Key Distribution Center Patents (Class 380/279)
-
Patent number: 12149507Abstract: Systems and methods are provided for maintaining data privacy in a communication system. The method includes: providing a proxy network which creates a plurality of ingress processing elements and a plurality of egress processing elements, wherein the ingress processing elements and the egress processing elements each include at least a private processing unit and a private memory area; receiving a request at a selected ingress processing element from a first server; routing the request from the selected ingress processing element to a selected egress processing element; forwarding the request from the selected egress processing element to a second server; and erasing both the selected ingress processing element and the selected egress processing element.Type: GrantFiled: June 26, 2018Date of Patent: November 19, 2024Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Qiang Li, Hans Thorsen, Martin Ryan, Ola Dahlqvist
-
Patent number: 12113788Abstract: In certain embodiments, a web services system receives a request to provision a device, such as a telephone, as an authentication device. The web services system initiates display of an image communicating a key to allow the telephone to capture the image and to send key information associated with the key. The web services system receives the key and determines that the key information is valid. In response to the determination, the web services system sends a seed to the telephone to provision the telephone to be an authentication device. The telephone can use the seed to generate one-time passcodes to access a service of the web services system.Type: GrantFiled: November 2, 2020Date of Patent: October 8, 2024Assignee: Amazon Technologies, Inc.Inventors: Gregory B. Roth, Nathan R. Fitch, Graeme D. Baer
-
Patent number: 12088352Abstract: A method and system for identifying entangled photons includes generating a plurality of sets of four entangled photons, wherein a first pair of photons in each of the plurality of sets of four entangled photons are time correlated indicating that a second pair of photons in a same one of each of the plurality of sets of four entangled photons are time correlated. A coincidence time of a first pair of photons of each of the plurality of sets of four entangled photons is determined and coincidence times are recorded as a first quantum data set. A coincidence time of a second pair of photons of each of the plurality of sets of four entangled photons determined and coincidence times is recorded as a second quantum data set such that the first quantum data set and the second quantum data set comprise at least some correlated coincidence times.Type: GrantFiled: February 10, 2023Date of Patent: September 10, 2024Assignee: Qubit Moving and Storage, LLCInventors: Gary Vacon, Kristin A. Rauschenbach
-
Patent number: 12079350Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.Type: GrantFiled: April 17, 2023Date of Patent: September 3, 2024Assignee: Apple Inc.Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
-
Patent number: 12069167Abstract: Protecting an encryption key for data stored in a storage system that includes a plurality of storage devices, including: reading, from at least a majority of the storage devices, a portion of an apartment key; reconstructing the apartment key using the portions of the apartment key read by the majority of the storage devices; unlocking the main portion of each of the storage devices utilizing the apartment key; reading, from the main portion of one of the storage devices, a portion of a third-party resource access key; requesting, from the third-party resource utilizing the third-party resource access key, an encryption key; receiving, from the third-party resource, the encryption key; and decrypting the data stored on the storage devices utilizing the encryption key.Type: GrantFiled: September 16, 2022Date of Patent: August 20, 2024Assignee: PURE STORAGE, INC.Inventors: Andrew Bernat, Alexandre Duchâteau, Marco Sanvido, Constantine Sapuntzakis, Kiron Vijayasankar
-
Patent number: 12067531Abstract: Methods, systems, and computer program products for gathering electronic signatures to be applied to collaboration system content objects (e.g., contracts, letters, insurance claims, riders, etc.). A collaboration system monitors changes made to the collaboration system content objects during electronic signature processing. A module of the content management system is configured to associate one or more instances of e-signing metadata to one or more of the stored content objects of the content management system. The e-signing metadata indicates whether or not a particular portion of the one or more of the stored content objects has been e-signed by a designated e-signatory. A collaborator who is not one of the designated e-signatories makes a change to one or more of the stored content objects (e.g., contracts, letters, insurance claims, riders, etc.). The change is remediated on-the-fly and the e-signing process continues without having to restart the e-signing process from the beginning.Type: GrantFiled: March 28, 2022Date of Patent: August 20, 2024Assignee: Box, Inc.Inventors: Seth Morgan Luce Voltz, Jón Tómas Grétarsson, Michaël Simon Krens, Valentin Zberea, Rohit Bakshi, Matthew Phillip Hewes, Daniel Kim, Nachiket Deo, Stephen Philip Hiller, Virender Gupta
-
Patent number: 12061714Abstract: A method for performing data encryption and application-agnostic querying of encrypted data includes identifying, via a processor, selected data for encryption. Encryption is applied to the selected data, to produce encrypted data. A query is received at the processor, the query originating from a software application. The query is translated into a modified query compatible with the encrypted data. The processor causes execution of the modified query, to produce query results. The query results include a subset of the encrypted data. The query results are sent to the software application without decrypting the subset of the encrypted data.Type: GrantFiled: January 10, 2022Date of Patent: August 13, 2024Assignee: Sotero, Inc.Inventors: Purandar Gururaj Das, Shanthi Boppana
-
Patent number: 12063295Abstract: A provisioning control apparatus coupled to a provisioning equipment server electrically connectable with electronic components each including a security enclave and a non-volatile memory. The provisioning control apparatus includes a processor configured to encrypt the security sensitive provisioning data using a secure vault encryption key for obtaining encrypted security sensitive provisioning data. The provisioning control apparatus has a communication interface configured to securely provide the secure vault encryption key to the provisioning equipment server for storing the secure vault encryption key in the security enclave of the electronic component.Type: GrantFiled: March 16, 2022Date of Patent: August 13, 2024Assignee: SECURE THINGZ LTD.Inventors: Tim Woodruff, Peter Dunne, Andrew Bott
-
Patent number: 12058244Abstract: A first node and a second node are configured in a storage system, wherein the first node and the second node are communicatively coupled to a key server. One or more nodes of a set comprising the first node and the second node initiate a process to generate an encryption key to be shared between the first node and the second node in the storage system. A request for the encryption key is transmitted to the key server, from the one or more nodes of the set comprising the first node and the second node, in response to securing a common lock that is available.Type: GrantFiled: September 9, 2021Date of Patent: August 6, 2024Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jacob Lee Sheppard, Igor Popov
-
Patent number: 12047769Abstract: Methods, systems, and devices for wireless communications are described. In some examples, a wireless device may modify a cyclic redundancy check (CRC) generation and attachment operation based on a secret key to support enhanced security. In some examples, a first device may identify a set of data to transmit to a second device and prior to transmitting the set of data, the first device and the second device may obtain a set of key bits for data protection. The first device may generate a bit vector based on a subset of the set of key bits and a cyclic redundancy check polynomial. The transmitting device may then generate an encoded codeword based on the bit vector and transmit the encoded codeword to the second wireless device. The second device may decode the encoded codeword and obtain the set of data based on the set of key bits.Type: GrantFiled: August 2, 2021Date of Patent: July 23, 2024Assignee: QUALCOMM IncorporatedInventors: Ahmed Elshafie, Hung Dinh Ly
-
Patent number: 12041166Abstract: The present disclosure, in some embodiments, relates to a data protection method comprising: determining a file comprising content data on a computing system; generating index information for the file; transmitting the index information to a cloud system; executing a corruption operation on the file comprising: dividing the content data of the file into a plurality of data chunks; executing a first encryption operation based on an encryption protocol, on the first data chunk; executing a second encryption operation based on the encryption protocol, on the second data chunk; generating or assigning a first name for the first data and a second name for the second data chunk; and generating a key associated with an order of the first data chunk and the second data chunk.Type: GrantFiled: May 9, 2022Date of Patent: July 16, 2024Assignee: Autnhive CorporationInventor: Devi Selva Kumar Vijayanarayanan
-
Patent number: 12034836Abstract: Systems, apparatuses, methods, and computer program products are disclosed for hardware security module communication management. An example method includes deriving, by a first HSM, a first cryptographic key based on an initial key and a first set of seed bits. The method also includes receiving a message comprising a second cryptographic key from a key exchange management device, wherein the second cryptographic key is associated with a second HSM. The method also includes deriving, a third cryptographic key based on the first cryptographic key and the second cryptographic key, wherein deriving the third cryptographic key establishes secure communication between the first HSM and the second HSM based on the second HSM having also derived the third cryptographic key. The method also includes performing, a first cryptographic data protection action using the third cryptographic key.Type: GrantFiled: June 30, 2022Date of Patent: July 9, 2024Assignee: Wells Fargo Bank, N.A.Inventor: Jeff J. Stapleton
-
Patent number: 12021981Abstract: An example method for a first host, being an owner of an object stored in a virtual storage area network (vSAN) cluster, to perform encryption and decryption operations during a rekey in the vSAN cluster is disclosed. The method includes obtaining a first encryption key and a first key identifier (ID) of the first encryption key; transmitting the first key ID and an active key index to a second host; using the first encryption key to perform encryption and decryption operations; and in response to a determination of receiving a key change notification from a master node of the vSAN cluster, terminating a connection with the second host.Type: GrantFiled: March 2, 2022Date of Patent: June 25, 2024Assignee: VMware, Inc.Inventors: Wenguang Wang, Abhay Kuamr Jain, Ruiling Dou, Tao Xie, Xin Li, Chandrakanth Gadhiraju, Kevin Rayfeng Li, Satish Pudi
-
Patent number: 12010595Abstract: In some embodiments, the present invention provides for a computer system which includes at least the following components: a plurality of computing devices associated with a plurality of users associated with a plurality of users; where each computing device of the plurality of computing devices is configured to: electronically receive software which, when being executed, cause such computing device to display a plurality of instances of a specifically programmed graphical user interface (GUI); where each instance of the GUI is configured to display a real-time updatable meeting information representative of a direct electronic proximity-based communication between at least two computing devices associated with at least two users who desire to meet at a particular location to engage in a transaction of at least one good, at least one service, or both, whose marketable value lasts for a period of 30 seconds to 60 minutes.Type: GrantFiled: August 1, 2022Date of Patent: June 11, 2024Inventors: John Stuart Kime, Nathan Robert Jones, Christopher Tice Peifer, Andrew David Michaelis, Quenby Justina Swinson-Mitchell, David Rodriguez, Nathan Madera
-
Patent number: 11979489Abstract: A database stores a document as a plurality of encrypted records, where each record is indicative of an incremental change to the state of the document, and encrypted using a document key. The document key is stored with encryption decryptable using a group key, and the group key is stored with encryption decryptable using a first access key. In response to a request to rotate from the first access key to a second access key, the database decrypts the group key using the first access key, a stores a group key re-encrypted with the second access key.Type: GrantFiled: May 10, 2022Date of Patent: May 7, 2024Assignee: Amazon Technologies, Inc.Inventors: Edwin Robbins, Bala Murali Krishna Ummaneni, Carr James Onstott, Thomas Barton, John Richter, Rong Xiao, Caroline Gordon, Shayna Weinstein
-
Patent number: 11936785Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.Type: GrantFiled: October 4, 2023Date of Patent: March 19, 2024Assignee: WIZ, INC.Inventors: Daniel Hershko Shemesh, Yarin Miran, Roy Reznik, Ami Luttwak, Yinon Costica, Yaniv Shaked, Eyal Moscovici
-
Patent number: 11930301Abstract: A camera is provided that stores an encryption key locally and transmits the encryption key using near field communication (NFC) when the encryption key is requested by the user. In one embodiment, the camera includes a lens for recording video and an encryption engine for encrypting the video. The camera further includes a security chip for storing an encryption key locally in the camera. Additionally, the camera includes a near field communication (NFC) module that provides a bridge between the security chip of the camera and the device at which the user is viewing the images recorded by the lens. The NFC module includes memory for temporarily storing the encryption key and an NFC transceiver for sending the encryption key from the memory of the NFC module to the device at which the user is viewing the images recorded by the lens of the camera.Type: GrantFiled: September 22, 2021Date of Patent: March 12, 2024Assignee: LEDVANCE LLCInventors: Wuqiang Liao, Ming Li
-
Patent number: 11924178Abstract: Disclosed is a system and a method for information distribution. The system comprises: a server for generating a group key and its corresponding key deriving parameter, wherein the server encrypts sensitive contents by using the group key to obtain encrypted information; and terminals configured to receive the encrypted information through an open channel, extract the group key, then decrypt the encrypted information by using the group key to obtain the original content. In the group forming process, each terminal encrypts its private identifier using the public key and submits the ciphertext to the server. In information distribution process, the server transmits the ciphertext of sensitive contents and the key deriving parameter to the terminals via open channel Because private information available only to respective group members is required for calculating the group key, this mechanism ensures that the sensitive content can be transmitted securely on the open channel.Type: GrantFiled: December 13, 2021Date of Patent: March 5, 2024Assignee: MAXIO Technology (Hangzhou) Co., Ltd.Inventors: Gang Fang, Wei Xu, Yan Cai, Jun Chen, Zhehang Wen, Li Liang, Guohua Chen, Yiming Lu
-
Patent number: 11916925Abstract: A method for improving data transmission security at a user equipment comprises receiving, from a source network node, a connection release message including instructions for computing a hash value for data to be included in a connection request message; computing the hash value based on the instructions included in the connection release message; calculating a token based on the hash value, and sending, to a target network node, the connection request message including the token. The method may further forward the data from the target network node directly to a gateway after the token has been verified. The method may reduce a signaling overhead by having a fixed-size hash value for data. Furthermore, the method may improve a transmission security by including the token in an RRC message, in which the token is calculated based on the hash value representing the data.Type: GrantFiled: January 23, 2023Date of Patent: February 27, 2024Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Magnus Stattin, Vesa Lehtovirta, Prajwol Kumar Nakarmi, Dung Pham Van
-
Patent number: 11917401Abstract: Methods, apparatuses, and computer-readable medium for directional security are provided. An example method may include receiving, from a wireless device, a configuration for a set of shared keys. The example method may further include receiving, from a second UE, at least one message or signal including a location of the second UE, the received at least one message or signal being associated with an angle of arrival. The example method may further include configuring a key from the set of shared keys based on at least one of the received configuration, the location of the second UE, the AoA of the received at least one message or signal, or a location of the first UE. The example method may further include generating one or more ranging signals based on the configured key, the one or more ranging signals being directionally secure based on the location of the second UE.Type: GrantFiled: September 16, 2021Date of Patent: February 27, 2024Assignee: QUALCOMM IncorporatedInventors: Anantharaman Balasubramanian, Shuanshuan Wu, Kapil Gulati, Navid Abedini, Junyi Li, Sourjya Dutta, Preeti Kumari
-
Patent number: 11888975Abstract: A system includes processor(s) and memory(s). When encryption key(s) need to be generated to encrypt a key, processor(s): generate encryption key(s); encrypt key using encryption key(s) to generate encrypted key; split encrypted key and encryption key(s) into set(s) of key components, wherein subset of key components can be used to reconstruct encrypted key and encryption key(s); and erase key from memory(s). When encryption key(s) need to be used, processor(s): receive set(s) of key components from subset(s) of users that can be used to reconstruct encrypted key and encryption key(s) used to decrypt key from encrypted key; when set(s) of key components is received from subset(s) of users that can be used to reconstruct encrypted key and encrypted key(s), reconstruct encrypted key and encryption key(s); and when the encrypted key and the encryption key(s) have both been reconstructed, decrypt encrypted key into key using encryption key(s).Type: GrantFiled: October 11, 2021Date of Patent: January 30, 2024Assignee: tZERO IP, LLCInventors: Tron Black, Denny Becker, Tyler Perkins, Joel Weight, Jesse Empey
-
Patent number: 11875340Abstract: A computer-implemented method for improving the security of a data record distribution process using a blockchain having a group of input nodes and a group of output nodes, each group having a private-public key pair, but wherein the nodes only have a key share of their respective private key and no node has a full private key. Using threshold signature scheme, secret share joining, and stealth addresses, data records from the input nodes are pooled at a stealth address determined through collaborative action of the input nodes, requiring cooperative determination of their public key, a shared secret, and the stealth address. The public key is copied into the transaction. The output nodes locate the transaction and extract the public key, collaboratively verify its authenticity, and collaboratively determine the shared secret. Having done so, the output nodes may, collectively, sign a second transaction for distributing data records from the stealth address to the output addresses.Type: GrantFiled: April 6, 2018Date of Patent: January 16, 2024Assignee: nChain Licensing AGInventors: Martin Sewell, Daniel Joseph, Craig Steven Wright
-
Patent number: 11876800Abstract: A device may determine that a first link of the device is active. The device may determine whether a Media Access Control Security (MACsec) session is established on the first link. The device may selectively enable or disable a second link of the device based on determining whether the MACsec session is established on the first link.Type: GrantFiled: April 25, 2022Date of Patent: January 16, 2024Assignee: Juniper Networks, Inc.Inventors: Nimit Gupta, Alfa Prakash Puhan, Manish Galrani
-
Patent number: 11829610Abstract: A method including determining, by a first device for a folder, a folder access key pair including a folder access public key and a folder access private key; determining, by the first device, a sharing encryption key based on the folder access private key and an assigned public key associated with a second device; and encrypting, by the first device, the folder access private key based on utilizing the sharing encryption key; determining, by a second device, a sharing decryption key based on the folder access public key and an assigned private key associated with the second device; decrypting, by the second device, the folder access private key based on utilizing the sharing decryption key; and accessing, by the second device, the folder based on utilizing the folder access private key. Various other aspects are contemplated.Type: GrantFiled: October 5, 2021Date of Patent: November 28, 2023Assignee: UAB 360 ITInventor: Mindaugas Valkaitis
-
Patent number: 11823179Abstract: Systems and methods for providing a rewards payment form linked directly to a rewards account are described. The system can determine, based on a comparison of a location of a mobile device with a merchant location of a merchant, that the mobile device is at the merchant location. The system can determine that the merchant participates in a rewards promotion and can receive a transaction request associated with a rewards account and a cryptogram. The system can authenticate the transaction request by decrypting the cryptogram and can activate the rewards promotion based on the determination that the mobile device is at the merchant location and the determination that the merchant participates in the rewards promotion.Type: GrantFiled: August 22, 2022Date of Patent: November 21, 2023Assignee: Wells Fargo Bank, N.A.Inventors: Ashish B. Kurani, Steven E. Puffer
-
Patent number: 11811936Abstract: A device, method, and computer readable storage medium generate a biometric public key for an individual based on both the individual's biometric data and a secret, in a manner that verifiably characterizes both while tending to prevent recovery of either by anyone other than the individual. The biometric public key may be later used to authenticate a subject purporting to be the individual, using a computing facility that need not rely on a hardware root of trust. Such biometric public keys may be distributed without compromising the individual's biometric data, and may be used to provide authentication in addition to, or in lieu of, passwords or cryptographic tokens. Various use cases are disclosed, including: enrollment, authentication, establishing and using a secure communications channel, and cryptographically signing a message.Type: GrantFiled: August 28, 2020Date of Patent: November 7, 2023Assignee: Badge Inc.Inventors: Charles H. Herder, III, Tina P. Srivastava
-
Patent number: 11784987Abstract: An embedded processing system includes processing circuitry, a memory system, and a reprogramming control. The reprogramming control is configured to receive a transaction indicator and user credentials from a reprogramming system, the transaction indicator identifying a type of configuration item to program in the memory system. The reprogramming control is further configured to access user authentication data to authenticate authority of a user to program the memory system based on the transaction indicator and user credentials and receive an encrypted configuration item. The reprogramming control is further configured to decrypt and authenticate the encrypted configuration item as a decrypted and authenticated configuration item responsive to authenticating the authority of the user, and store the decrypted and authenticated configuration item in the memory system.Type: GrantFiled: October 7, 2022Date of Patent: October 10, 2023Assignee: RTX CORPORATIONInventors: Jayashree Rajagopalan, Paul A. Adamski, Jason E. Posniak, Douglas E. Sansom, David Howland
-
Patent number: 11757647Abstract: A security accelerator device stores a first credential that is uniquely associated with the individual security accelerator device and represents a root of trust to a trusted entity. The device establishes a cryptographic trust relationship with a client entity that is based on the root of trust, the cryptographic trust relationship being represented by a second credential. The device receives and store a secret credential of the client entity, which is received via communication secured by the second credential. Further, the device executes a cryptographic computation using the secret client credential on behalf of the client entity to produce a computation result.Type: GrantFiled: May 14, 2021Date of Patent: September 12, 2023Assignee: Intel CorporationInventors: Kapil Sood, Naveen Lakkakula, Hari K. Tadepalli, Lokpraveen Mosur, Rajesh Gadiyar, Patrick Fleming
-
Patent number: 11750394Abstract: In a method for decrypting persistent user cryptographic keys in a distributed cryptographically secured peer-to-peer filesystem, a primary input value is received from a first user on a first peer device. A symmetric user encryption key UK1 is generated for the first user from the primary input value on the first peer device. An encrypted private key ePrK1 is requested and received from a non-volatile memory of a data persistence server using the first peer device. The encrypted private key ePrK1 is decrypted using the symmetric user encryption key UK1 using a symmetric decryption algorithm on the first peer device, producing a private key PrK1=ESUK1?1(ePrK1). The private key PrK1 is used to reconstruct a distributed file.Type: GrantFiled: April 24, 2022Date of Patent: September 5, 2023Assignee: CyLogic, Inc.Inventors: Adam Firestone, Hilary L MacMillan, Raghu Lingampally
-
Patent number: 11740901Abstract: Embodiments are provided for centralized control of execution of a quantum program. In some embodiments, a system can include a processor that executes computer-executable components stored in memory. The computer-executable components include a synchronization component that causes multiple controller devices remotely located relative to the system to be synchronized with one another and the system. The computer-executable components also include an ingestion component that accesses measurement data resulting from one or more measurements at respective qubit devices. The computer-executable components further include a composition component that generates, using the measurement data, one or more control messages for respective second controller devices of the multiple controller devices.Type: GrantFiled: June 15, 2021Date of Patent: August 29, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Scott Willenborg, Andrew Wack, Thomas Alexander, Jeffrey Joseph Ruedinger, Blake Johnson, Juergen Saalmueller, Kent H. Haselhorst
-
Patent number: 11734446Abstract: A method for causing sending and receiving of an encrypted file between a sending user terminal and a receiving user terminal connected via a network to be performed in a secret state via a management server is provided. The sending user terminal encrypts an original file and then fragments the original file into a plurality of divided files, creates a plurality of combined files formed by combining a plurality of the divided files, and distributes and saves the combined files to which restoration information for opening the combines files has been added in a plurality of online storages. The receiving user terminal can open the combined files obtained from the online storages by using the restoration information received from the management server to extract the divided files included in the combined files, and can restore the original file from the divided files.Type: GrantFiled: July 11, 2019Date of Patent: August 22, 2023Assignees: GYOTOKUSHIKO CO., LTD., TECHNICAL INFRASTRUCTURE LOGIC CORPORATIONInventor: Masahiro Aoki
-
Patent number: 11729003Abstract: A method including transmitting, by an infrastructure device to a distributor device, an invitation link to enable the distributor device to distribute network services; activating, by the distributor device, the invitation link; transmitting, by the infrastructure device to the distributor device, seed information based on verifying that the invitation link was activated by the distributor device; determining, by the distributor device, a distributor key pair including a distributor public key and a distributor private key based on utilizing the seed information; transmitting, by the distributor device to the infrastructure device, an action request related to an action to be performed regarding the network services, a portion of the action request being signed based on utilizing the distributor private key; and validating, by the infrastructure device, the action request based on utilizing the distributor public key to enable performance of the action regarding the network services is disclosed.Type: GrantFiled: June 4, 2022Date of Patent: August 15, 2023Assignee: UAB 360 ITInventors: Dovydas Bespalovas, Mindaugas Valkaitis
-
Patent number: 11722501Abstract: An intelligent electronic device (IED) includes memory and a processor operatively coupled to the memory. The processor is configured to establish, over a communication network of a power system, a connection association (CA) with a receiving device using a MACsec Key Agreement (MKA). The processor is configured to automatically send device management information via the MKA process.Type: GrantFiled: March 17, 2021Date of Patent: August 8, 2023Assignee: Schweitzer Engineering Laboratories. Inc.Inventors: Colin Gordon, Duane C. Skelton
-
Patent number: 11716336Abstract: Systems and methods for end to end encryption are provided. In example embodiments, a computer accesses an image including a geometric shape. The computer determines that the accessed image includes a candidate shape inside the geometric shape. The computer determines, using the candidate shape, an orientation of the geometric shape. The computer determines a public key of a communication partner device by decoding, based on the determined orientation, data encoded within the geometric shape. The computer receives a message. The computer verifies, based on the public key of the communication partner device, whether the message is from the communication partner device. The computer provides an output including the message and an indication of the communication partner device if the message is verified to be from the communication partner device. The computer provides an output indicating an error if the message is not verified to be from the communication partner device.Type: GrantFiled: August 20, 2021Date of Patent: August 1, 2023Assignee: Snap Inc.Inventor: Subhash Sankuratripati
-
Patent number: 11709955Abstract: The present disclosure provides a method for encryption programming, including: selecting an encrypted programming file that matches the programmer from a target folder; loading the selected encrypted programming file; if a current number of times for programming of the programmer is greater than or equal to a maximum number of times for programming, destroying the selected encrypted programming file and ending programming; otherwise, decrypting the selected encrypted programming file; if the current number of times for programming of the programmer is less than an initial number of times for programming, replacing the current number of times for programming of the programmer with the initial number of times for programming, otherwise, re-encrypting the decrypted encrypted programming file and programing the re-encrypted programming file into a target chip. A programmer is further provided.Type: GrantFiled: September 22, 2020Date of Patent: July 25, 2023Assignee: HANGZHOU VANGO TECHNOLOGIES, INC.Inventors: Sufang Huang, Yangfan Zhou, Chao Fu, Xiaolu Liu
-
Patent number: 11709928Abstract: An asymmetric cryptographic method for securing access to a private key generated and stored in a device is provided. The method includes generating an application password relating to a predetermined level of entropy; generating, within a trusted execution environment relating to a key manager, a user private key secured by using the application password; receiving, from a user via an input device, user entropy relating to a unique identifier for the user; deriving, using a password derivation function, a symmetric key based on the user entropy; encrypting, using an encryption system, the application password by using the symmetric key; and storing, in a memory, a device payload component relating to the application password and the symmetric key in a password management system.Type: GrantFiled: May 20, 2021Date of Patent: July 25, 2023Assignee: JPMorgan Chase Bank, N.A.Inventors: Sean Atkinson, David W Wagner, Scott Alexander
-
Patent number: 11698978Abstract: A computer-implemented method includes: identifying, by a computing device, private portions and non-private portions of content displayed on a user device; generating, by the computing device, instructions to modify the display of the content on the user device to mask the private portions of the content, group the private portions of the content together, and group and the non-private portions of the content together; and outputting, by the computing device, the instructions to cause the user device to modify the display of the content on the user device such that the masked private portions of the content are grouped together and the non-private portions of the content are grouped together, wherein the non-private portions are exposed and visible.Type: GrantFiled: December 6, 2018Date of Patent: July 11, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Craig M. Trim, Sarbajit K. Rakshit, Victor Povar, John M. Ganci, Jr.
-
Patent number: 11681781Abstract: Systems and methods are for content security may comprise transmitting a request for authorization to access secured content. A content key for the secured content may be received and stored to a restricted region of a memory. A device security module may have access to the restricted region and may decrypt, based on satisfaction of a use condition and using the content key, the secured content. An encryption key associated with a secure media system authorized to access the secured content may be received. The device security module may encrypt, using the encryption key, the secured content and route the secured content to the secure media system.Type: GrantFiled: February 21, 2018Date of Patent: June 20, 2023Assignee: Comcast Cable Communications, LLCInventor: Kyong Park
-
Patent number: 11683298Abstract: Disclosed herein is a method performed by an apparatus. In the method, a payload information item is obtained that is to be communicated to at least one recipient. An encrypted payload information item is obtained by encrypting said payload information item such that it is decryptable by use of a first decryption key and a second decryption key. Further, a message containing said encrypted payload information item is sent or triggered to be sent to said recipient.Type: GrantFiled: February 27, 2019Date of Patent: June 20, 2023Assignee: KOBIL GmbHInventors: Ismet Koyun, Tan Sarihan
-
Patent number: 11669433Abstract: In overview, methods, computer programs products and devices for securing software are provided. In accordance with the disclosure, a method may comprise attaching a debugger process to a software process. During execution of the software process, operations relevant to the functionality of the code process are carried out within the debugger process. As a result, the debugger process cannot be replaced or subverted without impinging on the functionality of the software process. The software process can therefore be protected from inspection by modified or malicious debugging techniques.Type: GrantFiled: May 16, 2022Date of Patent: June 6, 2023Assignee: Nagravision SàrlInventors: Laurent Dore, Asfandyar Orakzai, Brecht Wyseur, Yihui Xu
-
Patent number: 11664990Abstract: A method for distributing multiple cryptographic keys used to access data includes: receiving a data signal superimposed with an access key request, wherein the access key request includes at least a number, n, greater than 1, of requested keys; generating n key pairs using a key pair generation algorithm, wherein each key pair includes a private key and a public key; deriving an access private key by applying the private key included in each of the n key pairs to a key derivation algorithm; generating an access public key corresponding to the derived access private key using the key pair generation algorithm; and electronically transmitting a data signal superimposed with a private key included in one of the n key pairs for each of the n key pairs.Type: GrantFiled: October 23, 2020Date of Patent: May 30, 2023Assignee: MASTERCARD INTERNATIONAL INCORPORATEDInventor: Steven C. Davis
-
Patent number: 11658945Abstract: A network device includes a transmitter and a receiver to establish a secure connection with one or more network nodes as part of a Autonomic Control Plane (ACP) network. The network device also includes a processor coupled to the transmitter and receiver. The processor receives a request from an application to initiate a connection with a destination network node. The processor also receives packets from the application for transmission toward the destination network node. When the packets from the application are unencrypted, the processor end-to-end encrypts the unencrypted packets without notifying the application. The transmitter then transmits the encrypted packets towards the destination network node across the ACP network.Type: GrantFiled: September 23, 2020Date of Patent: May 23, 2023Assignee: Futurewei Technologies, Inc.Inventors: Toerless Eckert, Sheng Jiang, Bing Liu
-
Patent number: 11652625Abstract: A system and process for performing a touchless key provisioning operation for a communication device. In operation, a key management facility (KMF) imports a public key and a public key identifier uniquely identifying the public key of the communication device. The public key is associated with an asymmetric key pair generated at the communication device during its factory provisioning and configuration. The KMF registers the communication device and assigns a key encryption key (KEK) for the communication device. The KMF then provisions the communication device by deriving a symmetric touchless key provisioning (TKP) key based at least in part on the public key of the communication device, encrypting the KEK with the symmetric TKP key to generate a key wrapped KEK, and transmitting the key wrapped KEK to the communication device for decryption by the communication device.Type: GrantFiled: June 11, 2021Date of Patent: May 16, 2023Assignee: MOTOROLA SOLUTIONS, INC.Inventors: Gary P Hunsberger, Chris A Kruegel, Kenneth C Fuchs, Pawel Fafara, Brian W Pruss, Jakub Trojanek
-
Patent number: 11632672Abstract: A multi-hop mesh network includes a root network device and a first network device. The first network device is configured to establish a first direct wireless connection with the root network device and negotiate a first shared secret key with the root network device. The multi-hop network further includes a second network device configured to establish a second direct wireless connection with the first network device and negotiate a second shared secret key with the first network device.Type: GrantFiled: December 30, 2019Date of Patent: April 18, 2023Assignee: TEXAS INSTRUMENTS INCORPORATEDInventors: Feng L. Mo, Jianwei Zhou, Xiaolin Lu, Il Han Kim, Kaichien Tsai
-
Patent number: 11620393Abstract: A system and method for facilitating distributed peer to peer storage of data is disclosed. The method includes receiving a request from a user to securely store one or more files, encrypting the one or more files by using one or more primary encryption keys and splitting each of the encrypted one or more files into an encrypted set of data chunks. The method further includes transmitting the encrypted set of data chunks to one or more trustee devices, encrypting a metadata by using a secondary encryption key and receiving a request to securely access the one or more files. Further, the method includes obtaining the encrypted set of data chunks and the secondary encryption key from the one or more trustee devices and creating the one or more files, such that the user is provided access of the one or more files.Type: GrantFiled: July 5, 2022Date of Patent: April 4, 2023Inventor: Aswath Premaradj
-
Patent number: 11616641Abstract: A method of sharing a first common secret among a plurality of nodes for enabling secure communication for blockchain transactions. The method comprises determining, for at least one first node a plurality of second common secrets, wherein each second common secret is common to the first node and a respective second node, is determined at the first node based on a first private key of the first node and a first public key of the second node and is determined at the second node based on the first private key of the second node and the first public key of the first node. The method further comprises exchanging encrypted shares of the first common secret among the plurality of nodes to enable each of the plurality of nodes to reach a threshold number of shares of the first common secret to access the first common secret.Type: GrantFiled: September 11, 2019Date of Patent: March 28, 2023Assignee: nChain Licensing AGInventor: Craig Steven Wright
-
Patent number: 11617078Abstract: A P25 radio can be configured to implement a key management facility to thereby manage keysets for and provision the keysets on other P25 radios in a communications system. The P25 radio, as a radio, can directly communicate with the other P25 radios to provision keysets in accordance with the OTAR protocol. The P25 radio may also be configured to function as a key fill device to thereby provision keysets manually on any of the other P25 radios to which it may be physically or wirelessly connected. The P25 radio may also be configured to use the keysets to communicate securely with any of the other P25 radios.Type: GrantFiled: April 19, 2021Date of Patent: March 28, 2023Assignee: BK Technologies, Inc.Inventors: James E. Gilley, Edmund A. Laryea, Juan J. Giol, Lorenzo Cruger, Jr.
-
Patent number: 11582031Abstract: Methods, systems, and devices for quantum key distribution (QKD) in passive optical networks (PONs) are described. A PON may be a point-to-multipoint system and may include a central node in communication with multiple remote nodes. In some cases, each remote node may include a QKD transmitter configured to generate a quantum pulse indicating a quantum key, a synchronization pulse generator configured to generate a timing indication of the quantum pulse, and filter configured to output the quantum pulse and the timing indication to the central node via an optical component (e.g., an optical splitter, a cyclic arrayed waveguide grating (AWG) router). The central node may receive the timing indications and quantum pulses from multiple remote nodes. Thus, the central node and remote nodes may be configured to communicate data encrypted using quantum keys.Type: GrantFiled: October 16, 2020Date of Patent: February 14, 2023Assignee: Cable Television Laboratories, Inc.Inventors: Jing Wang, Bernardo Huberman
-
Patent number: 11579781Abstract: Distributed storage nodes having specialized hardware can be pooled for servicing data requests. For example, a distributed storage system can include a group of storage nodes. The distributed storage system can determine a subset of storage nodes that include the specialized hardware based on status information received from the group of storage nodes. The specialized hardware can be preconfigured with specialized functionality. The distributed storage system can then generate a node pool that includes the subset of storage nodes with the specialized hardware. The node pool can be configured to perform the specialized functionality in relation to a data request.Type: GrantFiled: October 23, 2020Date of Patent: February 14, 2023Assignee: RED HAT, INC.Inventors: Gabriel Zvi BenHanokh, Brett Niver
-
Patent number: 11574032Abstract: Embodiments of the disclosure relates to signing of an artificial intelligence (AI) model with a watermark for a data processing (DP) accelerator. In one embodiment, in response to a request received by the data processing accelerator, the request sent by an application to embed digital rights protection to an AI model, a system generates a watermark for the AI model based on a watermark algorithm. The system embeds the watermark onto the AI model. The system signs the AI model having the embedded watermark to generate a signature. The system returns the signature and the AI model having the embedded watermark back to the application, where the signature is used to authenticate the watermark and/or the AI model.Type: GrantFiled: November 14, 2019Date of Patent: February 7, 2023Assignees: BAIDU USA LLC, KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITEDInventors: Yueqiang Cheng, Yong Liu