant bank; and communicate, with the payment network, the public key (pki) and the random key (rki) to at least one respective merchant bank.
    Type: Application
    Filed: January 9, 2020
    Publication date: February 10, 2022
    Inventors: Sivanarayana Gaddam, Gaven James Watson, Rohit Sinha, Pratyay Mukherjee
  • Publication number: 20220045865
    Abstract: Techniques of generating a lattice-based verification matrix and signature vector are disclosed. The method enables generating device to sample a gadget matrix and then generate a reduced gadget matrix. The generating device may then sample a trapdoor matrix and use the trapdoor matrix and the reduced gadget matrix to generate a verification matrix. A sending device may receive the trapdoor matrix and the verification matrix from the generating device, in addition to receiving a message. The sending device may then use the trapdoor matrix and the verification matrix to generate a signature vector for the message. A verification device can receive the verification matrix, the message, and the signature vector. The verification device may use the verification matrix and the signature vector to verify the message.
    Type: Application
    Filed: August 1, 2019
    Publication date: February 10, 2022
    Inventors: Pratyay Mukherjee, Yilei Chen, Nicholas Genise
  • Patent number: 11212103
    Abstract: Systems, methods, and apparatuses for protecting a secret on a device with limited memory, while still providing tamper resistance, are described. To achieve security, an encoding computer can apply a memory-hard function MHF to a secret S and determine a result Y, then determine a proof ? for the result Y. Then, the encoding computer can send a codeword C comprising the secret S and the proof ? to a decoding computer. The decoding computer can retrieve the codeword C from persistent memory and parse the secret S and the proof ?. The decoding device can use transient memory decode the codeword C by verifying the proof ? was generated with the secret S and the result Y. When the correctness of the result Y is verified, the decoding device can apply a cryptographic function to input data using the secret S then reset the transient memory.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: December 28, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Pratyay Mukherjee, Binyi Chen, Yilei Chen
  • Publication number: 20210391987
    Abstract: Several round-efficient solitary multi-party computation protocols with guaranteed output delivery are disclosed. A plurality of input devices and an output device can collectively perform a computation using methods such as fully homomorphic encryption. The output of the computation is only known to the output device. Some number of these devices may be corrupt. However, even in the presence of corrupt devices, the output device can still either generate a correct output or identify that the computation was compromised. These protocols operate under different assumptions regarding the communication infrastructure (e.g., broadcast vs point-to-point), the number of participating devices, and the number of corrupt devices. These protocols are round-efficient in that they require a minimal number of communication rounds to calculate the result of the multi-party computation.
    Type: Application
    Filed: May 25, 2021
    Publication date: December 16, 2021
    Inventors: Saikrishna Badrinarayanan, Pratyay Mukherjee, Divya Ravi, Peihan Miao
  • Publication number: 20210336771
    Abstract: Systems and methods for adaptive attack resistant distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess multiple secret shares corresponding to distinct secret values, which may be used in the process of encrypting or decrypting data. The client computer may generate multiple commitments and transmit those commitments to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitments and their respective secret shares. The partial computations may be transmitted to the client computer. The client computer may use the partial computations to generate a cryptographic key. The client computer may use the cryptographic key to encrypt a message or decrypt ciphertext.
    Type: Application
    Filed: April 28, 2020
    Publication date: October 28, 2021
    Inventor: Pratyay Mukherjee
  • Publication number: 20210336792
    Abstract: Systems, methods, and apparatuses of using biometric information to authenticate a first device of a user to a second device are described herein. A method includes storing, by the first device, a first key share of a private key and a first template share of a biometric template of the user. The second device stores a public key, and one or more other devices of the user store other key shares and other template shares. The first device receives a challenge message from the second device, measures biometric features of the user to obtain a measurement vector, and sends the measurement vector and the challenge message to the other devices. The first device receives partial computations, generated using a respective template share, key share, and the challenge message, from the other devices, uses them to generate a signature of the challenge message and send the signature to the second device.
    Type: Application
    Filed: October 4, 2019
    Publication date: October 28, 2021
    Inventors: Shashank Agrawal, Saikrishna Badrinarayanan, Payman Mohassel, Pratyay Mukherjee
  • Publication number: 20210243026
    Abstract: Embodiments disclosed herein are directed to methods and systems of password-based threshold authentication, which distributes the role of an authentication server among multiple servers. Any t servers can collectively verify passwords and generate authentication tokens, while no t?1 servers can forge a valid token or mount offline dictionary attacks.
    Type: Application
    Filed: October 15, 2018
    Publication date: August 5, 2021
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Peihan Miao
  • Publication number: 20210243020
    Abstract: Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit the commitment to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitment and their respective secret share, and likewise generate a partial signature based on the commitment and their respective verification share. The partial computations and partial signatures may be transmitted to the client computer. The client computer may use the partial computations and partial signatures to generate a cryptographic key and verification signature respectively. The client computer may use the cryptographic key to encrypt or decrypt a message.
    Type: Application
    Filed: January 31, 2020
    Publication date: August 5, 2021
    Inventors: Pratyay Mukherjee, Shashank Agrawal, Peter Rindal, Atul Luykx, Wei Dai
  • Patent number: 10984139
    Abstract: Systems, methods, and apparatuses can protecting a secret on a device with limited memory, while still providing tamper resistance. To achieve the lower memory usage, embodiments can apply a memory-hard function MHF to the secret S to obtain a result Y, which can be used in an encoding process to obtain a code C. After applying the MHF, a prove function can generate a proof value that is used in a decoding (e.g., a verification of computation process) of the code C. The code C can include the proof value, the secret S, and the result Y, and can be sent to a decoding device that verifies the code C as part of a decoding process.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: April 20, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Pratyay Mukherjee, Kristina Hostak
  • Publication number: 20210049308
    Abstract: Systems, methods, and apparatuses can protecting a secret on a device with limited memory, while still providing tamper resistance. To achieve the lower memory usage, embodiments can apply a memory-hard function MHF to the secret S to obtain a result Y, which can be used in an encoding process to obtain a code C. After applying the MHF, a prove function can generate a proof value that is used in a decoding (e.g., a verification of computation process) of the code C. The code C can include the proof value, the secret S, and the result Y, and can be sent to a decoding device that verifies the code C as part of a decoding process.
    Type: Application
    Filed: April 10, 2018
    Publication date: February 18, 2021
    Inventors: Pratyay Mukherjee, Kristina Hostakova
  • Publication number: 20200259651
    Abstract: Systems and methods for threshold authenticated encryption are provided. A collection of cryptographic devices may encrypt or decrypt a message, provided that a threshold number of those devices participate in the encryption process. One cryptographic device may generate a commitment message and transmit it to the other selected devices. Those devices may each perform a partial computation using the commitment message, and transmit the partial computations back to the encrypting or decrypting device. The encrypting or decrypting device may use those partial computations to produce a cryptographic key, which may then be used to encrypt or decrypt the message.
    Type: Application
    Filed: October 30, 2017
    Publication date: August 13, 2020
    Inventors: Payman Mohassel, Pratyay Mukherjee, Shashank Agrawal, Eric Le Saint
  • Publication number: 20200228341
    Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.
    Type: Application
    Filed: January 9, 2020
    Publication date: July 16, 2020
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan