Particular Algorithmic Function Encoding Patents (Class 380/28)
  • Patent number: 11907728
    Abstract: A Basic Input Output System (BIOS)-based multi-user management method and system. The method includes: identifying states of multiple users of a current BIOS to find a user whose state is an enable state; finding a Non-Volatile Random Access Memory (NVRAM) corresponding to the user in the enable state, and reading BIOS configuration parameter information of the user in the enable state; monitoring a hot key boot phase of a BIOS startup process to determine whether there is a key action at the hot key boot phase; and when there is no key action, performing a manipulation to configure the current BIOS with the read BIOS configuration parameter information of the user in the enable state, thereby effectively configuring the BIOS for the multiple users, and retaining more customized parameters in BIOS information. Therefore, a server becomes a diversely used terminal device more easily.
    Type: Grant
    Filed: October 27, 2020
    Date of Patent: February 20, 2024
    Assignee: INSPUR SUZHOU INTELLIGENT TECHNOLOGY CO., LTD.
    Inventors: Shuaishuai Jia, Daotong Li
  • Patent number: 11909870
    Abstract: A server can record a device static public key (Sd) and a server static private key (ss). The server can receive a message with (i) a device ephemeral public key (Ed) and (ii) a ciphertext encrypted with key K1. The server can (i) conduct an EC point addition operation on Sd and Ed and (ii) send the resulting point/secret X0 to a key server. The key server can (i) perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using X0 and a network static private key to derive a point/secret X1, and (ii) send X1 to the server. The server can conduct a second ECDH key exchange using the server static private key and point X0 to derive point X2. The server can conduct an EC point addition on X1 and X2 to derive X3. The server can derive K1 using X3 and decrypt the ciphertext.
    Type: Grant
    Filed: March 24, 2023
    Date of Patent: February 20, 2024
    Assignee: IoT and M2M Technologies, LLC
    Inventor: John A. Nix
  • Patent number: 11909893
    Abstract: Content, such as an encryption key, may be transmitted between computing systems that both use more than one encryption algorithm. Secrets may be used to encode the content. The different encryption algorithms may be used to separately encrypt the encoded content and the secrets prior to communicating the encrypted, encoded content and encrypted secrets between computing systems.
    Type: Grant
    Filed: June 27, 2022
    Date of Patent: February 20, 2024
    Assignee: Entrust Corporation
    Inventors: Michael Ounsworth, John Robert Gray, Serge Jean Maurice Mister
  • Patent number: 11909868
    Abstract: Disclosed is an orthogonal access control system based on cryptographic operations provided by multi-hop proxy re-encryption (PRE) that strictly enforces only authorized access to data by groups of users, scalable to large numbers of users. Scalable delegation of decryption authority can be shared with a plurality of members of a group whether those members be users or devices, and members of a group can further create sub groups and delegate decryption authority to those members, whether users or devices. Members are granted access via generation of transform keys, and membership or access can be revoked merely be deleting the transform key—no elimination of the encrypted data, regardless of its storage location, is needed.
    Type: Grant
    Filed: September 10, 2021
    Date of Patent: February 20, 2024
    Assignee: IronCore Labs, Inc.
    Inventors: Robert L. Wall, Patrick Joseph Walsh
  • Patent number: 11899781
    Abstract: A processing apparatus, an embedded system, a system-on-chip, and a security control method are disclosed. The processing apparatus includes a processor, adapted to execute a program; and a memory, coupled to the processor and adapted to provide a plurality of enclaves isolated from each other. One of the plurality of enclaves is a source enclave, another one of the plurality of enclaves is a target enclave, and the source enclave and the target enclave each are used to provide a storage space required for running a corresponding program. The processing apparatus further comprises a storage access controller, adapted to transmit specified data stored in the source enclave to the target enclave.
    Type: Grant
    Filed: April 26, 2021
    Date of Patent: February 13, 2024
    Assignee: Alibaba Group Holding Limited
    Inventors: Xuanle Ren, Xiaoxia Cui
  • Patent number: 11902432
    Abstract: Aspects of the present disclosure involve a method, a system and a computer readable memory to perform a cryptographic operation that includes identifying a first set of mutually coprime numbers, obtaining a second set of input numbers coprime with a corresponding one of the first set of mutually coprime numbers, obtaining an output number that is a weighted sum of the second set of input numbers, each of the second set of input numbers being taken with a weight comprising a product of all of the first set of mutually coprime numbers except the corresponding one of the first set of mutually coprime numbers, and performing the cryptographic operation using the output number.
    Type: Grant
    Filed: November 22, 2021
    Date of Patent: February 13, 2024
    Assignee: Cryptography Research, Inc.
    Inventors: Michael Tunstall, Michael Alexander Hamburg, Qinglai Xiao
  • Patent number: 11895346
    Abstract: Disclosure provides devices, methods, and computer-readable medium for secure frame management. Techniques disclosed herein provide an intelligent method for detecting triggering items in one or more frames of streaming video from an Internet Protocol camera. Upon detection, the camera transmits one or more frames of the video over a network to a computing device. Upon detecting a triggering item in a frame of the video stream, the computing device begins a streaming session with a server and stream the one or more frames of video and accompanying metadata to the server. The frames, metadata, and associated keys can all be encrypted prior to streaming to the server. For each subsequent segment of video frames that includes the triggering item, the server can append the frames of that segment to the video clip in an encrypted container. Once the triggering item is no longer detected, the streaming session can be closed.
    Type: Grant
    Filed: September 26, 2022
    Date of Patent: February 6, 2024
    Assignee: APPLE INC.
    Inventors: Anush G. Nadathur, Keith W. Rauenbuehler, Kenneth A. York, Varinder Singh, Nicholas M. Fraioli
  • Patent number: 11886624
    Abstract: A writing method of a crypto device includes receiving a write request from a central processing unit, determining a write attribute of the write request, and performing one of a partial write operation and a full write operation according to the write attribute. In the full write operation, a random number for a version count is generated, a key stream is generated using the version count, the key stream and write data are encrypted in a first logical operation, and the encrypted data and the version count are stored in a memory device.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: January 30, 2024
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Ingoo Heo, Youngwook Noh
  • Patent number: 11881933
    Abstract: An enhanced robust input protocol for secure multi-party computation (MPC) via pseudorandom secret sharing is provided. With this enhanced protocol, the servers that participate in MPC can generate and send a single random sharing [R] to a client with k inputs (rather than a separate random sharing per input), and the client can derive k pseudorandom sharings from [R] without any further server interactions.
    Type: Grant
    Filed: October 20, 2021
    Date of Patent: January 23, 2024
    Assignee: VMware LLC
    Inventor: Avishay Yanai
  • Patent number: 11876888
    Abstract: A division unit (22) divides a plaintext M every b bits from a beginning, thereby generating b-bit values M1, . . . , Mm-1 and a value Mm having 1 or more bits to b or less bits. An S1 calculation unit (241) assigns a b-bit value H1 to a value M0, and for each integer i of i=1, . . . , m in an ascending order, takes a value Mi-1 as input to an encryption function E, thereby calculating a value S1(i), and calculates a value Ci from the value S1(i) and a value Mi. An S2 calculation unit (242) assigns an r-bit value H2 to a value S2(0), and for each integer i of i=1, . . . , m in an ascending order, calculates a value S2(i) from the value S1(i) and from a value S2(i?1). A ciphertext generation unit (243) generates a ciphertext C from a value Ci for each integer i of i=1, . . . , m. An authenticator generation unit (25) generates a (b+r)-bit authenticator T by using a value S1(m) and a value S2(m).
    Type: Grant
    Filed: June 15, 2022
    Date of Patent: January 16, 2024
    Assignee: Mitsubishi Electric Corporation
    Inventor: Yusuke Naito
  • Patent number: 11868485
    Abstract: A storage circuit stores secret information. A software processing circuit obtains an operation task and generates scheduling instructions corresponding to the operation task. After receiving the scheduling instructions, a hardware processing circuit obtains the secret information from the storage circuit when the flag bit in the scheduling instruction is a valid value, determines, based on the secret information, data addresses of one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction, and obtains the one or more pieces of operation data based on the data addresses to complete the operation corresponding to each scheduling instruction.
    Type: Grant
    Filed: January 5, 2022
    Date of Patent: January 9, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Qinglong Zhang, Qianying Tang, Wangchen Dai
  • Patent number: 11868349
    Abstract: Methods, computer program products, and systems are presented. The method computer program products, and systems can include, for instance: identifying an invoked database query for execution on a database, the invoked database query being associated to a user; generating an execution plan for executing the database query on the database; wherein the generating the execution plan for execution of the database query on the database includes establishing an ordering of first and second tables, the ordering of the first and second tables being in dependence on an access privilege attribute of the user in respect to the first table; and executing the database query according to the execution plan.
    Type: Grant
    Filed: May 5, 2020
    Date of Patent: January 9, 2024
    Assignee: International Business Machines Corporation
    Inventors: Artur M. Gruszecki, Tomasz Sekman, Tomasz Kazalski, Andrzej Jan Wrobel
  • Patent number: 11870884
    Abstract: Systems and methods for operating a cryptographic system. The methods comprise: obtaining ciphertext by the cryptographic system; performing operations by the cryptographic system to determine whether a given sequence of values exits within the ciphertext; and synchronizing the cryptographic system with another cryptographic system using the ciphertext as a bitrate portion of an initialization value for a cryptographic algorithm and zero as a capacity portion of the initialization value for the cryptographic algorithm, when a determination is made that the given sequence of values exist within the ciphertext.
    Type: Grant
    Filed: April 13, 2021
    Date of Patent: January 9, 2024
    Assignee: HARRIS GLOBAL COMMUNICATIONS, INC.
    Inventors: Steven M. Farris, Michael T. Kurdziel
  • Patent number: 11843807
    Abstract: A method for decoding a video according to the present invention may comprise: determining whether to divide a current block with quad tree partitioning, and dividing the current block into four partitions based on a vertical line and a horizontal line when it is determined that the current block is divided with the quad tree partitioning.
    Type: Grant
    Filed: July 28, 2022
    Date of Patent: December 12, 2023
    Assignee: KT CORPORATION
    Inventor: Bae Keun Lee
  • Patent number: 11843702
    Abstract: A processor-implemented method is disclosed. The method includes: generating a secure data object associated with a request for transfer of resources, the secure data object indicating one or more resource transfer parameters including account information for a transferee account at a resource account management system, wherein the secure data object includes a first hash computed based on the one or more resource transfer parameters; signing the secure data object using a private key associated with the resource account management system; and sending the secure data object to a messaging address associated with a transferor of the requested resources.
    Type: Grant
    Filed: November 20, 2020
    Date of Patent: December 12, 2023
    Assignee: The Toronto-Dominion Bank
    Inventors: Milos Dunjic, Asad Joheb, David Samuel Tax
  • Patent number: 11824986
    Abstract: There is provided a device for protecting the execution of a cryptographic operation from attacks, the cryptographic operation being implemented by a cryptographic algorithm, the cryptographic operation comprising at least one modular operation between a main base (m) representing a data block and at least one scalar (d) in at least one finite starting group. The device is configured to determine at least one intermediary group (E?) different from the at least one starting group (E), the number of intermediary groups being equal to the number of starting groups E. The device is further configured to determine at least one final group (E?) from the at least one starting group E and the at least one intermediary group E?. The base m being mapped to an auxiliary element (x) in the at least one intermediary group and to an auxiliary base (m?) in the at least one final group E?.
    Type: Grant
    Filed: December 18, 2018
    Date of Patent: November 21, 2023
    Assignee: SECURE-IC SAS
    Inventors: Sylvain Guilley, Cédric Murdica
  • Patent number: 11822704
    Abstract: A first arithmetic input share and a second arithmetic input share of an initial arithmetically-masked cryptographic value are received. A sequence of operations using the arithmetic input shares and a randomly generated number is performed, where a current operation in the sequence of operations generates a corresponding intermediate value that is used in a subsequent operation. At the end of the sequence of operations, a first Boolean output share and a second Boolean output share are generated. The arithmetic-to-Boolean mask conversion is independent of the input bit length.
    Type: Grant
    Filed: October 28, 2019
    Date of Patent: November 21, 2023
    Assignee: CRYPTOGRAPHY RESEARCH, INC.
    Inventors: Michael Hutter, Michael Tunstall
  • Patent number: 11811825
    Abstract: A method including receiving, by a receiving device from a transmitting device, a combination of messages including encrypted decoy messages and one or more encrypted content messages, the encrypted decoy messages being determined based at least in part on encrypting decoy data and the one or more encrypted content messages being determined based at least in part on encrypting content data; and decrypting, by the receiving device, a received message included in the combination of messages based at least in part on utilizing a cryptographic key; and determining, by the receiving device, that the received message is a content message or that the received message is a decoy message based at least in part on a result of decrypting the received message. Various other aspects are contemplated.
    Type: Grant
    Filed: March 24, 2022
    Date of Patent: November 7, 2023
    Assignee: UAB 360 IT
    Inventor: Adrianus Warmenhoven
  • Patent number: 11812422
    Abstract: Methods and apparatus for combining received uplink transmissions. In an embodiment, a method is provided that includes receiving a descrambled resource element associated with selected second channel state information (CSI2) and receiving a descrambling sequence used to generate the descrambled RE. The method also includes rescrambling the descrambled RE using the descrambling sequence to generate a rescrambled RE and modifying the descrambling sequence to generate a modified descrambling sequence. The method also includes descrambling the rescrambled RE with the modified descrambling sequence to generate a modified descrambled RE and accumulating the modified descrambled RE to form a combined CSI2 value.
    Type: Grant
    Filed: September 12, 2022
    Date of Patent: November 7, 2023
    Assignee: Marvell Asia Pte, Ltd
    Inventors: Sabih Guzelgoz, Hong Jik Kim
  • Patent number: 11809597
    Abstract: A public key generated by each user of a plurality of users is used to encrypt the contacts for that user. The results are sent to a server by each user. The key generated by each user is then distributed to every other user in the system, and each recipient encrypts their contacts with the keys. The result of these encryptions for all contacts for all recipients is then received by the server, and the server computes an encrypted computation of equality of two contacts and sends all computations back to the original user. The user can use the homomorphic property of the crypto protocol (e.g., a private key) to determine a set of users that are matched as contacts with the other users. The binary results are returned to the server, and the server computes a graph using the results.
    Type: Grant
    Filed: March 26, 2021
    Date of Patent: November 7, 2023
    Assignee: University of South Florida
    Inventors: Jean-Francois Biasse, William Youmans, Sriram Chellappan, Nathan Fisk, Noyem Khan
  • Patent number: 11804969
    Abstract: Systems and methods are described for establishing trust between two devices for secure peer-to-peer communication. In an example, a first and a second device can each possess a digital signature issued by the same certificate authority and a hash function issued by the same trusted entity. The devices can exchange public keys that include their respective digital signatures. The second device can verify the first device's digital signature, encrypt an encryption key with the second device's public key, hash the encryption key using its hash function, and encrypt the hash using its private key. The second device can send the encrypted hash and encryption key to the first device. The first device can verify the second device's digital signature, decrypt the encryption key, and decrypt the encrypted hash. The first device can hash the encryption key using its hashing function and compare the two hashes to verify the second device.
    Type: Grant
    Filed: March 1, 2021
    Date of Patent: October 31, 2023
    Assignee: VMWARE, INC.
    Inventors: Avinash Agarwal, Akhil Dhananjaya
  • Patent number: 11803650
    Abstract: A database management system receives a request to process a database query on behalf of a security principal. The database management system determines that processing the database query requires access to an encrypted portion of a file containing data subject to access conditions. The database management system determines that the security principle is authorized to use a key that corresponds to the encrypted portion of the file. The database management system then completes processing of the query by using the key to access the encrypted portion of the file.
    Type: Grant
    Filed: July 23, 2018
    Date of Patent: October 31, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Turkay Mert Hocanin, Anthony A. Virtuoso
  • Patent number: 11789981
    Abstract: A highly versatile data processing is implemented on data collected in a manufacturing process. A data processing device includes: a calculation part configured to collect a plurality of data groups associated with a predetermined step of a process, and calculate effects in the predetermined step for each of the plurality of data groups; a dividing part configured to divide a feature space such that a distribution of each of the plurality of data groups associated with the predetermined step in the feature space is classified for each of the calculated effects; and an output part configured to output specific data that specifies respective regions of the divided feature space.
    Type: Grant
    Filed: December 25, 2018
    Date of Patent: October 17, 2023
    Assignee: TOKYO ELECTRON LIMITED
    Inventors: Atsushi Suzuki, Takahiko Kato
  • Patent number: 11784814
    Abstract: According to an embodiment, the arithmetic device includes a controller. The controller is configured to: convert a bit string of m bits (where m is an integer of 4 or more) representing a multiplication value k when a certain condition is satisfied; set a value based on a coordinate value P of a specific point for a first variable and a second variable based on a second bit value from a least significant bit of the bit string; perform loop processing (m?3) times for multiplication processing of performing multiplication on the first variable and addition processing of adding two different points which are not infinite points by adding the first variable and the second variable; and output a coordinate value kP obtained by a scalar multiplication of the coordinate value P with the multiplication value k based on processing for a most significant bit of the bit string.
    Type: Grant
    Filed: March 12, 2021
    Date of Patent: October 10, 2023
    Assignee: Kioxia Corporation
    Inventor: Kazuki Inoue
  • Patent number: 11784812
    Abstract: A method for creating devices facilitating secure data transmission, storage and key management. At least two devices are each comprised of at least part of a physically unclonable function unit originally shared by the at least two devices on a single, monolithic original integrated circuit. The process includes physically segmenting the shared physically unclonable function unit between the at least two devices. The at least two devices which share the single, monolithic integrated circuit are physically separated into individual device units.
    Type: Grant
    Filed: December 14, 2020
    Date of Patent: October 10, 2023
    Assignee: The University of Tulsa
    Inventors: Andrew Kongs, Gavin Bauer, Kyle Cook
  • Patent number: 11777707
    Abstract: Embodiments are directed to homomorphic encryption for machine learning and neural networks using high-throughput Chinese remainder theorem (CRT) evaluation. An embodiment of an apparatus includes a hardware accelerator to receive a ciphertext generated by homomorphic encryption (HE) for evaluation, decompose coefficients of the ciphertext into a set of decomposed coefficients, multiply the decomposed coefficients using a set of smaller modulus determined based on a larger modulus, and convert results of the multiplying back to an original form corresponding to the larger modulus by performing a reverse Chinese remainder theorem (CRT) transform on the results of multiplying the decomposed coefficients.
    Type: Grant
    Filed: June 6, 2022
    Date of Patent: October 3, 2023
    Assignee: INTEL CORPORATION
    Inventors: Santosh Ghosh, Andrew Reinders, Rafael Misoczki, Rosario Cammarota, Manoj Sastry
  • Patent number: 11770410
    Abstract: A method including determining, by a transmitting device in communication with a receiving device, encrypted decoy messages based at least in part on encrypting decoy data utilizing an encryption key; determining, by the transmitting device, one or more encrypted content messages based at least in part on encrypting content data utilizing a cryptographic key, different from the encryption key; and transmitting, by the transmitting device to the receiving device, the one or more encrypted content messages among the encrypted decoy messages. Various other aspects are contemplated.
    Type: Grant
    Filed: March 22, 2022
    Date of Patent: September 26, 2023
    Assignee: UAB 360 IT
    Inventor: Adrianus Warmenhoven
  • Patent number: 11755646
    Abstract: Methods and processes for manufacture of an image product from a digital image. An object in the digital image is detected and recognized. Object metadata is assigned to the object, the object metadata linking sound to the object in the digital image which produced the sound. At least one cryptographic hash of the object metadata is generated, and the hash is written to a node of a transaction processing network.
    Type: Grant
    Filed: March 3, 2023
    Date of Patent: September 12, 2023
    Assignee: Eight Plus Ventures, LLC
    Inventors: Rodney Lake, Douglas Sturgeon, Anthony Sziklai
  • Patent number: 11755321
    Abstract: A circuit includes a data input that is configured to receive a data word, the data word including at least one operand which is rotated by a number of bits given by a rotation parameter, a first control input that is configured to receive the rotation parameter, a second control input that is configured to receive an indication of an operation to be performed, a first subcircuit that is configured to generate an operation- and rotation-dependent bit mask from the rotation parameter and the indication of the operation to be performed, a second subcircuit which is configured to process the at least one operand as a function of the bit mask and the operation to be performed, wherein the operand and the operation result generated by the processing remain in the rotated state, and a data output which is configured to output the operation result.
    Type: Grant
    Filed: January 13, 2022
    Date of Patent: September 12, 2023
    Assignee: INFINEON TECHNOLOGIES AG
    Inventors: Florian Mendel, Martin Schlaeffer, Erich Wenger
  • Patent number: 11755207
    Abstract: A data storage method in a storage system and a related system. The method includes: calculating a similar fingerprint of first to-be-stored data to obtain a first similar fingerprint, where the first similar fingerprint is for determining whether the first to-be-stored data is similar to stored data; determining reference data based on the first similar fingerprint, where a similar fingerprint of the reference data is the first similar fingerprint; determining first differential data between the to-be-stored data and the reference data based on the reference data, where the reference data is stored in a first storage unit; and storing the first differential data in a second storage unit, where the first storage unit and the second storage unit belong to a read range of a same read I/O.
    Type: Grant
    Filed: June 15, 2022
    Date of Patent: September 12, 2023
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Kun Guan, Bang Liu, Liyu Wang, Shaohui Quan, Liangxiang Zhang
  • Patent number: 11755287
    Abstract: A method for generating random numbers includes initializing a pseudo-random number generator (PRNG) having a state of 2048 bits comprising inner bits and outer bits, the inner bits comprising the first 128 bits of the 2048 bits and the outer bits comprising the remaining bits of the 2048 bits. The method also includes retrieving AES round keys from a key source, and for a threshold number of times, executing a round function using the AES round keys by XOR'ing odd-numbered branches of a Feistel network having 16 branches of 128 bits with a function of corresponding even-numbered neighbor branches of the Feistel network, and shuffling each branch of 128 bits into a prescribed order. The method also includes executing an XOR of the inner bits of the permuted state with the inner bits of a previous state.
    Type: Grant
    Filed: August 24, 2022
    Date of Patent: September 12, 2023
    Assignee: Google LLC
    Inventors: Jan Wassenberg, Robert Obryk, Jyrki Alakuijala, Emmanuel Mogenet
  • Patent number: 11743036
    Abstract: A method for establishing a shared key, includes: determining, by a first device, a braid group Bn having an index n as a public key; selecting, by the first device, a plurality of elements from the braid group Bn to generate a subgroup P, and selecting an element x from the subgroup P as a private key; receiving, by the first device, {y?1?1y,y?1?2y, . . . , y?1?n?1y} sent from a second device; sending, by the first device, {x?1?1x,x?1?2x, . . . , x?1?n?1x} calculated according to the first private key and each element of the public key, to the second device, to allow the second device to replace all occurrences of ?k in the second private key y with x??kx to obtain fy(x?1?1x,x?1?2x, . . . , x?1?n?1x)=x?1yx and to obtain the shared key x?1y?1xy by calculation; and replacing all ?k in the first private key of the first device with y?1?ky to obtain fx(y?1?1yy?1?2y, . . . , y?1?n?1y)=y?1xy, and calculating to obtain the shared key x?1y?1xy.
    Type: Grant
    Filed: May 6, 2020
    Date of Patent: August 29, 2023
    Assignee: SHENZHEN UNIVERSITY
    Inventors: Hanling Lin, Xiaofeng Wang, Yipin Ling, Weijian Wang
  • Patent number: 11743043
    Abstract: A method comprises: tokenizing, at a first device, a search query; creating search requests and send to delegate devices, each search request including a public key encrypted message containing the tokenized search query and index identifiers of indices to be searched; computing search responses to the search requests, each search response comprising a partial trapdoor computed per token per identifier; transmitting the search responses to the first device; recombining, at the first device, the search responses per identifier per token; performing a ranked set of queries against the indices; and returning the search results in order of relevancy.
    Type: Grant
    Filed: February 22, 2022
    Date of Patent: August 29, 2023
    Assignee: Atakama LLC
    Inventors: Joseph Oren Tysor, Erik A. Aronesty, Michael Krebs, Daniel Gallancy
  • Patent number: 11729154
    Abstract: A privacy gateway may communicate with user devices located at a plurality of premises. The privacy gateway may receive a data packet, from one of the user devices, indicating destinations, such as other computing devices, located external to the premises. The privacy gateway may decrypt at least a portion of the data packet to determine that at least a portion of data in the packet is associated with the user device. The privacy gateway may remove the data associated with the user device from the data packet and replace the removed data with data associated with the privacy gateway. The privacy gateway may send the data packet with the replaced data to a destination device. The privacy gateway may receive a response to the data packet from the destination device. The privacy gateway may encrypt a portion of the response and send the response to the user device.
    Type: Grant
    Filed: February 25, 2021
    Date of Patent: August 15, 2023
    Assignee: Comcast Cable Communications, LLC
    Inventor: Charles A. Helfinstine
  • Patent number: 11728966
    Abstract: The method of constructing QAP-based Homomorphic Encryption (HE) in the semi-public setting is introduced, which comprises: encryption, computation, and decryption. The data receiver produces a semi-public key Keys-pub. The data provider can encode his k-qubit plaintext |x to a k-qubit ciphertext |?en=QP|x via a k-qubit invertible operator QP randomly generated by Keys-pub. From the provider, the message En(?p) of QP encoded by a cryptosystem Gcrypt in Keys-pub is transmitted to the receiver through a small-resource communication channel and the ciphertext |?en is conveyed to the cloud. The receiver creates the instruction of encoded computation Uen=PMQP and transports to the cloud, where M is the required k-qubit arithmetic operation, P a k-qubit permutation, and a k-qubit operator to mingle with M. According the instruction, the cloud performs the encrypted evaluation Uen|?en and transfer to the receiver.
    Type: Grant
    Filed: December 10, 2021
    Date of Patent: August 15, 2023
    Assignee: National Applied Research Laboratories
    Inventors: Zheng-Yao Su, Ming-Chung Tsai
  • Patent number: 11728967
    Abstract: A circuit includes a cipher accessing a plurality of read-write memory units configured to handle data tables obtained from a modified mask; wherein the modified mask is being determined from an initial mask and a random value, the random value selecting one or more modifications of the initial mask amongst a plurality of predefined modifications including permutation operations. Developments of the invention describe the use of mathematically optimal or equivalent masks; the use of random values; a range of permutation operations comprising offset shifting and/or rotation and/or XOR operations and/or coprime construction; the use of round masks; the use of a Physically Unclonable Function; the refresh or update of modified masks and/or round masks; and verifications of the optimality and/or integrity of masks. System features (e.g. CPU, co-processor, local and/or remotely accessed external memory storing masks, volatile memory) and computer program products are described.
    Type: Grant
    Filed: December 11, 2018
    Date of Patent: August 15, 2023
    Assignee: SECURE-IC SAS
    Inventors: Florent Lozac'h, Sylvain Guilley
  • Patent number: 11727100
    Abstract: Systems and methods for providing exception failover augmented, homomorphic encrypted (HE) distributing, end-to-endpoint persistent encryption, and distributed HE domain non-decrypting, privacy-protective biometric processing are provided. Some configurations may include generating HE biometric feature data, based on homomorphic encrypting the biometric feature data. Some configurations determine an exception status of the HE biometric feature data between exception and non-exception. Systems and methods may include performing a HE domain, non-decrypting biometric classifying of the HE biometric feature data.
    Type: Grant
    Filed: December 13, 2022
    Date of Patent: August 15, 2023
    Assignee: The Government of the United States of America, as represented by the Secretary of Homeland Security
    Inventor: Arun Vemury
  • Patent number: 11728969
    Abstract: There may be provided a blockchain-implemented security method. It may be implemented using a blockchain network. Embodiments of the blockchain-implemented security method involve a first party and a second party. The blockchain-implemented security method generates a plurality of n cryptographic locks based on combinations of encrypted versions of a first plurality of n secrets generated by the first party and encrypted versions of a second plurality of n secrets generated by the second party. One secret belonging to the first plurality of n secrets generated by the first party is randomly selected. And a cryptographic key that unlocks a particular cryptographic lock of the plurality of n cryptographic locks is generated, wherein the particular cryptographic lock corresponds to the randomly selected one secret belonging to the first plurality of n secrets generated by the first party.
    Type: Grant
    Filed: December 3, 2018
    Date of Patent: August 15, 2023
    Assignee: nChain Licensing AG
    Inventors: Silvia Bartolucci, Pauline Bernat, Daniel Joseph, Craig Steven Wright
  • Patent number: 11727947
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for using audio watermarks with key phrases. One of the methods includes receiving, by a playback device, an audio data stream; determining, before the audio data stream is output by the playback device, whether a portion of the audio data stream encodes a particular key phrase by analyzing the portion using an automated speech recognizer; in response to determining that the portion of the audio data stream encodes the particular key phrase, modifying the audio data stream to include an audio watermark; and providing the modified audio data stream for output.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: August 15, 2023
    Assignee: Google LLC
    Inventor: Ricardo Antonio Garcia
  • Patent number: 11722291
    Abstract: A method of low-latency and encrypted hardware layer communication includes calculating, by an encryption circuit of a communication bridge controller, a pre-calculated encryption keys corresponding to a block encryptor of the encryption circuit, each block encryptor configured to use a corresponding pre-calculated encryption key to encrypt a corresponding unencrypted data block of a data transmission having one or more unencrypted data blocks, storing the one or more pre-calculated encryption keys in an encryption key memory associated with the communication bridge, for each unecrypted data block, encrypting the unencrypted data block using the corresponding pre-calculated encryption key to generate an encrypted data block and an authentication code block for the unencrypted data block, aggregating one or more encrypted data blocks into an encrypted data transmission, and generating an authenticated code corresponding to the encrypted data transmission based upon each of the authentication code blocks of eac
    Type: Grant
    Filed: August 11, 2021
    Date of Patent: August 8, 2023
    Assignee: Cadence Design Systems, Inc.
    Inventors: Steven Ho, Gopi Krishnamurthy, Anish Mathew
  • Patent number: 11714912
    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: August 1, 2023
    Assignee: Google LLC
    Inventors: Keith Moyer, Uday Savagaonkar, Chong Cai, Matthew Gingell, Anna Sapek
  • Patent number: 11716192
    Abstract: Replica is an encryption algorithm where security is based on lavish use of randomness rather than on mathematical complexity and the cipher is decoy-tolerant, namely it can readily distinguish between bona fide ciphertext bits and randomized meaningless bits. This attribute allows its users to project as much security as they care by mixing the message bits with more and more decoy bits. It also allows its user to conceal their pattern of communication in a fixed rate of message bit flow.
    Type: Grant
    Filed: December 26, 2022
    Date of Patent: August 1, 2023
    Inventor: Gideon Samid
  • Patent number: 11695550
    Abstract: A method of exchanging a combined cryptographic key between a first node and a second node, the first node and the second node being connected through a first communication and a second communication network, wherein the first communication network is a quantum communication network wherein information is encoded on weak light pulses; and the first node and the second node being configured to: exchange one or more first cryptographic keys on the first communication network; exchange one or more second cryptographic keys using the second communication network; and form the combined cryptographic key by combining the one or more first cryptographic keys and the one or more second cryptographic keys, such that the first node and the second node share knowledge of the combined cryptographic key.
    Type: Grant
    Filed: October 20, 2021
    Date of Patent: July 4, 2023
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Zhiliang Yuan, Andrew James Shields
  • Patent number: 11689363
    Abstract: In accordance with a first aspect of the present disclosure, a method is conceived for setting permissions for cryptographic keys in a cryptographic processing system, comprising: generating at least one cryptographic key to be protected; assigning one or more configurable properties to said cryptographic key; wherein the configurable properties define at least one of a permission of performing a first set of predefined operations on the cryptographic key and a permission of using the cryptographic key for performing a second set of predefined operations. In accordance with a second aspect of the present disclosure, a corresponding computer program is provided. In accordance with a third aspect of the present disclosure, a corresponding cryptographic processing system is provided.
    Type: Grant
    Filed: June 14, 2021
    Date of Patent: June 27, 2023
    Assignee: NXP B.V.
    Inventors: Sujash Sen Gupta, Venkatesh H Nayak G, Hugues Jean Marie de Perthuis
  • Patent number: 11689361
    Abstract: N key generation circuits are arranged in a pipeline having N stages. Each key generation circuit is configured to generate a round key as a function of a respective input key and a respective round constant. Output signal lines that carry the round key from a key generation circuit in a stage of the pipeline, except the key generation circuit in a last stage of the pipeline, are coupled to the key generation circuit in a successive stage of the pipeline to provide the respective input key.
    Type: Grant
    Filed: November 9, 2020
    Date of Patent: June 27, 2023
    Assignee: XILINX, INC.
    Inventors: Devanjan Maiti, Robert Bellarmin Susai, Jayaram Pvss
  • Patent number: 11664974
    Abstract: Certain aspects of the present disclosure provide techniques for summarizing data in a distributed system. Embodiments include generating an ordered list of blocks by iterating through a first group of blocks of a hash chain starting at a last block of the hash chain and adding each of the first group of blocks of the hash chain to the ordered list. Embodiments further include generating summary data by applying a summary function to the first group of blocks based on the ordered list. The summary function may take the ordered list as an input and provide the summary data of the first group of blocks as an output. Embodiments further include generating a summary block comprising the summary data and adding the summary block to a summary chain.
    Type: Grant
    Filed: October 29, 2020
    Date of Patent: May 30, 2023
    Assignee: INTUTI, INC.
    Inventors: Michael R. Gabriel, Glenn Scott
  • Patent number: 11658806
    Abstract: An ID-based hash proof system configuration apparatus includes a processor, and a memory storing program instructions that cause the processor to receive a security parameter, and output a public parameter and a master private key by using a multi identity-based encryption (MIBE) setup algorithm and a key K randomly selected, receive the public parameter, the master private key, and an identifier, and output a private key by using a bit value ri (1?i?n) that is selected, and a MIBE key generation algorithm, receive the public parameter and the identifier, and output a ciphertext and a key k by using a MIBE encryption algorithm, receive the public parameter and the identifier, and output a wrong ciphertext by using the MIBE encryption algorithm, and receive the public parameter, the private key, the identifier, and the ciphertext, and output the key k by using a MIBE decryption algorithm.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: May 23, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Takashi Yamakawa, Ryo Nishimaki
  • Patent number: 11659394
    Abstract: Apparatus, systems and methods for agile network isolation through use of packet level non-repudiation (PLNR) are provided. Using a fast cryptography to verify that incoming packets are undeniably being received from the identified source, real-time attack notifications can be independently verified and shared among the network devices to remove compromised nodes from the network. The ability to collaborate among nodes without trust may be achieved via PLNR, to share attack notifications in real-time may be achieved via Telling Attack Layer (TATL), and to establish the identity of an attack in a permanent and binding way may be achieved via DISCOvery (DISCO).
    Type: Grant
    Filed: June 11, 2020
    Date of Patent: May 23, 2023
    Inventor: Jonathan Grier
  • Patent number: 11650914
    Abstract: A system which identifies a memory device using a physical unclonable function. The system performs raw read operations on every page of a block; sorts the pages into low and high groups using an average number of ones based on the raw read operations; generates unordered page pairs by sequentially selecting a first page from the low group and a second page from the high group; generates ordered page pairs by selectively converting an order of pages in each pair of the unordered page pairs; and generates a sequence for identifying the selected block based on comparing the average number of ones for pages in each ordered page pair.
    Type: Grant
    Filed: August 5, 2021
    Date of Patent: May 16, 2023
    Assignee: SK hynix Inc.
    Inventors: Siarhei Zalivaka, Alexander Ivaniuk
  • Patent number: 11652616
    Abstract: Aspects of the invention include initializing a local key manager (LKM) on a node of a computing environment. The node includes a plurality of channels. The LKM is configured to provide a secure data transfer between the node and an other node of the computing environment. A connection is established, by the LKM, between the LKM and an external key manager (EKM) that stores a shared key for the node and the other node. In response to establishing the connection, the LKM registers security capabilities of the plurality of channels. The security capabilities are used by the LKM to provide the secure data transfer between the node and the other node.
    Type: Grant
    Filed: February 26, 2020
    Date of Patent: May 16, 2023
    Assignee: International Business Machines Corporation
    Inventors: Mooheng Zee, Richard Mark Sczepczenski, John R. Flanagan, Christopher J. Colonna