Patents by Inventor Shashank Agrawal
Shashank Agrawal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11438152Abstract: Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit the commitment to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitment and their respective secret share, and likewise generate a partial signature based on the commitment and their respective verification share. The partial computations and partial signatures may be transmitted to the client computer. The client computer may use the partial computations and partial signatures to generate a cryptographic key and verification signature respectively. The client computer may use the cryptographic key to encrypt or decrypt a message.Type: GrantFiled: January 31, 2020Date of Patent: September 6, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Pratyay Mukherjee, Shashank Agrawal, Peter Rindal, Atul Luykx, Wei Dai
-
Patent number: 11411738Abstract: Systems, methods, and apparatuses of using biometric information to authenticate a first device of a user to a second device are described herein. A method includes storing, by the first device, a first key share of a private key and a first template share of a biometric template of the user. The second device stores a public key, and one or more other devices of the user store other key shares and other template shares. The first device receives a challenge message from the second device, measures biometric features of the user to obtain a measurement vector, and sends the measurement vector and the challenge message to the other devices. The first device receives partial computations, generated using a respective template share, key share, and the challenge message, from the other devices, uses them to generate a signature of the challenge message and send the signature to the second device.Type: GrantFiled: October 4, 2019Date of Patent: August 9, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Shashank Agrawal, Saikrishna Badrinarayanan, Payman Mohassel, Pratyay Mukherjee
-
Patent number: 11368308Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.Type: GrantFiled: January 9, 2020Date of Patent: June 21, 2022Assignee: Visa International Service AssociationInventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan
-
Publication number: 20220129884Abstract: Blockchain-based, smart contract platforms have great promise to remove trust and add transparency to distributed applications. However, this benefit often comes at the cost of greatly reduced privacy. Techniques for implementing a privacy-preserving smart contract is described. The system can keep accounts private while not losing functionality and with only a limited performance overhead. This is achieved by building a confidential and anonymous token on top of a cryptocurrency. Multiple complex applications can also be built using the smart contract system.Type: ApplicationFiled: January 7, 2022Publication date: April 28, 2022Inventors: Shashank Agrawal, Karl Benedikt Bünz, Mahdi Zamani, Dan Boneh
-
Patent number: 11257077Abstract: Blockchain-based, smart contract platforms have great promise to remove trust and add transparency to distributed applications. However, this benefit often comes at the cost of greatly reduced privacy. Techniques for implementing a privacy-preserving smart contract is described. The system can keep accounts private while not losing functionality and with only a limited performance overhead. This is achieved by building a confidential and anonymous token on top of a cryptocurrency. Multiple complex applications can also be built using the smart contract system.Type: GrantFiled: November 30, 2018Date of Patent: February 22, 2022Assignees: Visa International Service Association, The Board of Trustees of the Leland Stanford Junior UniversityInventors: Shashank Agrawal, Karl Benedikt Bünz, Mahdi Zamani, Dan Boneh
-
Publication number: 20220021537Abstract: Methods and systems for privacy-preserving identity attribute verification are presented. During an interaction between a relying entity and a user, a relying entity computer can transmit a policy token to a user device. The policy token may indicate the information needed by the relying entity in order to perform the interaction. The user device can verify the policy token, then use the policy token in conjunction with an identity token to generate a zero-knowledge proof. The user device may transmit the zero-knowledge proof to an identity service provider computer. The identity service provider computer may verify the zero-knowledge proof, then generate a verification message. The identity service provider computer may sign the verification message and transmit the signed verification message to the relying entity computer. The relying entity computer may verify the verification message and complete the interaction with the user.Type: ApplicationFiled: July 14, 2020Publication date: January 20, 2022Inventors: Kim Ritter Wagner, Sunpreet Singh Arora, Gaven James Watson, Mihai Christodorescu, Shashank Agrawal
-
Publication number: 20210409405Abstract: An initiator device can broadcast a witness request to one or more authentication devices. The one or more authentication devices can then determine an assurance level from a range of assurance levels and determine a token share corresponding to the assurance level. The initiator device can then receive, from the one or more authentication devices, at least one witness response comprising the token share corresponding to the assurance level. The initiator device can generate an authentication token using a set of token shares. The initiator device can then transmit the authentication token to an authentication server, wherein the authentication server verifies the authentication token.Type: ApplicationFiled: August 30, 2019Publication date: December 30, 2021Inventors: Mastooreh Salajegheh, Shashank Agrawal, Eric Le Saint, Payman Mohassel, Mihai Christodorescu
-
Publication number: 20210336792Abstract: Systems, methods, and apparatuses of using biometric information to authenticate a first device of a user to a second device are described herein. A method includes storing, by the first device, a first key share of a private key and a first template share of a biometric template of the user. The second device stores a public key, and one or more other devices of the user store other key shares and other template shares. The first device receives a challenge message from the second device, measures biometric features of the user to obtain a measurement vector, and sends the measurement vector and the challenge message to the other devices. The first device receives partial computations, generated using a respective template share, key share, and the challenge message, from the other devices, uses them to generate a signature of the challenge message and send the signature to the second device.Type: ApplicationFiled: October 4, 2019Publication date: October 28, 2021Inventors: Shashank Agrawal, Saikrishna Badrinarayanan, Payman Mohassel, Pratyay Mukherjee
-
Publication number: 20210243026Abstract: Embodiments disclosed herein are directed to methods and systems of password-based threshold authentication, which distributes the role of an authentication server among multiple servers. Any t servers can collectively verify passwords and generate authentication tokens, while no t?1 servers can forge a valid token or mount offline dictionary attacks.Type: ApplicationFiled: October 15, 2018Publication date: August 5, 2021Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Peihan Miao
-
Publication number: 20210243020Abstract: Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit the commitment to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitment and their respective secret share, and likewise generate a partial signature based on the commitment and their respective verification share. The partial computations and partial signatures may be transmitted to the client computer. The client computer may use the partial computations and partial signatures to generate a cryptographic key and verification signature respectively. The client computer may use the cryptographic key to encrypt or decrypt a message.Type: ApplicationFiled: January 31, 2020Publication date: August 5, 2021Inventors: Pratyay Mukherjee, Shashank Agrawal, Peter Rindal, Atul Luykx, Wei Dai
-
Publication number: 20210075781Abstract: At an authorization server, a shared secret electronic key may be shared with a second computer. A selection to use a system to complete a transaction may be received from a first computing device. An image may be communicated to the first computing device. A digital representation entered by the user representing the image and a PIN based on the copy of the shared electronic key may be received from the second computing device. The system and method may determine if the digital representation entered by the user on the second computing device matches the image communicated to the first computing device. The system and method may determine if the PIN based on the copy of the shared electronic key from the second computing device is as expected. In response to determining the digital representation entered by the user matches the image and the PIN the second computing device is as expected, the user may be authorized.Type: ApplicationFiled: September 11, 2019Publication date: March 11, 2021Inventors: Maliheh Shirvanian, Shashank Agrawal
-
Publication number: 20200279258Abstract: Systems, methods, and computer readable media are provided for improving the usability of a cryptogram generated in a first cryptographic protocol such as triple-DES. The methods may generate a first cryptogram using a first identifier in a first cryptographic protocol, stored in a key store within an insecure memory of the mobile communication device, generate, within a secure memory of the mobile communication device, a second cryptogram using a second identifier in a second cryptographic protocol, stored in the secure memory, combining, the first cryptogram and a number of characters of the second cryptogram equal to the length of the first cryptogram to generate a third cryptogram and transmitting the third cryptogram to an payment processing network to validate a transaction. A transaction associated with the third cryptogram may be validated by an authorization entity or an issue entity.Type: ApplicationFiled: September 26, 2019Publication date: September 3, 2020Inventors: Shashank Agrawal, Dmitri Bannikov, Atul Luykx, Payman Mohassel, Sergey Smirnoff, Selvaganesh Vasudevan, Gaven Watson
-
Publication number: 20200259651Abstract: Systems and methods for threshold authenticated encryption are provided. A collection of cryptographic devices may encrypt or decrypt a message, provided that a threshold number of those devices participate in the encryption process. One cryptographic device may generate a commitment message and transmit it to the other selected devices. Those devices may each perform a partial computation using the commitment message, and transmit the partial computations back to the encrypting or decrypting device. The encrypting or decrypting device may use those partial computations to produce a cryptographic key, which may then be used to encrypt or decrypt the message.Type: ApplicationFiled: October 30, 2017Publication date: August 13, 2020Inventors: Payman Mohassel, Pratyay Mukherjee, Shashank Agrawal, Eric Le Saint
-
Publication number: 20200228341Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.Type: ApplicationFiled: January 9, 2020Publication date: July 16, 2020Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan
-
Publication number: 20200219099Abstract: Disclosed is a system, method, and computer program product for determining solvency of a digital asset exchange system. The method includes identifying a plurality of blockchain addresses corresponding to a plurality of users of the digital asset exchange system, generating a first commitment to an amount of digital assets corresponding to the plurality of blockchain addresses, generating a second commitment to a balance of each user of the plurality of users, generating a first component of a zero-knowledge algorithm configured to receive, as input, the first commitment, and to output a value generated based on each public key, generating a second component of the zero-knowledge algorithm configured to receive, as input, the second commitment, and to output a value generated based on each user balance, and determining, with at least one processor, that the digital asset exchange system is solvent based on the zero-knowledge algorithm.Type: ApplicationFiled: July 2, 2018Publication date: July 9, 2020Inventors: Payman Mohassel, Shashank Agrawal, Chaya Ganesh
-
Publication number: 20190164153Abstract: Blockchain-based, smart contract platforms have great promise to remove trust and add transparency to distributed applications. However, this benefit often comes at the cost of greatly reduced privacy. Techniques for implementing a privacy-preserving smart contract is described. The system can keep accounts private while not losing functionality and with only a limited performance overhead. This is achieved by building a confidential and anonymous token on top of a cryptocurrency. Multiple complex applications can also be built using the smart contract system.Type: ApplicationFiled: November 30, 2018Publication date: May 30, 2019Inventors: Shashank Agrawal, Karl Benedikt Bünz, Mahdi Zamani, Dan Boneh