Particular Algorithmic Function Encoding Patents (Class 380/28)
  • Patent number: 10050785
    Abstract: The present invention relates to a method of converting an encrypted data set into an encryption of individual bits representing the data set. Further, the invention relates to a system for converting an encrypted data set into an encryption of individual bits representing the data set. A basic idea of the present invention is to provide a protocol in which it is possible to divide an encryption of a data set in the form of e.g. a biometric feature, such as a number x, where x?{0, 1, . . . , n?1}, into an encryption of respective bits x0, x1, . . . , xt?1 forming the number x, where t is the number of bits of the number n?1, without leaking any information about x or its bits x0, x1, . . . , xt?1. Hence, the present invention enables splitting of the encryption [[x]] into the respective encrypted bits [[x0]], [[x1]] . . . , [[xt?1]] forming the encrypted number x=?I=1n xi 2i.
    Type: Grant
    Filed: May 19, 2015
    Date of Patent: August 14, 2018
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventors: Pim Theo Tuyls, Berry Schoenmakers
  • Patent number: 10044499
    Abstract: An information processing apparatus has an encryption part that encrypts by block encryption, and is embeddable in an electronic apparatus, and achieves the above object by segmenting an authentication target message into one or more blocks for every 128 bits, the authentication target message including at least a predetermined authentication parameter and first encryption information that is obtained by encrypting plaintext information by the encryption part, successively computing each of the one or more segmented blocks by a GHASH function including a predetermined algorithm, using a plurality of 8-bit arrays including 16 elements, and generating second encryption information that is obtained by encrypting a computed result by the encryption part, to generate an authentication tag.
    Type: Grant
    Filed: February 4, 2015
    Date of Patent: August 7, 2018
    Assignee: FUJI ELECTRIC CO., LTD.
    Inventor: Kenji Takatsukasa
  • Patent number: 10037433
    Abstract: Methods and systems described herein may perform a word-level encryption and a sentence-level encryption of one or more documents. The word-level encryption and the sentence-level encryption may be performed with an encryption key generated by a client device. A document indexer is stored in the one or more storage networks. The document indexer includes encrypted word frequencies and encrypted word position identifiers based on the encrypted words of the one or more encrypted documents. The client device receives search terms and encrypts the search terms with the encryption key. The one or more encrypted documents are identified in the one or more storage networks based on searching with the encrypted search terms and at least one of the encrypted word frequencies and/or the encrypted word position identifiers.
    Type: Grant
    Filed: November 4, 2015
    Date of Patent: July 31, 2018
    Assignee: NTT DOCOMO INC.
    Inventors: Trung Diep, Pero Subasic
  • Patent number: 10038679
    Abstract: Various embodiments are generally directed to pairing computing devices for collaborative interaction via a network through a centralized secure device pairing service. An apparatus comprises a controller processor circuit, and a controller storage communicatively coupled to the controller processor circuit to store an initial private key and to store instructions that when executed by the controller processor circuit cause the controller processor circuit to create a first signature using the initial private key, transmit the first signature to an issuing server via a network, receive a group public key and an associated member private key from the issuing server, create a second signature using the member private key, transmit the second signature to a member device via the network; receive a third signature from the member device; and authenticate the third signature using the group public key. Other embodiments are described and claimed herein.
    Type: Grant
    Filed: December 24, 2012
    Date of Patent: July 31, 2018
    Assignee: INTEL CORPORATION
    Inventor: Adam Marek
  • Patent number: 10033529
    Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server proxies messages to/from the different server including a set of signed cryptographic parameters signed using the private key on the different server. The different server generates the master secret, and generates and transmits the session keys to the server that are to be used in the secure session for encrypting and decrypting communication between the client device and the server.
    Type: Grant
    Filed: July 5, 2016
    Date of Patent: July 24, 2018
    Assignee: CLOUDFLARE, INC.
    Inventors: Sébastien Andreas Henry Pahl, Matthieu Philippe François Tourne, Piotr Sikora, Ray Raymond Bejjani, Dane Orion Knecht, Matthew Browning Prince, John Graham-Cumming, Lee Hahn Holloway, Nicholas Thomas Sullivan, Albertus Strasheim
  • Patent number: 10027483
    Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t))·f(X2(t))·f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.
    Type: Grant
    Filed: August 7, 2017
    Date of Patent: July 17, 2018
    Assignee: MORPHO
    Inventors: Thomas Icart, Jean-Sebastien Coron
  • Patent number: 10027850
    Abstract: A method and device for securing image data detected by an electronic device is provided. The electronic may include a camera. In one aspect, a method includes: capturing image data using the camera; based on the captured image data, detecting a security marker displayed by a display device, the security marker being periodically displayed to be undetectable by a human eye that is viewing the display device; and in response to determining that the security marker is detected by the electronic device, applying a security policy to the image data captured by the electronic device.
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: July 17, 2018
    Assignee: BLACKBERRY LIMITED
    Inventors: Sean Vandeweerd, Sanjay Nathwani, Kian Marandi
  • Patent number: 10027633
    Abstract: A similar-information search method includes obtaining an instruction indicating which of an encrypted search and an unencrypted search a data computation device is to perform; generating an encrypted feature quantity and transmitting the encrypted feature quantity to the data computation device; generating an encrypted similarity value and transmitting the encrypted similarity value; and receiving encrypted reference data from the data computation device and decrypting the encrypted reference data. A homomorphic encryption scheme that makes decryption by the data computation device unsuccessful is used when the encrypted search is performed, whereas an encryption scheme that makes decryption by the data computation device successful is used when the unencrypted search is performed.
    Type: Grant
    Filed: May 23, 2016
    Date of Patent: July 17, 2018
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Natsume Matsuzaki, Yuji Unagami
  • Patent number: 10025953
    Abstract: Systems and methods are disclosed for enabling a recipient of a cryptographically-signed electronic communication to verify the authenticity of the communication on-the-fly using a signed chain of check values, the chain being constructed from the original content of the communication, and each check value in the chain being at least partially dependent on the signed root of the chain and a portion of the communication. Fault tolerance can be provided by including error-check values in the communication that enable a decoding device to maintain the chain's security in the face of communication errors. In one embodiment, systems and methods are provided for enabling secure quasi-random access to a content file by constructing a hierarchy of hash values from the file, the hierarchy deriving its security in a manner similar to that used by the above-described chain.
    Type: Grant
    Filed: June 21, 2016
    Date of Patent: July 17, 2018
    Assignee: Intertrust Technologies Corporation
    Inventor: Xavier Serret-Avila
  • Patent number: 10019465
    Abstract: Timing data associated with a database or database system can be stored in a reduced or compressed form which can be decompressed back to a full or original form. In doing so, timing data can be compressed by using a subset of a full set of possible values (e.g., a determined range which is more likely to occur) instead of using a full set of possible values. Timing data can also be compressed by eliminating redundant, insignificant duplicate and/or common values, for example, between one or more components (e.g., start and end times of a period of time) of the timing data.
    Type: Grant
    Filed: September 6, 2012
    Date of Patent: July 10, 2018
    Assignee: Teradata US, Inc.
    Inventors: Cameron Lewis, Elizabeth Brealey, Michael Reed
  • Patent number: 10019571
    Abstract: A system, comprising a logic circuit and delay circuitry, is described. The logic circuit is configured to perform a plurality of instances of a particular computation that is based on a plurality of inputs. The delay circuitry is configured to vary a power-consumption profile of the logic circuit over the plurality of instances, by applying, to the inputs, respective delays that vary over the instances, at least some of the delays varying independently from each other. Other embodiments are also described.
    Type: Grant
    Filed: March 13, 2016
    Date of Patent: July 10, 2018
    Assignee: WINBOND ELECTRONICS CORPORATION
    Inventors: Valery Teper, Uri Kaluzhny
  • Patent number: 10015152
    Abstract: A method for execution by a dispersed storage and task (DST) processing unit includes transforming a counter seed into a set of counter values; obtaining an encryption key; encrypting at least two portions of data utilizing the encryption key and at least two of the set of counter values, in parallel, to produce at least two ciphertexts; performing a first deterministic function on the at least two ciphertexts, in parallel, to produce at least two transformed ciphertexts; performing a second deterministic function on the at least two transformed ciphertexts to produce a mask; masking the encryption key using the mask to produce a masked key; and combining the at least two ciphertexts and the masked key to produce secure data.
    Type: Grant
    Filed: July 22, 2016
    Date of Patent: July 3, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jason K. Resch, Wesley B. Leggette
  • Patent number: 10015148
    Abstract: In some examples, a controller is configured to generate a key based on a physics-based output of a component. The controller may, for example, use the key to authenticate communication between at least two nodes, to encrypt data, or to decrypt data, may be generated based on a physics-based output generated a component. The output generated by the component may vary over time, such that the controller is configured to generate a different key, depending on the time at which the output from the component used to generate the key was generated by the component. In some examples, the key is not stored in a memory, and is a discrete signal that only exists in real-time while the component is active and generating the detectable output.
    Type: Grant
    Filed: March 5, 2015
    Date of Patent: July 3, 2018
    Assignee: Honeywell International Inc.
    Inventor: Kenneth H. Heffner
  • Patent number: 10007769
    Abstract: A device to apply a digital fingerprint to a digital signal comprises a means of intercepting or acquiring a signal, a storage element and a processor for executing computer implemented program code components in the storage element to effect the methods. The methods include transforming a plurality of signal samples onto a discrete orthonormal basis and ranking the transformed samples according to their magnitude. The n largest principal components of the ranked transformed samples are optionally permuted to generate a re-ordered set of principal components, which are then altered by a marking angle. The marked principal components and unmarked non-principal components are converted and combined and applying an inverse of the transform function to the combined principal and non-principal components to generate a fingerprinted digital signal. Methods to prepare the signal for marking, recover the digital fingerprint and verify the distributor and/or recipients of the signal are also disclosed.
    Type: Grant
    Filed: October 18, 2016
    Date of Patent: June 26, 2018
    Assignee: Optimark, L.L.C.
    Inventors: Oscar Moreno De Ayala, Anatol Zygmunt Tirkel
  • Patent number: 10007803
    Abstract: The present invention relates to a computer-implemented method, system and computer readable medium for searching over encrypted keywords in a database. The method includes the steps of generating at least one keyword, generating a plurality of different encrypted keywords corresponding to the keyword, storing the at least one encrypted keyword in the database, generating a plurality of different trapdoors for the keyword, verifying the plurality of different trapdoors with the plurality of different encrypted keywords corresponding to the keyword, and determining the keyword is found if the plurality of different trapdoors match with one the encrypted keyword corresponding to the keyword, otherwise determining the keyword is not found.
    Type: Grant
    Filed: October 18, 2013
    Date of Patent: June 26, 2018
    Assignee: Infosys Limited
    Inventors: Kulvaibhav Kaushik, Vijayaraghavan Varadharajan, Rajarathnam Nallusamy
  • Patent number: 10007910
    Abstract: Systems and methods for performing a secure transaction provided. In one embodiment, the method includes: reading data on a command token, reading data on a token; encrypting the token data with a key; encrypting an authentication data with a clear text token data; and transmitting the encrypted authentication data with the encrypted token data to a remote device.
    Type: Grant
    Filed: February 1, 2016
    Date of Patent: June 26, 2018
    Assignee: VeriFone, Inc.
    Inventors: Clay von Mueller, Mihir Bellare, Scott Yale, Patrick K. Hazel, Paul Elbridge Catinella
  • Patent number: 10009339
    Abstract: In one embodiment, a processor includes: a first die including at least one processor core to execute instructions and a non-volatile storage to store an identifier to be provisioned into the processor during manufacture; a second die to couple to the first die, the second die including a wireless circuit and a second non-volatile storage; and a wireless interface to couple to the second die to enable wireless communication with a wireless device. The processor may be disabled if the identifier is not stored in the second non-volatile storage. Other embodiments are described and claimed.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: June 26, 2018
    Assignee: Intel Corporation
    Inventors: Sergiu D. Ghetie, Neeraj S. Upasani, Vijaya K. Boddu, Kenneth Young, Daniel G. Borkowski, Won Lee, Shahrokh Shahidzadeh, Samie B. Samaan
  • Patent number: 10003460
    Abstract: A secret quotient transfer device that can reduce the communication cost. On the assumption that u denotes a natural number and represents a boundary value, m denotes an integer that satisfies a relation m?2u, i denotes an integer from 0 to m?1, a plain text a is an integer that is equal to or greater than 0 and smaller than an arbitrary modulo p, the integers a and 0 are congruent modulo 2u, and the plain text a is expressed as a sum of m sub-shares x0, . . . , xm-1, the secret quotient transfer device computes a quotient q of the division of a total sum aZ of the sub-shares by p according to q=?(i<m)xi mod 2u.
    Type: Grant
    Filed: October 3, 2014
    Date of Patent: June 19, 2018
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Dai Ikarashi, Ryo Kikuchi, Koki Hamada, Koji Chida
  • Patent number: 10003462
    Abstract: A key generating method and apparatus, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.
    Type: Grant
    Filed: September 28, 2015
    Date of Patent: June 19, 2018
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Lei Xu, Zhengde Zhai
  • Patent number: 10002547
    Abstract: Secret calculation including secret random permutation is performed at high speed. In unit permutation, random permutation devices p0, . . . , pk-1 perform permutation of additive secret sharing values «a»?i of a plain text a with sub shares ??i of permutation data ?. In resharing, the random permutation device p0 generates additive secret sharing values «a»?i+1pk by using random numbers r1, . . . , rk-1 which are respectively shared with random permutation devices pj (j=1, . . . , k?1) so as to transmit the additive secret sharing values «a»?i+1pk to the random permutation device pk and each of the random permutation devices pj generates additive secret sharing values «a»?i+1pj by using random numbers rj.
    Type: Grant
    Filed: January 7, 2015
    Date of Patent: June 19, 2018
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Dai Ikarashi, Koki Hamada, Ryo Kikuchi, Koji Chida
  • Patent number: 9992013
    Abstract: A system, method and computer-readable storage medium for decrypting a code c using a modified Extended Euclidean Algorithm (EEA) having an iteration loop independent of the Hamming weight of inputs to the EEA and performing a fixed number of operations regardless of the inputs to the EEA thereby protecting a cryptographic device performing the decryption from side-channel attacks.
    Type: Grant
    Filed: March 23, 2016
    Date of Patent: June 5, 2018
    Assignee: GEMALTO SA
    Inventors: Mariya Georgieva, Frederic De Portzamparc
  • Patent number: 9992048
    Abstract: Systems and methods for cognitive radio spectrum sensing of a signal are disclosed herein. On exemplary method comprises applying a pre-defined cyclostationary feature to detect the presence of the signal; detecting the signal; detecting a spectrum associated with the signal; sampling randomly the detected signal from its cyclic frequency domain; and applying a compressive sensing algorithm to classify the signal based on the cyclostationary feature. The signal can be sparse in time, space, frequency, or code domains. Thereby, the systems and methods described in the present disclosure involve exploiting compressive sensing in a specific sparse domain (i.e., cyclic domain) and also utilize a cyclostationary feature based compressive spectrum sensing scheme to perform spectrum analysis.
    Type: Grant
    Filed: April 1, 2016
    Date of Patent: June 5, 2018
    Assignee: The Board of Trustees of The University of Alabama
    Inventors: Fei Hu, Mengcheng Guo
  • Patent number: 9984217
    Abstract: Systems and methods are provided for accessing a user account by a user with a first password, and then changing the first password to a second password in response to a request from the user without compromising the second password. The system may include a database in a server storing the first password and the second password. The server may provide the user access to the user account over a network connection in response to receiving the first password from the user. In response to the server receiving a request by the user, the server may disable the first password and activate the second password without requiring the user to provide the second password over the network connection at the time of the request.
    Type: Grant
    Filed: February 19, 2016
    Date of Patent: May 29, 2018
    Assignee: PayPal, Inc.
    Inventor: Riaz Ebrahim Mohamed
  • Patent number: 9985784
    Abstract: Various embodiments relate to a method of encoding data and a related device and non-transitory machine readable storage medium, including: determining a factor set, S, to be used for encoding the value, h, wherein the factor set includes a plurality of subsets that are associated with respective digit positions in the value, h; selecting a plurality of factors from the factor set, S; and computing a product of the plurality of factors to produce an encoded value. Various other embodiments relate to a method of encoding data and a related device and non-transitory machine readable storage medium, including: determining a factor set, S, and weight, w, to be used for encoding the value, h; selecting a set, T, of w factors from the factor set, S, to represent the value, h; and computing a product of the set, T, to produce an encoded value.
    Type: Grant
    Filed: April 17, 2015
    Date of Patent: May 29, 2018
    Assignee: NXP B.V.
    Inventors: Michaël Peeters, Joppe Bos
  • Patent number: 9973334
    Abstract: One embodiment of the invention includes a method, including performing, a symmetric homomorphic encryption of a secret SA with a cryptographic key H as input yielding a homomorphic encryption result SA*, sending SA* for mathematical combination by at least one device with at least one secret SB yielding G*, the device A not having access to SB, the at least one device not having access to SA and not having access to H, receiving G*, performing a symmetric homomorphic decryption of data based on G* with H as input yielding a first decrypted output, determining a symmetric cryptographic key KA based on the first decrypted output for secure communication with a first device which is operationally connected to, or includes, a tamper resistant security system including SA and SB therein, securing data using KA yielding secured data, and sending the secured data to the first device.
    Type: Grant
    Filed: March 13, 2016
    Date of Patent: May 15, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: Eliphaz Hibshoosh, Aviad Kipnis, Andrew Sinton
  • Patent number: 9973336
    Abstract: A hash value generating device for generating a hash value based on the KECCAK algorithm includes a ? processing unit, a ? processing unit, a ? processing unit, a ? processing unit, and an processing unit for performing processing of five steps ?, ?, ?, ?, and included in round processing of the KECCAK algorithm. The ? processing unit receives input of data in units of planes and outputs data in units of sheets.
    Type: Grant
    Filed: February 17, 2014
    Date of Patent: May 15, 2018
    Assignee: Canon Kabushiki Kaisha
    Inventors: Seiga Karaki, Shinya Yamada
  • Patent number: 9967096
    Abstract: A system includes circuitry for rewriting blockchains in a non-tamper-evident or tamper-evident operation using a key secret held by a trusted party. The blockchains may include a series of blocks secured by a chameleon hash that may prevent non-tamper-evident rewrites by non-trusted parties that are not in possession of the key secret. Rewrite circuitry of the system may determine randomness data from the chameleon hash and altered data from a rewrite. The randomness data may be written to the randomness field of a block overwritten with the altered data such that the block remains coding-consistent with the chameleon hash and other blocks in the blockchain.
    Type: Grant
    Filed: May 16, 2017
    Date of Patent: May 8, 2018
    Assignee: Accenture Global Solutions Limited
    Inventors: Giuseppe Ateniese, Michael T. Chiaramonte, David Treat, Bernardo Magri, Daniele Venturi
  • Patent number: 9965639
    Abstract: Embodiments of the present invention provide systems and methods for authenticating the source code of a software end product. The method includes generating a compound key, which is composed of a set of unique keys generated from a source file. A set of files are separately build based on a received source code, and a key generated and embedded into the files at the time of the build. A validation tool is used to compare the values of the generated compound key to the values of the embedded key to determine if the values match.
    Type: Grant
    Filed: July 17, 2015
    Date of Patent: May 8, 2018
    Assignee: International Business Machines Corporation
    Inventors: Badekila Ganesh Prashanth Bhat, Nageswararao V. Gokavarapu, John Kurian, Raghavendran Srinivasan
  • Patent number: 9967088
    Abstract: A system includes circuitry for rewriting blockchains in a non-tamper-evident or tamper-evident operation using a key secret held by a trusted party. The blockchains may include a series of blocks secured integrity codes that may prevent non-tamper-evident rewrites by non-trusted parties that are not in possession of the key secret. In some cases, the key may allow valid but tamper-evident rewrites of the blockchain by trusted entities. Integrity outputs may be generated from the integrity codes based on the content of the previous blocks in the series such that attempts by untrusted parties to replace a block may be detected through coding-inconsistencies with other blocks.
    Type: Grant
    Filed: May 16, 2017
    Date of Patent: May 8, 2018
    Assignee: Accenture Global Solutions Limited
    Inventors: Giuseppe Ateniese, Michael T. Chiaramonte, David Treat, Bernardo Magri, Daniele Venturi
  • Patent number: 9959586
    Abstract: The present disclosure describes a system, method, and computer program for encoding and decoding a unique signature for a user in a video file, wherein the digital signature is substantially invisible to the viewer of the video, easy to detect during the coding process, does not require specialized equipment for playback of the video, and is resilient to transcoding, video editing, and high compression encoding. A numeric digital signature is converted into a binary number. The binary number is then divided into sequences, where sequence includes a subset of data bits from the binary number. Each sequence is also associated with a sequence ID that enables the data bits in the sequence to be later combined in the correct order to recreate the binary number. A watermark is created for each of the sequences and embedded within suitable areas of a color channel.
    Type: Grant
    Filed: December 13, 2016
    Date of Patent: May 1, 2018
    Assignee: GoAnimate, Inc.
    Inventors: Tang Fei Yu, Omar Rabbolini
  • Patent number: 9953184
    Abstract: The techniques discussed herein facilitate the transmission, storage, and manipulation of data in an encrypted database management system (EDBMS). An untrusted machine is connected to a data store having encrypted records, a client machine that sends encrypted queries, and a trusted machine that receives and decrypts the encrypted records and encrypted queries. The trusted machine processes the query using semantically secure query operators to produce a query result. The trusted machine ensures the size of the query result conforms to an upper bound on the number or records in the query result and returns the query result.
    Type: Grant
    Filed: April 17, 2015
    Date of Patent: April 24, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Arvind Arasu, Kenneth Hiroshi Eguro, Ravishankar Ramamurthy, Kaushik Shriraghav
  • Patent number: 9953312
    Abstract: A wearable device including a touchscreen; a wireless communication unit configured to communicate with an external terminal including an electronic wallet (SE, Secure Element), the external terminal wirelessly linked with the wearable device; and a controller configured to receive a preset user gesture, receive information relating to an account of the electronic wallet (SE) from the external terminal in response to the preset user gesture, display the received information on the touchscreen, and process an NFC (Near Field Communication) payment using the information displayed on the touchscreen.
    Type: Grant
    Filed: October 14, 2014
    Date of Patent: April 24, 2018
    Assignee: LG ELECTRONICS INC.
    Inventor: Dongju Lee
  • Patent number: 9946662
    Abstract: A method of providing security in a computer system includes dividing a block of data into initial left and right halves, and calculating updated left and right halves for each of a plurality of rounds. Calculating the updated left half includes applying a first function to an input left half to produce a first result, and mixing the first result with an input right half. Calculating the updated right half includes applying a second function to the input left half to produce a second result, and mixing the second result with a round key. The input left and right halves are the initial left and right halves for the first round, and thereafter the updated left and right halves for an immediately preceding round. And method may include producing a block of ciphertext with a key composed of the updated left and right halves for the last round.
    Type: Grant
    Filed: August 29, 2014
    Date of Patent: April 17, 2018
    Assignee: THE BOEING COMPANY
    Inventor: Laszlo Hars
  • Patent number: 9948463
    Abstract: Multivariate public key signature/verification system including a signature module and a verification module. The signature module contains a processor, first affine transformation inversion component, isomorphic inversion component, trapdoor component, isomorphic component, and second affine transformation inversion component. Corresponding computations are executed sequentially by the components on a message to be signed; solutions are generated after being processed by the trapdoor component; one solution is selected randomly and transmitted to the isomorphic component and second affine component for processing, and a signature generated is transmitted with the message to the processor. The verification module contains the processor and a public key transformation component. The signature is transmitted by the processor to the transformation component and substituted into each multivariate polynomial in a public key mapping.
    Type: Grant
    Filed: December 18, 2013
    Date of Patent: April 17, 2018
    Assignee: SOUTH CHINA UNIVERSITY OF TECHNOLOGY
    Inventors: Shaohua Tang, Wuqiang Shen
  • Patent number: 9935951
    Abstract: A remote data protection network provides a blind hashing service. A blind hashing server receives a message such as a digest from a client, and uses the message to derive a set of indices or offsets into a huge block of random data that is maintained by the remote data protection network. The corresponding extents of data in the block are combined, e.g. using a hash or HMAC function, and then returned to the invoking client, e.g. as a salt. The message and response may be salted with a unique client salt.
    Type: Grant
    Filed: April 17, 2015
    Date of Patent: April 3, 2018
    Assignee: Taplink, Inc.
    Inventor: Jeremy Spilman
  • Patent number: 9928370
    Abstract: According to an embodiment, a communication device includes an acquirer and a determiner. The acquirer is configured to acquire a first history value for each of one or more applications that use an encryption key. The first history value indicates a history value of a volume of the encryption key used by the each of one or more applications. The determiner is configured to determine a volume of the encryption key to be assigned to the corresponding application, according to the first history value.
    Type: Grant
    Filed: February 20, 2014
    Date of Patent: March 27, 2018
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yoshimichi Tanizawa, Hideaki Sato, Ririka Takahashi, Shinichi Kawamura, Shinya Murai
  • Patent number: 9929862
    Abstract: An optimized hardware architecture and method introducing a simple arithmetic processor that allows efficient implementation of an Elliptical Curve Cryptography point doubling algorithm for Jacobian coordinates. The optimized architecture additionally reduces the required storage for intermediate values.
    Type: Grant
    Filed: December 23, 2013
    Date of Patent: March 27, 2018
    Assignee: NXP B.V.
    Inventors: Miroslav Knezevic, Ventzislav Nikov
  • Patent number: 9922720
    Abstract: In accordance with some embodiments, the way in which the fuses are sensed and, particularly, their order may be made more random so that it is much more difficult to simply exercise the device and determine all the values of the storage elements within the fuse array. One result is a more secure storage device.
    Type: Grant
    Filed: March 7, 2013
    Date of Patent: March 20, 2018
    Assignee: Intel Corporation
    Inventors: Jason G. Sandri, Horaira Abu, Charles A. Peterson, Matthew B. Pedersen, Brian Harris, Ian S. Walker, Monib Ahmed
  • Patent number: 9923719
    Abstract: Encrypted data transmitted from a second entity to a first entity may be received. The encrypted data may be encrypted by a location based public key based on a public key and a location associated with the second entity. A location associated with the first entity may be identified. A location based private key may be generated based on a private key that corresponds to the public key and the location associated with the first entity. Furthermore, the encrypted data may be decrypted with the location based private key when the location associated with the first entity matches the location associated with the second entity.
    Type: Grant
    Filed: November 23, 2015
    Date of Patent: March 20, 2018
    Assignee: Cryptography Research, Inc.
    Inventors: Ambuj Kumar, Mark Evan Marson, Daniel Robert Beitel
  • Patent number: 9917828
    Abstract: An email security system is described that allows users within different organizations to securely send email to one another. The email security system provides a federation server on the Internet or other unsecured network accessible by each of the organizations. Each organization provides identity information to the federation server. When a sender in one organization sends a message to a recipient in another organization, the federation server provides the sender's email server with a secure token for encrypting the message to provide secure delivery over the unsecured network.
    Type: Grant
    Filed: May 6, 2014
    Date of Patent: March 13, 2018
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Frank Byrum, Mayank Mehta, Chandresh Jain, Ladislau Conceicao, Brian Kress, Greg Gourevitch, Michael Nelte, Chris Barnes
  • Patent number: 9917695
    Abstract: A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block.
    Type: Grant
    Filed: March 11, 2013
    Date of Patent: March 13, 2018
    Assignees: BlackBerry Limited, Certicom Corp.
    Inventors: Atsushi Yamada, Gregory Marc Zaverucha
  • Patent number: 9910856
    Abstract: Information source agent systems and methods for distributed content storage and management using content signatures that use file identicality properties are provided. A data management system is provided that includes a content engine for managing the storage of file content, a content signature generator that generates a unique content signature for a file processed by the content engine, a content signature comparator that compares content signatures and a content signature repository that stores content signatures. Information source agents are provided that include content signature generators and content signature comparators. Methods are provided for the efficient management of files using content signatures that take advantage of file identicality properties. Content signature application modules and registries exist within information source clients and centralized servers to support the content signature methods.
    Type: Grant
    Filed: June 12, 2017
    Date of Patent: March 6, 2018
    Assignee: Callahan Cellular L.L.C.
    Inventors: Bruce Borden, Russell Brand
  • Patent number: 9910971
    Abstract: Methods and devices for thwarting code and control flow based attacks on software. The source code of a subject piece of software is automatically divided into basic blocks of logic. Selected basic blocks are amended so that their outputs are extended. Similarly, other basic blocks are amended such that their inputs are correspondingly extended. The amendments increase or create dependencies between basic blocks such that tampering with one basic block's code causes other basic blocks to malfunction when executed.
    Type: Grant
    Filed: January 12, 2016
    Date of Patent: March 6, 2018
    Assignee: IRDETO B.V.
    Inventors: Harold Joseph Johnson, Yuan Xiang Gu, Yongxin Zhou
  • Patent number: 9910792
    Abstract: A processing system includes a memory and a cryptographic accelerator operatively coupled to the memory. The cryptographic accelerator performs a split substitute byte operation within two paths of a cryptographic round by determining a first output from a first path by applying a mapped affine transformation to an input bit sequence represented by an element of a composite field of a finite-prime field, wherein the first output is represented by a first element of the composite field of the finite-prime field, and a second output from a second path by applying a scaled mapped affine transformation to the input bit sequence, wherein the second output is represented by a second element of the composite field and is equal to a multiple of the first output in the composite field.
    Type: Grant
    Filed: April 11, 2016
    Date of Patent: March 6, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Vikram B. Suresh
  • Patent number: 9906506
    Abstract: A variety of techniques for performing identity verification are disclosed. As one example, a verification request is received from a remote user. The verification request pertains to a cryptographic key. In response to receiving a confirmation from a local user of the local device, a verification process is initiated. A result of the verification process is transmitted to the remote user. As a second example, a verification request can be received at the local device, from a local user of the device. A verification process with respect to the local user is initiated, and a result of the verification process is transmitted to a remote user that is different from the local user.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: February 27, 2018
    Assignee: Wickr Inc.
    Inventors: Christopher Howell, Robert Statica, Kara Lynn Coppa
  • Patent number: 9900153
    Abstract: A plaintext and cryptographic key are used to generate an initialization vector to be used in a cryptographic algorithm, such as an encryption algorithm. In some examples, the plaintext and cryptographic key are input into an effectively one-way function, such as a cryptographic hash function, the output of which is usable as an initialization vector. Cryptographic keys may be rotated probabilistically based at least in part on probabilities of output collisions of the effectively one-way function to ensure a low probability of two different plaintexts resulting in calculation of the same initialization vector for use with the same cryptographic key.
    Type: Grant
    Filed: August 1, 2016
    Date of Patent: February 20, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Matthew John Campagna
  • Patent number: 9898623
    Abstract: An encryption method includes accessing a look-up table (LUT) to implement countermeasures against side-channel attacks, such as embedding masks. The LUT is initialized by writing initialization values in the LUT by applying an address-mask to input data that identify a location of said LUT and a data-mask to data to be stored at a location of the LUT. The method includes carrying out an initialization of the LUT that includes providing at least one second address-mask and one second data-mask; and computing corresponding initialization values as a function of a logic combination of the aforesaid first address-mask and second address-mask and of a logic combination of the aforesaid first data-mask and second data-mask. In the resulting table the address data are masked only by the second address-mask and the data are masked only by the second data-mask. The structure of the LUT may allow convenient implementation by initializing all the values of the LUT in parallel in one cycle.
    Type: Grant
    Filed: March 18, 2015
    Date of Patent: February 20, 2018
    Assignee: STMICROELECTRONICS S.R.L.
    Inventor: Filippo Melzani
  • Patent number: 9892275
    Abstract: Various embodiments of systems, computer program products, and methods for encrypting data in a multi-tenant cloud environment are described herein. In an aspect, an encryption time frame to encrypt data associated with a user in a multi-tenant cloud environment may be retrieved. Based on the encryption time frame, a list of object types to be encrypted may be identified. A batch encryption period may be determined for encrypting data corresponding to the list of object types. Further, batches are sequentially selected based on the batch encryption period, for a selected batch: one or more data records may be retrieved based on the batch encryption period and the one or more data records may be encrypted in groups based on at least one throttling value.
    Type: Grant
    Filed: March 10, 2016
    Date of Patent: February 13, 2018
    Assignee: SAP SE
    Inventors: Vipul Gupta, Balaji Raghunathan, Darpan Dinker
  • Patent number: 9887996
    Abstract: Systems, methods, and other embodiments associated with bidirectional authentication are described herein. According to one embodiment, a method includes a user receiving a communication from an entity. In response to receiving the communication from the entity, the method further includes generating a token. The token may be a one-time passcode, personal identification number (PIN), alphanumeric value, code word, pass phrase, or security question. The token is received by a device of the user. Additionally, the token is transmitted to the entity. The user may then receive evidence of the token from the entity.
    Type: Grant
    Filed: September 22, 2016
    Date of Patent: February 6, 2018
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Christopher Phillip Clausen, Lisa Michelle Lepage, Darrell Lee Suen, Jeffrey A. Cornman
  • Patent number: 9886597
    Abstract: The invention relates to a data-processing method that includes encoding a plurality of data of n bits into code words having a predefined constant Hamming weight, characterized in that said method also includes using (4000) encryption operations or arithmetic operations on the resulting code word(s) and also in that encoding each datum includes: decomposing (100) the datum into a plurality of m bit sequences to be encoded, m strictly being less than n; encoding (300) each bit sequence into a partial code word, each having a predefined Hamming weight, such that the sum of the Hamming weights of the partial code words are equal to the Hamming weights of the code word; and concatenating (300) the partial code words such as to produce the code word corresponding to the datum. The invention also relates to a data transmission method and to an electronic circuit configured to implement said methods.
    Type: Grant
    Filed: January 17, 2014
    Date of Patent: February 6, 2018
    Assignee: MORPHO
    Inventors: Julien Bringer, Victor Servant