Key Distribution Patents (Class 380/278)
  • Patent number: 11444755
    Abstract: A system includes at least one processor and at least one memory communicatively coupled to the at least one processor. The at least one processor is configured to encrypt each secret part of at least one set of secret parts into a corresponding singly-encrypted secret part. The at least one processor is also configured to encrypt each corresponding singly-encrypted secret part into a corresponding doubly-encrypted secret part using a corresponding at least one public key, each public key belonging to a corresponding one of at least one public/private keypair. At least a subset of the secret parts of the at least one set of secret parts are used to reconstruct a secret.
    Type: Grant
    Filed: October 7, 2019
    Date of Patent: September 13, 2022
    Assignee: tZERO IP, LLC
    Inventors: Stephen Christensen, Denny Becker, Tron Black, Michael Calcano, Tyler Perkins
  • Patent number: 11444757
    Abstract: Secure, semi-classical authentication schemes are presented. An authentication token is generated by applying a pre-determined measurement to a plurality of random quantum states to obtain a sequence of classical measurement outcomes. The token is validated by receiving the classical measurement outcomes and verifying whether the sequence corresponds to a statistically plausible result for the pre-determined measurement of the plurality of quantum states.
    Type: Grant
    Filed: September 24, 2020
    Date of Patent: September 13, 2022
    Assignees: Cambridge Quantum Computing Limited
    Inventor: Adrian Kent
  • Patent number: 11438156
    Abstract: A method of encrypting and storing a data item; said method comprising: a data encryption step wherein the data item is encrypted to form an encrypted data item; a mathematical disassembly step wherein the encrypted data item is mathematically disassembled into two or more encrypted data item component parts comprising at least a first component part and a second component part; storing at least a one of the component parts at a location separate from the others of the component parts.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: September 6, 2022
    Assignee: Haventec Pty Ltd
    Inventors: Vernon Murdoch, Naveen Neti, John Kelaita
  • Patent number: 11438149
    Abstract: The present disclosure relates to a quantum key distribution (QKD) method based on a tree QKD network. The method includes: judging a position of a parent node of the source node S0 and a position of a parent node of the destination node Sd; if the parent node is a trusted relay node, directly transferring an initial shared key of the source node S0 and the parent node to the destination node Sd according to an exclusive OR (XOR) relay scheme, and ending the process; and if the parent node is an untrusted relay node, emitting, by the source node S0 and the destination node Sd, photons to a measuring-device-independent quantum key distribution (MDI-QKD) receiver of the parent node through a QKD emitter, generating a shared key by an MDI-QKD method, then transmitting the shared key according to the XOR relay scheme, and ending the process.
    Type: Grant
    Filed: September 18, 2020
    Date of Patent: September 6, 2022
    Assignees: State Grid Fujian Electric Power Co., Ltd., State Grid Fujian Fuzhou Electric Power Supply Company, State Grid Info-Telecom Great Power Science and Technology Co., Ltd.
    Inventors: Xi Chen, Lifan Yang, Gonghua Hou, Xinyi Lin, Wei Lin, Yuanzheng Wang, Baoping Zou, Xincheng Huang, Wei Chen, Siyuan Qian, Kai Li, Changgui Huang, Yuepian Ye, Xiao Feng, Jincheng Li, Jiefei Lin, Ruyin Chen
  • Patent number: 11436517
    Abstract: Apparatus and methods are provided for a quantum-tunneling enabled case, or cases, for making a plurality of silicon-based electronic devices quantum-resilient. The case may include a plurality of silicon-based electronic devices. The case may also include a quantum random number generator that generates encryption keys. The keys may be for use in encrypting transmission transmitted from the electronic devices. The communications transmitted from the plurality of silicon-based electronic devices may be routed to the case prior to being transmitted to their intended recipient. The case may encrypt the communications received at the case using random numbers generated by the quantum random number generator. The case may transmit the encrypted communications to their intended recipients.
    Type: Grant
    Filed: August 26, 2019
    Date of Patent: September 6, 2022
    Assignee: Bank of America Corporation
    Inventors: Maria Carolina Barraza Enciso, Elena Kvochko
  • Patent number: 11431499
    Abstract: Disclosed herein are a finite-field division operator, an elliptic curve cryptosystem having the finite-field division operator, and a method for operating the elliptic curve cryptosystem. The method for operating an elliptic curve cryptosystem may include, setting, by a key setting unit, a length of a key of a cryptographic algorithm, generating, by the key setting unit, first setup information that indicates a number of words corresponding to the key length, and generating, by the key setting unit, second setup information that indicates a number of repetitions of an operation by a finite-field division operator corresponding to the key length.
    Type: Grant
    Filed: December 17, 2019
    Date of Patent: August 30, 2022
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Sang-Woo Lee, Hyeok-Chan Kwon
  • Patent number: 11431706
    Abstract: A communication control system includes a first communication control device and a second signal processing device. The first communication control device is connected to a client terminal device and a network communication grid. The second communication control device is connected to a server terminal device and the network communication grid.
    Type: Grant
    Filed: August 28, 2018
    Date of Patent: August 30, 2022
    Assignees: Kabushiki Kaisha Toshiba, Toshiba Infrastructure Systems & Solutions Corporation
    Inventors: Yuuki Tomoeda, Kei Sugibuchi, Hiroki Fukuoka
  • Patent number: 11425108
    Abstract: Blockchain-based service data encryption methods and apparatuses are provided wherein by a first derived key is obtained by a node device of a key receiver, the first derived key distributed by a node device of a key distributor, wherein the first derived key is derived from a derived key of the key distributor based on a service data permission type of the key receiver and service data is encrypted based on the first derived key to obtain encrypted service data. The encrypted service data is sent to a blockchain, so that the encrypted service data is recorded in a distributed database of the blockchain after the blockchain performs consensus verification on the encrypted service. Because the derived key of the key distributor can decrypt the service data encrypted by the first derived key, the key distributor can decrypt, monitor, and manage service data uploaded by the key receiver.
    Type: Grant
    Filed: August 18, 2021
    Date of Patent: August 23, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Shubo Li, Yixiang Zhang
  • Patent number: 11425167
    Abstract: An intelligent electronic device (IED) of an electric power distribution system includes processing circuitry and a memory that includes a tangible, non-transitory, computer-readable comprising instructions. The instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to receive operating data associated with the electric power distribution system, determine whether the operating data matches with expected operating data, generate a connectivity association key (CAK) based on the operating data in response to a determination that the operating data matches with the expected operating data, and establishing a connectivity association based on the CAK.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: August 23, 2022
    Assignee: Schweitzer Engineering Laboratories, Inc.
    Inventors: Ryan Bradetich, Colin Gordon, Arun Shrestha, Karen S J Wyszczelski, Hidayatullah Ahsan
  • Patent number: 11425618
    Abstract: A method applied to processing of access stratum (AS) security for terminal handover from a source cell to a target cell, including obtaining a derivation parameter, deriving a target AS root key based on a source AS root key and derivation parameter, and calculating, based on the target AS root key, an AS security key used in the target cell. The source AS root key is an AS root key used in the source cell, the target AS root key is an AS root key used in the target cell, the derivation parameter is used to derive an AS root key and corresponds to a RAN node or a RAN node group or an area in which the target cell is located, and cells at a same RAN node, RAN node group, or area have a same derivation parameter.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: August 23, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Bo Lin, Jiangwei Ying
  • Patent number: 11418331
    Abstract: Techniques are provided to import a cryptographic key into a key vault in which an application programming interface for the key vault does not support importing existing cryptographic keys into the key vault. A key management system obtains a cryptographic key from a first key vault. The cryptographic key includes a key value and attributes which describe the cryptographic key. The key management system imports the cryptographic key into a second key vault by generating a surrogate key in the second key vault which corresponds to the cryptographic key. The surrogate key includes a key attribute having a value which corresponds to the key value of the cryptographic key.
    Type: Grant
    Filed: February 25, 2021
    Date of Patent: August 16, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Sridhar Villapakkam, Ajit Bhagwat
  • Patent number: 11418330
    Abstract: A quantum communications system includes a communications system that operates with a quantum key distribution (QKD) system, which includes a transmitter node, a receiver node, and a quantum communications channel coupling the transmitter node and receiver node. The transmitter node may be configured to transmit to the receiver node a bit stream of optical pulses, and switch between first and second QKD protocols based upon at least one channel condition.
    Type: Grant
    Filed: October 21, 2019
    Date of Patent: August 16, 2022
    Assignee: EAGLE TECHNOLOGY, LLC
    Inventors: Victor G. Bucklew, James A. Nagel, Michael R. Lange
  • Patent number: 11403635
    Abstract: A method of making a payment in which payment data is received by a user's terminal from a point-of-sale terminal, a secret of a payment application is received by the terminal from the operator's server system, a trust card is activated in the user's terminal by utilizing said secret of the payment application, and data of the trust card is transmitted from the user's terminal to the point-of-sale terminal for making the payment transaction. A trust card is created in the server system, data of the trust card is transmitted to the terminal to be used for making the payment transaction, the secret of the payment application is formed in the server system, and access to the secret of the payment application is provided to the terminal for activating the trust card for making the payment transaction.
    Type: Grant
    Filed: April 20, 2018
    Date of Patent: August 2, 2022
    Assignee: Unito Oy
    Inventors: Simo Salminen, Tuomo Kajava
  • Patent number: 11405191
    Abstract: Embodiments described herein provide cryptographic techniques to enable a recipient of a signed message containing encrypted data to verify that the signer of the message and the encryptor of the encrypted data are the same party, or at the least, have joint possession of a common set of secret cryptographic material. These techniques can be used to harden an online payment system against interception and resigning of encrypted payment information.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: August 2, 2022
    Assignee: Apple Inc.
    Inventors: Vishnu Pillai Janardhanan Pillai, Rantao Chen, Gianpaolo Fasoli, Frederic Jacobs, Rupamay Saha, Yannick L. Sierra, Dian Wen, Ka Yang
  • Patent number: 11399027
    Abstract: In a network system for wireless communication an enrollee accesses the network via a configurator. The enrollee acquires a data pattern that represents a network public key via an out-of-band channel by a sensor. The enrollee derives a first shared key based on the network public key and the first enrollee private key, and encodes a second enrollee public key using the first shared key, and generates a network access request. The configurator also derives the first shared key, and verifies whether the encoded second enrollee public key was encoded by the first shared key, and, if so, generates security data and cryptographically protects data using a second shared key, and generates a network access message. The enrollee processor also derives the second shared key and verifies whether the data was cryptographically protected and, if so, engages the secure communication based on the second enrollee private key and the security data.
    Type: Grant
    Filed: November 12, 2020
    Date of Patent: July 26, 2022
    Assignee: Koninklijke Philips N.V.
    Inventor: Johannes Arnoldus Cornelis Bernsen
  • Patent number: 11399280
    Abstract: This application discloses a communications method. The method may include: receiving, by a receiving party, indication information sent by a first device, where the indication information is used to indicate at least one intermediate sequence number; receiving a data packet of the bearer sent by the first device; and skipping the at least one intermediate sequence number based on the indication information, deciphering, by using the old key, a data packet that is located on the bearer and whose sequence number is followed by the at least one intermediate sequence number, and deciphering, by using the new key, a data packet that is located on the bearer and whose sequence number follows the at least one intermediate sequence number.
    Type: Grant
    Filed: November 4, 2019
    Date of Patent: July 26, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Hongping Zhang, Le Yan, Li Zhao
  • Patent number: 11392880
    Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for obtaining authorization for a plurality of split shipments associated with a single order. In particular, embodiments of the present invention allow a merchant to submit a separate split shipment authorization request for each of the plurality of split shipments. The split shipments authorization requests are linked to the original order using verifiable linking data. The linking data may be extracted from a previous (e.g., initial) split shipment authorization request and/or a previous (e.g., initial) split shipment authorization request. The linking data may be validated by an authorizing entity (e.g., a payment processing network computer or an issuer computer) to ensure validity of a split shipment authorization request. Additionally, the split shipment authorization requests may be validated using one or more predefined split shipment rules.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: July 19, 2022
    Assignee: Visa International Service Association
    Inventors: John Sheets, Glenn Powell
  • Patent number: 11394525
    Abstract: Secure computation of a random number sequence in a cryptographic device. The computation is secured by receiving a homomorphic ciphertext seed vector, selecting an initial internal state from the seed vector, the initial internal state composed of a subset of elements of the seed vector, updating an internal state from a previous internal state using multivariate functions accepting elements of the previous internal state as inputs to produce a homomorphic ciphertext from homomorphic ciphertext input values, generating an intermediate result vector of homomorphic ciphertexts from the homomorphic ciphertext internal state multivariate functions accepting the elements of the internal state as inputs to produce a homomorphic ciphertext from homomorphic ciphertext input values, and decrypting the intermediate result vector elements into plaintext vector elements, thereby producing a plaintext deterministic random sequence vector corresponding to plaintext seed elements used to produce the seed vector.
    Type: Grant
    Filed: November 30, 2018
    Date of Patent: July 19, 2022
    Assignee: THALES DIS FRANCE SA
    Inventors: Mariya Georgieva, Aline Gouget
  • Patent number: 11392350
    Abstract: Embodiments comprise construction of a collection of pseudorandom number generators (PRNGs), with either a known or unknown cardinality, using unique brine values that comprise a salt value for the collection and also different index values for each PRNG for the collection. The additive parameters of such PRNGs are based on the respective brine values of the PRNGs, thereby ensuring that the PRNGs in the collection have different state cycles. Embodiments make it likely that PRNGs from different collections have distinct additive parameters by choosing a pseudorandom salt value for each collection. According to embodiments, a stream of generators in a collection is created by a spliterator that carries a salt value for the collection and combines the salt value with index values for the generators to produce brined additive parameters for the PRNGs in the stream. According to embodiments, such a stream may be executed by multiple threads in parallel.
    Type: Grant
    Filed: August 22, 2019
    Date of Patent: July 19, 2022
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Guy L. Steele, Jr.
  • Patent number: 11386019
    Abstract: The present invention discloses data secure method, applied to a storage device, and performed by a controller of the storage device. The data secure method comprises: receiving a buffer clear command from an external processing unit, wherein the buffer clear command indicates that a first secure area corresponding to a first physical address range of a buffer memory of the storage device is required to be cleared, and a first secure key is corresponding to the first secure area for accessing the first secure area; and in response to the buffer clear command, configuring a secure unit of the storage device to cause the secure unit to use one or more second keys different from the first secure key when accessing the first physical address range.
    Type: Grant
    Filed: April 6, 2021
    Date of Patent: July 12, 2022
    Assignee: MEDIATEK INC.
    Inventors: Yu-Tien Chang, Ching-Ming Chen, Wei-Hsun Lin, Lin-Ming Hsu, Tsung-Wei Hung
  • Patent number: 11381396
    Abstract: In one embodiment, an apparatus comprises a processor to execute instructions and having at least a first logic to execute in a trusted execution environment, a secure storage to store a platform group credential, and a first logical device comprising at least one hardware logic. The platform group credential may be dynamically provisioned into the apparatus and corresponding to an enhanced privacy identifier associated with the apparatus. The first logical device may have a first platform group private key dynamically provisioned into the first logical device and corresponding to an enhanced privacy identifier associated with the first logical device, to bind the first logical device to the apparatus. Other embodiments are described and claimed.
    Type: Grant
    Filed: February 20, 2020
    Date of Patent: July 5, 2022
    Assignee: MCAFEE, LLC
    Inventors: Ned M. Smith, Sven Schrecker
  • Patent number: 11381397
    Abstract: A first communicator of a first communication device is configured to use a first wireless channel and execute first key-exchange processing at a timing at which a first key-exchange timer expires. A second communicator of the first communication device is configured to use a second wireless channel and execute second key-exchange processing at a timing at which a second key-exchange timer expires. When streaming data are transmitted by using one wireless channel of the first wireless channel and the second wireless channel and a difference between a first key-exchange timer value and a second key-exchange timer value is greater than a predetermined range, a control circuit is configured to change a wireless channel used for transmission to the other wireless channel before key-exchange processing in the one wireless channel is started.
    Type: Grant
    Filed: January 19, 2021
    Date of Patent: July 5, 2022
    Assignee: OLYMPUS CORPORATION
    Inventors: Shinya Kawasaki, Kiyoshi Toyoda
  • Patent number: 11372984
    Abstract: Embodiments of the present systems and methods may provide techniques to provide host side encryption while maintaining compression and deduplication benefits and providing communication between the host and the storage system that does not leak information about the data compressibility/deduplication properties. For example, in an embodiment, a method may comprise compressing, at a computer system, an original sector of data, generating a new sector of data including a first part including metadata and padding data, and a second part including the original sector of data that has been compressed and encrypted using a data encryption key (DEK), encrypting, at the computer system, the new sector of data using a data reduction key (DRK), and transmitting, at the computer system, the encrypted new sector of data to a storage system.
    Type: Grant
    Filed: August 14, 2019
    Date of Patent: June 28, 2022
    Assignee: International Business Machines Corporation
    Inventors: Doron Chen, Michael Factor, Danny Harnik, Eliad Tsfadia
  • Patent number: 11374735
    Abstract: A processing apparatus includes at least one processor configured to function as: an input unit that receives encrypted data based on homomorphic encryption; and a process execution unit that executes a predetermined process by using the encrypted data while maintaining a secret state and includes one or more processing units. At least one of the processing units is a multiplication corresponding processing unit for executing a calculation corresponding to a processing of multiplying plaintext data by a predetermined multiplier.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: June 28, 2022
    Assignee: AXELL CORPORATION
    Inventors: Yusuke Hoshizuki, Masashi Michigami
  • Patent number: 11374750
    Abstract: A computing system comprising: processor(s) and memory; at least one network interface communicatively coupled to the at least one processor and configured to communicate with at least one remotely located computing device; wherein the at least one network interface is configured to receive a plurality of public encryption keys from the at least one remotely located computing device; wherein the at least one processor is configured to: split at least one secret into a plurality of shares, wherein at least a subset of the plurality of shares is sufficient to reconstruct the at least one secret; encrypt each of the plurality of shares based on a different public encryption key of the plurality of public encryption keys to create a plurality of encrypted shares; wherein the at least one network interface is configured to communicate the encrypted shares to the at least one remotely located computing device.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: June 28, 2022
    Assignee: tZERO IP, LLC
    Inventors: Jonathan Dolan, Michael D. Ornelas, Kevin Hartley, Pengyu Chen, Juston Johnson
  • Patent number: 11372986
    Abstract: Systems and methods for encrypted content management are provided and include generating an asymmetric key pair for a user, including a user private key and a user public key. A symmetric encryption key is generated based on unique information known to the user. The user private key is encrypted using the symmetric encryption key to generate a user escrow key. Plaintext data is encrypted into ciphertext data using a content symmetric key and stored in a data storage unit. An ephemeral pair of keys is generated and includes an ephemeral public key and an ephemeral private key. A shared-secret key is generated based on the ephemeral private key and the user public key using a diffie-hellman exchange algorithm and the content symmetric key is encrypted using the shared-secret key. The encrypted content symmetric key and the ephemeral public key are stored in an encrypted content management storage unit.
    Type: Grant
    Filed: January 18, 2021
    Date of Patent: June 28, 2022
    Assignee: Axiom Technologies LLC
    Inventors: Maxwell Doherty, Jonathan Graham
  • Patent number: 11368279
    Abstract: A processing apparatus includes at least one processor configured to function as: an input unit that receives encrypted data based on homomorphic encryption as an input; and a process execution unit that executes a predetermined process by using the encrypted data while maintaining a secret state by encryption and includes one or more processing units. At least one of the processing units is a multiplication corresponding processing unit for executing a calculation in a ciphertext space corresponding to a processing of multiplying plaintext data by a predetermined multiplier. The multiplication corresponding processing unit executes a calculation in the ciphertext space corresponding to a calculation of multiplying the plaintext data by an adjustment multiplication value on first encrypted data input from a preceding stage and outputs resulting data.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: June 21, 2022
    Assignee: AXELL CORPORATION
    Inventors: Yusuke Hoshizuki, Masashi Michigami
  • Patent number: 11368293
    Abstract: Systems, apparatuses, methods, and computer program products are disclosed for session authentication. An example method includes receiving, by decoding circuitry and over a quantum line, a set of qbits generated based on a first set of quantum bases. The example method further includes decoding, by the decoding circuitry and based on a second set of quantum bases, the set of qbits to generate a decoded set of bits comprising at least one wildcard bit. The example method further includes generating, by session authentication circuitry, a session key based on the decoded set of bits, wherein the session key is generated based at least in part on the at least one wildcard bit.
    Type: Grant
    Filed: July 16, 2020
    Date of Patent: June 21, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Masoud Vakili
  • Patent number: 11368300
    Abstract: A request to perform a cryptographic operation is received, the request including a first identifier assigned to a key group, the key group comprising a plurality of second identifiers, with the plurality of second identifiers corresponding to a plurality of cryptographic keys. A second identifier is determined, according to a distribution scheme, from the plurality of second identifiers, and the cryptographic operation is performed using a cryptographic key of the plurality of cryptographic keys that corresponds to the second identifier that was determined.
    Type: Grant
    Filed: March 6, 2020
    Date of Patent: June 21, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Matthew John Campagna, Benjamin Elias Seidenberg
  • Patent number: 11363582
    Abstract: Methods, systems, and devices for wireless communications are described. A user equipment (UE) may communicate with a base station in a wireless communications system. The base station may transmit signaling to the UE over a broadcast channel. The base station may transmit control signaling to the UE that indicates a broadcast root key. The UE may identify the broadcast root key for a wireless network corresponding to the base station. The base station may transmit an encrypted broadcast transmission. The UE may receive the encrypted broadcast transmission from the base station, and the UE may decrypt the encrypted broadcast transmission to obtain broadcast information based on a cell-specific key derived from the broadcast root key.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: June 14, 2022
    Assignee: QUALCOMM Incorporated
    Inventors: Soo Bum Lee, Gavin Bernard Horn, Ravi Agarwal, Ozcan Ozturk, Naga Bhushan
  • Patent number: 11356248
    Abstract: A technique for ciphering source data (306) into target data (308) is described. As to a method aspect of the technique, a level (302) of ciphering is determined for the source data (306). A key sequence (304) is generated depending on the determined level (302) of ciphering. The source data (306) and the key sequence (304) are combined resulting in the target data (308).
    Type: Grant
    Filed: December 21, 2017
    Date of Patent: June 7, 2022
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventors: Gabor Sandor Enyedi, Zoltan Kiss, Gergely Pongr√°cz
  • Patent number: 11354449
    Abstract: Securely provisioning a System on a Chip (SoC) includes generating a public/private key pair having a public key and a private key, securely storing the private key external to the SoC, embedding the public key in Resistor Transistor Logic (RTL) of the SoC during manufacture of the SoC, encrypting provisioning data using the private key to create encrypted provisioning data, and programming the SoC using the encrypted provisioning data. The secure provisioning may further include generating a secret shared key, embedding the secret shared key in the RTL of the SoC during manufacture of the SoC, and encrypting the provisioning data using the secret shared key. The RTL may be the boot Read Only Memory (ROM) of the SoC. The secure provisioning technique may also be used for subsequent provisioning after the SoC is deployed.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: June 7, 2022
    Assignee: Tesla, Inc.
    Inventor: Patryk Kaminski
  • Patent number: 11341269
    Abstract: Methods for secure random selection of t client devices from a set of N client devices and methods for secure computation of inputs of t client devices randomly selected from N client devices are described. Such random selection method may include determining an initial binary vector b of weight t by setting the first t bits to one: bi=1, 1?i?t, and all further bits to zero: bi=0, t<i?N; each client device i (i=1, . . . , N) of the set of N client devices jointly generating a random binary vector b of weight t in an obfuscated domain on the basis of the initial binary vector b including: determining a position n in the binary vector; determining a random number r in {n, n+1, . . . N}; and, using the random number to swap binary values at positions n and r of the binary vector b.
    Type: Grant
    Filed: December 28, 2018
    Date of Patent: May 24, 2022
    Assignee: FLYTXT B.V.
    Inventor: Thijs Veugen
  • Patent number: 11341232
    Abstract: The present invention relates to a method for making available a security key, wherein a smart card adapted according to the invention is employed for the production thereof. In this case, an expedient method sequence is proposed which makes it possible for the smart card to make available, for example, a so-called one-time password or a dynamic check number in interaction with a token server. The present invention further relates to a correspondingly adapted computing arrangement and to a computer program product with control commands which implement the method and/or operate the computing arrangement.
    Type: Grant
    Filed: June 18, 2019
    Date of Patent: May 24, 2022
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Volker Stohr, Frank-Michael Kamm, Nils Gerhardt, Andreas Chalupar
  • Patent number: 11336442
    Abstract: Traditional key generation methods in a noisy network often assume trusted devices and are thus vulnerable to many attacks including covert channels. The present invention differs from previous key generation schemes in that it presents a mechanism which allows secure key generation with untrusted devices in a noisy network with a prescribed access structure.
    Type: Grant
    Filed: November 8, 2018
    Date of Patent: May 17, 2022
    Assignee: UNIVERSIDAD DE VIGO
    Inventors: Marcos Curty Alonso, Lo Hoi-Kwong
  • Patent number: 11327782
    Abstract: The present disclosure provides an approach for migrating the contents of an enclave, together with a virtual machine comprising the enclave, from a source host to a destination host. The approach provides a technique that allows the contents of the enclave to remain secure during the migration process, and also allows the destination host to decrypt the contents of the enclave upon receiving the contents and upon receiving the VM that includes the enclave. The approach allows for the VM to continue execution on the destination host. The enclave retains its state from source host to destination host. Applications using the enclave in the source host are able to continue using the enclave on the destination host using the data migrated from the source host to the destination host.
    Type: Grant
    Filed: September 5, 2019
    Date of Patent: May 10, 2022
    Assignee: VMware, Inc.
    Inventors: Alok Nemchand Kataria, Martim Carbone, Deep Shah
  • Patent number: 11329815
    Abstract: A key management device for data encryption/decryption is provided. The key management device includes a static random-access memory (SRAM), a register, and a control circuit. The control circuit can set a key lookup table in the SRAM or the register, and manage a key database. The key database includes the SRAM and an one-time programmable (OTP) memory disposed outside the key management device, and the key database stores at least one key. The key lookup table includes a key number and metadata of each of the at least one key stored in the key database. According to a specific key number contained in a key read command or a key delete command from the processor, the control circuit reads or deletes a specific key corresponding to the specific key number in the key database.
    Type: Grant
    Filed: December 31, 2019
    Date of Patent: May 10, 2022
    Assignee: NUVOTON TECHNOLOGY CORPORATION
    Inventor: Yu-Shan Li
  • Patent number: 11329809
    Abstract: This invention relates generally to a method and system for hybrid classical-quantum communication. The method comprises transmitting a single photon having a particular quantum state over a communication medium using a quantum mode set; and transmitting a classical light beam over the same communication medium using a classical mode set, wherein the classical and quantum mode sets comprise non-separable modes in common. The non-separable modes in common may be two degrees of freedom of a single photon or classical light and may thus be spatial modes in one or more indexes, and polarisation. The invention relates also to a system to implement the method accordingly.
    Type: Grant
    Filed: January 23, 2018
    Date of Patent: May 10, 2022
    Assignee: UNIVERSITY OF THE WITWATERSRAND, JOHANNESBURG
    Inventors: Andrew Forbes, Bienvenu Ndagano, Isaac Nape, Mitchell Cox, Carmelo Rosales-Guzman
  • Patent number: 11328098
    Abstract: An electronic circuit includes an interface, a read-only memory in which encrypted data are stored, and cryptographic circuitry coupled to the interface. In operation, the cryptographic circuitry uses a decryption key received via the interface to decrypt the encrypted data. The electronic circuit performs one or more operations using the decrypted data.
    Type: Grant
    Filed: June 5, 2020
    Date of Patent: May 10, 2022
    Assignee: STMICROELECTRONICS (ROUSSET) SAS
    Inventor: Fabrice Marinet
  • Patent number: 11323249
    Abstract: Cryptographic authentication is described to improve security in connected vehicle systems and other applications. Identity Based Cryptography and threshold cryptography are among techniques used in some embodiments.
    Type: Grant
    Filed: December 19, 2018
    Date of Patent: May 3, 2022
    Assignee: LG ELECTRONICS, INC.
    Inventors: Harsh Kupwade Patil, Arunkumaar Ganesan
  • Patent number: 11310038
    Abstract: An aspect of the present disclosure generally relates to a computer system (100) and method (200) for securing data communication between a first computer (110) and a second computer (120).
    Type: Grant
    Filed: February 28, 2019
    Date of Patent: April 19, 2022
    Inventors: Mutita Donsomsakunkij, Disuan Netsirininkul, Suwan Boonprem, Juckrit Youyen, Jugkree Na Ayutthaya Plalakawong
  • Patent number: 11303440
    Abstract: A programmable hardware security module, a method for securing a private key of a cryptographic key pair, and a method for securely providing a private key of a cryptographic key pair on a programmable hardware security module, wherein with the described devices and methods, a decentralised PKI is built, via which device keys and device certificates can be generated and target devices can be provided securely, where in this regard, the key-pair-specific transport key plays a central role in protecting the generated private key that is to be transferred, and where this is linked to the particular key pair intended for a target device via a key derivation from a master key utilizing a key-pair-specific derivation parameter.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: April 12, 2022
    Assignee: Siemens Aktiengesellschaft
    Inventors: Hans Aschauer, Daniel Schneider, Rainer Falk
  • Patent number: 11303435
    Abstract: Embodiments of the invention involve using biometric templates to wirelessly authenticate individuals. In one embodiment, a mobile device may generate a first biometric template and a first public value from a first biometric sample of a user and generate a first cryptographic key by passing the first biometric template to a fuzzy extractors generate function. An access device may generate a second biometric template from a second biometric sample of the user, generate a second secret cryptographic key by passing the second biometric template and the first public value to the fuzzy extractors reproduce function, encrypt the second biometric template with the second secret cryptographic key, and broadcast the encrypted template to a plurality of nearby mobile devices including the mobile device. If the mobile device is able to decrypt the encrypted template with the first cryptographic key, the access device can associate the user with the mobile device.
    Type: Grant
    Filed: October 26, 2016
    Date of Patent: April 12, 2022
    Assignee: Visa International Service Association
    Inventors: Kim R. Wagner, John F. Sheets, Mark Allen Nelsen
  • Patent number: 11303618
    Abstract: Aspects of the present disclosure relate to encryption management. A determination can be made whether an encryption algorithm is at-risk. In response to determining that the encryption algorithm is at-risk, data protected by the encryption algorithm can be identified. A security action can then be executed on the data protected by the encryption algorithm.
    Type: Grant
    Filed: February 17, 2020
    Date of Patent: April 12, 2022
    Assignee: International Business Machines Corporation
    Inventors: Lokesh Mohan Gupta, Matthew G. Borlick, Mark Elliott Hack, Micah Robison
  • Patent number: 11281813
    Abstract: In some embodiments, a method can include detecting, at a first circuit, the first circuit being operatively coupled to a memory device having a set of memory portions. The method can include receiving, from the memory device and at the first circuit, a set of encryption key portions after the detecting, each encryption key portion from the encryption key portions being a unique portion of an encryption key. The method can include assembling the encryption key by ordering each encryption key portion from the set of encryption key portions based on (1) a first previously defined list and (2) a second previously defined list. The first previously defined list and the second previously defined list each is stored at or accessible by the first circuit but not stored at or accessible by the memory device. The method can include authorizing access to a second circuit based on the encryption key.
    Type: Grant
    Filed: July 21, 2021
    Date of Patent: March 22, 2022
    Assignee: Management Services Group, Inc.
    Inventors: Thomas Scott Morgan, Martin Mayer, Steven Yates
  • Patent number: 11281599
    Abstract: A peripheral device of a computing device may include a processor; a sharing module to, upon execution of the processor, allow the peripheral device to be shared with an external computing device over a network; and a communication module to, upon execution of the processor: provide data from the peripheral device to a peripheral device hub module of a computing device; and provide communication by the peripheral device with the external computing device.
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: March 22, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Carlos Haas Costa, Donald Gonzalez
  • Patent number: 11283614
    Abstract: Implementations of the present specification disclose an information verification method, apparatus, and device.
    Type: Grant
    Filed: June 23, 2021
    Date of Patent: March 22, 2022
    Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.
    Inventor: Yitao Song
  • Patent number: 11270030
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based consensus management, are provided. One of the methods includes: obtaining a request for creating a consensus template, wherein the request comprises information about a plurality of participating entities associated with the consensus template; generating, based on the request, a dataset representing a hierarchical structure of the participating entities associated with the consensus template; creating a blockchain transaction for registering the consensus template to a blockchain, wherein the blockchain transaction comprises the dataset representing the hierarchical structure of the participating entities; and sending, to one or more blockchain nodes associated with the blockchain for adding to the blockchain, the blockchain transaction for registering the consensus template to the blockchain.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: March 8, 2022
    Assignee: ALIPAY (HANGZHOU) INFORMATION TECHNOLOGY CO., LTD.
    Inventors: Wenlong Yang, Yujun Peng
  • Patent number: 11265706
    Abstract: The present application discloses a method for configuring and transmitting a key, which includes that: a) a serving cell (PCell) of UE determines a key (KeNB) used by a SCell and transmits the KeNB to the SCell; and b) the PCell transmits configuration information for configuring the SCell to the UE after receiving a response message from the SCell, and receives a response message from the UE. Or, the method includes that: a SCell of UE transmits a cell key request to an MME and receives key information from the MME; and the SCell transmits the key information received from the MME to the UE, and receives a response message from the UE. By the present application, data of the SCell is transmitted after being encrypted, so as to avoid a case that the data is decoded by other users, and further guarantee the security of the data.
    Type: Grant
    Filed: September 30, 2019
    Date of Patent: March 1, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Hong Wang, Huarui Liang, Lixiang Xu
  • Patent number: 11245517
    Abstract: Described herein are methods, systems, and computer-readable storage media for participating in a validation process with the host computing device. Techniques include receiving, from the host computing device, a second key that is part of a cryptographic key pair comprising a first key and the second key. Techniques further include, encrypting, using the second key and as part of the validation process, data at the peripheral device and sending the encrypted data to the host computing device. Further, the host computing device validates an identity of the peripheral device based on a decryption, using the first key, of the encrypted data.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: February 8, 2022
    Assignee: CyberArk Software Ltd.
    Inventors: Omar Tsarfati, Asaf Hecht