Patents by Inventor Reuben Sumner
Reuben Sumner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9009492Abstract: A method for data security includes receiving, in a processor having a one-time programmable (OTP) memory, which includes multiple bits and has a current state defined by the bits of the OTP that have been programmed, new information to be written to a data memory. Based on the new information and the current state, at least one further bit of the OTP memory is selected to be programmed, thereby defining a new state of the OTP memory. A new digital signature is computed over the new information and the new state. The new information and the new digital signature are saved in the data memory. After saving the new information and the new digital signature in the data memory, the at least one further bit of the OTP memory is programmed, whereby the new state becomes the current state. Related apparatus and methods are also disclosed.Type: GrantFiled: June 19, 2012Date of Patent: April 14, 2015Assignee: Cisco Technology, Inc.Inventors: Yaacov Belenky, Reuben Sumner
-
Patent number: 8913745Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: GrantFiled: August 5, 2013Date of Patent: December 16, 2014Assignee: Cisco Technology Inc.Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Publication number: 20140040625Abstract: A method for data security includes receiving, in a processor having a one-time programmable (OTP) memory, which includes multiple bits and has a current state defined by the bits of the OTP that have been programmed, new information to be written to a data memory. Based on the new information and the current state, at least one further bit of the OTP memory is selected to be programmed, thereby defining a new state of the OTP memory. A new digital signature is computed over the new information and the new state. The new information and the new digital signature are saved in the data memory. After saving the new information and the new digital signature in the data memory, the at least one further bit of the OTP memory is programmed, whereby the new state becomes the current state. Related apparatus and methods are also disclosed.Type: ApplicationFiled: June 19, 2012Publication date: February 6, 2014Applicant: Cisco Technology Inc.Inventors: Yaacov Belenky, Reuben Sumner
-
Publication number: 20130326632Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: ApplicationFiled: August 5, 2013Publication date: December 5, 2013Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Patent number: 8539596Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: GrantFiled: May 21, 2009Date of Patent: September 17, 2013Assignee: Cisco Technology Inc.Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Patent number: 8181034Abstract: A system, comprising an external memory operative to store data therein, the data including a plurality of sections, each of the sections being associated with a signature, and an internal memory operationally connected to the external memory, and a processor arrangement operationally connected to the internal memory, the processor arrangement including a transfer module to transfer one section from the external to the internal memory, an authentication module to authenticate the signature of the section transferred from the external memory, a validity status module to identify the section as valid if the signature is authentic, and an execution module to utilize the section of the data only if the section is valid, wherein the validity status module is operative to invalidate the section, if the content of the section is changed while stored in the internal memory. Related apparatus and methods are also described.Type: GrantFiled: January 20, 2008Date of Patent: May 15, 2012Assignee: NDS LimitedInventors: Reuven Elbaum, Reuben Sumner
-
Patent number: 8181017Abstract: An intermediate certificate authority (ICA) for a hierarchical certificate authority structure (HCAS), the HCAS having a plurality of levels, the levels including a root level, at least one intermediate level, and a leaf level, the root level having a root certificate authority, the ICA being in the at least one intermediate level, the ICA including a certificate receiving module to receive a first certificate signed by a certificate authority in a level above the level of the ICA, the first certificate certifying an aspect of the ICA, the first certificate having an expiration time, and a certificate signing module to sign a second certificate for a member of the HCAS, prior to the expiration time of the first certificate, such that the second certificate expires after the expiration time of the first certificate, the member being in a level below the level of the ICA, the second certificate certifying an aspect of the member. Related apparatus and methods are also described.Type: GrantFiled: September 8, 2005Date of Patent: May 15, 2012Assignee: NDS LimitedInventors: Reuben Sumner, Yaacov Belenky
-
Publication number: 20110083194Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: ApplicationFiled: May 21, 2009Publication date: April 7, 2011Applicant: NDS LimitedInventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Publication number: 20100082997Abstract: A system, comprising an external memory operative to store data therein, the data including a plurality of sections, each of the sections being associated with a signature, and an internal memory operationally connected to the external memory, and a processor arrangement operationally connected to the internal memory, the processor arrangement including a transfer module to transfer one section from the external to the internal memory, an authentication module to authenticate the signature of the section transferred from the external memory, a validity status module to identify the section as valid if the signature is authentic, and an execution module to utilize the section of the data only if the section is valid, wherein the validity status module is operative to invalidate the section, if the content of the section is changed while stored in the internal memory. Related apparatus and methods are also described.Type: ApplicationFiled: January 20, 2008Publication date: April 1, 2010Applicant: NDS LimitedInventors: Reuven Elbaum, Reuben Sumner
-
Patent number: 7370192Abstract: A method for preventing cloning of a genuine security element is described. The method includes associating a random number generator (RNG) in the security element with a portion of a non-volatile memory (NVM) in the security element, and activating the RNG to automatically write, during a normal operation mode of the security element, a new random number into the portion of the NVM whenever an attempt is made to write into the portion of the NVM. Any unit other than the RNG is preferably prevented from writing data into the portion of the NVM during the normal operation mode of the security element. Related apparatus and method are also described.Type: GrantFiled: March 31, 2003Date of Patent: May 6, 2008Assignee: NDS Ltd.Inventor: Reuben Sumner
-
Publication number: 20080091952Abstract: An intermediate certificate authority (ICA) for a hierarchical certificate authority structure (HCAS), the HCAS having a plurality of levels, the levels including a root level, at least one intermediate level, and a leaf level, the root level having a root certificate authority, the ICA being in the at least one intermediate level, the ICA including a certificate receiving module to receive a first certificate signed by a certificate authority in a level above the level of the ICA, the first certificate certifying an aspect of the ICA, the first certificate having an expiration time, and a certificate signing module to sign a second certificate for a member of the HCAS, prior to the expiration time of the first certificate, such that the second certificate expires after the expiration time of the first certificate, the member being in a level below the level of the ICA, the second certificate certifying an aspect of the member. Related apparatus and methods are also described.Type: ApplicationFiled: September 8, 2005Publication date: April 17, 2008Applicant: NDS LimitedInventors: Reuben Sumner, Yaacov Belenky
-
Publication number: 20050123132Abstract: A method for preventing cloning of a genuine security element is described. The method includes associating a random number generator (RNG) in the security element with a portion of a non-volatile memory (NVM) in the security element, and activating the RNG to automatically write, during a normal operation mode of the security element, a new random number into the portion of the NVM whenever an attempt is made to write into the portion of the NVM. Any unit other than the RNG is preferably prevented from writing data into the portion of the NVM during the normal operation mode of the security element. Related apparatus and method are also described.Type: ApplicationFiled: March 31, 2003Publication date: June 9, 2005Inventor: Reuben Sumner