Communication System Using Cryptography Patents (Class 380/255)
  • Patent number: 10204532
    Abstract: This disclosure is directed to a multiple input cryptographic engine. In general, an cryptographic engine consistent with the present disclosure may improve on existing systems that generate encrypted data (e.g., ciphertext) from decrypted input data (e.g., plaintext), or that conversely generate decrypted data from encrypted data, in that a second input may be received into the cryptographic engine while a first input is still being processed, allowing multiple inputs to be processed concurrently. An example device may include an input interface to receive data into the device, an output interface to output data from the device and cryptographic circuitry. The cryptographic circuitry may be configured encrypt/decrypt data received via the input interface into encrypted/decrypted data while also converting a least a portion of a second input received via the input interface into second encrypted/decrypted data. The encrypted/decrypted data may then be output via the output interface.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: February 12, 2019
    Assignee: Intel Corporation
    Inventors: Ammon J. Christiansen, David Johnston
  • Patent number: 10198349
    Abstract: Systems, apparatuses, and methods for utilizing in-memory accelerators to perform data conversion operations are disclosed. A system includes one or more main processors coupled to one or more memory modules. Each memory module includes one or more memory devices coupled to a processing in memory (PIM) device. The main processors are configured to generate an executable for a PIM device to accelerate data conversion tasks of data stored in the local memory devices. In one embodiment, the system detects a read request for data stored in a given memory module. In order to process the read request, the system determines that a conversion from a first format to a second format is required. In response to detecting the read request, the given memory module's PIM device performs the conversion of the data from the first format to the second format and then provides the data to a consumer application.
    Type: Grant
    Filed: September 19, 2016
    Date of Patent: February 5, 2019
    Assignee: Advanced Micro Devices, Inc.
    Inventors: Mauricio Breternitz, Walter B. Benton
  • Patent number: 10200368
    Abstract: A system and method that include receiving a service provider identity request through a federated authentication protocol; transmitting a proxy identity request to a configured identity provider; receiving an identity assertion; facilitating execution of a second layer of authentication; determining a proxy identity assertion based on the identity assertion and the second layer of authentication; and transmitting the proxy identity assertion to the service provider.
    Type: Grant
    Filed: October 6, 2016
    Date of Patent: February 5, 2019
    Assignee: Duo Security, Inc.
    Inventors: Jon Oberheide, Douglas Song
  • Patent number: 10194469
    Abstract: In a machine to machine (M2M) communication system, a request for a service targeted to a common service entity (CSE) with a CSE-ID is received from an underlying network, a M2M device which is associated with the CSE ID for the service request is identified using a M2M external identifier (M2M-Ext-ID). Provisioning operations for a pre-provisioned M2M-Ext-ID and a dynamic M2M-Ext-ID are performed at different domains from each other.
    Type: Grant
    Filed: February 10, 2015
    Date of Patent: January 29, 2019
    Assignee: ZTE Corporation
    Inventor: Rajesh Bhalla
  • Patent number: 10191794
    Abstract: Technologies are provided in embodiments to monitor and analyze networks. The embodiments can cause a bit in a first bit sequence of a device filter to indicate a failure state based on not receiving a message from a node in a network during a reporting time interval, and upon the reporting time interval expiring, to combine the first bit sequence with a corresponding bit sequence of a shadow filter. The combination preserves, in the shadow filter, an indication of the failure state from the bit in the first bit sequence and any other indications of failure states from bits of the corresponding bit sequence of the shadow filter. More specific embodiments cause, upon the reporting interval expiring, a bit in a second bit sequence of the device filter to indicate a no failure state based on an indication of another no failure state in the first bit sequence.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: January 29, 2019
    Assignee: McAfee, LLC
    Inventors: Ned M. Smith, Thiago Jose Macieira, Zheng Zhang, Tobias M. Kohlenberg, Igor G. Muttik
  • Patent number: 10187377
    Abstract: Provided are methods and systems for caching network generated security certificates. An example system may include a security gateway node and a storage module. The security gateway node may be operable to receive, from a client, a session request to establish a secure connection with a server. Based on the session request, the security gateway node may establish a first secure session between the client and the security gateway node and a second secure session between the security gateway node and the server. The security gateway node may receive a server certificate from the server. The security gateway node may match the server certificate against a gateway certificate table. Based on the matching, the security gateway node may receive a gateway certificate associated with the gateway certificate entry that matches the server certificate. The gateway certificate may be used for performing the first secure session.
    Type: Grant
    Filed: February 8, 2017
    Date of Patent: January 22, 2019
    Assignee: A10 Networks, Inc.
    Inventors: Ali Golshan, Xuyang Jiang, Yang Yang
  • Patent number: 10182041
    Abstract: An apparatus, system, and method are disclosed for secure data transmissions. A method includes receiving a request for data that is encrypted according to a first encryption scheme, and determining a first public IP address associated with the request. The first public IP address identifies a remote client that created the request and is located in a field of a data packet that includes the request. The method includes determining a second public IP address associated with the request that identifies a sender of the request and is determined dynamically when the request is received. The method includes verifying an authenticity of the request in response to the first public IP address of the remote client matching the second public IP address of the sender. The method includes encrypting the requested data according to a second encryption scheme, and transferring the data to the remote client.
    Type: Grant
    Filed: December 23, 2016
    Date of Patent: January 15, 2019
    Assignee: CipherTooth, Inc.
    Inventor: Jerry Glade Hayward
  • Patent number: 10178072
    Abstract: A “trusted domain” is established within which content received from a communications network, e.g., a cable TV network, is protected from unauthorized copying thereof, in accordance with the invention. In an illustrative embodiment, the trusted domain includes a device associated with a user which receives content from the cable TV network. The content may be encrypted using a content key in accordance, e.g., with a 3DES encryption algorithm before it is stored in the device. In addition, a first encrypted content key version and a second encrypted content key version are generated by respectively encrypting the content key with a public key associated with the device and another public key associated with the user, in accordance with public key cryptography. The first and second encrypted content key versions are stored in association with the encrypted content in the device storage.
    Type: Grant
    Filed: July 2, 2015
    Date of Patent: January 8, 2019
    Assignee: Time Warner Cable Enterprises LLC
    Inventors: William Helms, Michael T. Hayashi, Kevin J. Leddy, David A. Christman
  • Patent number: 10169230
    Abstract: A method for access to all cells in a memory area for purposes of writing or reading data blocks in the cells may include, for each access time (Ti with i=0 to N) to the cells in the memory area to be accessed, a process of determining the address (ADRj, with j=0 to N) of the cell of the memory area to be accessed at the access time (Ti), an address (ADRj) determined for an access time Ti not being once again determined for another access time (Tk, k?j). The process of determining each address (ADRj) may be a pseudorandom process. The method may be used, for example, in any type of card, chip card, SIM card, etc., which includes a processing unit, such as a microcontroller, for manipulating cryptographic data serving to identify and/or authenticate a user of such a card.
    Type: Grant
    Filed: June 22, 2018
    Date of Patent: January 1, 2019
    Assignee: MORPHO
    Inventors: Ahmadou Sere, Frédéric Boulet
  • Patent number: 10164942
    Abstract: An apparatus, a method, and a client for synchronizing a jump context are provided. The apparatus includes a session ID generating module configured to acquire a jump context of a user from a social application platform, save the jump context to a session data DB, and return an ID of the jump context to the social application platform, so that the social application platform sends the ID of the jump context to the third-party website. The apparatus also includes a session data acquiring API configured to receive processing state information of the user with the ID of the jump context from the third-party website, and send the processing state information to the social application platform, so that the social application platform displays the processing state information. The session data DB is configured to save the jump context and the ID corresponding to the jump context.
    Type: Grant
    Filed: June 5, 2018
    Date of Patent: December 25, 2018
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventor: Changwen Yuan
  • Patent number: 10163134
    Abstract: Systems and methods for moderating branded content provided by users to an online content publishing and distribution network are described. In some embodiments, a content management system stores user-generated or user-created content, and creates and shares links associated to the user-generated content to online networks and other sites, where other users share, consume, and/or interact with the content (e.g., videos and other multimedia content).
    Type: Grant
    Filed: October 5, 2016
    Date of Patent: December 25, 2018
    Assignee: Vivoom, Inc.
    Inventors: Katherine Hays Miller, John Clayton Webster, Nicholas Joseph Nassar, Johnathan Paul Meyer
  • Patent number: 10157149
    Abstract: According to one embodiment, a memory device includes: a nonvolatile semiconductor memory; and a controller which controls the semiconductor memory. The controller includes: a first memory which stores a first key; a second memory which stores a second key; a first generator which generates a third key based on a random number; a second generator which generates a fourth key based on the first key and the third key; and an encryptor which encrypts the second key with the third key. The third key and the encrypted second key are stored in a host device enabled to access the memory device.
    Type: Grant
    Filed: December 2, 2015
    Date of Patent: December 18, 2018
    Assignee: TOSHIBA MEMORY CORPORATION
    Inventors: Koichi Nagai, Yuji Kashiwagi
  • Patent number: 10158527
    Abstract: Operating conditions of a blockchain configuration may be dynamic and change automatically under certain circumstances. One example method of operation may include one or more of identifying an existing consensus procedure used in an existing blockchain configuration, identifying current metrics associated with the existing blockchain configuration, comparing the current metrics to predefined rules, identifying one or more deviations based on the current metrics being compared to the predefined rules, and changing the existing consensus procedure to a next consensus procedure for a subsequent block in the existing blockchain configuration responsive to identifying the one or more deviations.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: December 18, 2018
    Assignee: International Business Machines Corporation
    Inventors: Sheehan Anderson, Konstantinos Christidis, Anna D. Derbakova, Nitin Gaur
  • Patent number: 10152326
    Abstract: A processor includes an instruction decoder to receive a first instruction to process a secure hash algorithm 2 (SHA-2) hash algorithm, the first instruction having a first operand associated with a first storage location to store a SHA-2 state and a second operand associated with a second storage location to store a plurality of messages and round constants. The processor further includes an execution unit coupled to the instruction decoder to perform one or more iterations of the SHA-2 hash algorithm on the SHA-2 state specified by the first operand and the plurality of messages and round constants specified by the second operand, in response to the first instruction.
    Type: Grant
    Filed: December 31, 2016
    Date of Patent: December 11, 2018
    Assignee: Intel Corporation
    Inventors: Kirk S. Yap, Gilbert M. Wolrich, James D. Guilford, Vinodh Gopal, Erdinc Ozturk, Sean M. Gulley, Wajdi K. Feghali, Martin G. Dixon
  • Patent number: 10146544
    Abstract: A processor includes an instruction decoder to receive a first instruction to process a secure hash algorithm 2 (SHA-2) hash algorithm, the first instruction having a first operand associated with a first storage location to store a SHA-2 state and a second operand associated with a second storage location to store a plurality of messages and round constants. The processor further includes an execution unit coupled to the instruction decoder to perform one or more iterations of the SHA-2 hash algorithm on the SHA-2 state specified by the first operand and the plurality of messages and round constants specified by the second operand, in response to the first instruction.
    Type: Grant
    Filed: December 31, 2016
    Date of Patent: December 4, 2018
    Assignee: Intel Corporation
    Inventors: Kirk S. Yap, Gilbert M. Wolrich, James D. Guilford, Vinodh Gopal, Erdinc Ozturk, Sean M. Gulley, Wajdi K. Feghali, Martin G. Dixon
  • Patent number: 10142300
    Abstract: A secure chat client is described that allows users to exchange encrypted communications via secure chat rooms, as well as one-to-one communications. In particular, the secure chat client allows users to create, configure, and manage secure chat rooms. Furthermore, the secure chat client provides users with the ability to recover secure messages when they obtain a new device or otherwise lose communications.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: November 27, 2018
    Assignee: Wickr Inc.
    Inventors: Thomas Michael Leavy, Gerard Ryan
  • Patent number: 10142464
    Abstract: Methods and systems described in this disclosure receive a call from a caller, generate a first session through a first channel associated with the caller when the call is received and then send a request for authentication credentials to a device associated with the caller. In some embodiments, sending the request for authentication credentials generates a second session through a second channel associated with the caller. The caller can be authenticated to the first session using communication received during the second session through the second channel.
    Type: Grant
    Filed: November 13, 2015
    Date of Patent: November 27, 2018
    Assignee: UNITED SERVICES AUTOMOBILE ASSOCIATION (USAA)
    Inventors: Michael Justin Cairns, David Alexander Lilley, Robert Bruno Pace, Jr., John Raymond Harris, Joshua Samuel Leonard, Yuibi Fujimoto, Kevin Kenneth Fielder, Michael W. Lester
  • Patent number: 10133613
    Abstract: A digital assistant includes an extensibility client that interfaces with application extensions that are built by third-party developers so that various aspects of application user experiences, content, or features may be integrated into the digital assistant and rendered as native digital assistant experiences. Application extensions can use a variety of services provided from cloud-based and/or local sources such as language/vocabulary, user preferences, and context services that add intelligence and contextual relevance while enabling the extensions to plug in and operate seamlessly within the digital assistant context. Application extensions may also access and utilize general digital assistant functions, data structures, and libraries exposed by the services and implement application domain-specific context and behaviors using the programming features captured in the extension.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: November 20, 2018
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Tanvi Surti, Michael Patten, Sean Lyndersay, Chee Chen Tong
  • Patent number: 10135621
    Abstract: In order to reduce latency of elliptical curve digital signature generation a portion of the digital signature is pre-calculated before receipt of the message hash using an unmodified ECDSA computing engine. After the message hash is received, the digital signature is completed without using the ECDSA computing engine. Applications include generating digital signatures for the safety messages in Intelligent Transport Systems.
    Type: Grant
    Filed: December 31, 2013
    Date of Patent: November 20, 2018
    Assignee: NXP B.V.
    Inventors: Peter Maria Franciscus Rombouts, Timotheus Arthur van Roermund
  • Patent number: 10129019
    Abstract: A DisplayPort (DP) High-bandwidth Digital Content Protection (HDCP) version converter that converts an HDCP content protection version from input to output includes a receiver and a transmitter. The receiver receives a serial bit stream transmitted from an upstream device, and decrypts link symbols of the received serial bit stream by use of a decryption unit. The transmitter encrypts, by use of an encryption unit, the link symbols decrypted by the receiver, and converts the encrypted link symbols into a serial bit stream and transmits the serial bit stream to a downstream device. The receiver and the transmitter have the same link configuration.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: November 13, 2018
    Assignee: MEGACHIPS TECHNOLOGY AMERICA CORPORATION
    Inventors: Alan Kobayashi, Sujan Thomas, Ali Noorbakhsh
  • Patent number: 10129034
    Abstract: A signature authority generates a master seed value that is used to generate a seed tree of subordinate nodes. Each subordinate node of the seed tree is generated from the value of its parent node using a cryptographic hash or one-way function. The signature authority selects subordinate seed values from the seed tree which are distributed to one or more subordinates, each of which generates a set of one-time-use cryptographic keys from the provided seed. Each subordinate generates a hash tree from its set of one-time-use cryptographic keys, and returns the root of its hash tree to the signature authority. The signature authority integrates the hashes provided by the key generators into a comprehensive hash tree, and the root of the hash tree acts as a public key for the signature authority.
    Type: Grant
    Filed: April 5, 2018
    Date of Patent: November 13, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Matthew John Campagna, Gregory Alan Rubin, Nicholas Alexander Allen, Andrew Kyle Driggs, Eric Jason Brandwine
  • Patent number: 10127042
    Abstract: A processor includes an instruction decoder to receive a first instruction to process a secure hash algorithm 2 (SHA-2) hash algorithm, the first instruction having a first operand associated with a first storage location to store a SHA-2 state and a second operand associated with a second storage location to store a plurality of messages and round constants. The processor further includes an execution unit coupled to the instruction decoder to perform one or more iterations of the SHA-2 hash algorithm on the SHA-2 state specified by the first operand and the plurality of messages and round constants specified by the second operand, in response to the first instruction.
    Type: Grant
    Filed: December 31, 2016
    Date of Patent: November 13, 2018
    Assignee: Intel Corporation
    Inventors: Kirk S. Yap, Gilbert M. Wolrich, James D. Guilford, Vinodh Gopal, Erdinc Ozturk, Sean M. Gulley, Wajdi K. Feghali, Martin G. Dixon
  • Patent number: 10121530
    Abstract: A method and circuit for implementing Electronic Fuse (eFuse) visual security of stored data using embedded dynamic random access memory (EDRAM), and a design structure on which the subject circuit resides are provided. The circuit includes EDRAM and eFuse circuitry having an initial state of a logical 0. The outputs of the eFuse and an EDRAM are connected through an exclusive OR (XOR) gate, enabling EDRAM random data to be known at wafer test and programming of the eFuse to provide any desired logical value out of the XORed data combination.
    Type: Grant
    Filed: May 5, 2017
    Date of Patent: November 6, 2018
    Assignee: International Business Machines Corporation
    Inventors: Todd A. Christensen, Karl R. Erickson, Phil C. Paone, David P. Paulsen, John E. Sheets, II, Gregory J. Uhlmann
  • Patent number: 10121392
    Abstract: Devices and methods for masking and unmasking sensitive data, based on a standard cryptographic algorithm defining a ciphering algorithm, and a deciphering algorithm using more resources than the ciphering algorithm are described. The masking of sensitive data is done by applying the deciphering algorithm to the sensitive data to obtain masked sensitive data. The unmasking of the masked sensitive data is done by applying the ciphering algorithm to the masked sensitive data to obtain sensitive data in plain form.
    Type: Grant
    Filed: February 23, 2017
    Date of Patent: November 6, 2018
    Assignee: IDEMIA FRANCE
    Inventors: Olivier Chamley, Christophe Giraud
  • Patent number: 10116325
    Abstract: When compressing an arrangement of fixed-length records in a columnar direction, a data compression device carries out data compression aligned with the performance of a data decompression device by computing a number of rows processed with one columnar compression from the performance on the decompression device side, such as the memory cache capacity of the decompression device or the capacity of a primary storage device which may be used by an application, and the size of one record. Thus, while improving compression ratios of large volumes of data, including an alignment of a plurality of fixed-length records, decompression performance is improved.
    Type: Grant
    Filed: April 18, 2013
    Date of Patent: October 30, 2018
    Assignee: Clarion Co., Ltd.
    Inventors: Takaaki Sekiguchi, Yasushi Nagai, Tatsuaki Osafune, Ryoichi Fukunaga, Takahiro Okubo, Taiki Imai
  • Patent number: 10114878
    Abstract: A computer manages methods for utilizing an index to manage access to data in a dataset stored in one or more file locations in an ETL tool by receiving a request to access a dataset associated with one or more file locations, wherein the dataset is stored in the one or more file locations. The computer queries an index for the one or more file locations associated with the dataset, wherein the dataset has another index for data in the dataset. The computer receives the one or more file locations associated with the dataset. The computer determines to cache the request to access the one or more file locations for the dataset until one or more thresholds are met, wherein the cached request is part of a total number of cached requests.
    Type: Grant
    Filed: December 16, 2013
    Date of Patent: October 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Manish A. Bhide, Jean-Claude Mamou, Shyam R. Mudambi
  • Patent number: 10114627
    Abstract: A tool for installing and configuring a software development environment with an embedded help feature is provided. The help feature may provide a user (e.g., developer) with technical assistance to resolve problems that occur when building software. In one example, the system may include a configuration tool that includes a help feature and installs and configures one or more software programs to build software. The software programs may include, for example, operating systems, source code editors, debuggers, software build tools or any component of a software development environment.
    Type: Grant
    Filed: May 7, 2015
    Date of Patent: October 30, 2018
    Assignee: salesforce.com, inc.
    Inventor: Philip Bergen
  • Patent number: 10116761
    Abstract: A system for providing a multi-delivery-method policy-controlled client proxy is disclosed. The system may receive a request for a network service from a client. Based on the request for the network service, the system may detect the presence of a client proxy associated with the client. If client proxy is detected, the system may provide a data object that includes information that indicates that the client proxy is a primary source for content that may be requested by the client. The system may redirect, based on the data object, a request for the content received from the client to the client proxy. The system may then obtain, via the client proxy, the content by utilizing a delivery method that is selected based on a policy. Finally, the system may provide, via the client proxy, the content to the client.
    Type: Grant
    Filed: July 13, 2017
    Date of Patent: October 30, 2018
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Vishwa Prasad, Ramana V. Munagala, Gregory J. Smith
  • Patent number: 10114933
    Abstract: A technique for enabling nominal flow of an executable file on a client. The executable file includes executable code lacking at least one nominal constant, wherein only the nominal constant enables the nominal flow of the executable file and wherein a server has access to the at least one nominal constant. In a method aspect performed by the client, the method includes retrieving hardware information of the client, wherein the hardware information is at least substantially unique, transmitting one of the hardware information and information derived therefrom to a server and, in turn, receiving at least one constant that has been transformed based on one of the hardware information and the information derived therefrom. The client then performs, using one of the hardware information and the information derived therefrom, an inverse transformation on the at least one transformed constant to recover the nominal constant.
    Type: Grant
    Filed: August 28, 2015
    Date of Patent: October 30, 2018
    Assignee: Denuvo GmbH
    Inventors: Christopher Gabler, Robert Yates, Leo Rauch, Matthias Moninger
  • Patent number: 10115108
    Abstract: Techniques of identifying fraud detection rule strength involve varying the rendering of a graph from transaction data. Along these lines, a rules server computer provides a general graph from a group of transaction entries defining a group of fraudulent and authentic transactions on an electronic display. A user defines selection criteria that the rules server computer applies to the group of transaction entries to generate a subgroup of transaction entries. From the subgroup of transaction entries, the rules server computer provides a focused graph on the electronic display from the subgroup of transaction entries defining a subgroup of the group of fraudulent and authentic transactions. A ratio of the number of fraudulent transactions to the number of authentic transactions represented in the focused graph identifies the strength of the selection criteria for use in a fraud detection rule.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: October 30, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Anatoly Gendelev, Alex Zaslavsky, Kineret Raviv, Eyal Kolman, Alma Zohar
  • Patent number: 10110530
    Abstract: Methods and systems for authenticating and confidence marking e-mail messages are described. One embodiment describes a method of authenticating an e-mail message. This method involves extracting a plurality of e-mail headers associated with the e-mail message, and identifying a sending edge mail transfer agent (MTA). The method then calls for determining if the sending edge MTA is authorized to send the e-mail message.
    Type: Grant
    Filed: February 1, 2008
    Date of Patent: October 23, 2018
    Assignee: Iconix, Inc.
    Inventor: Scott A. Sachtjen
  • Patent number: 10108805
    Abstract: A processor includes an instruction decoder to receive a first instruction to process a secure hash algorithm 2 (SHA-2) hash algorithm, the first instruction having a first operand associated with a first storage location to store a SHA-2 state and a second operand associated with a second storage location to store a plurality of messages and round constants. The processor further includes an execution unit coupled to the instruction decoder to perform one or more iterations of the SHA-2 hash algorithm on the SHA-2 state specified by the first operand and the plurality of messages and round constants specified by the second operand, in response to the first instruction.
    Type: Grant
    Filed: December 31, 2016
    Date of Patent: October 23, 2018
    Assignee: Intel Corporation
    Inventors: Kirk S. Yap, Gilbert M. Wolrich, James D. Guilford, Vinodh Gopal, Erdinc Ozturk, Sean M. Gulley, Wajdi K. Feghali, Martin G. Dixon
  • Patent number: 10108820
    Abstract: A method for operating an electronic device, and an electronic device, are provided. In the normal operation state of the electronic device, data which is stored in the main storage device of the electronic device is encrypted by a first encryption algorithm prior to being stored in a non-volatile storage device of the electronic device. The method includes the steps of generating snapshot data in the main storage device when the electronic device is entering a hibernation state, allocating space in the non-volatile storage device for storing the snapshot data, and storing the snapshot data in the space without encrypting the snapshot data using the first encryption algorithm.
    Type: Grant
    Filed: July 29, 2015
    Date of Patent: October 23, 2018
    Assignee: MEDIATEK INC.
    Inventors: Wen-Long Yang, Jia-Ming Chen, Ming-Yueh Chuang, Nicholas Ching Hui Tang, Yu-Ming Lin
  • Patent number: 10095880
    Abstract: A method generates, in a higher security domain (SD), public and secret keys using a first homomorphic encryption scheme (HES), passes the public key to a first shared security zone (SSZ) between the higher SD and a lower SD and through the first SSZ to a second entity in the lower SD, passes a plain text query from the higher SD to the first SSZ, encrypts the plain text query using a second HES, passes the encrypted plain text query to the second entity, performs an oblivious query to generate an encrypted result, and passes that from the lower SD to a second SSZ located between the higher and lower SDs, passes the secret key from the higher SD to the second SSZ, and decrypts the encrypted result using the secret key to generate a plain text result, and passes the plain text result to the higher SD.
    Type: Grant
    Filed: September 1, 2016
    Date of Patent: October 9, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Graham A. Bent, Flavio A. Bergamaschi
  • Patent number: 10097355
    Abstract: Embodiments are directed to an IC device comprising a set of N elements, and an interconnect system for enabling communication between the set of elements. Each element of the set of elements is configured according to a first communication plan to receive attestation data of each other element of the set of elements. Upon receiving the attestation data the element may determine whether each of the received attestation data from the other elements match an attestation pattern as defined in the first communication plan. In case the received attestation data match the first communication plan, the element may determine whether the received attestation data is attested by N?1 elements of the set of elements. In case the attestation data is attested by N?1 elements of the set of elements, the element may indicate the presence of the set of elements before the time interval has lapsed.
    Type: Grant
    Filed: April 4, 2016
    Date of Patent: October 9, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Silvio Dragone, Michael C. Osborne, Tamas Visegrady
  • Patent number: 10095572
    Abstract: A method and system are disclosed for providing integrated circuit chip cards (e.g. transaction cards) pursuant to an order placed by or on behalf of a card issuer wherein a testing data file is provided in conjunction with prepersonalization data encoding for use in conjunction with subsequent testing of the accuracy of the encoded prepersonalization data. Such testing may be completed prior to personalization data encoding to facilitate the identification of prepersonalization data encoding errors, thereby further facilitating remedial action and reduction of production disruptions.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: October 9, 2018
    Assignee: CPI CARD GROUP—COLORADO, INC.
    Inventor: Barry Mosteller
  • Patent number: 10091651
    Abstract: Techniques for remote authentication using reconfigurable boson samplers are provided. In one aspect, a method for remote authentication includes the steps of: providing an input photon configuration for an optical transmission network; receiving a response including measured output quantum photon coincidence frequencies from the optical transmission network based on the input photon configuration; comparing the measured output quantum photon coincidence frequencies to output quantum photon coincidence probabilities calculated for the optical transmission network; and verifying the response if the measured output quantum photon coincidence frequencies matches the output quantum photon coincidence probabilities calculated for the optical transmission network with less than a predetermined level of error, otherwise un-verifying the response. A verification system including an optical transmission network is also provided.
    Type: Grant
    Filed: December 7, 2015
    Date of Patent: October 2, 2018
    Assignee: International Business Machines Corporation
    Inventor: Jason S. Orcutt
  • Patent number: 10089470
    Abstract: An apparatus is provided for protecting a basic input/output system (BIOS) in a computing system. The apparatus includes a BIOS read only memory (ROM), an event detector, and a tamper detector. The BIOS ROM has BIOS contents that are stored as plaintext, and an encrypted message digest, where the encrypted message digest comprises an encrypted version of a first message digest that corresponds to the BIOS contents, and where and the encrypted version is generated via a symmetric key algorithm and a key. The event detector is configured to generate a BIOS check interrupt that interrupts normal operation of the computing system upon the occurrence of an event, where the event includes one or more occurrences of a change in system state.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: October 2, 2018
    Assignee: VIA TECHNOLOGIES, INC.
    Inventor: G. Glenn Henry
  • Patent number: 10089704
    Abstract: Disclosed herein is a digital rights management system that includes a storage module that stores a usage right for digital content in a tamper-resistant portion of a memory. The system also includes a flag status module that generates a flag corresponding with a transfer status of the usage right, sets the flag to one of a plurality of transfer statuses, and stores the flag in the tamper-resistant portion of the memory. The transfer statuses include a status indicating a request for the usage right was generated by a device with a usage right recovery mechanism.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: October 2, 2018
    Assignee: HGST NETHERLANDS B.V.
    Inventors: Dai Yun, Toshiyuki Masue, Tatsuya Hirai
  • Patent number: 10079933
    Abstract: Methods and systems for monitoring, analyzing and acting upon voice calls in communication networks. An identification system receives monitored voice calls that are conducted in a communication network. Some of the monitored voice calls may be conducted by target individuals who are predefined as suspects. In order to maintain user privacy, the system selects and retains only voice calls that are suspected of being conducted by predefined targets. The techniques disclosed herein are particularly advantageous in scenarios where the network identifiers of the terminal used by the target are not known, or where the target uses public communication devices. In accordance with the disclosure, context-based identifiers such as speaker recognition or keyword matching are used.
    Type: Grant
    Filed: May 10, 2016
    Date of Patent: September 18, 2018
    Assignee: Verint Systems Ltd.
    Inventors: Gideon Hazzani, Yoav Ariav
  • Patent number: 10078968
    Abstract: Systems and methods for electronic test delivery are described herein. A host computer is in electronic communication with one or more devices over a wireless private network. The host computer is configured to transmit data describing a plurality of test unit components to at least one of the devices. Each of the devices is configured to request from the host computer certain of the data describing the plurality of test unit components that form a test unit, receive the certain data, assemble the certain data, and display the assembled certain data as the test unit. The host computer is further configured to receive data describing one or more responses associated with the test unit from at least one of the devices.
    Type: Grant
    Filed: December 19, 2012
    Date of Patent: September 18, 2018
    Assignee: Law School Admission Council, Inc.
    Inventors: Troy William Lowry, Hao Wang, Carl Richard Sulzer
  • Patent number: 10075450
    Abstract: Techniques to facilitate temporary escalation of access privileges for a control program associated with a machine system in an industrial automation environment are disclosed. In at least one implementation, a request is received from a user for a temporary access level increase to utilize protected functions of the control program. An encrypted string is generated comprising a temporary password authorized to access the protected functions of the control program. The encrypted string is provided to the user, wherein the user provides the encrypted string to an administrator and the administrator authenticates the user for the temporary access level increase, decrypts the temporary password, and provides the temporary password to the user. A login request is received from the user with the temporary password, and the temporary access level increase is responsively granted to allow the user to utilize the protected functions of the control program.
    Type: Grant
    Filed: May 12, 2016
    Date of Patent: September 11, 2018
    Assignee: Rockwell Automation Technologies, Inc.
    Inventors: Michael A. Bush, Clark L. Case, Taryl J. Jasper
  • Patent number: 10073988
    Abstract: A chipset and a host controller, including a storage host controller for a storage device and an encryption and decryption engine that is implemented by hardware. The storage host controller analyzes a write command to obtain write command information, and provides the write command information and write data to the encryption and decryption engine. The encryption and decryption engine combines a data drive key with the write command information to encrypt the write data and provides the encrypted write data to the storage host controller to be written into a storage device via a communication port.
    Type: Grant
    Filed: April 11, 2016
    Date of Patent: September 11, 2018
    Assignee: VIA ALLIANCE SEMICONDUCTOR CO., LTD.
    Inventors: Kai Li, Gangru Xue, Yun Shen, Hui Li
  • Patent number: 10073916
    Abstract: Embodiments of the present application disclose a method for providing a terminal identifier to a terminal. During operation, a security server receives a registration information set from the terminal, in which the registration information set includes multiple pieces of equipment information from the terminal. The security server then generates a terminal identifier based on the multiple pieces of equipment information in the registration information set. The security server then returns the terminal identifier to the terminal.
    Type: Grant
    Filed: September 13, 2017
    Date of Patent: September 11, 2018
    Assignee: Alibaba Group Holding Limited
    Inventor: Jupeng Xia
  • Patent number: 10075471
    Abstract: Data received through a proxy for a service is analyzed for compliance with one or more data policies, such as one or more data loss prevention policies. When data satisfies the criteria of one or more data policies, the data is manipulated at the proxy prior to transmission of the data to the service. In some examples, the manipulation of the data includes encryption.
    Type: Grant
    Filed: July 1, 2013
    Date of Patent: September 11, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Eric Jason Brandwine, Matthew James Wren
  • Patent number: 10069631
    Abstract: One embodiment provides a system that facilitates encrypted-domain aggregation of data in a star network. During operation, the system receives a set of ciphertexts, representing respective encrypted polynomial shares, of an input value from each participant in a plurality of participants. Each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants. The system computes an encrypted partial value for each participant by aggregating in the encrypted-domain a respective ciphertext associated with that participant received from the plurality of participants and sends a message comprising the encrypted partial value to that participant. This encrypted partial value is encrypted based on a public key of a corresponding participant. The system receives a decrypted partial value from each participant and computes a target value based on a set of decrypted partial values received from a set of participants in the plurality of participants.
    Type: Grant
    Filed: March 17, 2016
    Date of Patent: September 4, 2018
    Assignee: PALO ALTO RESEARCH CENTER INCORPORATED
    Inventors: Shantanu Rane, Alejandro E. Brito, Ersin Uzun
  • Patent number: 10050925
    Abstract: Messages sent on behalf of a user through an intermediary service message are assigned a unique sender address including unique message identification data unique to each message being sent. The unique sender address further includes message delivery system domain data identifying the actual domain of the intermediary service. The unique message identification data is also mapped to a user routing address. The unique sender address is then used to populate the “From” field of the message. Consequently, any message response sent to the “From” field of the message can be automatically analyzed to identify the user identification data in the unique sender address and automatically mapped to the user notification routing address. A notification of the response message can then be automatically relayed to the user using the user notification routing address.
    Type: Grant
    Filed: January 28, 2015
    Date of Patent: August 14, 2018
    Assignee: Intuit Inc.
    Inventor: Jim Showalter
  • Patent number: 10049357
    Abstract: A system and method for using a Personal Identification Number (“PIN”) to authenticate payment transactions via a mobile device coupled to a reader device is described. The reader device may be modified to not only read and encrypt first identification information from a payment medium such as a magnetic strip of a payment card, but also receive a PIN from the mobile device and encrypt the PIN. The mobile device may be configured to prompt for and receive the PIN. The PIN may be communicated to the reader device for encryption. The mobile device may receive the encrypted first identification information and encrypted PIN and communicate the encrypted data to an adaptive payment server that decrypts the encrypted data for processing the payment transaction. The system may be used to securely process PIN-based payment transactions using a mobile device that is communicably coupled to a reader device.
    Type: Grant
    Filed: April 14, 2015
    Date of Patent: August 14, 2018
    Assignee: MTS Holdings, Inc.
    Inventors: Shashi Kapur, Ralph A. Bianco
  • Patent number: 10050719
    Abstract: A first photon in single-photon state is created when one of two photons created by parametric down conversion of a pump light is detected at a first detector. The first photon is divided into two components by a polarization beam splitter, and the first component is sent to a sender while the second component is sent to a receiver, with information that one of the two photons is detected. The sender selects whether he measures the first component or not according to the signal that he wants to transmit to the receiver. The second component of the first photon and a probe light enter into the second nonlinear optical medium. The receiver detects the phase modulation of the probe light caused by the interaction with the second component using homodyne detection during a first span after he receives the information from the first detector.
    Type: Grant
    Filed: July 12, 2017
    Date of Patent: August 14, 2018
    Inventor: Narumi Ohkawa
  • Patent number: 10044514
    Abstract: The disclosure describes approaches for protecting a circuit design for a programmable integrated circuit (IC). A black key is generated from an input red key by a registration circuit implemented on the programmable IC, and the black key is stored in a memory circuit external to the programmable IC. The programmable IC is configured to implement a pre-configuration circuit, which inputs the black key from the memory circuit and generates the red key from the black key. A ciphertext circuit design is decrypted into a plaintext circuit design by the programmable IC using the red key, and the red key is erased from the programmable IC. The programmable IC is reconfigured with the plaintext circuit design.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: August 7, 2018
    Assignee: XILINX, INC.
    Inventors: Edward S. Peterson, James D. Wesselkamper