Particular Algorithmic Function Encoding Patents (Class 380/28)
  • Patent number: 10129225
    Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.
    Type: Grant
    Filed: November 18, 2016
    Date of Patent: November 13, 2018
    Assignee: BLACKHAWK NETWORK, INC.
    Inventor: Derk Norton
  • Patent number: 10129026
    Abstract: A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q?1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd?48.
    Type: Grant
    Filed: May 3, 2016
    Date of Patent: November 13, 2018
    Assignee: Certicom Corp.
    Inventor: Daniel Richard L. Brown
  • Patent number: 10127390
    Abstract: There is provided a method of performing a cryptographic algorithm in software, the cryptographic algorithm comprising one or more processing steps, wherein each processing step is arranged to process a respective input to the processing step so as to generate an output corresponding to the input, characterized in that, for each of at least one of the one or more processing steps, the method comprises: providing a respective input for the processing step as an input to a plurality of implementations of the processing step, wherein each implementation is arranged to output a corresponding intermediate result represented using a respective predetermined output representation; and using the representation of the intermediate results to generate a result for the processing step that is based on each of the intermediate results, wherein, if each intermediate result is the output that corresponds to the input for the processing step then the result for the processing step is the output that corresponds to the input
    Type: Grant
    Filed: March 27, 2013
    Date of Patent: November 13, 2018
    Assignee: IRDETO B.V.
    Inventor: Michael Wiener
  • Patent number: 10129018
    Abstract: A processing system includes a memory and a processing logic operatively coupled to the memory. The processing logic includes a message scheduling module selectively operating in one of a SHA mode or an SM3 mode to generate a sequence of message words based on an incoming message. The processing logic also includes a round computation module selectively operating in one of the SHA mode or the SM3 mode to perform at least one of a message expansion or a message compression based on at least one message word of the sequence of message words.
    Type: Grant
    Filed: November 12, 2015
    Date of Patent: November 13, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Vikram B. Suresh, Sanu K. Mathew
  • Patent number: 10122691
    Abstract: The present disclosure provides a receiving apparatus for preprocessing at least one segment data packet to a data packet. The receiving apparatus includes a packet parser, a data memory, a decrypt engine, a transmission engine, a header processing unit and a controller. The packet parser fetches segment-packet-header information from a segment packet header of each segment data packet. The decrypt engine decrypts an encrypted data of each segment data packet to obtain a segment payload and a QUIC private header including sequence information. The transmission engine transmits the segment payload to a specific location of a system memory. The header processing unit calculates packet information and updates the segment packet header stored in the data memory to generate a packet header. The controller controls the transmission engine based on the sequence information to output the packet header to the system memory for generating the data packet.
    Type: Grant
    Filed: July 6, 2016
    Date of Patent: November 6, 2018
    Assignee: REALTEK SEMICONDUCTOR CORP.
    Inventors: Chia-Hung Lin, Chang-Shiuan Yang, Yi-Huei Lei, Chun-Hao Lin
  • Patent number: 10116448
    Abstract: Authorizing transactions by an authentication provider involves at least one preparatory phase and an authorization phase. The preparatory phase includes registering a user account with several personal devices, each with an authentication application installed. The authorization phase receives knowledge of the transaction; determines the user account related to the transaction; determines at least one personal device registered with the user account related to the transaction; receives a request for details specific to the transaction from at least one personal device; provides the authentication application of the at least one personal device with the requested details specific to the transaction; receives from the authentication application a digitally signed transmission which indicates transaction-specific instructions received by the authentication application; and authorizes or denies the transaction based on the received transaction-specific instructions.
    Type: Grant
    Filed: March 21, 2014
    Date of Patent: October 30, 2018
    Assignee: Meontrust Inc
    Inventor: Markku Mehtälä
  • Patent number: 10117006
    Abstract: Digital information can be carried on the fiber leg of an access network using binary modulation. Binary modulated data received at an O/E node can then be modulated onto an analog waveform using quadrature amplitude modulation or some other technique for modulating an analog waveform and transmitted over, for example, the coaxial leg of the network. The O/E node may also receive an analog signal, over the coaxial leg, modulated to carry upstream data from subscriber devices. The O/E node may demodulate the upstream signal to recover the upstream data and forward that upstream data over the fiber leg using a binary modulated optical signal.
    Type: Grant
    Filed: March 31, 2010
    Date of Patent: October 30, 2018
    Assignee: Comcast Cable Communications, LLC
    Inventors: Jorge Daniel Salinger, David Urban
  • Patent number: 10110376
    Abstract: A computing device (e.g., an FPGA or integrated circuit) processes an incoming packet comprising data to compute a Galois hash. The computing device includes a plurality of circuits, each circuit providing a respective result used to determine the Galois hash, and each circuit including: a first multiplier configured to receive a portion of the data; a first exclusive-OR gate configured to receive an output of the first multiplier as a first input, and to provide the respective result; and a second multiplier configured to receive an output of the first exclusive-OR gate, wherein the first exclusive-OR gate is further configured to receive an output of the second multiplier as a second input. In one embodiment, the computing device further comprises a second exclusive-OR gate configured to output the Galois hash, wherein each respective result is provided as an input to the second exclusive-OR gate.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: October 23, 2018
    Assignee: Secturion Systems, Inc.
    Inventors: Sean Little, Jordan Anderson
  • Patent number: 10108659
    Abstract: An approach for fingerprinting large data objects at the wire speed has been disclosed. The techniques include Fresh/Shift pipelining, split Fresh, optimization, online channel sampling, and pipelined selection. The architecture can also be replicated to work in parallel for higher system throughput. Fingerprinting may provide an efficient mechanism for identifying duplication in a data stream, and deduplication based on the identified fingerprints may provide reduced storage costs, reduced network bandwidth consumption, reduced processing time and other benefits. In some embodiments, fingerprinting may be used to ensure or verify data integrity and may facilitate detection of corruption or tampering. An efficient manner of generating fingerprints (either via hardware, software, or a combination) may reduce a computation load and/or time required to generate fingerprints.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: October 23, 2018
    Assignee: WESTERN DIGITAL TECHNOLOGIES, INC.
    Inventors: Cyril Guyot, Dongyang Li, Qingbo Wang, Ken Yang
  • Patent number: 10104055
    Abstract: A system, method and computer program product protects client information used for online transactions by storing transaction details on the client side of a network and avoiding storage on the host side. A hash function may be generated representing a transaction and its details on both the client and server sides. For the transaction to be processed, the hash function from the client side must match the hash function on the host side. Once authenticated, the transaction details may be read and processed while maintaining storage of the client information on the client side of the network.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: October 16, 2018
    Inventors: David Joseph Ponder, Stephen Wang, Matthew Richmond
  • Patent number: 10103877
    Abstract: A processing system includes a memory and a processing logic operatively coupled to the memory. The processing logic identifies one or more constant bits of an output bit sequence. The processing logic generates a plurality of variable bits of the output bit sequence. The processing logic produces the output bit sequence including the identified constant bits and the generated plurality of variable bits.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: October 16, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Kirk S. Yap, Vinodh Gopal
  • Patent number: 10101969
    Abstract: A system includes an integrated circuit configured to receive a multiplicand number, a multiplier number, and a modulus at one or more data inputs. The multiplicand number is partitioned into a plurality of multiplicand words. Each multiplicand word has a multiplicand word width. The multiplier number is partitioned into a plurality of multiplier words. Each multiplier word has a multiplier word width different from the multiplicand word width. A plurality of outer loop iterations of an outer loop is performed to iterate through the plurality of the multiplicand words. Each outer loop iteration of the outer loop includes a plurality of inner loop iterations of an inner loop performed to iterate through the plurality of the multiplier words. A Montgomery product of the multiplicand number and the multiplier number with respect to the modulus is determined.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: October 16, 2018
    Assignee: XILINX, INC.
    Inventors: Ming Ruan, Fengshou Guo
  • Patent number: 10104088
    Abstract: A method, computer program product, and system for providing verification processes associated with a commitment-based authentication protocol are described. A request by a user for access to one or more resources is received, and a presentation policy is transmitted to the user indicating required credentials. A commitment to a revocation handle is received, including an indication of an associated Sigma protocol executed by the user. A challenge value selected from a challenge value set associated with the associated Sigma protocol is transmitted to the user. Based on the selected challenge value, a presentation token and a value parameter that is distinct from the presentation token are received from the user. Based on a determination as to whether the presentation token and value parameter are valid in accordance with the associated Sigma protocol, access for the user to the one or more resources is granted to the user or prevented.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: October 16, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jan L. Camenisch, Robert R. Enderlein, Anja Lehmann, Gregory Neven
  • Patent number: 10102383
    Abstract: A system for protecting data includes a virtual zeroisation device which receives data to be encrypted and key material for encrypting the data. The key material is stored in a storage device. As the encryption unit encrypts the data using the key material, the encrypted data is stored in the storage device and overwrites the key material.
    Type: Grant
    Filed: August 16, 2012
    Date of Patent: October 16, 2018
    Assignee: QUINTESSENCELABS PTY LTD.
    Inventors: Vikram Sharma, John Leiseboer
  • Patent number: 10103881
    Abstract: A permutation method for reconciling bit errors in a quantum key reconciliation protocol performing an iterative reconciliation process, includes: obtaining a bit string through a previous reconciliation step; and permuting bits in athe bit string obtained from a the previous reconciliation step before a subsequent reconciliation step by performing a linear modulo operation based on a length of the bit string and a length of a block for the subsequent reconciliation step.
    Type: Grant
    Filed: April 23, 2015
    Date of Patent: October 16, 2018
    Assignee: SK TELECOM CO., LTD.
    Inventor: Jeong-woon Choi
  • Patent number: 10103876
    Abstract: A processor is disclosed for ciphering of first data. The processor includes a key store and a first data store. In use the processor for ciphering the first data in accordance with a first cipher process and a first secret key to provide output data, during ciphering of the first data inserting within the cipher processor other data for ciphering in accordance with at least a portion of the first cipher process, the other data inserted within a sequence of cipher processor operations and scheduled for obfuscating the output data.
    Type: Grant
    Filed: October 17, 2013
    Date of Patent: October 16, 2018
    Assignee: Synopsys, Inc.
    Inventors: Neil Hamilton, François Bourdon, Michael Borza
  • Patent number: 10097342
    Abstract: A method for a keyed cryptographic operation by a cryptographic system mapping an input message to an output message, including: receiving input data for the keyed cryptographic operation; calculating a first mask value based upon the input data; and applying the first mask value to a first intermediate value of the keyed cryptographic operation.
    Type: Grant
    Filed: July 30, 2015
    Date of Patent: October 9, 2018
    Assignee: NXP B.V.
    Inventors: Wil Michiels, Jan Hoogerbrugge, Philippe Teuwen
  • Patent number: 10097521
    Abstract: One embodiment provides a system that facilitates efficient and transparent encryption of packets between a client computing device and a content producing device. During operation, the system receives, by a content producing device, an interest packet that includes a masked name which corresponds to an original name, wherein the original name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. The system obtains the original name based on the masked name. The system computes a symmetric key based on the original name and a generated nonce. The system generates a content object packet that corresponds to the original name and includes the masked name, the nonce, and a payload encrypted based on the symmetric key, wherein the content object packet is received by a client computing device.
    Type: Grant
    Filed: November 20, 2015
    Date of Patent: October 9, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Christopher A. Wood
  • Patent number: 10097206
    Abstract: There are provided an encoding method and an encoder performing an encoding by an operation of generating a first output message by encoding an input message based on a first block code, an operation of generating a second output message by encoding some of the input message based on a second block code, and an operation of concatenating the first output message and the second output message.
    Type: Grant
    Filed: October 1, 2016
    Date of Patent: October 9, 2018
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Taegyun Noh, Hyukjun Oh, Sung Cheol Chang, Jihoon Choi
  • Patent number: 10089617
    Abstract: Embodiments of the disclosure can include systems and methods for facilitating card present transactions. In one embodiment, a computer-implemented method for conducting card present transactions can be provided. The method can include receiving, by a merchant system comprising one or more computers, a request for a card present electronic commerce transaction on behalf of a consumer; determining, by the merchant system, an identifier of a mobile device of the consumer; obtaining, by the merchant system from the mobile device, validation information associated with a payment application stored on the mobile device; and outputting, by the merchant system for communication to an issuer system, a proposed card present transaction and the validation information.
    Type: Grant
    Filed: September 26, 2012
    Date of Patent: October 2, 2018
    Assignee: First Data Corporation
    Inventors: Vijay Kumar Royyuru, Todd Nuzum
  • Patent number: 10085152
    Abstract: The present invention provides a data processing method, which is used for a terminal comprising a plurality of operating systems, and the method comprises: determining a first operating system currently used by the terminal when a command to store data in a Subscriber Identity Module (SIM) card in the terminal is received; storing the data in a first storage area of the SIM card when the first operating system currently in use is a designated operating system amongst the plurality of operating systems of the terminal, and storing the data in a second storage area of the SIM card when the first operating system currently in use is a non-designated operating system amongst the plurality of operating systems of the terminal. Correspondingly, the present invention also provides a data processing apparatus and a terminal.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: September 25, 2018
    Assignee: YULONG COMPUTER TELECOMMUNICATION SCIENTIFIC (SHENZHEN) CO., LTD.
    Inventor: Limin Luo
  • Patent number: 10074063
    Abstract: A method and system for storing and retrieving a packaging hierarchy of traceable physical items includes at an item marking location, marking physical items to be packaged in the packaging hierarchy, with a unique code with a first and second identifier, transferring packaging relationships between the codes to a track and trace system, identifying for each code in the packaging relationships, hierarchical code relations expressed as parent and/or child codes, and for each code, storing the hierarchical code relations in a section of a data storage location of the first computer system, wherein a start position of the section is determined by a combination of the first and second identifiers of the code.
    Type: Grant
    Filed: December 13, 2013
    Date of Patent: September 11, 2018
    Assignee: KEZZLER AS
    Inventors: Magnar Løken, Morten Haraldsen
  • Patent number: 10075288
    Abstract: Remote terminals are configured to generate ciphertexts from plaintext polynomials. Each ciphertext corresponds to a plaintext polynomial bound to a message space of a polynomial-based fully homomorphic cryptographic scheme. At least one server is configured to receive ciphertexts via a network from the plurality of remote terminals. The server performs a multiplication operation and an addition operation on the ciphertexts to obtain resultant ciphertexts. The multiplication operation includes performing a bitwise decomposition function on a ciphertext to obtain a bitwise decomposed ciphertext. The bitwise decomposition function maps a multi-bit data type to a sequence of bits. The multiplication operation further includes performing matrix multiplication on the bitwise decomposed ciphertext and a data element belonging to a set of data elements. Message filters, data search engines, and other applications are discussed.
    Type: Grant
    Filed: February 28, 2015
    Date of Patent: September 11, 2018
    Inventors: Alhassan Khedr, Glenn Gulak, Vinod Vaikuntanathan
  • Patent number: 10068070
    Abstract: A method of obscuring software code implementing an elliptic curve cryptography (ECC) point multiplication function, including: receiving ECC parameters including a multiplier d having N bits; transforming multiplier d into an array d(i) with ?1, 0, and +1 values while maintaining the same value for d; and generating ECC point multiplication function operations using the transformed multiplier array d(i) and N, wherein the generated ECC point multiplication function operations are split variable operations.
    Type: Grant
    Filed: July 31, 2015
    Date of Patent: September 4, 2018
    Assignee: NXP B.V.
    Inventors: Jan Hoogerbrugge, Wil Michiels, Pim Vullers
  • Patent number: 10069850
    Abstract: A system and method in a virtual universe system for triggering scans of virtual items and inventories of virtual items and for scanning the virtual items and inventories wherein the scans may be triggered by an avatar moving or teleporting from one region to another, or by an avatar picking up, dropping off, or accepting or purchasing an item. The degree of scanning may depend upon factors such as location where these scan triggers occur. The signature of the item may be identified by the scan process. The item signature may be compared against signatures of known malicious items stored in an inventory item signatures database and a summary of the signature comparison may be sent to a resident and stored in the resident's inventory.
    Type: Grant
    Filed: January 4, 2016
    Date of Patent: September 4, 2018
    Assignee: International Business Machines Corporation
    Inventors: Rick A. Hamilton, II, Brian M. O'Connell, Clifford A. Pickover, Keith R. Walker
  • Patent number: 10068097
    Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.
    Type: Grant
    Filed: August 12, 2015
    Date of Patent: September 4, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Olga Ohrimenko, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Markulf Kohlweiss, Divya Sharma
  • Patent number: 10063524
    Abstract: A method of transmitting messages from a sender to a recipient over a wireless channel, the messages including a sequence counter and a frame counter. The method comprises establishing initial values of the sequence counter and the frame counter at the sender. Initial values of the frame counter and the sequence counter are provided to the recipient. The sender sends compressed messages including the value of the sequence counter and not the frame counter and monitors for an acknowledgement of receipt by the recipient. When no acknowledgment is received, the sender sends uncompressed messages until an acknowledgement of receipt is received from the recipient. The sequence counter is incremented and the next value of the frame counter is established as the integer next larger than previous value of the frame counter which is congruent to the sequence counter modulo 256.
    Type: Grant
    Filed: August 27, 2014
    Date of Patent: August 28, 2018
    Assignee: Certicom Corp.
    Inventor: Marinus Struik
  • Patent number: 10057064
    Abstract: In Elliptic Curve Cryptography (ECC), one performs a great number of modular multiplications. These are usually done by Montgomery Multiplication algorithm, which needs the operands to be preprocessed (namely, converted to the Montgomery Domain), which is normally done by an equivalent of a long division. We provide a method to perform this conversion by a single Montgomery multiplication on the raw data. The method is formulated for elliptic curve points represented in Jacobian coordinates but can be extended to other representations.
    Type: Grant
    Filed: March 17, 2016
    Date of Patent: August 21, 2018
    Assignee: Winbond Electronics Corp.
    Inventor: Uri Kaluzhny
  • Patent number: 10057654
    Abstract: Disclosed herein are system, apparatus, article of manufacture, method, and/or computer program product embodiments for selection and alignment of video segments for adaptive streaming. An embodiment operates by receiving one or more variant segments, the one or more variant segments including a first variant segment having a first bitrate and a second variant segment having a second bitrate for decoding and playback and generating a first packetized elementary stream (PES) collection based on the first variant segment and a second PES collection based on the second variant segment. The embodiment further operates by storing the generated first PES collection and second PES collection in a processing buffer; and determining a first out-of-tolerance splicing location and associated first out-of-tolerance offset between the first PES collection and the second PES collection based on a maximum tolerance offset.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: August 21, 2018
    Assignee: Roku, Inc.
    Inventor: Francis Degrange
  • Patent number: 10057063
    Abstract: A decryption method includes receiving encrypted data, in which the encrypted data is encrypted according to an RSA public key; and performing a plurality of operations in sequence according to an RSA private key and the encrypted data to acquire a decrypted data. The operations include a plurality of decryption operations and at least one false operation. The decryption operations include at least one decryption multiplication operation and at least one decryption square calculation, and the at least one false operation includes at least one of at least one first false multiplication operation and at least one first false square calculation.
    Type: Grant
    Filed: April 20, 2016
    Date of Patent: August 21, 2018
    Assignee: REALTEK SEMICONDUCTOR CORPORATION
    Inventor: Tzung-Juei Wu
  • Patent number: 10057060
    Abstract: A user computer generates a secret cryptographic key through communication with a server. A secret user value is provided at the user computer. A secret server value is provided at the server with a check value which encodes the secret user value and a user password. In response to input of an input password, the user computer encodes the secret user value and the input password to produce a first value corresponding to said check value, and communicates the first value to the server. The server compares the first value and check value to check whether the input password equals the user password. If so, the server encodes the first value and secret server value to produce a second value and communicates the second value to the user computer. The user computer generates the secret cryptographic key by encoding the second value, the input password and the secret user value.
    Type: Grant
    Filed: August 18, 2017
    Date of Patent: August 21, 2018
    Assignee: International Business Machines Corporation
    Inventors: Jan Camenisch, Robert Enderlein, Stephan Krenn, Anja Lehmann, Gregory Neven
  • Patent number: 10050785
    Abstract: The present invention relates to a method of converting an encrypted data set into an encryption of individual bits representing the data set. Further, the invention relates to a system for converting an encrypted data set into an encryption of individual bits representing the data set. A basic idea of the present invention is to provide a protocol in which it is possible to divide an encryption of a data set in the form of e.g. a biometric feature, such as a number x, where x?{0, 1, . . . , n?1}, into an encryption of respective bits x0, x1, . . . , xt?1 forming the number x, where t is the number of bits of the number n?1, without leaking any information about x or its bits x0, x1, . . . , xt?1. Hence, the present invention enables splitting of the encryption [[x]] into the respective encrypted bits [[x0]], [[x1]] . . . , [[xt?1]] forming the encrypted number x=?I=1n xi 2i.
    Type: Grant
    Filed: May 19, 2015
    Date of Patent: August 14, 2018
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventors: Pim Theo Tuyls, Berry Schoenmakers
  • Patent number: 10044499
    Abstract: An information processing apparatus has an encryption part that encrypts by block encryption, and is embeddable in an electronic apparatus, and achieves the above object by segmenting an authentication target message into one or more blocks for every 128 bits, the authentication target message including at least a predetermined authentication parameter and first encryption information that is obtained by encrypting plaintext information by the encryption part, successively computing each of the one or more segmented blocks by a GHASH function including a predetermined algorithm, using a plurality of 8-bit arrays including 16 elements, and generating second encryption information that is obtained by encrypting a computed result by the encryption part, to generate an authentication tag.
    Type: Grant
    Filed: February 4, 2015
    Date of Patent: August 7, 2018
    Assignee: FUJI ELECTRIC CO., LTD.
    Inventor: Kenji Takatsukasa
  • Patent number: 10038679
    Abstract: Various embodiments are generally directed to pairing computing devices for collaborative interaction via a network through a centralized secure device pairing service. An apparatus comprises a controller processor circuit, and a controller storage communicatively coupled to the controller processor circuit to store an initial private key and to store instructions that when executed by the controller processor circuit cause the controller processor circuit to create a first signature using the initial private key, transmit the first signature to an issuing server via a network, receive a group public key and an associated member private key from the issuing server, create a second signature using the member private key, transmit the second signature to a member device via the network; receive a third signature from the member device; and authenticate the third signature using the group public key. Other embodiments are described and claimed herein.
    Type: Grant
    Filed: December 24, 2012
    Date of Patent: July 31, 2018
    Assignee: INTEL CORPORATION
    Inventor: Adam Marek
  • Patent number: 10037433
    Abstract: Methods and systems described herein may perform a word-level encryption and a sentence-level encryption of one or more documents. The word-level encryption and the sentence-level encryption may be performed with an encryption key generated by a client device. A document indexer is stored in the one or more storage networks. The document indexer includes encrypted word frequencies and encrypted word position identifiers based on the encrypted words of the one or more encrypted documents. The client device receives search terms and encrypts the search terms with the encryption key. The one or more encrypted documents are identified in the one or more storage networks based on searching with the encrypted search terms and at least one of the encrypted word frequencies and/or the encrypted word position identifiers.
    Type: Grant
    Filed: November 4, 2015
    Date of Patent: July 31, 2018
    Assignee: NTT DOCOMO INC.
    Inventors: Trung Diep, Pero Subasic
  • Patent number: 10033529
    Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server proxies messages to/from the different server including a set of signed cryptographic parameters signed using the private key on the different server. The different server generates the master secret, and generates and transmits the session keys to the server that are to be used in the secure session for encrypting and decrypting communication between the client device and the server.
    Type: Grant
    Filed: July 5, 2016
    Date of Patent: July 24, 2018
    Assignee: CLOUDFLARE, INC.
    Inventors: Sébastien Andreas Henry Pahl, Matthieu Philippe François Tourne, Piotr Sikora, Ray Raymond Bejjani, Dane Orion Knecht, Matthew Browning Prince, John Graham-Cumming, Lee Hahn Holloway, Nicholas Thomas Sullivan, Albertus Strasheim
  • Patent number: 10027633
    Abstract: A similar-information search method includes obtaining an instruction indicating which of an encrypted search and an unencrypted search a data computation device is to perform; generating an encrypted feature quantity and transmitting the encrypted feature quantity to the data computation device; generating an encrypted similarity value and transmitting the encrypted similarity value; and receiving encrypted reference data from the data computation device and decrypting the encrypted reference data. A homomorphic encryption scheme that makes decryption by the data computation device unsuccessful is used when the encrypted search is performed, whereas an encryption scheme that makes decryption by the data computation device successful is used when the unencrypted search is performed.
    Type: Grant
    Filed: May 23, 2016
    Date of Patent: July 17, 2018
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Natsume Matsuzaki, Yuji Unagami
  • Patent number: 10027483
    Abstract: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t))·f(X2(t))·f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.
    Type: Grant
    Filed: August 7, 2017
    Date of Patent: July 17, 2018
    Assignee: MORPHO
    Inventors: Thomas Icart, Jean-Sebastien Coron
  • Patent number: 10027850
    Abstract: A method and device for securing image data detected by an electronic device is provided. The electronic may include a camera. In one aspect, a method includes: capturing image data using the camera; based on the captured image data, detecting a security marker displayed by a display device, the security marker being periodically displayed to be undetectable by a human eye that is viewing the display device; and in response to determining that the security marker is detected by the electronic device, applying a security policy to the image data captured by the electronic device.
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: July 17, 2018
    Assignee: BLACKBERRY LIMITED
    Inventors: Sean Vandeweerd, Sanjay Nathwani, Kian Marandi
  • Patent number: 10025953
    Abstract: Systems and methods are disclosed for enabling a recipient of a cryptographically-signed electronic communication to verify the authenticity of the communication on-the-fly using a signed chain of check values, the chain being constructed from the original content of the communication, and each check value in the chain being at least partially dependent on the signed root of the chain and a portion of the communication. Fault tolerance can be provided by including error-check values in the communication that enable a decoding device to maintain the chain's security in the face of communication errors. In one embodiment, systems and methods are provided for enabling secure quasi-random access to a content file by constructing a hierarchy of hash values from the file, the hierarchy deriving its security in a manner similar to that used by the above-described chain.
    Type: Grant
    Filed: June 21, 2016
    Date of Patent: July 17, 2018
    Assignee: Intertrust Technologies Corporation
    Inventor: Xavier Serret-Avila
  • Patent number: 10019465
    Abstract: Timing data associated with a database or database system can be stored in a reduced or compressed form which can be decompressed back to a full or original form. In doing so, timing data can be compressed by using a subset of a full set of possible values (e.g., a determined range which is more likely to occur) instead of using a full set of possible values. Timing data can also be compressed by eliminating redundant, insignificant duplicate and/or common values, for example, between one or more components (e.g., start and end times of a period of time) of the timing data.
    Type: Grant
    Filed: September 6, 2012
    Date of Patent: July 10, 2018
    Assignee: Teradata US, Inc.
    Inventors: Cameron Lewis, Elizabeth Brealey, Michael Reed
  • Patent number: 10019571
    Abstract: A system, comprising a logic circuit and delay circuitry, is described. The logic circuit is configured to perform a plurality of instances of a particular computation that is based on a plurality of inputs. The delay circuitry is configured to vary a power-consumption profile of the logic circuit over the plurality of instances, by applying, to the inputs, respective delays that vary over the instances, at least some of the delays varying independently from each other. Other embodiments are also described.
    Type: Grant
    Filed: March 13, 2016
    Date of Patent: July 10, 2018
    Assignee: WINBOND ELECTRONICS CORPORATION
    Inventors: Valery Teper, Uri Kaluzhny
  • Patent number: 10015152
    Abstract: A method for execution by a dispersed storage and task (DST) processing unit includes transforming a counter seed into a set of counter values; obtaining an encryption key; encrypting at least two portions of data utilizing the encryption key and at least two of the set of counter values, in parallel, to produce at least two ciphertexts; performing a first deterministic function on the at least two ciphertexts, in parallel, to produce at least two transformed ciphertexts; performing a second deterministic function on the at least two transformed ciphertexts to produce a mask; masking the encryption key using the mask to produce a masked key; and combining the at least two ciphertexts and the masked key to produce secure data.
    Type: Grant
    Filed: July 22, 2016
    Date of Patent: July 3, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jason K. Resch, Wesley B. Leggette
  • Patent number: 10015148
    Abstract: In some examples, a controller is configured to generate a key based on a physics-based output of a component. The controller may, for example, use the key to authenticate communication between at least two nodes, to encrypt data, or to decrypt data, may be generated based on a physics-based output generated a component. The output generated by the component may vary over time, such that the controller is configured to generate a different key, depending on the time at which the output from the component used to generate the key was generated by the component. In some examples, the key is not stored in a memory, and is a discrete signal that only exists in real-time while the component is active and generating the detectable output.
    Type: Grant
    Filed: March 5, 2015
    Date of Patent: July 3, 2018
    Assignee: Honeywell International Inc.
    Inventor: Kenneth H. Heffner
  • Patent number: 10007769
    Abstract: A device to apply a digital fingerprint to a digital signal comprises a means of intercepting or acquiring a signal, a storage element and a processor for executing computer implemented program code components in the storage element to effect the methods. The methods include transforming a plurality of signal samples onto a discrete orthonormal basis and ranking the transformed samples according to their magnitude. The n largest principal components of the ranked transformed samples are optionally permuted to generate a re-ordered set of principal components, which are then altered by a marking angle. The marked principal components and unmarked non-principal components are converted and combined and applying an inverse of the transform function to the combined principal and non-principal components to generate a fingerprinted digital signal. Methods to prepare the signal for marking, recover the digital fingerprint and verify the distributor and/or recipients of the signal are also disclosed.
    Type: Grant
    Filed: October 18, 2016
    Date of Patent: June 26, 2018
    Assignee: Optimark, L.L.C.
    Inventors: Oscar Moreno De Ayala, Anatol Zygmunt Tirkel
  • Patent number: 10007910
    Abstract: Systems and methods for performing a secure transaction provided. In one embodiment, the method includes: reading data on a command token, reading data on a token; encrypting the token data with a key; encrypting an authentication data with a clear text token data; and transmitting the encrypted authentication data with the encrypted token data to a remote device.
    Type: Grant
    Filed: February 1, 2016
    Date of Patent: June 26, 2018
    Assignee: VeriFone, Inc.
    Inventors: Clay von Mueller, Mihir Bellare, Scott Yale, Patrick K. Hazel, Paul Elbridge Catinella
  • Patent number: 10009339
    Abstract: In one embodiment, a processor includes: a first die including at least one processor core to execute instructions and a non-volatile storage to store an identifier to be provisioned into the processor during manufacture; a second die to couple to the first die, the second die including a wireless circuit and a second non-volatile storage; and a wireless interface to couple to the second die to enable wireless communication with a wireless device. The processor may be disabled if the identifier is not stored in the second non-volatile storage. Other embodiments are described and claimed.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: June 26, 2018
    Assignee: Intel Corporation
    Inventors: Sergiu D. Ghetie, Neeraj S. Upasani, Vijaya K. Boddu, Kenneth Young, Daniel G. Borkowski, Won Lee, Shahrokh Shahidzadeh, Samie B. Samaan
  • Patent number: 10007803
    Abstract: The present invention relates to a computer-implemented method, system and computer readable medium for searching over encrypted keywords in a database. The method includes the steps of generating at least one keyword, generating a plurality of different encrypted keywords corresponding to the keyword, storing the at least one encrypted keyword in the database, generating a plurality of different trapdoors for the keyword, verifying the plurality of different trapdoors with the plurality of different encrypted keywords corresponding to the keyword, and determining the keyword is found if the plurality of different trapdoors match with one the encrypted keyword corresponding to the keyword, otherwise determining the keyword is not found.
    Type: Grant
    Filed: October 18, 2013
    Date of Patent: June 26, 2018
    Assignee: Infosys Limited
    Inventors: Kulvaibhav Kaushik, Vijayaraghavan Varadharajan, Rajarathnam Nallusamy
  • Patent number: 10003462
    Abstract: A key generating method and apparatus, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.
    Type: Grant
    Filed: September 28, 2015
    Date of Patent: June 19, 2018
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Lei Xu, Zhengde Zhai
  • Patent number: 10002547
    Abstract: Secret calculation including secret random permutation is performed at high speed. In unit permutation, random permutation devices p0, . . . , pk-1 perform permutation of additive secret sharing values «a»?i of a plain text a with sub shares ??i of permutation data ?. In resharing, the random permutation device p0 generates additive secret sharing values «a»?i+1pk by using random numbers r1, . . . , rk-1 which are respectively shared with random permutation devices pj (j=1, . . . , k?1) so as to transmit the additive secret sharing values «a»?i+1pk to the random permutation device pk and each of the random permutation devices pj generates additive secret sharing values «a»?i+1pj by using random numbers rj.
    Type: Grant
    Filed: January 7, 2015
    Date of Patent: June 19, 2018
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Dai Ikarashi, Koki Hamada, Ryo Kikuchi, Koji Chida