Symmetric Key Cryptography Patents (Class 380/259)
-
Publication number: 20130182844Abstract: When a first symmetric key table is received, a storage unit stores the received first symmetric key table that indicates a plurality of kinds of symmetric keys. The storage unit also stores beforehand a second symmetric key table in an area larger than an area where the first symmetric key table is usable. A determining unit determines whether or not a terminal apparatus is present within the area where the first symmetric key table is usable. When the terminal apparatus is determined to be present within the area, a verification unit generates a digital signature with a symmetric key contained in the first symmetric key table. When, on the other hand, the terminal apparatus is determined to be present outside the area, the verification unit generates the digital signature with a symmetric key contained in the second symmetric key table.Type: ApplicationFiled: November 30, 2012Publication date: July 18, 2013Applicant: SANYO ELECTRIC CO., LTD.Inventor: SANYO ELECTRIC CO., LTD.
-
Patent number: 8483394Abstract: Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution (“QKD”) are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.Type: GrantFiled: September 30, 2010Date of Patent: July 9, 2013Assignee: Los Alamos National Security, LLCInventors: Jane Elizabeth Nordholt, Richard John Hughes, Charles Glen Peterson
-
Patent number: 8483386Abstract: A share generation apparatus (100) generates check data corresponding to a secret and random number, shares and encodes the secret and random number in accordance with a predetermined access structure, and stores them in storage devices (300—1 to 300—n). A reconstruction apparatus (200) reads out the shared/encoded secret and random number from the storage devices corresponding to members of the access structure, and reconstructs them. If the check data correspond to the reconstructed secret and random number, it is determined that the reconstructed secret is correct. If not, it is determined that cheating has occurred. Cheating of forging some shares by referring to (n?1) shares can be detected regardless of a distribution used to select a secret.Type: GrantFiled: December 12, 2008Date of Patent: July 9, 2013Assignee: NEC CorporationInventor: Satoshi Obana
-
Patent number: 8484475Abstract: In a data transmission method for a tachograph system, digital messages are transmitted between a speed transmitter (MS) and a recording unit (RU). The digital messages contain a pair of keys including a public key (KMP, KRP) and a private key (KMS, KRS), as well as a certificate (ZM, ZR) derived from the respective pair of keys. The public keys (KMP, KRP) and the certificates (ZM, ZR) are mutually verified between the recording unit (RU) and the speed transmitter (MS). If the verification is positive, the speed transmitter (MS) detects sensor data, and a digital message is generated therefrom. In addition, the speed transmitter (MS) generates authentication data for the message in accordance with the pair of keys (KMP, KMS) thereof. The message and the authentication data are transmitted to the recording unit and are processed there in accordance with a validity of the authentication data verified by the recording unit (RU).Type: GrantFiled: January 7, 2009Date of Patent: July 9, 2013Assignee: Continental Automotive GmbHInventors: Detlef Böhler, Thomas Grill, Erwin Hess, Bernd Meyer, Horst Plankenhorn
-
Publication number: 20130163758Abstract: A key delivery mechanism that delivers keys to an OS platform (e.g., iOS platform) devices for decrypting encrypted HTTP live streaming data. An HTTPS URL for a stateless HTTPS service is included in the manifest for an encrypted HTTP live stream obtained by an application (e.g., a browser) on an OS platform device. The URL includes an encrypted key, for example as a query parameter value. The application passes the manifest to the OS. The OS contacts the HTTPS service to obtain the key using the URL indicated in the manifest. Since the encrypted key is a parameter of the URL, the encrypted key is provided to the HTTPS service along with information identifying the content. The HTTPS service decrypts the encrypted key and returns the decrypted key to the OS over HTTPS, thus eliminating the need for a database lookup at the HTTPS service.Type: ApplicationFiled: December 22, 2011Publication date: June 27, 2013Inventors: Viswanathan Swaminathan, Kelly Yoshikazu Kishore, Srinivas R. Manapragada
-
Patent number: 8464062Abstract: Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an audio signal. The audio signal is transmitted from the first computing device to the second computing device. The password is determined from the audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein.Type: GrantFiled: March 29, 2012Date of Patent: June 11, 2013Assignee: Research In Motion LimitedInventors: Michael Stephen Brown, Herbert Anthony Little
-
Patent number: 8464043Abstract: Provided is a migration system considering security authentication levels and data protection strength levels of the both security devices between which data is migrated. A first terminal includes a mechanism for protecting data by a private key in the public key method held by TPM, and a second terminal includes a key in the private key method encrypted by the private key in the public key method held by TPM and a mechanism for protecting the data by the key. A Migration Authority holds a security policy table describing a security policy and judges whether data movement from the first terminal to the second terminal is enabled according to the security policy table.Type: GrantFiled: June 23, 2008Date of Patent: June 11, 2013Assignee: Panasonic CorporationInventors: Hideki Matsushima, Yuichi Futa, Hisashi Takayama, Takayuki Ito, Tomoyuki Haga, Taichi Sato
-
Patent number: 8458741Abstract: To permit non-TV CE devices to participate in a closed Internet Protocol television (IPTV) program, a non-TV CE device obtains a TV identification upon program registration which it subsequently uses to access content from the IPTV program.Type: GrantFiled: May 27, 2010Date of Patent: June 4, 2013Assignee: Sony CorporationInventors: True Xiong, Leo Pedlow
-
Patent number: 8453238Abstract: A method for protecting a key used, by an electronic circuit, in a symmetrical algorithm for ciphering or deciphering a message, including the steps of complementing to one the key and the message; executing the algorithm twice, respectively with the key and the message and with the key and the message complemented to one, the selection between that of the executions which processes the key and the message and that which processes the key and the message complemented to one being random; and checking the consistency between the two executions.Type: GrantFiled: November 2, 2010Date of Patent: May 28, 2013Assignee: STMicroelectronics (Rousset) SASInventors: Pierre-Yvan Liardet, Fabrice Marinet
-
Patent number: 8447970Abstract: Securing an out-of-band message from a server to a mobile computing device. After requesting a service ticket from a trusted third party (e.g., via a pre-existing ticketing infrastructure), the requested service ticket and a shared secret are obtained from the trusted third party via a first channel. The mobile computing device thereafter sends the service ticket with the shared secret to a server via a second channel. The server encrypts a message (e.g., an SMS message) using the shared secret. The mobile computing device receives the encrypted message from the server via a third channel that is out-of-band relative to the first channel. The encrypted message is decrypted via the shared secret and the decrypted message is provided to a user of the mobile computing device. In some embodiments, the message includes commands for controlling the mobile computing device.Type: GrantFiled: February 9, 2010Date of Patent: May 21, 2013Assignee: Microsoft CorporationInventors: Johannes Klein, Aurelio Navarro Belletti Garcia, Ernesto Miranda Pedrosa da Silva, Rafael Alberto Marques Torres, William Qian, Eduard Ostrovsky, Oliver Bruno Colbert, Ganapathy Raman, Edgar Pereira Alves
-
Patent number: 8433069Abstract: A software defined radio device and a download server store a plurality of common keys in common key data. The download server arbitrarily determines a common key from the common key data and conveys information identifying the common key to be used to the software defined radio device. An authenticator of the software defined radio device identifies a common key from the common key data using the information identifying the common key, authenticates using the common key, and performs subsequent communications using the common key. When sending software, a hash value is attached for confirming the security. A device ID of the software defined radio device is also attached to data for confirming which software defined radio device receives the software. The software is securely downloaded by a common key encryption having smaller processing requirements than those of a public key encryption.Type: GrantFiled: August 1, 2008Date of Patent: April 30, 2013Assignee: NEC System Technologies, Ltd.Inventor: Mie Noda
-
Patent number: 8428251Abstract: Disclosed herein are systems, methods, and computer readable-media for performing data encryption and decryption using a stream or block cipher with internal random states. The method includes splitting the input data into a predetermined number of blocks and processing each block. The processing includes creating sub-blocks, permuting the sub-blocks, replacing bytes using a lookup table, rotating bits, performing expansion and combining sets of bits. The element of randomness employed in this process allows for the same input to yield the same output, with differing internal states.Type: GrantFiled: December 9, 2011Date of Patent: April 23, 2013Assignee: Apple Inc.Inventors: Mathieu Ciet, Augustin J. Farrugia, Filip Toma Paun
-
Patent number: 8428260Abstract: Methods for increasing encryption synchronization availability include collecting encryption synchronization data from a first superframe received at a gateway. The encryption synchronization data is for decrypting media in a second superframe also received at the gateway. The encryption synchronization data from the first superframe is used to form a composite encryption synchronization codeword for decrypting media in a third superframe formed by the gateway, wherein the third superframe includes the composite encryption synchronization codeword and at least a portion of the media from the second superframe. The third superframe is sent to a receiving device so that media in the third superframe can be decrypted by the receiving device using the composite encryption synchronization codeword that is included in the same superframe as the media that is being decrypted.Type: GrantFiled: December 23, 2009Date of Patent: April 23, 2013Assignee: Motorola Solutions, Inc.Inventors: Donald G. Newberg, Ramandeep Ahuja, Michelle M. Antonelli, Gregory D. Bishop, Peter M. Drozt, Michael F. Korus, Peter E. Thomas
-
Patent number: 8422682Abstract: A method to generate Immutable Audit logs (IAL) using related computer means and/or computer programs. This method and system processes audit information by cryptographic means generating one immutable digital chains that will contain at least the audit information split among the links and optionally encrypted, and this immutable digital chain is stored in a massive storage media. Each immutable digital chain is generated by including at every link at least the data resulting to apply a MAC function using a secret session key K over the result of information at current link concatenated with a previous link MAC value. The method proposes adding specific links to said immutable digital chain at regular defined intervals (‘Metronome Entry’) that contain at least a timestamp and the data resulting to apply a digital signature using a private key that is always kept secret over the metronome timestamp concatenated with previous link results.Type: GrantFiled: July 14, 2006Date of Patent: April 16, 2013Assignee: Kinamik Data Integrity, S.L.Inventors: Armando Ortiz Cornet, Joan Miquel Bardera Bosch
-
Patent number: 8422687Abstract: One embodiment of the present invention relates to a method for key management in a communications network. In this method, a public key authentication scheme is carried out between a security controller and a plurality of nodes to establish a plurality of node-to-security-controller (NSC) keys. The NSC keys are respectively associated with the plurality of nodes and are used for secure communication between the security controller and the respective nodes. Other methods and devices are also disclosed.Type: GrantFiled: June 30, 2008Date of Patent: April 16, 2013Assignee: Lantiq Deutschland GmbHInventors: Vladimir Oksman, Neal King, Charles Bry
-
Patent number: 8423794Abstract: A secure flash memory card or flash drive protects user content from unauthorized duplication. However, even the protected user content can be moved from one flash card or drive to another by its rightful owner or licensee. Additionally, secure firmware applications that may be added to the flash card over time in order to add additional functionality to the card may also be moved, although many of them are device specific and also designed to only operate on one particular piece of hardware.Type: GrantFiled: June 20, 2007Date of Patent: April 16, 2013Assignee: SanDisk Technologies Inc.Inventors: Michael Holtzman, Fabrice Jogand-Coulomb
-
Patent number: 8413213Abstract: Embodiments of the present invention provide a method, apparatus and system for selecting a wireless communication device for establishing a connection. The method according to some exemplary embodiments of the invention may include selecting a communication device for establishing a connection by determining whether one or more security-related characteristics of the communication device satisfy a security policy corresponding to a selected security class. Other embodiments are described and claimed.Type: GrantFiled: December 28, 2004Date of Patent: April 2, 2013Assignee: Intel CorporationInventor: Claudio Glickman
-
Publication number: 20130077789Abstract: A method for secure cryptographic communication comprises transmitting information that identifies a group key from a first device to a second device. The method further comprises, in the first device, using the group key to encrypt an input vector, transmitting the encrypted input vector, encrypting privacy-sensitive information using a device key, an encryption algorithm, and the input vector, and transmitting the encrypted privacy-sensitive information to the second device.Type: ApplicationFiled: September 14, 2012Publication date: March 28, 2013Applicant: NEOLOGY, INC.Inventors: Thomas Tahan, Jun Liu
-
Patent number: 8407780Abstract: An e-mail firewall applies policies to e-mail messages transmitted between a first site and a plurality of second sites. The e-mail firewall includes a plurality of mail transfer relay modules for transferring e-mail messages between the first site and one of the second sites. Policy managers are used to enforce and administer selectable policies. The policies are used to determine security procedures for the transmission and reception of e-mail messages. The e-mail firewall employs signature verification processes to verify signatures in received encrypted e-mail messages. The e-mail firewall is further adapted to employ external servers for verifying signatures. External servers are also used to retrieve data that is employed to encrypt and decrypt e-mail messages received and transmitted by the e-mail firewall, respectively.Type: GrantFiled: July 14, 2008Date of Patent: March 26, 2013Assignee: Axway Inc.Inventors: Jean-Christophe Denis Bandini, Jeffrey C. Smith
-
Patent number: 8402558Abstract: A system and method of encrypting digital content in a digital container and securely locking the encrypted content to a particular user and/or computer or other computing device is provided. The system uses a token-based authentication and authorization procedure and involves the use of an authentication/authorization server. This system provides a high level of encryption security equivalent to that provided by public key/asymmetric cryptography without the complexity and expense of the associated PKI infrastructure. The system enjoys the simplicity and ease of use of single key/symmetric cryptography without the risk inherent in passing unsecured hidden keys. The secured digital container when locked to a user or user's device may not open or permit access to the contents if the digital container is transferred to another user's device. The digital container provides a secure technique of distributing electronic content such as videos, text, data, photos, financial data, sales solicitations, or the like.Type: GrantFiled: June 10, 2011Date of Patent: March 19, 2013Assignee: Digital Reg of Texas, LLCInventors: Eugene B. Phillips, II, Seth Ornstein
-
Patent number: 8396218Abstract: In a cryptographic module distribution system, a cryptographic management server apparatus encrypts a cryptographic module using a key shared by a cryptographic apparatus, and transmits the encrypted cryptographic module to a client apparatus. The client apparatus transmits the encrypted cryptographic module to a cryptographic apparatus. The cryptographic apparatus decrypts the encrypted cryptographic module using the key shared by the cryptographic management server apparatus, and transmits the decrypted cryptographic module to the client apparatus. The client apparatus stores the received cryptographic module.Type: GrantFiled: September 18, 2008Date of Patent: March 12, 2013Assignees: Toshiba Solutions Corporation, Yokosuka Telecom Research Park, Inc.Inventors: Shingo Miyazaki, Takanori Nakamizo, Akito Niwa, Koji Okada, Kouya Tochikubo, Shigeyuki Fukushima, Chiaki Ishikawa, Noboru Koshizuka, Ken Sakamura
-
Patent number: 8392717Abstract: An authentication method is disclosed herein. The method includes: by a server, using a Trigger message nonce to generate a Trigger message, and sending the generated Trigger message to a client so that the client can extract the Trigger message nonce; after determining that the Trigger message nonce is valid, using the Trigger message nonce to generate a digest, and authenticating the Trigger message generated by using the Trigger message nonce; after the authentication succeeds, sending a session request to the server indicated by the Trigger message, where the session request carries a session ID. The corresponding system, server and client are disclosed herein. The present invention makes the authentication process more secure through the client and the server based on the DS or DM protocol.Type: GrantFiled: May 7, 2010Date of Patent: March 5, 2013Assignee: Huawei Technologies Co., Ltd.Inventors: Xiaoqian Chai, Hongtao Gao, Kepeng Li, Linyi Tian
-
Patent number: 8392716Abstract: An initiator shares y_ir with a responder, calculates HASH_I on the basis of y_ir, and sends HASH_I to an IKE proxy server. The initiator receives a digital signature SIG_S generated for HASH_I and the address of the initiator from the IKE proxy server and sends the digital signature SIG_S to the responder.Type: GrantFiled: January 21, 2005Date of Patent: March 5, 2013Assignee: Canon Kabushiki KaishaInventor: Kazuomi Oishi
-
Patent number: 8392711Abstract: A multi-stage technique of establishing a plurality of secure strings of symbols is disclosed. In the first stage, the illustrative embodiment establishes a first-stage string of symbols with each other node. The first-stage strings are chosen from a first, small, key space, which means that they can be established more quickly than a highly secure key from a large key space. The advantage of the first-stage strings is that it enables the user to transmit secure messages more quickly than messages secured with highly secure strings. The disadvantage of the illustrative embodiment is that the first-stage strings are not as secure as strings from a larger key space. This disadvantage is mitigated, however, by the fact that the first-stage strings are only used for a short amount of time—until the second-stage strings are established in the second stage.Type: GrantFiled: May 27, 2009Date of Patent: March 5, 2013Assignee: Avaya Inc.Inventor: Mark John Karol
-
Patent number: 8379867Abstract: The present invention provides a method and system for securing a digital data stream. A first key of a first asymmetric key pair from a key store remote from a host node is received at the host node. A dynamically generated key is received at the host node, which is used to encipher the digital data stream. The dynamically generated key is enciphered with the first key of the first asymmetric key pair. The enciphered digital data stream and the enciphered dynamically generated key are stored remotely from the host node and the key store.Type: GrantFiled: September 24, 2008Date of Patent: February 19, 2013Assignee: MyMail Technology, LLCInventors: Thomas D. Selgas, Jonathan Cutrer
-
Patent number: 8379856Abstract: Technologies are generally described for a hardware cryptographic unit that employs hardware public physically unclonable functions. A source computer can encrypt a message using a simulation of a hardware cryptographic unit. The encrypted message can then be sent to a destination computer. The destination computer can then use the hardware cryptographic unit to decrypt the message. The source computer can use a simulation of the hardware cryptographic unit to transform an input value into a simulation output. The simulation output can be transmitted from the source computer to the destination computer where all possible input values can be rapidly run through the hardware cryptographic unit until the output of the hardware cryptographic unit matches the simulated output. The input value that generated the matching output is now a shared secret between the source computer and destination computer without ever having been transmitted in the clear over the communication channel.Type: GrantFiled: June 17, 2009Date of Patent: February 19, 2013Assignee: Empire Technology Development LLCInventor: Miodrag Potkonjak
-
Patent number: 8374339Abstract: Method, program, network system and client device each has a structure of being given encryption information different from given present encryption information by use of the given present encryption information and being given different encryption information in incremental steps, to one or a plurality of the connection destinations (client device CLm), for security setting of wireless communication network (wireless LAN device 2) to one or a plurality of connection destinations.Type: GrantFiled: December 27, 2005Date of Patent: February 12, 2013Assignee: Fujitsu LimitedInventor: Tomonori Yasumoto
-
Publication number: 20130028419Abstract: The present invention relates to a system and a method for secured transmission/and storage of encrypted data in all the applicable modes of data storage. The method comprises the steps of providing the data, generating a password or a key by a user, encrypting the data by the password or the key for plural number of times resulting plurality of cipher texts, sending plurality of the cipher texts and the password or key, and decrypting the cipher text by the password or the key. The system comprises input device means for providing the data, input device means for generating a password by a user, processor means encrypting the data by the password or key for plural number of times resulting plurality of cipher texts, means for sending the plurality of cipher texts and the password and means for decrypting the cipher text by the password or key.Type: ApplicationFiled: July 24, 2012Publication date: January 31, 2013Inventors: Debabrata Das, Anirban Das, Debjani Das, Prasanta Bhattacharjee
-
Patent number: 8363837Abstract: In a preferred embodiment a method of operating an intelligent disk drive is described which includes compression and/or encryption capability at the file level. The intelligent disk drive includes means for executing distributed computing tasks including a CPU and associated memory. The communication interface with the host computer or other device on the communication bus is modified to allow the device to send executable code for a task to the drive and to allow the drive to communicate the results and status information about the task to the host device. In a preferred embodiment the disk drive has a task control program, task program code, task data and status information for the distributed task. The task control program implements the basic task management functions of storing the task program, reporting results and saving progress information to allow the task to be interrupted by other drive functions.Type: GrantFiled: February 28, 2005Date of Patent: January 29, 2013Assignee: HGST Netherlands B.V.Inventor: Larry Lynn Williams
-
Patent number: 8363838Abstract: Methods and algorithms for generating identical symmetrical cryptographic keys. In a method for generating a symmetrical cryptographic key, a first profile is generated, the first profile comprising a series of data points collected over a first period of time. A start time of the first profile is identified and the first profile divided into a sequence of time-based segments, each time-based segment comprising at least one data point. A first symmetrical cryptographic key is calculated from the sequence of time-based segments, and the first symmetrical cryptographic key is stored for at least one of encrypting and decrypting data in cooperation with a second symmetrical cryptographic key substantially identical to the first symmetrical cryptographic key.Type: GrantFiled: February 14, 2008Date of Patent: January 29, 2013Assignee: Infineon Technologies AGInventors: Daniel Bichler, Guido Stromberg, Manuel Loew, Daniel Barisic, Martin Krogmann, Thomas Lentsch
-
Patent number: 8364964Abstract: In a method of registering a plurality of client devices with a device registration server for secure data communications, a unique symmetric key is generated for each of the client devices using a cryptographic function on a private key of the device registration server and a respective public key of each of the client devices, and a broadcast message containing the public key of the device registration server is sent to the client devices, in which the client devices are configured to generate a respective unique symmetric key from the public key of the device registration server and its own private key using a cryptographic function, and in which the unique symmetric key generated by each client device matches the respective unique symmetric key generated by the device registration server for the respective client device.Type: GrantFiled: December 29, 2009Date of Patent: January 29, 2013Assignee: General Instrument CorporationInventors: Alexander Medvinsky, Paul Moroney, Jiang Zhang
-
Publication number: 20130010956Abstract: Methods and algorithms for generating identical symmetrical cryptographic keys. In a method for generating a symmetrical cryptographic key, a first profile is generated, the first profile comprising a series of data points collected over a first period of time. A start time of the first profile is identified and the first profile divided into a sequence of time-based segments, each time-based segment comprising at least one data point. A first symmetrical cryptographic key is calculated from the sequence of time-based segments, and the first symmetrical cryptographic key is stored for at least one of encrypting and decrypting data in cooperation with a second symmetrical cryptographic key substantially identical to the first symmetrical cryptographic key.Type: ApplicationFiled: September 11, 2012Publication date: January 10, 2013Inventors: Daniel Bichler, Guido Stromberg, Manuel Loews, Daniel Barisic, Martin Krogmann, Thomas Lentsch
-
Patent number: 8345875Abstract: A method of encrypting broadcast and multicast data communicated between two or more parties, each party having knowledge of a shared key, is provided. The key is calculated using values, some of which are communicated between the parties, so that the shared key is not itself transferred. Avoiding the transfer of the key offers several advantages over existing encryption methods.Type: GrantFiled: March 14, 2011Date of Patent: January 1, 2013Assignee: Koolspan, Inc.Inventors: Anthony C. Fascenda, Emil Sturniolo
-
Patent number: 8345862Abstract: The invention relates to a method of sharing a strong secret F between two parties (A, B) previously sharing a weak secret F, this method of sharing combining a symmetric algorithm and an asymmetric algorithm, and consisting in using a fixed exponent e of small size, and in encrypting not the exponent e, but the modulus n, by means of the weak secret f.Type: GrantFiled: November 17, 2008Date of Patent: January 1, 2013Assignee: Paycool International LimitedInventors: Ulrik Bergsten, Christian Gross, Jacques Thieblemont
-
Patent number: 8347112Abstract: In at least some embodiments, an electronic device comprises a processor and an encryption/decryption (E/D) engine coupled to the processor via a bus. The E/D engine selectively operates in a first mode and a second mode. For the first mode, an E/D engine output is provided to the bus. For the second mode, the E/D engine output is not provided to the bus and is accessible only to the E/D engine.Type: GrantFiled: February 17, 2009Date of Patent: January 1, 2013Assignee: Texas Instruments IncorporatedInventors: Frederic P. R. Amiel, Aymeric S. Vial, Jean-Yves Simon
-
Publication number: 20120328102Abstract: An apparatus, system and method provides an out-of-synchronization detection by using a network layer checksum. A process operating at an upper layer verifies that a checksum embedded in a network layer header is correct before encrypting and transmitting a data packet containing the header and a payload. The data packet is received through a wireless communication channel at a receiver and decrypted. A calculated checksum is calculated on the received payload at the receiver and compared to the received checksum embedded in the header. A key stream used at the receiver for decrypting the received encrypted data packets is determined to be out of synchronization with a key stream used at the transmitter to encrypt the data packets if the calculated checksum is not equal to the network layer checksum.Type: ApplicationFiled: September 10, 2012Publication date: December 27, 2012Inventors: James Alexander Reeds, III, Wen-Ping Ying
-
Patent number: 8341733Abstract: A computer implemented method, apparatus, and computer program product for creating secured file views of a protected file. The process receives a request to access the file, wherein the file is stored in a common location, and wherein the request includes a set of file viewing parameters. The process identifies a callback function associated with the file and calls the callback function with the set of file viewing parameters to form a set of virtual viewing parameters. Thereafter, the process generates a secured file view of the file using the virtual viewing parameters, wherein the secured file view is viewable by a user of an authorized partition.Type: GrantFiled: June 20, 2007Date of Patent: December 25, 2012Assignee: International Business Machines CorporationInventors: David Jones Craft, Eric Philip Fried
-
Patent number: 8340299Abstract: Methods and systems are disclosed for providing secured data transmission and for managing cryptographic keys. One embodiment of the invention provides secure key management when separate devices are used for generating and utilizing the keys. One embodiment of the invention provides secure storage of keys stored in an unsecured database. One embodiment of the invention provides key security in conjunction with high speed decryption and encryption, without degrading the performance of the data network.Type: GrantFiled: July 28, 2010Date of Patent: December 25, 2012Assignee: Broadcom CorporationInventors: Mark L. Buer, Joseph J. Tardo
-
Patent number: 8341753Abstract: A system, method, and apparatus are arranged to enable loading of an application, such as a game application, prior to a formal release date of the application. An end-user is provided components of the application either over a network, CD, DVD, or the like. At least one component of the application is encrypted. The end-user may register with an application provider. At a pre-defined time, such as a release date for the application, a decryption key is made available to the end-user. The decryption key may be employed to decrypt the encrypted component(s) of the application, such that the application may be readied for execution. In addition, bug fixes, additions, or the like, may also be pre-loaded to release of the application, thereby ensuring that the end-user has the most current application configuration.Type: GrantFiled: March 8, 2006Date of Patent: December 25, 2012Assignee: Valve CorporationInventors: Derrick Jason Birum, Erik Axel Johnson, Christopher Richard Newcombe
-
Patent number: 8340298Abstract: Key management and user authentication systems and methods for quantum cryptography networks that allow for users securely communicate over a traditional communication link (TC-link). The method includes securely linking a centralized quantum key certificate authority (QKCA) to each network user via respective secure quantum links or “Q-links” that encrypt and decrypt data based on quantum keys (“Q-keys”). When two users (Alice and Bob) wish to communicate, the QKCA sends a set of true random bits (R) to each user over the respective Q-links. They then use R as a key to encode and decode data they send to each other over the TC-link.Type: GrantFiled: April 16, 2007Date of Patent: December 25, 2012Assignee: MagiQ Technologies, Inc.Inventors: Robert Gelfond, Audrius Berzanskis
-
Patent number: 8340295Abstract: A cryptographic system (500) that includes a data stream receiving device (502) configured for receiving a modified data stream representing data entries encrypted using a chaotic sequence of digits. The system also includes user processing device (503, 505) configured for receiving user access information specifying an initial value for the chaotic sequence of digits and data field location information associated with selected ones of the data entries. The system further includes a synchronized pair of chaotic sequence generators (300) coupled to the user processing devices configured for generating encryption and decryption sequences based on the initial value and the data field location information. The system additionally includes an encryption device (504) and a decryption device (506) coupled to the chaotic sequence generators and the data stream receiving device, the decrypter configured for generating an output data stream from the modified data stream by applying the decryption sequences.Type: GrantFiled: July 1, 2009Date of Patent: December 25, 2012Assignee: Harris CorporationInventors: Alan J. Michaels, David B. Chester
-
Patent number: 8331568Abstract: In Transport Layer Security (TLS) or other communication protocols, the load on the server may be lowered by reducing the number of expensive decryption operations that the server has to perform. When a client contacts a server, the client sends the server the client's public key. The server chooses a secret value, encrypts the value with the client's public key, and sends the encrypted value to the client. When the client decrypts the secret, the server and client share a secret value, which may be used to derive an encryption key for further messages. In many key agreement schemes, the client chooses and encrypts the secret value, and the server recovers the value with an expensive decryption operation. By instead having the server choose the value and send it to the client, an expensive decryption operation is redistributed from the server to the client, thereby freeing server resources.Type: GrantFiled: May 28, 2009Date of Patent: December 11, 2012Assignee: Microsoft CorporationInventor: Niels Thomas Ferguson
-
Patent number: 8325921Abstract: The present invention provides a portable memory, comprising: a key storage unit for storing a register key for the portable memory; a key receiving unit for receiving a first key entered by a user and generating a second key based on the first key; an identification unit for comparing the second key with the register key to obtain a comparison result; a key generation unit for generating an encryption/decryption key if the comparison result indicates that the second key matches the register key; a chip for encrypting/decrypting a data stream exchanged between a computer and the portable memory by using the encryption/decryption key. The portable memory constitutes a system itself, and thus can perform encryption/decryption operations independent of external systems, resulting in a reduced cost. The present invention also provides a method of encrypting a portable memory.Type: GrantFiled: August 5, 2009Date of Patent: December 4, 2012Assignee: Lenovo (Beijing) LimitedInventors: Lei Fan, Cheng Chen
-
Patent number: 8315386Abstract: A method for performing an encrypted voice call between a first terminal and a second terminal supporting a Voice over Internet Protocol (VoIP)-based voice call. In the method, the first and second terminals generate and store a bio key using biographical (bio) information of a user in advance before performing a voice call, the first terminal sends a request for a voice call to the second terminal and establishing a session, the first and second terminals exchange and store a bio key stored in each terminal, and the first and second terminals generate a session shared key using the exchanged bio key and starting a Secure Real-time Transport Protocol (SRTP) session, and a restored bio key by acquiring bio information from received data. User authentication is then performed by comparing the bio key with the restored bio key.Type: GrantFiled: July 7, 2009Date of Patent: November 20, 2012Assignee: Samsung Electronics Co., LTDInventors: Jae-Sung Park, Tae-Sung Park, Jae-Hoon Kwon, Do-Young Joung, Sung-Kee Kim, Yong-Gyoo Kim, Ji-Wan Song
-
Patent number: 8316236Abstract: A system for determining security associations using binary output sequences is described. In an example systematic embodiment, a first device is coupled over a network to a second device. Each device includes a processor and an indicator mechanism coupled to the processor. The indicator mechanism is configured to output a binary representation of a security state established between the devices to a user in perceivable proximity to at least one of the devices. A computer readable storage medium is coupled to the processor and includes executable instructions for the processor. The instructions when executed by the processor initiate a security transaction between the devices. The security transaction includes a protocol that uses one or more public keys to establish a security state between the devices. The indicator mechanism then outputs the binary representation to the user based on the established security state.Type: GrantFiled: August 31, 2007Date of Patent: November 20, 2012Assignee: Cisco Technology, Inc.Inventors: David McGrew, Mark Baugher
-
Patent number: 8312519Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.Type: GrantFiled: September 30, 2010Date of Patent: November 13, 2012Inventors: Daniel V Bailey, John G. Brainard, William M. Duane, Michael J. O'Malley, Robert S. Phipott
-
Patent number: 8311216Abstract: A packet cipher algorithm based encryption processing device includes a key expand unit and an encryption unit. The key expand unit comprises a key expand unit data registration component and at least one key expand unit data conversion component. The encryption unit comprises an encryption unit data registration component and at least one encryption unit data conversion component, and the number of the encryption unit data conversion component is the same as that of the key expand unit data conversion component, and besides, they are one to one. A sub-key output of each key expand unit data conversion component connects the corresponding sub-key input of each encryption unit data conversion component to solve the technical problems that the encryption efficiency of the prior packet cipher algorithm based encryption processing device is low and the cost is high.Type: GrantFiled: November 13, 2008Date of Patent: November 13, 2012Assignee: China IWNCOMM Co., Ltd.Inventors: Wei Wang, Jun Cao, Xiang Yan
-
Patent number: 8306228Abstract: An anonymous secure messaging method and system for securely exchanging information between a host computer system and a functionally connected cryptographic module. The invention comprises a Host Security Manager application in processing communications with a security executive program installed inside the cryptographic module. An SSL-like communications pathway is established between the host computer system and the cryptographic module. The initial session keys are generated by the host and securely exchanged using a PKI key pair associated with the cryptographic module. The secure communications pathway allows presentation of critical security parameter (CSP) without clear text disclosure of the CSP and further allows use of the generated session keys as temporary substitutes of the CSP for the session in which the session keys were created.Type: GrantFiled: September 7, 2007Date of Patent: November 6, 2012Assignee: Activcard Ireland, LimitedInventors: Eric Le Saint, Wu Wen
-
Patent number: 8307410Abstract: According to one aspect of the subject matter described herein, a method for registering wireless smart devices for secure offline data transfer is provided. The method includes, for an application configured to execute on a wireless smart device and that requires access to information regarding an account that does not reside on the wireless smart device, register, at a server having access to the information regarding the account, a first wireless smart device has an account owner device (AOD) for operating in an online mode for obtaining the information regarding the account from the server and for operating in an offline mode for transferring the information regarding the account to at least one additional device via a secure offline data transfer using near field communications (NFC).Type: GrantFiled: August 12, 2008Date of Patent: November 6, 2012Assignee: MasterCard International IncorporatedInventors: Philippe Martin, Ming-Li Liu, Roshan Vijayshankar, Pradeep Kumar
-
Patent number: 8306226Abstract: A transmitting apparatus includes a transaction transmitting unit configured to transmit to a receiving apparatus a content to be moved to the receiving apparatus, by using a first transaction established with the receiving apparatus, a counter unit configured to count a progress quantity representing a degree of progress of the transmission of the content from a given point of time with respect to the transmission of the content corresponding to the first transaction to obtain a count value, and a transaction switching unit configured to switch the first transaction used for the transmission of the content to a second transaction, if the count value of the counter unit reaches a predetermined value and the transmission of the content is not completed.Type: GrantFiled: August 28, 2008Date of Patent: November 6, 2012Assignee: Kabushiki Kaisha ToshibaInventors: Yoshinobu Fujiwara, Tatsuyuki Matsushita, Hiroshi Isozaki, Kunio Honsawa, Kazunobu Konda, Chikara Ushimaru, Yoshihisa Kizuka