Transmitting A Seed, Sequence, Or Initial Value Patents (Class 380/262)
  • Patent number: 10402566
    Abstract: A High Assurance Configuration Security Processor (HACSP) for a computing device may perform real-time integrity measurements of an actual bitstream run-time performance against what is expected. The HACSP may be self-contained and have a relatively small footprint. The HACSP may be vendor-agnostic, and may be a trusted system application for the computing device. The HACSP may ensure the security of user application bitstream load and update during device configuration, and may implement security mechanisms for independent secure trusted attestation and integrity measurement mechanisms to report and provide reliable evidence about the “trustworthiness” of the system during user bitstream execution.
    Type: Grant
    Filed: August 1, 2016
    Date of Patent: September 3, 2019
    Assignee: The Aerospace Corporation
    Inventors: Thomas Kibalo, Ronald Scrofano, Andrew Deeds
  • Patent number: 10402172
    Abstract: A software and hardware infrastructure is provided that can generate traceable and verifiably random number sequences provided from multiple random number sources, including quantum entropy sources, potentially located at multiple points of origin, and distribute the verifiable number sequences across multiple channels and protocols to multiple ultimate destinations in a distributed computing environment. Random number sequences obtained from unique entropy sources can be tagged with information on the provenance and/or other details of the creation of each number sequence. Tags can be used to verify the reliability of each tagged number sequence and/or its associated source. Tags can also include a use indicator to avoid reuse of a tagged number sequence.
    Type: Grant
    Filed: February 28, 2019
    Date of Patent: September 3, 2019
    Assignee: QRYPT, INC.
    Inventors: Denis Mandich, Christopher Knapp
  • Patent number: 10382405
    Abstract: Systems and methods for creating fingerprints for encryption devices are described herein. In various embodiments, the system includes an encryption device operatively connected to a device management system. According to particular embodiments, the device management system: 1) receives a first payload from the encryption device, the first payload including data in a particular format; 2) creates a fingerprint for the encryption device, the fingerprint including a section format for each of one or more distinct sections of the particular format; 3) storing a record of the fingerprint for the encryption device and the unique identifier at the at least one database; and 4) comparing a format of each subsequent payload received from the encryption device to the fingerprint for the device to determine whether the device has been compromised.
    Type: Grant
    Filed: March 16, 2018
    Date of Patent: August 13, 2019
    Assignee: BLUEFIN PAYMENT SYSTEMS LLC
    Inventors: Timothy William Barnett, Alexander I. Kasatkin, Christopher Hozumi Miyata
  • Patent number: 10315623
    Abstract: A portable electronic key device starts up only when movement of the portable electronic key device is present on the basis of detection signal Sac of a motion detector. A communication monitoring unit monitors whether or not radio waves Swk periodically transmitted from a vehicle are received. When there is no movement of the portable electronic key device but the portable electronic key device has received or is receiving radio waves from the vehicle, an operation controller maintains the start-up state of the portable electronic key device.
    Type: Grant
    Filed: June 20, 2016
    Date of Patent: June 11, 2019
    Assignee: KABUSHIKI KAISHA TOKAI RIKA DENKI SEISAKUSHO
    Inventor: Hiroaki Iwashita
  • Patent number: 10298403
    Abstract: Authentication systems and methods for a population of devices each associated with an RFID tag are described. For each device, a secret key is combined cryptographically with a publicly-readable unique identifier (UID) of an RFID tag to obtain a unique authorization signature. The RFID tag is prepared utilizing the unique authorization signature as memory-access and/or tag-operation password(s). The systems and methods may safeguard against attacks whereby compromise of a single tag will not compromise the entire population of devices and may reduce or eliminate the use of inappropriate surgical devices during a surgical procedure.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: May 21, 2019
    Assignee: COVIDIEN LP
    Inventors: Peter F. Klammer, William G. Paterson
  • Patent number: 10291590
    Abstract: According to an embodiment, a communication system includes a plurality of communication apparatuses. Each of the communication apparatuses includes a key generator and a synchronization processor. The key generator generates shared keys shared with another communication apparatus. The synchronization processor synchronizes at least one of order of using the generated shared keys and roles played when the generated shared keys are used, with another communication apparatus based on a rule determined in advance.
    Type: Grant
    Filed: March 9, 2015
    Date of Patent: May 14, 2019
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yoshimichi Tanizawa, Hideaki Sato
  • Patent number: 10289505
    Abstract: A method begins with a dispersed storage network (DSN) processing module receiving content retrieval message from one or more requesters. The method continues by determining DRM policies and read operational parameters. The method continues by retrieving a set of encoded data slices from DSN memory, the set of encoded data slices including unique subsets of the set of encoded data slices with each of the unique subsets assigned to one or more of the requesters based at least in part on the determined read operational parameters. The method continues by sending the set of encoded data slices to the requesters. The requestors select their assigned subset of the received set of encoded data slices and decode to produce the content.
    Type: Grant
    Filed: July 7, 2016
    Date of Patent: May 14, 2019
    Assignee: International Business Machines Corporation
    Inventor: S. Christopher Gladwin
  • Patent number: 10285049
    Abstract: Communication devices and a method of providing secure electronic content are general described. Content is encrypted using a time-invariant encryption algorithm on the binary bits and a time-varying baseband key encryption waveform with a time-varying phase or amplitude. The content is recovered using a waveform with a reference phase mixed with a reference LO signal or combining the waveform and content using an XOR to measure a change of the phase/amplitude of the received signal relative to the LO signal. The key for the time-invariant binary bit level encryption may be communicated on a different channel than the content prior to communication of the content or concurrently with the content. The phase/amplitude of the baseband key may vary after baseband waveform encryption of a predetermined number of symbols, independent of the time, or after a predetermined time independent of an amount of baseband signal encrypted.
    Type: Grant
    Filed: November 24, 2015
    Date of Patent: May 7, 2019
    Assignee: Raytheon Company
    Inventors: Andrew Kowalevicz, Gary M. Graceffo
  • Patent number: 10230714
    Abstract: Techniques are disclosed relating to tokenized account information with integrated authentication. In some embodiments, a shared secret key is used for tokenization and authentication. In some embodiments, a payment device stores an encrypted version of the secret key and decrypts the secret key based on a user-provided password. In some embodiments, the payment device uses the secret key and a moving factor to generate a limited-use password. In some embodiments, the payment device uses the limited-use password to modify a first identifier of an account of the user. In some embodiments, the authentication system retrieves a stored version of the secret key and a copy of the account number using a second identifier. In some embodiments, the authentication system generates the limited-use password based on the stored secret key and a moving factor, de-tokenizes the modified first identifier, and compares the result with the retrieved copy of the account number.
    Type: Grant
    Filed: July 25, 2016
    Date of Patent: March 12, 2019
    Assignee: CA, Inc.
    Inventors: Mohammed Mujeeb Kaladgi, Jameel Ahmed Kaladgi, Mohammad Faiz Usmani, Ruqiya Nikhat Kaladgi, Junaid Ahmed Jameel
  • Patent number: 10146509
    Abstract: A method for assigning a random number to a user in a set of users includes computing a random number assignment seed value based on an ASCII-value representation of the user's name, dividing the random number assignment seed value by a quantity of unassigned numbers available to be assigned to the user to produce a modified random number assignment seed value, rounding the modified random number assignment seed value down to an integer, computing a random number offset value by multiplying the quantity of unassigned numbers by the rounded modified random number assignment seed value, subtracting the random number assignment offset value from the random number assignment seed value to determine a random number assignment lookup number, determining the random number to be assigned to the user based on the random number assignment lookup number, and assigning the determined random number to the user.
    Type: Grant
    Filed: June 12, 2017
    Date of Patent: December 4, 2018
    Assignee: MBDS, INC.
    Inventors: Antonino Todaro, Paolo Pedretti
  • Patent number: 10147250
    Abstract: An electronic key executes keyless entry communication or RFID communication. A wireless controller mounted on a vehicle executes keyless entry communication within a range of a radius of several meters to several tens of meters. An RFID reader is assigned to each door and executes RFID communication within a range of a radius of approximately 1 meter. In regards to unlocking the door, the wireless controller issues a password by the keyless entry communication, and a wireless circuit temporarily stores the issued password. The RFID readers search for the password stored in the electronic key by the RFID communication, and the wireless controller unlocks a door corresponding to the RFID reader for which the password was detected.
    Type: Grant
    Filed: September 9, 2016
    Date of Patent: December 4, 2018
    Assignee: MURATA MANUFACTURING CO., LTD.
    Inventors: Ikuhei Kimura, Makoto Yasutake
  • Patent number: 10110613
    Abstract: Embodiments may be configured to receive a protected version of content that includes multiple encrypted content samples. In various embodiments, each encrypted content sample includes multiple encrypted blocks. For a given encrypted content sample, different sets of encrypted blocks in that sample may form different encryption chains. The protected version of the content may further include decryption information for decrypting the encrypted content samples. The decryption information may include at least some initialization vectors generated dependent upon non-content information that is not included in the protected version of the content. The non-content information may be from a different protected version of the content. Embodiments may be configured to use the decryption information to decrypt one or more of the encrypted content samples.
    Type: Grant
    Filed: August 12, 2016
    Date of Patent: October 23, 2018
    Assignee: Adobe Systems Incorporated
    Inventor: Viswanathan Swaminathan
  • Patent number: 10097352
    Abstract: A method and an electronic device are disclosed herein. The electronic device includes a communication unit, a storage unit and at least one processor, which executes the method, including detecting a request for establishing a call session, generating a new security key from a preset security key, renewing the preset security key by setting the generated new security key as a current preset security key, and establishing the call session based on the generated new security key.
    Type: Grant
    Filed: March 14, 2016
    Date of Patent: October 9, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kyunghee Lee, Tymur Korkishko, Jeongho Park, Ignat Korchagin
  • Patent number: 10084786
    Abstract: A historical repository of UE identifiers associated with sets of prior mean values and prior standard deviation values, is maintained. A browser request message is received from a web browser on a suspect UE and requests access to an electronic resource. An identification challenge message is sent toward the web browser and contains a hash script configured to be processed by the web browser to hash a challenge data set and to report a measurement of elapsed hashing time. A device identification report is received from the web browser and contains a terminal signature tuple of a reported UE identifier and the elapsed hashing time. A posterior probability value indicating a likelihood that the suspect UE corresponds to a genuine UE identified by the reported UE identifier, is generated. Whether the suspect UE is permitted to access the electronic resource is controlled based on the posterior probability value.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: September 25, 2018
    Assignee: CA, INC.
    Inventors: Himanshu Ashiya, Atmaram Shetye
  • Patent number: 10050983
    Abstract: According to an embodiment, a communication system includes a transmitting apparatus and a receiving apparatus. The transmitting apparatus generates a pseudorandom number based on an algorithm, synchronously with the receiving apparatus; generates a communication frame identifier including a frame identifier indicating a type of a communication frame and the pseudorandom number to generate the communication frame; and transmits the communication frame.
    Type: Grant
    Filed: September 15, 2016
    Date of Patent: August 14, 2018
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Zhengfan Xia, Takeshi Kawabata
  • Patent number: 10020985
    Abstract: A session continuity server controller, the controller comprising: a memory; and a processor coupled to the memory storing processor executable instructions which when executed by the processor causes the processor to perform operations comprising: determining one or more defects in lawful interception content transmission associated with a user session, wherein the one or more defects comprise one or more degraded network conditions and degraded LI content; executing one or more corrective measures based on the one or more defects in lawful interception content transmission; and determining stability of the lawful interception content transmission post one or more corrective measures for effective and reliable lawful interception content transmission.
    Type: Grant
    Filed: November 16, 2015
    Date of Patent: July 10, 2018
    Assignee: Wipro Limited
    Inventors: Swaminathan Seetharaman, Venkata Subramanian Jayaraman
  • Patent number: 10003457
    Abstract: Methods for a server include defining a starting element and an element step size. A pad mapping is applied to a data Random Cipher Pad (RCP) to obtain a Key RCP using each element of the Data RCP once in a predetermined non-sequential order. The starting element and the element step size are combined with the Data RCP. The Data RCP is encrypted using the Key RCP to produce a subsequent Data RCP. The subsequent Data RCP is transmitted to another computer. Methods for clients include applying a pad mapping to a Data RCP to obtain a Key RCP using each element of the Data RCP once in a predetermined non-sequential order to develop the Key RCP. The Key RCP is encrypted using the Data RCP to produce a subsequent Key RCP. A data structure is encrypted using the Data RCP to produce an encrypted data structure.
    Type: Grant
    Filed: April 20, 2016
    Date of Patent: June 19, 2018
    Assignee: 7Tunnels, Inc.
    Inventors: Michael L. Hammon, Kevin R. McCarthy
  • Patent number: 9996479
    Abstract: The present disclosure is related to encryption of executables in computational memory. Computational memory can traverse an operating system page table in the computational memory for a page marked as executable. In response to finding a page marked as executable, the computational memory can determine whether the page marked as executable has been encrypted. In response to determining that the page marked as executable is not encrypted, the computational memory can generate a key for the page marked as executable. The computational memory can encrypt the page marked as executable using the key.
    Type: Grant
    Filed: August 17, 2015
    Date of Patent: June 12, 2018
    Assignee: Micron Technology, Inc.
    Inventor: Perry V. Lea
  • Patent number: 9960911
    Abstract: A system for securing wireless communication between a transmitter and a receiver through a physical layer control and a data channel is disclosed. The transmitter includes a pseudo random sequence generator module and an encryption module. The pseudo random sequence generator module receives a protocol input, and an additional input. The pseudo random sequence generator module initializes an initial state with the protocol input and the additional input to obtain a pseudo random sequence code. The encryption module receives a ciphering key and encrypts the pseudo random sequence code with the ciphering to obtain an encrypted secure scrambling code to secure the system through the physical layer control and the data channel.
    Type: Grant
    Filed: September 9, 2016
    Date of Patent: May 1, 2018
    Inventor: Kandasamy Shanmugam
  • Patent number: 9930190
    Abstract: A method for presenting services to a subscriber includes certain processes. The method includes collecting usage data associated with an account for the subscriber that is associated with a portable device. The method includes storing usage data in a repository. The method includes determining whether the usage data satisfies a condition. The method includes determining whether an actionable category of data exists. The method includes determining an action based on the actionable category of data and a set of rules. The method includes receiving a first message from the portable device indicating that a communication function of the portable device has terminated. The method includes sending a second message to the portable device that requests an input from the subscriber via the portable device and is based on the action. The method includes receiving a third message from the portable device that includes a response to the second message.
    Type: Grant
    Filed: April 22, 2015
    Date of Patent: March 27, 2018
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY AMERICA, INC.
    Inventor: Christoph Jahr
  • Patent number: 9900388
    Abstract: A method for transmitting data between controllers in a vehicle network includes transmitting a first data code including an identification number. A second data code is transmitted including a length value of data codes to be transmitted. Data codes are transmitted by using the length value of the data codes to be transmitted. A random number and a position information value of the data codes to be transmitted are included in last and previously transmitted data codes.
    Type: Grant
    Filed: December 2, 2014
    Date of Patent: February 20, 2018
    Assignee: HYUNDAI MOTOR COMPANY
    Inventor: Sung Joon Park
  • Patent number: 9887839
    Abstract: In some embodiments, each client device in the network has a private key and a public key. For two client devices to securely exchange information, each computes a shared secret based on its own private key and the other's public key. The client devices use the shared secret to generate a shared secret key pair. The shared secret public key is used as a key by each client device to store data in a public key-value data store to share with the other client device. The shared data is signed using the shared secret key pair. The shared data may also be encrypted using the shared secret key pair. Each client device uses the shared secret public key to retrieve the data from the public key-value data store. Each client device uses the shared secret key pair to verify and decrypt the shared data.
    Type: Grant
    Filed: June 5, 2015
    Date of Patent: February 6, 2018
    Assignee: Rainberry, Inc.
    Inventors: Farid Fadaie, Lars Arvid Norberg
  • Patent number: 9838199
    Abstract: A computer-implemented method of encryption of several units of a computerized system, wherein each of the units comprises data, includes generating distinct initialization vectors, or IVs, for the units, and storing the generated IVs; and for each unit of the several units: accessing a stored IV corresponding to the unit; and encrypting the unit according to the accessed IV and an encryption key.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: December 5, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Felipe Knop, Anil Kurmus, Alessandro Sorniotti, Yuri Volobuev
  • Patent number: 9800401
    Abstract: A computer-implemented method of encryption of several units of a computerized system, wherein each of the units comprises data, includes generating distinct initialization vectors, or IVs, for the units, and storing the generated IVs; and for each unit of the several units: accessing a stored IV corresponding to the unit; and encrypting the unit according to the accessed IV and an encryption key.
    Type: Grant
    Filed: April 2, 2015
    Date of Patent: October 24, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Felipe Knop, Anil Kurmus, Alessandro Sorniotti, Yuri Volobuev
  • Patent number: 9774455
    Abstract: Authentication systems and methods for a population of devices each associated with an RFID tag are described. For each device, a secret key is combined cryptographically with a publicly-readable unique identifier (UID) of an RFID tag to obtain a unique authorization signature. The RFID tag is prepared utilizing the unique authorization signature as memory-access and/or tag-operation password(s). The systems and methods may safeguard against attacks whereby compromise of a single tag will not compromise the entire population of devices and may reduce or eliminate the use of inappropriate surgical devices during a surgical procedure.
    Type: Grant
    Filed: November 2, 2016
    Date of Patent: September 26, 2017
    Assignee: COVIDIEN LP
    Inventors: Peter F. Klammer, William G. Paterson
  • Patent number: 9722778
    Abstract: Methods and systems are provided for securing an integrated circuit device against various security attacks, such as side-channel attacks. By limiting the number of different challenge vectors that can be combined with a critical variable of an encryption operation, it becomes more difficult to create enough side channel measurements to successfully perform statistical side-channel analysis.
    Type: Grant
    Filed: July 25, 2016
    Date of Patent: August 1, 2017
    Assignee: Altera Corporation
    Inventor: Bruce B. Pedersen
  • Patent number: 9686420
    Abstract: A method for presenting services to a subscriber comprises obtaining, via a first server, subscriber usage data associated with a portable device service from a plurality of databases, and sending the subscriber usage data to a second server. The method further includes processing, via the second server, the subscriber usage data using a predetermined algorithm, determining an actionable category of data based on the processed subscriber usage data, generating content corresponding to a first message based on the actionable category of data, and sending via the third server, the first message to a portable device, wherein the first message request a subscriber input.
    Type: Grant
    Filed: June 11, 2014
    Date of Patent: June 20, 2017
    Assignee: Giesecke & Devrient Mobile Security America, Inc.
    Inventor: Christoph Jahr
  • Patent number: 9635014
    Abstract: An apparatus and method for storing authentication information on an electronic device are provided. The method includes receiving, by the electronic device, a unique key and a certificate matching the unique key in a secure environment of the electronic device, storing the unique key and the certificate matching the unique key in a secure environment of the electronic device, and wherein at least one of the unique key and the certificate matching the unique key identifies the electronic device.
    Type: Grant
    Filed: December 30, 2014
    Date of Patent: April 25, 2017
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Balakrishna Venkataraman, Antonios Dimitrios Broumas
  • Patent number: 9615257
    Abstract: Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, an authentication value is generated at a first mobile device based on a message and a shared secret value stored on the first mobile device. In response to detecting proximity of a second mobile device, the message and the authentication value are wirelessly transmitted from the first mobile device to the second mobile device. In some implementations, the message and the authentication value can be wirelessly transmitted by a proximity-activated wireless interface, such as, for example, a Near Field Communication (NFC) interface.
    Type: Grant
    Filed: July 11, 2011
    Date of Patent: April 4, 2017
    Assignees: BlackBerry Limited, Certicom Corp.
    Inventors: Mihal Lazaridis, Mark E. Pecen, Scott Alexander Vanstone, Matthew John Campagna, Anthony Rosati
  • Patent number: 9602279
    Abstract: Aspects of this disclosure related to a computer-implemented method for using a first device to configure a second device to access a network. The method includes transmitting a request on a channel, the request containing information sufficient to inform a device that the system can configure the device to access a network through an access point. The method further includes receiving a response on the channel, the response sent by the device after the request and transmitting a request for security information from a server. The method further includes receiving security information from the server, using the security information to verify an identity of the device, and transmitting a security profile to the device, the security profile containing information sufficient to allow the device to connect to the access point to access the network.
    Type: Grant
    Filed: June 9, 2015
    Date of Patent: March 21, 2017
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Binh Quoc Tran, Michael Abhishek Louis Sanath Kumar
  • Patent number: 9602487
    Abstract: A method for authenticating a transmitter to a receiver, as well as for the protected transmission of messages; both the transmitter, as well as the receiver at least having a first common key; a random number, as well as at least one first partial code of a first code calculated from the random number with the aid of the first key from the receiver to the transmitter being transmitted in a synchronization message; the first partial code being checked by the transmitter; a first counter being generated by the transmitter; useful data, as well as a first partial counter of first counter and at least one second partial code of a second code calculated with the aid of a second key being transmitted by the transmitter to the receiver in a message; and the receiver checking the second partial code to verify the transmitter, as well as the transmitted message.
    Type: Grant
    Filed: September 10, 2014
    Date of Patent: March 21, 2017
    Assignee: ROBERT BOSCH GMBH
    Inventors: Bjoern Kasper, Andreas Soenkens, Thorsten Schwepp
  • Patent number: 9569630
    Abstract: An encryption proxy is instantiated in a first computing environment and includes encryption proxy authentication data for identifying itself to a secrets distribution management system in a second computing environment as a trusted virtual asset to receive and cache encryption key data in a secure encryption key cache outside the second computing environment. The encryption proxy requests one or more encryption keys to be cached and is then provided encryption key data representing the requested encryption keys in the encryption key cache. The encryption proxy then receives application request data from a second virtual asset instantiated in the first computing environment requesting one or more encryption keys be applied to second virtual asset data. The encryption proxy then obtains the required encryption keys from the secure secrets cache and coordinates the application of the encryption keys to the second virtual asset data.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: February 14, 2017
    Assignee: Intuit Inc.
    Inventors: Luis Felipe Cabrera, M. Shannon Lietz
  • Patent number: 9542118
    Abstract: This disclosure provides techniques of hierarchical address virtualization within a memory controller and configurable block device allocation. By performing address translation only at select hierarchical levels, a memory controller can be designed to have predictable I/O latency, with brief or otherwise negligible logical-to-physical address translation time. In one embodiment, address transition may be implemented entirely with logical gates and look-up tables of a memory controller integrated circuit, without requiring processor cycles. The disclosed virtualization scheme also provides for flexibility in customizing the configuration of virtual storage devices, to present nearly any desired configuration to a host or client.
    Type: Grant
    Filed: October 12, 2015
    Date of Patent: January 10, 2017
    Assignee: Radian Memory Systems, Inc.
    Inventors: Robert Lercari, Alan Chen, Mike Jadon, Craig Robertson, Andrey V. Kuzmin
  • Patent number: 9503503
    Abstract: A method of providing a service among heterogeneous services may include verifying whether a second web application associated with an external web service is installed in a user agent, when data of the external web service is requested from a first web application executed in the user agent, requesting key information to be used for accessing the requested data from a first server providing a web service associated with the first web application, when the second web application is installed in the user agent, receiving the key information from the first server, and accessing the requested data existing on the second web application, using the received key information, in the first web application.
    Type: Grant
    Filed: March 12, 2014
    Date of Patent: November 22, 2016
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Il Gu Jung, Chang Woo Yoon, Jun Kyun Choi, Jin Hong Yang
  • Patent number: 9489785
    Abstract: Authentication systems and methods for a population of devices each associated with an RFID tag are described. For each device, a secret key is combined cryptographically with a publicly-readable unique identifier (UID) of an RFID tag to obtain a unique authorization signature. The RFID tag is prepared utilizing the unique authorization signature as memory-access and/or tag-operation password(s). The systems and methods may safeguard against attacks whereby compromise of a single tag will not compromise the entire population of devices and may reduce or eliminate the use of inappropriate surgical devices during a surgical procedure.
    Type: Grant
    Filed: February 25, 2014
    Date of Patent: November 8, 2016
    Assignee: COVIDIEN LP
    Inventors: Peter F. Klammer, William G. Paterson
  • Patent number: 9454666
    Abstract: In the present disclosure, a hash function is computed over a known image, for example, an address range in a program. The result of the hash function is known to be the same at two distinct points in time, before the program is run, i.e. signing at build-time, and during the running of the program, i.e. run time. The value that the programmer wishes to hide, i.e. the secret value, is also known at build-time. At build-time, the secret value is combined with the hash in such a way that the combining operation can be reversed at run time. This combined value, i.e. the salt, is stored along with the program. Later, at runtime, the program computes the same hash value as was computed at signing time, and does the reverse combining operation in order to reveal the secret value.
    Type: Grant
    Filed: March 26, 2012
    Date of Patent: September 27, 2016
    Assignee: Irdeto B.V.
    Inventors: Robert Krten, Hongrui Dong, Clifford Liem
  • Patent number: 9443066
    Abstract: Embodiments may be configured to receive a protected version of content that includes multiple encrypted content samples. In various embodiments, each encrypted content sample includes multiple encrypted blocks. For a given encrypted content sample, different sets of encrypted blocks in that sample may form different encryption chains. The protected version of the content may further include decryption information for decrypting the encrypted content samples. The decryption information may include at least some initialization vectors generated dependent upon non-content information that is not included in the protected version of the content. The non-content information may be from a different protected version of the content. Embodiments may be configured to use the decryption information to decrypt one or more of the encrypted content samples.
    Type: Grant
    Filed: December 19, 2014
    Date of Patent: September 13, 2016
    Assignee: Adobe Systems Incorporated
    Inventor: Viswanathan Swaminathan
  • Patent number: 9444794
    Abstract: An apparatus comprising a memory, a processor coupled to the memory and configured to obtain a Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (DASH) Media Presentation Description (MPD) from an HTTP server, wherein the MPD describes a media presentation as at least one encrypted segment, and wherein the encrypted segment is associated with an availability time and a decryption key, and prefetch the decryption key associated with the encrypted segment by requesting the decryption key from a key server prior to the availability time of the encrypted segment.
    Type: Grant
    Filed: July 3, 2013
    Date of Patent: September 13, 2016
    Assignee: Futurewei Technologies, Inc.
    Inventor: Alexander Giladi
  • Patent number: 9425959
    Abstract: Methods and systems are provided for securing an integrated circuit device against various security attacks, such as side-channel attacks. By limiting the number of different challenge vectors that can be combined with a critical variable of an encryption operation, it becomes more difficult to create enough side channel measurements to successfully perform statistical side-channel analysis.
    Type: Grant
    Filed: September 12, 2013
    Date of Patent: August 23, 2016
    Assignee: Altera Corporation
    Inventor: Bruce B. Pedersen
  • Patent number: 9405919
    Abstract: One feature pertains to encrypting data to improve data confidentiality. In one aspect, a modified form of XTS encryption is provided for use with reduced-round block ciphers. A data unit index of data to be applied to the reduced-round cipher is encrypted under a secret key to generate or otherwise obtain a modified secret key for applying to the reduced-round cipher. That is, data to be encrypted by the reduced-round cipher is not encrypted under a static key but is instead encrypted under a dynamic key that varies according to the index of the data. If an attacker were to derive the value of the key applied to the reduced-round cipher by analyzing data encrypted by the cipher, the attacker would only obtain the dynamic key corresponding to one particular data unit index, rather than a global static key applied to an entire address space. Decryption procedures are also described.
    Type: Grant
    Filed: March 11, 2014
    Date of Patent: August 2, 2016
    Assignee: QUALCOMM Incorporated
    Inventors: Billy Bob Brumley, Vinoth Kumar Deivasigamani, Satish Nithianandan Anand
  • Patent number: 9275379
    Abstract: The present invention relates to a method and system for mutual authentication of a user and service provider, said method comprising acts of: authenticating an event by a key generation module (KGM), said event is generated on a computing device by a user, sending a shared secret of registered user for the event by an authentication server to the key generation module (KGM), generating one time key by the KGM for the event, transmitting the one time key by appending the shared secret to registered user mobile device, and performing at least one of: authenticating the user for said event by the KGM when a registered user enters the one-time key on the computing device within a predetermined time period, or terminating the event upon receipt of predefined key sequence from the mobile device.
    Type: Grant
    Filed: March 31, 2011
    Date of Patent: March 1, 2016
    Assignee: Kachyng, Inc.
    Inventor: Resh Wallaja
  • Patent number: 9270461
    Abstract: System and method embodiments are provided herein for efficient representation and use of initialization vectors (IVs) for encrypted segments using template mode representation in Dynamic Adaptive Streaming over Hypertext Transfer Protocol (DASH). An embodiment method includes sending in a media presentation description (MPD), from a network server to a client, a template for generating a universal resource locator (URL) to obtain an IV that is used for encrypting a segment, in absence of an IV value in the MPD, receiving from the client a URL configured according to the template, and upon receiving the URL, returning an IV corresponding to the URL to the client. Another embodiment method includes receiving in a MPD, at a client from a network server, a template for generating a URL to obtain an IV that is used for encrypting a segment, upon detecting an absence of an IV value or IV base value in the MPD, configuring a URL for the IV using the template, sending the URL for the IV, and receiving an IV.
    Type: Grant
    Filed: April 26, 2013
    Date of Patent: February 23, 2016
    Assignee: Futurewei Technologies, Inc.
    Inventors: Alexander Giladi, Shaobo Zhang
  • Patent number: 9231761
    Abstract: System and method embodiments are provided herein for efficient representation and use of initialization vectors (IVs) for encrypted segments using template mode representation in Dynamic Adaptive Streaming over Hypertext Transfer Protocol (DASH). An embodiment method includes sending in a media presentation description (MPD), from a network server to a client, a template for generating a universal resource locator (URL) to obtain an IV that is used for encrypting a segment, in absence of an IV value in the MPD, receiving from the client a URL configured according to the template, and upon receiving the URL, returning an IV corresponding to the URL to the client. Another embodiment method includes receiving in a MPD, at a client from a network server, a template for generating a URL to obtain an IV that is used for encrypting a segment, upon detecting an absence of an IV value or IV base value in the MPD, configuring a URL for the IV using the template, sending the URL for the IV, and receiving an IV.
    Type: Grant
    Filed: April 26, 2013
    Date of Patent: January 5, 2016
    Assignee: Futurewei Technologies, Inc.
    Inventors: Alexander Giladi, Shaobo Zhang
  • Patent number: 9208333
    Abstract: A method and apparatus for securely encrypting data is disclosed. Conventional protections against the loss or theft of sensitive data such as full disk encryption are not effective if the device is, or has recently been, running when captured or found because the keys used for full disk encryption will still be in memory and can be used to decrypt the data stored on the disk. Some devices, such as devices which gather sensitive data in use, must run in environments in which they might be captured by a person seeking access to the sensitive data already recorded by the device. An encryption method is proposed in which files on a recorder's persistent memory are initialised with pseudo-random masking data whilst the recorder is in a relatively secure environment. One or more parameters which can be used to re-create the pseudo-random masking data are encrypted with a public key using a public-key encryption algorithm and stored on the recorder.
    Type: Grant
    Filed: March 30, 2011
    Date of Patent: December 8, 2015
    Assignee: BRITISH TELECOMMUNICATIONS public limited company
    Inventor: Thomas Martin
  • Patent number: 9148476
    Abstract: Use rules are included within tokenized data either before or after tokenization. The use rules can be appended to the data before or after tokenization, can be used to modify the data before or after tokenization, and can be used to select or generate token tables for use in tokenizing the data. The use rules limit how, where, and when the tokenized data can be used, who can use the tokenized data, and the like. In addition, data can be tokenized such that the tokenized data can be identified as tokenized based on the tokenized data failing a validation test. The data is tokenized using one or more token tables, and the validation test is applied to the tokenized data. If the tokenized data passes the validation test, the data is modified with formatting rules or re-tokenized with additional token tables until the tokenized data fails the validation test.
    Type: Grant
    Filed: December 9, 2014
    Date of Patent: September 29, 2015
    Assignee: Protegrity Corporation
    Inventors: Ulf Mattsson, Vichai Levy, Jan Boberg, Hans Meijer
  • Patent number: 9143323
    Abstract: A cryptographic key is used to secure a communication link between a first device and a second device. Generating the cryptographic key is accomplished by a) generating a first cryptographic key, b) generating a second cryptographic key, c) applying a hash function to packets transmitted over the communication link to create a hash result, and d) applying the hash function to the first cryptographic key, the second cryptographic key and the hash result.
    Type: Grant
    Filed: April 4, 2005
    Date of Patent: September 22, 2015
    Assignee: BLACKBERRY LIMITED
    Inventors: Michael K. Brown, Herb Little, Michael S. Brown, Neil Adams, Michael McCallum, Dinah Davis
  • Patent number: 9088553
    Abstract: A network device includes a first circuit configured to generate a plurality of packets, and insert, in each of the plurality of packets, a different value for a count. A second circuit receives one or more of the plurality of packets. A third circuit generates a plurality of seeds. Each of the plurality of seeds is based on (i) a predetermined key, (ii) an address of the network device, and (iii) a predetermined value for the count. A fourth circuit encapsulates each of the plurality of packets using one of the plurality of seeds generated based on the value for the count in the respective one of the plurality of packets. A fifth circuit sends a message comprising (i) the address of the network device and (ii) the predetermined value for the count, and sends, subsequent to sending the message, the plurality of encapsulated packets.
    Type: Grant
    Filed: October 31, 2013
    Date of Patent: July 21, 2015
    Assignee: Marvell International LTD.
    Inventors: Peter Loc, Rahul Kopikare
  • Patent number: 9083509
    Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, one or more values used to generate an encryption key used to encrypt a packet are stored in a header of the packet. The packet is transmitted with the encrypted data portion in a communication. In some aspects, one or more values used to generate an encryption key are received. The encryption key is regenerated using the one or more values.
    Type: Grant
    Filed: January 11, 2013
    Date of Patent: July 14, 2015
    Assignees: BlackBerry Limited, Certicom Corp.
    Inventors: Michael Eoin Buckley, Gregory Marc Zaverucha, Matthew John Campagna
  • Patent number: 9042549
    Abstract: Disclosed is a method for address privacy protection for a first wireless device sharing a privacy key with a second wireless device. In the method, a first resolution tag is generated at the first wireless device using a pseudo-random function with the seed value and the privacy key as input arguments. The privacy key is only known to the first and second wireless devices. A privacy address is generated for the first wireless device based on the seed value and the first resolution tag. A packet is transmitted from the first wireless device to the second wireless device. The packet includes the privacy address and the first resolution tag.
    Type: Grant
    Filed: March 30, 2009
    Date of Patent: May 26, 2015
    Assignee: Qualcomm Incorporated
    Inventors: Lu Xiao, Yong Jin Kim, Zhanfeng Jia, David Jonathan Julian
  • Patent number: 9038192
    Abstract: A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.
    Type: Grant
    Filed: September 20, 2012
    Date of Patent: May 19, 2015
    Inventors: Elad Barkan, Eli Biham