Abstract: One embodiment provides a system that implements a 1-bit protocol for differential privacy for a set of client devices that transmit information to a server. Implementations may leverage specialized instruction sets or engines built into the hardware or firmware of a client device to improve the efficiency of the protocol. For example, a client device may utilize these cryptographic functions to randomize information sent to the server. In one embodiment, the client device may use cryptographic functions such as hashes including SHA or block ciphers including AES to provide an efficient mechanism for implementing differential privacy.

Abstract: Techniques disclosed herein relate to the authentication of a first user in a communication session between the first user using a user device and a second user using a remote computer system. The computer system sends an authentication request in the session, and the user device receives the authentication request in the session via a messaging program. The user device then causes a different program to access an authentication token received from an authentication computer system. The user device sends an indication of the authentication token to the remote computer system which the remote computer system verifies to authenticate the first user within the session.

Abstract: In some embodiments, a first device performs ranging operations to allow a user to perform one or more operations on the first device without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account that is authorized to perform operations on the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the operations to be performed on the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the operation is authorized on the first device.

Abstract: Some embodiments provide a method for a first device to join a group of related devices. The method receives input of a password for an account with a centralized entity and a code generated by a second device in the group. When the second device determines that the code input on the first device matches the generated code, the method receives an authentication code from the second device for authorizing the first device with the entity as a valid device for the account. The method uses the password and information regarding the first device to generate an application to the group. After sending the application to the second device, the method receives information from the second device that enables the first device to add itself to the group. The second device verifies the generated application, and the method uses the information received from the second device to join the group.

Abstract: A device may include a secure processor and a secure memory coupled to the secure processor. The secure memory may be inaccessible to other device systems. The secure processor may store some keys and/or entropy values in the secure memory and other keys and/or entropy values outside the secure memory. The keys and/or entropy values stored outside the secure memory may be encrypted using information stored inside the secure memory.

Abstract: Techniques are disclosed relating to securely storing data in a computing device. In one embodiment, a computing device includes a secure circuit configured to maintain key bags for a plurality of users, each associated with a respective one of the plurality of users and including a first set of keys usable to decrypt a second set of encrypted keys for decrypting data associated with the respective user. The secure circuit is configured to receive an indication that an encrypted file of a first of the plurality of users is to be accessed and use a key in a key bag associated with the first user to decrypt an encrypted key of the second set of encrypted keys. The secure circuit is further configured to convey the decrypted key to a memory controller configured to decrypt the encrypted file upon retrieval from a memory.

Abstract: Some embodiments provide a method for a first device for joining a group of related devices. The method receives input of a password for authorization with a centralized entity. The method receives input of a code generated by a second device already established in the group of related devices. The method uses the password and the code to (i) join the group of related devices in order to synchronize user data with the devices in the group of related devices and (ii) authorize the first device with the centralized entity as a valid device for a particular account with the centralized entity.

Abstract: In an embodiment, a processor includes hardware circuitry and/or supports instructions which may be used to detect that a return address or jump address has been modified since it was written to memory. In response to detecting the modification, the processor may be configured to signal an exception or otherwise initiate error handling to prevent execution at the modified address. In an embodiment, the processor may perform a cryptographic sign operation on the return address/jump address before writing the signed return address/jump address to memory and the signature may be verified before the to address is used as a return target or jump target. Security of the system may be improved by foiling ROP/JOP attacks.

Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.

Abstract: One embodiment provides a system that implements a 1-bit protocol for differential privacy for a set of client devices that transmit information to a server. Implementations may leverage specialized instruction sets or engines built into the hardware or firmware of a client device to improve the efficiency of the protocol. For example, a client device may utilize these cryptographic functions to randomize information sent to the server. In one embodiment, the client device may use cryptographic functions such as hashes including SHA or block ciphers including AES to provide an efficient mechanism for implementing differential privacy.

Abstract: A device may include a secure processor and a secure memory coupled to the secure processor. The secure memory may be inaccessible to other device systems. The secure processor may store some keys and/or entropy values in the secure memory and other keys and/or entropy values outside the secure memory. The keys and/or entropy values stored outside the secure memory may be encrypted using information stored inside the secure memory.

Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.

Abstract: Some embodiments provide a method for a first device to join a group of related devices. The method receives input of a password for an account with a centralized entity and a code generated by a second device in the group. When the second device determines that the code input on the first device matches the generated code, the method receives an authentication code from the second device for authorizing the first device with the entity as a valid device for the account. The method uses the password and information regarding the first device to generate an application to the group. After sending the application to the second device, the method receives information from the second device that enables the first device to add itself to the group. The second device verifies the generated application, and the method uses the information received from the second device to join the group.

Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.

Abstract: A secure ranging system can use a secure processing system to deliver one or more ranging keys to a ranging radio on a device, and the ranging radio can derive locally at the system ranging codes based on the ranging keys. A deterministic random number generator can derive the ranging codes using the ranging key and one or more session parameters, and each device (e.g. a cellular telephone and another device) can independently derive the ranging codes and derive them contemporaneously with their use in ranging operations.

Abstract: The system described may implement a 1-bit protocol for differential privacy for a set of client devices that transmit information to a server. Implementations of the system may leverage specialized instruction sets or engines built into the hardware or firmware of a client device to improve the efficiency of the protocol. For example, a client device may utilize these cryptographic functions to randomize information sent to the server. In one embodiment, the client device may use cryptographic functions such as hashes including SHA or block ciphers including AES. Accordingly, the system provides an efficient mechanism for implementing differential privacy.

Abstract: Systems, methods, and computer-readable media may be provided for securely authenticating device identification and/or user identification for low throughput device-to-device wireless communication.

Abstract: In some embodiments, a first device performs ranging operations to allow a user to access the first device under one of several user accounts without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account under which a user can access (e.g., can log into) the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the user is allowed to access the first device under the first user account. In some embodiments, the substitute interaction occurs while the first device is logged into under a second user account.

Abstract: A method of identifying invalid participants in a synchronization group. The method generates a device synchronization group identifier (DSGI) for a first device from a device-specific key of the first device. The method joins the first device in the synchronization group by using the DSGI of the first device. Prior to the joining of the first device, the synchronization group stores a set of DSGIs of a set of devices that have joined the synchronization group. The method determines that a particular DSGI stored in the synchronization group is the same as the DSGI of the first device. The method identifies the particular DSGI stored in the synchronization group as a DSGI of an invalid participant of the synchronization group.

Abstract: A device may include a secure processor and a secure memory coupled to the secure processor. The secure memory may be inaccessible to other device systems. The secure processor may store some keys and/or entropy values in the secure memory and other keys and/or entropy values outside the secure memory. The keys and/or entropy values stored outside the secure memory may be encrypted using information stored inside the secure memory.