Particular Algorithmic Function Encoding Patents (Class 380/28)
  • Patent number: 10326753
    Abstract: Methods, systems and computer program products are provided for authenticating a message via a revocable signature. The method includes, at a signing computer, generating first auxiliary data and second auxiliary data respectively dependent on a public key and a private key of a public-private key pair for the message. The signing computer hashes the message and the first auxiliary data via a chameleon hash algorithm, using a public hash key of a verifier computer, to produce a first hash value. The signing computer signs the first hash value, using a secret signing key of the signing computer, to produce a signature. The signing computer sends the message, the signature and the first auxiliary data to the verifier computer, and stores the second auxiliary data.
    Type: Grant
    Filed: June 23, 2016
    Date of Patent: June 18, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Daniel Kovacs, Kai Samelin, Dieter Sommer
  • Patent number: 10326928
    Abstract: Disclosed is an image processing apparatus including: a storage configured to store model information regarding a boundary of a person area in an image; and a controller configured to determine a boundary of a target area in an area to be processed, and to control the target area to undergo image processing for the person area if it is determined, based on the model information stored in the storage, that the determined boundary of the target area matches the boundary of the person area.
    Type: Grant
    Filed: January 4, 2017
    Date of Patent: June 18, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Ha-wook Jeong, Beom-su Kim, Sun-jung Kim, Hong-il Kim, Tae-hwa Hong
  • Patent number: 10320555
    Abstract: A test method can include: acquiring a plurality of value sets including measurements or signals corresponding with activity of a circuit when executing a set of cryptographic operations on secret data, for each value set, selecting at least two subsets of values, computing combined values and counting occurrence numbers of values transformed by a first surjective function applied to the combined values, for each operation and each possible value of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets by adding the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value of the possible values of the part of the secret data, provide a partial operation result having a same transformed value by a second surjective function, and determine the part of the secret data from the cumulative occurrence number sets.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: June 11, 2019
    Assignee: ESHARD
    Inventors: Hugues Thiebeauld De La Crouee, Antoine Wurcker
  • Patent number: 10318762
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for securing data. One of the methods includes receiving, by a computer system, a network packet for analysis. The method includes determining, by the computer system, to examine the network packet for private data. The method includes identifying, by the computer system, private data in payload of the packet. The method includes encrypting the private data. The method includes storing the encrypted private data in a location separate from the payload. The method also includes obfuscating the private data by adding a reference to the location of the encrypted private data in the payload.
    Type: Grant
    Filed: March 3, 2016
    Date of Patent: June 11, 2019
    Assignee: United Services Automobile Association (USAA)
    Inventors: Thomas Bret Buckingham, Donald Nathaniel Holloway, III, Robert Aaron Ghavidel, Jennifer Nannery, Cory Landon Newsom, Robert Lawrence, Huihui Wu, Alejandra Valles
  • Patent number: 10320554
    Abstract: Circuits, methods, and systems are provided for securing an integrated circuit device against Differential Power Analysis (DPA) attacks. Plaintext (e.g., configuration data for a programmable device) may be encrypted in an encryption system using a cryptographic algorithm. Ciphertext may be decrypted in a decryption system using the cryptographic algorithm. The encryption and/or decryption systems may obfuscate the plaintext, the ciphertext, and/or the substitution tables used by the cryptographic algorithm. The encryption and/or decryption systems may also generate cryptographic key schedules by using different keys for encrypting/decrypting different blocks and/or by expanding round keys between encryption/decryption blocks. These techniques may help mitigate or altogether eliminate the vulnerability of cryptographic elements revealing power consumption information to learn the value of secret information, e.g., through DPA.
    Type: Grant
    Filed: April 26, 2016
    Date of Patent: June 11, 2019
    Assignee: Altera Corporation
    Inventor: Bruce B. Pedersen
  • Patent number: 10313108
    Abstract: A processing system includes a processor to construct an input message comprising a target value and a nonce and a hardware accelerator, communicatively coupled to the processor, implementing a plurality of circuits to perform stage-1 secure hash algorithm (SHA) hash and stage-2 SHA hash, wherein to perform the stage-2 SHA hash, the hardware accelerator is to perform a plurality of rounds of compression on state data stored in a plurality of registers associated with a stage-2 SHA hash circuit using an input value, calculate a plurality of speculative computation bits using a plurality of bits of the state data, and transmit the plurality of speculative computation bits to the processor.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: June 4, 2019
    Assignee: Intel Corporation
    Inventors: Vikram B. Suresh, Sudhir K. Satpathy, Sanu K. Mathew
  • Patent number: 10310817
    Abstract: An apparatus and method for modular multiplication. The modular multiplication apparatus includes a first operation unit for performing a first operation based on a structure of at least one of a serial multiplier and a serial squarer-based multiplier; a second operation unit for performing a second operation based on a structure of at least one of the serial multiplier and the serial squarer-based multiplier; an adder unit for outputting the sum of results of the first operation and the second operation, inputting an intermediate value stream to the first input unit, which calculates the product of the intermediate value stream and a zeta parameter, and outputting a High-Order Term as a result of Montgomery Modular Multiplication, wherein the first and second operation units output a result in digit-serial format in order from the least significant digit to the most significant digit.
    Type: Grant
    Filed: November 9, 2017
    Date of Patent: June 4, 2019
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yun-Koo Lee, Dong-Geon Lee, Min-Kyu Joo, Yoen-Cheol Lee, Sang-Woon Yang
  • Patent number: 10313125
    Abstract: A method (500) of generating a cryptographic checksum for a message M(x) is provided. The method comprises pseudo-randomly selecting (502) a generator polynomial p(x) from the set of polynomials of degree n over a Galois Field and calculating (504) the cryptographic checksum as a first function g of a division of a second function of M(x), ƒ(M(x)), modulo p(x), g(ƒ(M(x))mod p(x)). The generator polynomial p(x) is pseudo-randomly selected based on a first cryptographic key. By replacing a standard checksum, such as a Cyclic Redundancy Check (CRC), with a cryptographic checksum, an efficient message authentication is provided. The proposed cryptographic checksum may be used for providing integrity assurance on the message, i.e., for detecting random and intentional message changes, with a known level of security. Further, a corresponding computer program, a corresponding computer program product, and a checksum generator for generating a cryptographic checksum, are provided.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: June 4, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Elena Dubrova, Fredrik Lindqvist, Mats Näslund, Göran Selander
  • Patent number: 10305678
    Abstract: The invention relates to a method for securing an electronic device (SC) against attacks via covert channels when the electronic device (SC) implements a Montgomery ladder for calculating the element A?A?. . . ?A where A appears k times. A designates an element of an Abelian group with a law ?, and k is a natural number. The method comprises a modified implementation of the Montgomery ladder. The invention also relates to a device (SC), a computer program and a storage medium arranged so as to implement such a method.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: May 28, 2019
    Assignee: IDEMIA IDENTITY & SECURITY
    Inventors: Frédéric Boulet, Victor Servant
  • Patent number: 10305689
    Abstract: An acquisition unit (2020) acquires a plaintext block sequence and a first cryptographic key. The plaintext block sequence is constituted by a plurality of plaintext blocks. A second-cryptographic-key generation unit (2040) generates a second cryptographic key. A third-cryptographic-key generation unit (2060) generates a third cryptographic key. The third cryptographic key is calculated as exclusive OR between the first cryptographic key and a portion or the entirety of the second cryptographic key. A counter mode encryption unit (2080) encrypts the plaintext block sequence using the third cryptographic key as a cryptographic key, and generates a cryptographic block sequence. A block cryptography using a counter mode as block cipher mode of operation is used in encryption. A key block generation unit (2100) generates a key block. The key block is calculated as exclusive OR between the second cryptographic key and respective blocks of the cryptographic block sequence.
    Type: Grant
    Filed: October 13, 2015
    Date of Patent: May 28, 2019
    Assignee: NEC CORPORATION
    Inventor: Toshinori Araki
  • Patent number: 10298553
    Abstract: A System-On-Chip (SOC) exchanges hardware trusted data communications. A Central Processing Unit (CPU) executes an internal application. A transceiver receives a data message from an external data application for the internal data application. The message has encrypted user data and an encrypted hardware trust certificate for the external data application. The transceiver decrypts the hardware trust certificate for the external data application and transfers the decrypted hardware trust certificate to a SOC kernel. The transceiver decrypts the user data. The SOC kernel validates the decrypted hardware trust certificate for the external data application and notifies the transceiver. The transceiver transfers the decrypted user data to the CPU for delivery to the internal data application responsive to the notification from the SOC kernel.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: May 21, 2019
    Assignee: Sprint Communications Company L.P.
    Inventors: Ronald R. Marquardt, Lyle Walter Paczkowski, Arun Rajagopal
  • Patent number: 10298385
    Abstract: Fully homomorphic encryption integrated circuit (IC) chips, systems and associated methods are disclosed. In one embodiment, an integrated circuit (IC) homomorphic processor chip is disclosed. The IC homomorphic processor chip includes at least one processor slice. Each processor slice includes local control circuitry, a numeric theoretic transform (NTT) butterfly unit, and on-chip memory. The NTT butterfly unit is responsive to the local control circuitry to operate in multiple modes for performing operations on encrypted data using homomorphic encryption. Each mode is associated with a different configuration of the NTT butterfly unit.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: May 21, 2019
    Assignee: THE GOVERNING COUNCIL OF THE UNIVERSITY OF TORONTO
    Inventors: Alhassan Khedr, Glenn Gulak
  • Patent number: 10290405
    Abstract: The present technology relates to a Ni—Mn—Ga magnetic shape memory (MSM) alloy including twin boundaries type 2, which are deviated approximately +/?2-4 degrees from (101) or equivalent crystallographic plane by rotation about [?101] or equivalent crystallographic direction. This technology relates also to an actuator, sensor and harvester including MSM element of this technology.
    Type: Grant
    Filed: May 21, 2012
    Date of Patent: May 14, 2019
    Assignee: ETO Magnetic GmbH
    Inventors: Yossef Ezer, Oleksii Sozinov, Ladislav Straka, Aleksandr Soroka, Nataliya Lanska
  • Patent number: 10284370
    Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n)G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: May 7, 2019
    Assignee: Certicom Corp.
    Inventors: Marinus Struik, Daniel Richard L. Brown, Scott Alexander Vanstone, Robert Philip Gallant, Adrian Antipa, Robert John Lambert
  • Patent number: 10284529
    Abstract: The present disclosure relates to an information processing apparatus and an information processing method which facilitate reproduction of the data obtained by encrypting prepared multiple patterns regarding at least part of data of content with unique keys. An image acquiring unit receives an image file containing: encrypted data that is obtained by encrypting with unique keys multiple pieces of pattern data regarding forensic object data which is at least part of encoded image data of video content and that has an identical size; unencrypted data, of the encoded image data of video content, which is not encrypted with any one of the keys; size information that represents the size of the encrypted data; and position information that represents a position of the encrypted data in the file. The present disclosure can be applied to a video reproducing terminal and the like.
    Type: Grant
    Filed: June 5, 2015
    Date of Patent: May 7, 2019
    Assignee: SONY CORPORATION
    Inventor: Takehiko Nakano
  • Patent number: 10277393
    Abstract: A system, method and computer-readable storage medium with instructions for protecting an electronic device against fault attack. The technology includes operating the electronic device to determine two half-size exponents, dp and dq, from the exponent d; to split the base m into two sub-bases mp and mq determined from the base m; and to iteratively compute a decryption result S by repeatedly multiplying an accumulator A by m, mp, mq or 1 depending on the values of the i-th bit of dp and dq for each iteration I?. Other systems and methods are disclosed.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: April 30, 2019
    Assignee: GEMALTO SA
    Inventor: David Vigilant
  • Patent number: 10268834
    Abstract: A method for a survey server for managing query communications between at least a requester server and at least one data holding entity is provided. The requester server holds a first share of a private key and the survey server holds a second share of the private key. An encrypted query is received and then forwarded to at least one data holding entity. A plurality of comparison responses is received. Each comparison response is generated by a private comparison protocol that compares the encrypted query with encrypted data. The encrypted data having been encrypted using the public key. Each comparison response having been partially decrypted with the first share of the private key and placed in the array in a randomized order. The array is decrypted using the second share of the private key. At least one result of the query is determined.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: April 23, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Makan Pourzandi, Feras Aljumah, Mourad Debbabi
  • Patent number: 10270598
    Abstract: A processor of an aspect includes a decode unit to decode an elliptic curve cryptography (ECC) point-multiplication with obfuscated input information instruction. The ECC point-multiplication with obfuscated input information instruction is to indicate a plurality of source operands that are to store input information for an ECC point-multiplication operation. At least some of the input information that is to be stored in the plurality of source operands is to be obfuscated. An execution unit is coupled with the decode unit. The execution unit, in response to the ECC point-multiplication with obfuscated input information instruction, is to store an ECC point-multiplication result in a destination storage location that is to be indicated by the ECC point-multiplication with obfuscated input information instruction. Other processors, methods, systems, and instructions are disclosed.
    Type: Grant
    Filed: August 26, 2016
    Date of Patent: April 23, 2019
    Assignee: Intel Corporation
    Inventor: Vinodh Gopal
  • Patent number: 10264290
    Abstract: Innovations in hash-based block matching facilitate block copy (“BC”) prediction that is more effective in terms of rate-distortion performance and/or computational efficiency of encoding. For example, some of the innovations relate to encoding that uses hash-based block matching during block vector (“By”) estimation. Other innovations relate to data structures that organize candidate blocks for hash-based block matching. Still other innovations relate to hierarchical hash-based block matching.
    Type: Grant
    Filed: October 25, 2013
    Date of Patent: April 16, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jizheng Xu, Weijia Zhu
  • Patent number: 10261748
    Abstract: Technologies for cryptographic protection of I/O audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec. The trusted software component may verify that a stream identifier associated with the audio session received from the audio driver matches a stream identifier received from the codec. The trusted software may program the cryptographic engine with a DMA channel identifier associated with the codec, and the audio controller may assert the channel identifier in each DMA transaction associated with the audio session. The cryptographic engine cryptographically protects audio data associated with the audio session. The audio controller may lock the controller topology after establishing the audio session, to prevent re-routing of audio during a trusted audio session. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 18, 2015
    Date of Patent: April 16, 2019
    Assignee: Intel Corporation
    Inventors: Sudha Krishnakumar, Reshma Lal, Pradeep M. Pappachan, Kar Leong Wong, Steven B. McGowan, Adeel A. Aslam
  • Patent number: 10263780
    Abstract: The invention discloses a method for encrypting and/authenticating, comprising the following steps: Sending a request for a first bit combination or character combination as a first sub key (102); storing said first bit combination or character combination in the memory (104); generating a second bit combination or character combination as a second sub key (106), wherein the second bit combination or character combination is a random or pseudo random pattern; and combining said first sub key and second sub key to a key (108); further comprising at least one of the following steps: encrypting the data with the key (110); using the key as an authentication password (112); and a method of decrypting and/or authenticating, comprising the following steps: sending a request for a first bit combination or character combination as a first sub key (202); storing said first bit combination or character combination in the memory (204); repeating the following steps until a key has been verified as valid: generating o
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: April 16, 2019
    Inventor: Thomas Wolf
  • Patent number: 10263980
    Abstract: The invention relates to a method, for providing an Authentication Module (AM) to a device. The method comprises computing an authentication parameter to be stored in the AM, using an identifier (ID) associated with the device, authentication data associated with the device and an encryption parameter associated with the device. The method also comprises providing the AM to the device. The invention also relates to a method, for updating an AM and to a method to authenticate a device using an AM. The invention further relates to a device and network node executing the methods.
    Type: Grant
    Filed: March 6, 2014
    Date of Patent: April 16, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: Gustavo Tanoni
  • Patent number: 10248514
    Abstract: A method and device for performing failsafe computation, and a method of compiling code to perform a failsafe computation are provided. The method includes performing a first calculation (212) to generate a first result (214). A second calculation (218) is performed using a scalar (216) and the first calculation (212) to generate a second result (220). The second calculation (218) includes multiplying the first calculation (212) by the scalar (216) to generate a scaled result, and dividing the scaled result by the scalar (216) to generate the second result (220). The first result (214) and the second result (220) are compared to determine if they are equivalent.
    Type: Grant
    Filed: May 8, 2014
    Date of Patent: April 2, 2019
    Assignee: Micro Motion, Inc.
    Inventors: Paul J Hays, Dawn Kelsch
  • Patent number: 10249220
    Abstract: A processor device has an executable implementation of a cryptographic algorithm implemented being white-box-masked by a function f. The implementation comprises an implemented computation step S by which input values x are mapped to output values s=S[x], and which is masked to a white-box-masked computation step T? by means of an invertible function f. As a mapping f there is provided a combination (f=(c1, c2, . . . )*A) of an affine mapping A having an entry width BA and a number of one or several invertible mappings c1, c2, . . . having an entry width Bc1, Bc2, . . . respectively, wherein BA=Bc1+Bc2+ . . . . Output values w are generated altogether by the mapping f. Multiplicities of sets Mxi, i=1, 2, . . . =Mx11, Mx12, . . . Mx21, Mx22, . . . are formed from the output values a of the affine mapping A.
    Type: Grant
    Filed: October 30, 2015
    Date of Patent: April 2, 2019
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Hermann Drexler, Sven Bauer, Jürgen Pulkus
  • Patent number: 10243731
    Abstract: Hardware acceleration supports complex software processes. In particular, a hardware security module provides encryption support for transaction chains. In one implementation, the security module circuitry provides high-speed security features and acceleration of the security features for blockchain processing.
    Type: Grant
    Filed: December 5, 2017
    Date of Patent: March 26, 2019
    Assignee: Accenture Global Solutions Limited
    Inventors: John Velissarios, Callum Stuart Hyland, Laurence Richard Freeman, Piergiorgio Rettaroli, Ennio Acernese, Pasquale Di Tucci, Salvatore Gifuni
  • Patent number: 10243734
    Abstract: An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.
    Type: Grant
    Filed: December 18, 2014
    Date of Patent: March 26, 2019
    Assignee: Certicom Corp.
    Inventors: Daniel Richard L. Brown, Scott Alexander Vanstone
  • Patent number: 10237061
    Abstract: Provided are a computer program product, system, and method for generating master and wrapper keys for connected devices in a key generation scheme. For each of the devices, a wrapped master key comprising a master key for the device and a wrapper key is stored. The wrapper keys for a plurality of the devices are generated by another of the devices. For each of a plurality of the devices, the master key for the device is used to generate the wrapper key for a target device comprising another of the devices. For each of the devices, the wrapper key for the device is used to decrypt the stored wrapped master key. At least one of the devices uses the master key for the device to encrypt and decrypt data at the device.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: March 19, 2019
    Assignee: International Business Machines Corporation
    Inventors: Ronen Gazit, Ron S. Shapiro, Lior Shlomov, Ariel Waizel, Guy-Arie Yur
  • Patent number: 10231123
    Abstract: A system and a method for communicating over a Bluetooth Low Energy (BLE) connection in a vehicle. The method includes the steps of: establishing a Bluetooth Low Energy (BLE) connection between a mobile device and a BLE system in the vehicle, wherein the establishing step includes receiving first credentials of the mobile device at the BLE system; providing second credentials to the mobile device from the vehicle, wherein the second credentials are different than the first credentials; and receiving a message from the mobile device that is encrypted using the first and second credentials.
    Type: Grant
    Filed: December 7, 2015
    Date of Patent: March 12, 2019
    Assignee: GM Global Technology Operations LLC
    Inventors: Jennifer J. Schussmann, Lynn Saxton, Alessandro Testa, David K. Sayre, Karl B. Leboeuf
  • Patent number: 10225087
    Abstract: Methods and systems for generation of randomized messages for cryptographic hash functions are described herein. The method includes obtaining a random value in a binary bit form for randomizing a message. The method also includes splitting the message into multiple message blocks, where a length of each of the multiple message blocks is based on a length of the random value and a block length of a compression function. The method further includes prepending and appending each of the multiple message blocks with at least a portion of the random value and concatenating the prepended and appended message blocks to obtain a message envelope for generating the randomized message.
    Type: Grant
    Filed: September 14, 2015
    Date of Patent: March 5, 2019
    Assignee: Tata Consultancy Services Limited
    Inventor: Praveen Gauravaram
  • Patent number: 10217108
    Abstract: A system includes an information wallet account associated with a user of the system, and a server having a memory and a processor. The processor is configured to receive a request for information, wherein the requested information is associated with the user, and retrieve a stored portion of the requested information from the information wallet account. If a portion of the requested information is not found within the information wallet account, the processor is configured to send a request for a remaining portion of the requested information to a user computing device of the user. The processor is also configured to send the requested information to an entity computing system associated with the entity as part of a transaction between the user and the entity, receive feedback from the entity computing system based on the transaction, and send an alert to the user computing system based on the feedback.
    Type: Grant
    Filed: March 3, 2014
    Date of Patent: February 26, 2019
    Assignee: WELLS FARGO BANK, N.A.
    Inventor: Al Hecht
  • Patent number: 10218497
    Abstract: A hybrid AES-SMS4 hardware accelerator is described. A System on Chip implementing a hybrid AES-SMS4 hardware accelerator may include a processor core and a single hardware accelerator coupled to the processor core, the single hardware accelerator to encrypt or decrypt data. The single hardware accelerator may include a first block cipher to encrypt or decrypt the data according to a first encryption algorithm and a second block cipher to encrypt or decrypt the data according to a second encryption algorithm. The accelerator may further include a combined substitution box (Sbox) coupled to the first block cipher and the second block cipher, the combined Sbox comprising logic to perform Galois Field (GF) multiplications and inverse computations, wherein the inverse computations are common to the first block cipher and the second block cipher.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: February 26, 2019
    Assignee: Intel Corporation
    Inventors: Vikram Suresh, Sudhir Satpathy, Sanu Mathew
  • Patent number: 10212144
    Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.
    Type: Grant
    Filed: March 14, 2014
    Date of Patent: February 19, 2019
    Assignee: ASSA ABLOY AB
    Inventors: Scott B. Guthery, Ronny Belin
  • Patent number: 10211974
    Abstract: An encryption apparatus includes a setting generator configured to generate a public key and a secret key necessary for encryption; and an encryptor configured to generate a homomorphic ciphertext which allows multiplication operation by using the generated public key and a plaintext.
    Type: Grant
    Filed: April 22, 2015
    Date of Patent: February 19, 2019
    Assignees: SAMSUNG ELECTRONICS CO., LTD, SEOUL NATIONAL UNIVERSITY R&DB FOUNDATION
    Inventors: Jae Woo Seo, Jung Hee Cheon, Yong Ho Hwang, Jinsu Kim
  • Patent number: 10210169
    Abstract: According to one embodiment, in response to a request for verifying a first prime representing a consistent point of a file system of a storage system having a plurality of storage units, each of a plurality of prime segments collectively representing the first prime is examined to determine whether the corresponding prime segment has been previously verified. Each of the prime segments is stored in one of the storage units, respectively. At least a first of the prime segments that has not been previously verified is verified, without verifying a second of the prime segments that has been previously verified. The first prime, when at least the first prime segment has been successfully verified, can be used to construct the consistent point of the file system.
    Type: Grant
    Filed: March 31, 2011
    Date of Patent: February 19, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Soumyadeb Mitra, Windsor W. Hsu
  • Patent number: 10210266
    Abstract: Methods, systems, apparatuses, and computer program products are provided for secure handling of queries by a data server and a database application. A parameterized query is received from a client. Table column metadata is loaded for one or more table columns referenced by the parameterized query. Datatypes of expressions in the parameterized query are derived with any parameters and variables of the parameterized query indicated as having unknown datatypes. Unsupported datatype conversions in the parameterized query are determined. An encryption scheme is inferred for any parameters and variables to generate an inferred encryption scheme set. The datatypes of expressions in the parameterized query are re-derived with any parameters and variables having their inferred encryption schemes. Encryption key metadata corresponding to the inferred encryption scheme set is loaded. An encryption configuration is transmitted to the client that includes the inferred encryption scheme for any parameters and variables.
    Type: Grant
    Filed: May 25, 2016
    Date of Patent: February 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Panagiotis Antonopoulos, Kapil Vaswani, Krishna Nibhanupudi, Neerumalla Bala Rama Koteswara Rao
  • Patent number: 10206080
    Abstract: A method for transmitting an uplink signal by a user equipment on a carrier where multiple subbands, each having different subcarrier spacing, are multiplexed may include: generating M modulated symbols by modulating uplink data; repeating the M modulated symbols in both upper and lower frequency blocks, which are adjacent to a predetermined frequency block for the M modulated symbols and have the same size as that of the predetermined frequency block; obtaining a tapered pulse by multiplying a total of 3M modulated symbols, which are a result of the repetition, and a total of 3M windowing weight values in an element-wise manner; and transmitting the tapered pulse after performing an inverse Fourier transform, wherein the user equipment can restrict leakage power to subbands unsynchronized with its operating subband to be equal to or lower than a threshold by adjusting a tapering length of the tapered pulse.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: February 12, 2019
    Assignee: LG ELECTRONICS INC.
    Inventors: Sangrim Lee, Byounghoon Kim
  • Patent number: 10204149
    Abstract: A computer-driven system manages databases of flexible storage hierarchy. Computer servers include machine-readable storage containing at least one database, the database comprising multiple data records represented by multiple nodes. Each node has a node type and represents records of a corresponding record type. The nodes are embodied by machine-readable data stored in one or more tables. Multiple client-originated direct links are embodied by data stored in the one or more tables, where each one of the direct links directly connecting a different pair of the nodes. Multiple system-originated calculated links are embodied by data stored in the one or more tables. Each calculated link acts in observance with a rules framework to connect pairs of the nodes that would otherwise be connected only indirectly through one or more intermediate nodes and direct links between said intermediate nodes.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: February 12, 2019
    Assignee: SERVICENOW, INC.
    Inventor: Lisa Henderson
  • Patent number: 10205589
    Abstract: An encryption processing system includes an encryption processing circuit that executes a round calculation on input data and generates output data, and a key schedule circuit that outputs key data used in the encryption processing circuit to the encryption processing circuit. Each round calculation executed by the encryption processing circuit includes a linear conversion process executed by a linear conversion circuit, and the linear conversion circuit changes a linear conversion mode of the linear conversion process according to a round transition.
    Type: Grant
    Filed: February 23, 2015
    Date of Patent: February 12, 2019
    Assignee: SONY CORPORATION
    Inventors: Kyoji Shibutani, Takanori Isobe
  • Patent number: 10206114
    Abstract: Provided are a method of updating firmware of a device, a device, and a mobile system including the device. The method includes: receiving, from a host, a first hash value and a signature, the first hash value corresponding to a firmware image at the host; performing a pre-verify operation for at least one of integrity verification and signature certification on the firmware image using the received first hash value and the received signature; receiving the firmware image from the host according to a result of the pre-verify operation; and obtaining a second hash value from the received firmware image to perform a post-verify operation for at least one of integrity verification and signature certification on the received firmware image.
    Type: Grant
    Filed: March 11, 2015
    Date of Patent: February 12, 2019
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Hyuksang Choi, Yongjae Sung, Jun Ho Lee, Wonill Lee, Hyosun Hwang
  • Patent number: 10200191
    Abstract: An electronic calculating device (100) for performing obfuscated arithmetic in a commutative ring (Zn; Zn[x]/f(x)) is presented. The calculating device comprising a storage (110) arranged to store an increment table (T) defined for an increment ring element (1; ut), the increment table mapping an input ring element (k=uk1?uk2) to an output integer-list (T((k1,k2))=(l1, l2)) encoding an output ring element (I=ul1?ul2), such that the output ring element equals the increment ring element ring-added to the input ring element (I=k+1). Using the increment table, a ring addition unit (130) adds a first addition-input integer-list ((a1, a2)) encoding a first addition-input ring element and a second addition-input integer list ((b1, b2)) encoding a second addition-input ring element. The device may comprise a ring multiplication unit (140) also using the increment table.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: February 5, 2019
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventors: Leandro Marin, Alphons Antonius Maria Lambertus Bruekers, Paulus Mathias Hubertus Mechtildis Antonius Gorissen
  • Patent number: 10188134
    Abstract: A server apparatus supporting authenticated encryption in a network, comprising a receiver configured to receive an unencrypted segment, a processor configured to selecting an encryption key, an initialization vector, and an additional authentication data (AAD), encrypt the segment, configuring the segment for transfer in a Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (DASH) media, assign a segment number to the encrypted segment, append an authentication tag to the encrypted segment, store the encrypted segment with the appended authentication tag, and update a Media Presentation Description (MPD) associated with the encrypted segment with the appended authentication tag, wherein the MPD comprises an @aadBase attribute with an AAD base value, wherein the AAD value is the sum of the segment number and the @aadBase attribute value, and a transmitter configured to transmit the encrypted segment with the appended authentication tag to a destination.
    Type: Grant
    Filed: October 23, 2015
    Date of Patent: January 29, 2019
    Assignee: FUTUREWEI TECHNOLOGIES, INC.
    Inventor: Alexander Giladi
  • Patent number: 10191720
    Abstract: Galois-field reduction circuitry for reducing a Galois-field expansion value, using an irreducible polynomial, includes a plurality of memories, each for storing a respective value derived from the irreducible polynomial and a respective combination of expansion bit values, wherein expansion bits of the expansion value address the plurality of memories to output one or more of the respective values. The Galois-field reduction circuitry also includes exclusive-OR circuitry for combining output of the plurality of memories with in-field bits of said expansion value. There are also a method of operating such Galois-field reduction circuitry to reduce a Galois-field expansion value, a programmable integrated circuit device incorporating the circuitry, a method of performing a Galois-field multiplication operation on such a programmable integrated circuit device, and a method of configuring a programmable integrated circuit device to perform such a Galois-field multiplication operation.
    Type: Grant
    Filed: July 17, 2017
    Date of Patent: January 29, 2019
    Assignee: Altera Corporation
    Inventor: Pohrong Rita Chu
  • Patent number: 10187358
    Abstract: Data transfer between a first computer system and a second computer system utilize parallel servers of the second computer system. A plurality of data chunks collectively comprise a data object. The data chunks may be encrypted and sent over parallel channels to the second computer system, which may be a data storage service of a computing resource service provider. The data object, or a portion thereof, may be downloaded from the data storage system in parallel.
    Type: Grant
    Filed: December 3, 2013
    Date of Patent: January 22, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Sean Anthony Fahey, Brent James Hill
  • Patent number: 10180787
    Abstract: A method begins by one or more processing modules of one or more computing devices of a dispersed storage network (DSN) determining that dispersed error encoded data slices stored in a plurality of distributed storage units of the DSN are to be updated and then sending a plurality of lock requests respectively to the plurality of distributed storage units. The method continues with the processing modules receiving a response from a write threshold number of distributed storage units of the plurality of distributed storage units that a lock request has been granted by each of the write threshold number of distributed storage units and then sending a persist message to each of the write threshold number of distributed storage units from which the lock request has been granted.
    Type: Grant
    Filed: February 9, 2017
    Date of Patent: January 15, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Andrew D. Baptist, Ravi V. Khadiwala, Mingyu Li, Manish Motwani
  • Patent number: 10181947
    Abstract: An information processing apparatus is provided that performs information processing for encrypting data using AES, which includes performing a process of generating round key data on a one-byte-by-one-byte basis, performing a row shift transformation that is a process of performing row shifting for the data by use of a row shift table, performing a byte substitution transformation that is a process of performing byte substitution for the data having undergone the row shift transformation by use of a byte substitution table that is a one-dimensional array, performing a column mix transformation that is a process of performing column mixing for the data having undergone the byte substitution transformation based on equivalent expressions, performing a key add transformation that is a process of performing an exclusive-OR operation based on the round key data and the data having undergone the column mix transformation, wherein the row shift transformation, the byte substitution transformation, the column mix tr
    Type: Grant
    Filed: March 8, 2016
    Date of Patent: January 15, 2019
    Assignee: FUJI ELECTRIC CO., LTD.
    Inventor: Kenji Takatsukasa
  • Patent number: 10164771
    Abstract: The present disclosure discloses an encryption method and an encryption apparatus. The encryption method comprises: generating an AES initial key by using an SAES encryption algorithm, and expanding the AES initial key to obtain an AES encryption key; and encrypting information to be encrypted by using the AES encryption key according to an AES encryption algorithm to generate encrypted data. As such, the AES encryption key is encrypted by introducing the SAES algorithm, which increases the difficulty in cracking the AES encryption key. An attacker may crack the AES by firstly cracking the AES encryption key, which increases the overall difficulty in cracking the AES encrypted data. Further, the SAES encryption algorithm and the AES encryption algorithm are implemented by means of an ASIC integrated in an encryption chip.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: December 25, 2018
    Assignee: SHENZHEN GOODIX TECHNOLOGY CO., LTD.
    Inventor: Ming Zhang
  • Patent number: 10164770
    Abstract: Apparatus, methods, and other embodiments associated with mitigating time delays through a data cryptography device are disclosed. In one embodiment, a method includes receiving input data to be processed on a sector-by-sector basis through a data cryptography device. The input data is organized as multiple commands of the input data, with each command including multiple sectors of the input data, and with each sector including multiple blocks of the input data. The input data is processed through the device to generate encrypted or decrypted sectors of data while mitigating time delays through the device. Time delay mitigation is accomplished by pipeline processing the blocks for each sector through the device, pipeline processing the sectors for each command through the device, and pipeline processing the commands through the device. The encrypted or decrypted sectors of data generated by the device are then output by the device.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: December 25, 2018
    Assignee: Marvell International Ltd.
    Inventor: Sean Lee
  • Patent number: 10158485
    Abstract: A processing system includes a memory and a cryptographic accelerator module operatively coupled to the memory, the cryptographic accelerator module employed to implement a byte substitute operation by performing: a first mapped affine transformation of an input bit sequence to produce a first intermediate bit sequence, an inverse transformation of the first intermediate bit sequence to produce a second intermediate bit sequence, and a second mapped affine transformation of the second intermediate bit sequence to produce an output bit sequence.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: December 18, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Vinodh Gopal, Kirk S. Yap
  • Patent number: 10153894
    Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic encryption to improve processing speed and storage requirements. For example, the techniques and/or systems can be used on a client device to encode data to be sent to a remote server, to be operated on while maintaining confidentiality of data. For example, data including a real number can be encoded as a polynomial, with the fractional part of the real number encoded as high-order coefficients in the polynomial. Further, real numbers can be approximated and encoded in a polynomial using a fractional base, and/or the encoding can include slot encoding. Thus, the optimized encodings disclosed herein provide an optimized homomorphic encryption scheme.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: December 11, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kim Laine, Nathan Dowlin, Ran Gilad-Bachrach, Michael Naehrig, John Wernsing, Kristin E. Lauter
  • Patent number: 10148654
    Abstract: Encryption is provided for a wireless network comprising a first wireless station and at least a second wireless station. First messages are exchanged between the first wireless station and the second wireless station over a first synchronous wireless link to establish a shared secret and a first session key, the first messages not being encrypted. The MAC layer of the first synchronous wireless link is then encrypted using encryption on the basis of the first session key, then further messages are exchanged between the first wireless station and the second wireless station over the first synchronous wireless link to establish a second session key, the further messages being encrypted by the encryption of the MAC layer of the first synchronous wireless link. The MAC layer of the first synchronous wireless link is then encrypted using encryption on the basis of the second session key.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: December 4, 2018
    Assignee: CAMBIUM NETWORKS LTD
    Inventors: Mark Thomas, Richard Carter, Gregor Dean