Particular Algorithmic Function Encoding Patents (Class 380/28)
  • Patent number: 10205589
    Abstract: An encryption processing system includes an encryption processing circuit that executes a round calculation on input data and generates output data, and a key schedule circuit that outputs key data used in the encryption processing circuit to the encryption processing circuit. Each round calculation executed by the encryption processing circuit includes a linear conversion process executed by a linear conversion circuit, and the linear conversion circuit changes a linear conversion mode of the linear conversion process according to a round transition.
    Type: Grant
    Filed: February 23, 2015
    Date of Patent: February 12, 2019
    Assignee: SONY CORPORATION
    Inventors: Kyoji Shibutani, Takanori Isobe
  • Patent number: 10204149
    Abstract: A computer-driven system manages databases of flexible storage hierarchy. Computer servers include machine-readable storage containing at least one database, the database comprising multiple data records represented by multiple nodes. Each node has a node type and represents records of a corresponding record type. The nodes are embodied by machine-readable data stored in one or more tables. Multiple client-originated direct links are embodied by data stored in the one or more tables, where each one of the direct links directly connecting a different pair of the nodes. Multiple system-originated calculated links are embodied by data stored in the one or more tables. Each calculated link acts in observance with a rules framework to connect pairs of the nodes that would otherwise be connected only indirectly through one or more intermediate nodes and direct links between said intermediate nodes.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: February 12, 2019
    Assignee: SERVICENOW, INC.
    Inventor: Lisa Henderson
  • Patent number: 10206080
    Abstract: A method for transmitting an uplink signal by a user equipment on a carrier where multiple subbands, each having different subcarrier spacing, are multiplexed may include: generating M modulated symbols by modulating uplink data; repeating the M modulated symbols in both upper and lower frequency blocks, which are adjacent to a predetermined frequency block for the M modulated symbols and have the same size as that of the predetermined frequency block; obtaining a tapered pulse by multiplying a total of 3M modulated symbols, which are a result of the repetition, and a total of 3M windowing weight values in an element-wise manner; and transmitting the tapered pulse after performing an inverse Fourier transform, wherein the user equipment can restrict leakage power to subbands unsynchronized with its operating subband to be equal to or lower than a threshold by adjusting a tapering length of the tapered pulse.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: February 12, 2019
    Assignee: LG ELECTRONICS INC.
    Inventors: Sangrim Lee, Byounghoon Kim
  • Patent number: 10206114
    Abstract: Provided are a method of updating firmware of a device, a device, and a mobile system including the device. The method includes: receiving, from a host, a first hash value and a signature, the first hash value corresponding to a firmware image at the host; performing a pre-verify operation for at least one of integrity verification and signature certification on the firmware image using the received first hash value and the received signature; receiving the firmware image from the host according to a result of the pre-verify operation; and obtaining a second hash value from the received firmware image to perform a post-verify operation for at least one of integrity verification and signature certification on the received firmware image.
    Type: Grant
    Filed: March 11, 2015
    Date of Patent: February 12, 2019
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Hyuksang Choi, Yongjae Sung, Jun Ho Lee, Wonill Lee, Hyosun Hwang
  • Patent number: 10200191
    Abstract: An electronic calculating device (100) for performing obfuscated arithmetic in a commutative ring (Zn; Zn[x]/f(x)) is presented. The calculating device comprising a storage (110) arranged to store an increment table (T) defined for an increment ring element (1; ut), the increment table mapping an input ring element (k=uk1?uk2) to an output integer-list (T((k1,k2))=(l1, l2)) encoding an output ring element (I=ul1?ul2), such that the output ring element equals the increment ring element ring-added to the input ring element (I=k+1). Using the increment table, a ring addition unit (130) adds a first addition-input integer-list ((a1, a2)) encoding a first addition-input ring element and a second addition-input integer list ((b1, b2)) encoding a second addition-input ring element. The device may comprise a ring multiplication unit (140) also using the increment table.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: February 5, 2019
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventors: Leandro Marin, Alphons Antonius Maria Lambertus Bruekers, Paulus Mathias Hubertus Mechtildis Antonius Gorissen
  • Patent number: 10188134
    Abstract: A server apparatus supporting authenticated encryption in a network, comprising a receiver configured to receive an unencrypted segment, a processor configured to selecting an encryption key, an initialization vector, and an additional authentication data (AAD), encrypt the segment, configuring the segment for transfer in a Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (DASH) media, assign a segment number to the encrypted segment, append an authentication tag to the encrypted segment, store the encrypted segment with the appended authentication tag, and update a Media Presentation Description (MPD) associated with the encrypted segment with the appended authentication tag, wherein the MPD comprises an @aadBase attribute with an AAD base value, wherein the AAD value is the sum of the segment number and the @aadBase attribute value, and a transmitter configured to transmit the encrypted segment with the appended authentication tag to a destination.
    Type: Grant
    Filed: October 23, 2015
    Date of Patent: January 29, 2019
    Assignee: FUTUREWEI TECHNOLOGIES, INC.
    Inventor: Alexander Giladi
  • Patent number: 10191720
    Abstract: Galois-field reduction circuitry for reducing a Galois-field expansion value, using an irreducible polynomial, includes a plurality of memories, each for storing a respective value derived from the irreducible polynomial and a respective combination of expansion bit values, wherein expansion bits of the expansion value address the plurality of memories to output one or more of the respective values. The Galois-field reduction circuitry also includes exclusive-OR circuitry for combining output of the plurality of memories with in-field bits of said expansion value. There are also a method of operating such Galois-field reduction circuitry to reduce a Galois-field expansion value, a programmable integrated circuit device incorporating the circuitry, a method of performing a Galois-field multiplication operation on such a programmable integrated circuit device, and a method of configuring a programmable integrated circuit device to perform such a Galois-field multiplication operation.
    Type: Grant
    Filed: July 17, 2017
    Date of Patent: January 29, 2019
    Assignee: Altera Corporation
    Inventor: Pohrong Rita Chu
  • Patent number: 10187358
    Abstract: Data transfer between a first computer system and a second computer system utilize parallel servers of the second computer system. A plurality of data chunks collectively comprise a data object. The data chunks may be encrypted and sent over parallel channels to the second computer system, which may be a data storage service of a computing resource service provider. The data object, or a portion thereof, may be downloaded from the data storage system in parallel.
    Type: Grant
    Filed: December 3, 2013
    Date of Patent: January 22, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Sean Anthony Fahey, Brent James Hill
  • Patent number: 10181947
    Abstract: An information processing apparatus is provided that performs information processing for encrypting data using AES, which includes performing a process of generating round key data on a one-byte-by-one-byte basis, performing a row shift transformation that is a process of performing row shifting for the data by use of a row shift table, performing a byte substitution transformation that is a process of performing byte substitution for the data having undergone the row shift transformation by use of a byte substitution table that is a one-dimensional array, performing a column mix transformation that is a process of performing column mixing for the data having undergone the byte substitution transformation based on equivalent expressions, performing a key add transformation that is a process of performing an exclusive-OR operation based on the round key data and the data having undergone the column mix transformation, wherein the row shift transformation, the byte substitution transformation, the column mix tr
    Type: Grant
    Filed: March 8, 2016
    Date of Patent: January 15, 2019
    Assignee: FUJI ELECTRIC CO., LTD.
    Inventor: Kenji Takatsukasa
  • Patent number: 10180787
    Abstract: A method begins by one or more processing modules of one or more computing devices of a dispersed storage network (DSN) determining that dispersed error encoded data slices stored in a plurality of distributed storage units of the DSN are to be updated and then sending a plurality of lock requests respectively to the plurality of distributed storage units. The method continues with the processing modules receiving a response from a write threshold number of distributed storage units of the plurality of distributed storage units that a lock request has been granted by each of the write threshold number of distributed storage units and then sending a persist message to each of the write threshold number of distributed storage units from which the lock request has been granted.
    Type: Grant
    Filed: February 9, 2017
    Date of Patent: January 15, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Andrew D. Baptist, Ravi V. Khadiwala, Mingyu Li, Manish Motwani
  • Patent number: 10164771
    Abstract: The present disclosure discloses an encryption method and an encryption apparatus. The encryption method comprises: generating an AES initial key by using an SAES encryption algorithm, and expanding the AES initial key to obtain an AES encryption key; and encrypting information to be encrypted by using the AES encryption key according to an AES encryption algorithm to generate encrypted data. As such, the AES encryption key is encrypted by introducing the SAES algorithm, which increases the difficulty in cracking the AES encryption key. An attacker may crack the AES by firstly cracking the AES encryption key, which increases the overall difficulty in cracking the AES encrypted data. Further, the SAES encryption algorithm and the AES encryption algorithm are implemented by means of an ASIC integrated in an encryption chip.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: December 25, 2018
    Assignee: SHENZHEN GOODIX TECHNOLOGY CO., LTD.
    Inventor: Ming Zhang
  • Patent number: 10164770
    Abstract: Apparatus, methods, and other embodiments associated with mitigating time delays through a data cryptography device are disclosed. In one embodiment, a method includes receiving input data to be processed on a sector-by-sector basis through a data cryptography device. The input data is organized as multiple commands of the input data, with each command including multiple sectors of the input data, and with each sector including multiple blocks of the input data. The input data is processed through the device to generate encrypted or decrypted sectors of data while mitigating time delays through the device. Time delay mitigation is accomplished by pipeline processing the blocks for each sector through the device, pipeline processing the sectors for each command through the device, and pipeline processing the commands through the device. The encrypted or decrypted sectors of data generated by the device are then output by the device.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: December 25, 2018
    Assignee: Marvell International Ltd.
    Inventor: Sean Lee
  • Patent number: 10158485
    Abstract: A processing system includes a memory and a cryptographic accelerator module operatively coupled to the memory, the cryptographic accelerator module employed to implement a byte substitute operation by performing: a first mapped affine transformation of an input bit sequence to produce a first intermediate bit sequence, an inverse transformation of the first intermediate bit sequence to produce a second intermediate bit sequence, and a second mapped affine transformation of the second intermediate bit sequence to produce an output bit sequence.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: December 18, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Vinodh Gopal, Kirk S. Yap
  • Patent number: 10153894
    Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic encryption to improve processing speed and storage requirements. For example, the techniques and/or systems can be used on a client device to encode data to be sent to a remote server, to be operated on while maintaining confidentiality of data. For example, data including a real number can be encoded as a polynomial, with the fractional part of the real number encoded as high-order coefficients in the polynomial. Further, real numbers can be approximated and encoded in a polynomial using a fractional base, and/or the encoding can include slot encoding. Thus, the optimized encodings disclosed herein provide an optimized homomorphic encryption scheme.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: December 11, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kim Laine, Nathan Dowlin, Ran Gilad-Bachrach, Michael Naehrig, John Wernsing, Kristin E. Lauter
  • Patent number: 10148654
    Abstract: Encryption is provided for a wireless network comprising a first wireless station and at least a second wireless station. First messages are exchanged between the first wireless station and the second wireless station over a first synchronous wireless link to establish a shared secret and a first session key, the first messages not being encrypted. The MAC layer of the first synchronous wireless link is then encrypted using encryption on the basis of the first session key, then further messages are exchanged between the first wireless station and the second wireless station over the first synchronous wireless link to establish a second session key, the further messages being encrypted by the encryption of the MAC layer of the first synchronous wireless link. The MAC layer of the first synchronous wireless link is then encrypted using encryption on the basis of the second session key.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: December 4, 2018
    Assignee: CAMBIUM NETWORKS LTD
    Inventors: Mark Thomas, Richard Carter, Gregor Dean
  • Patent number: 10148428
    Abstract: Instructions and logic provide SIMD secure hashing round slice functionality. Some embodiments include a processor comprising: a decode stage to decode an instruction for a SIMD secure hashing algorithm round slice, the instruction specifying a source data operand set, a message-plus-constant operand set, a round-slice portion of the secure hashing algorithm round, and a rotator set portion of rotate settings. Processor execution units, are responsive to the decoded instruction, to perform a secure hashing round-slice set of round iterations upon the source data operand set, applying the message-plus-constant operand set and the rotator set, and store a result of the instruction in a SIMD destination register. One embodiment of the instruction specifies a hash round type as one of four MD5 round types. Other embodiments may specify a hash round type by an immediate operand as one of three SHA-1 round types or as a SHA-2 round type.
    Type: Grant
    Filed: December 11, 2014
    Date of Patent: December 4, 2018
    Assignee: Intel Corporation
    Inventors: Gilbert M. Wolrich, Vinodh Gopal, Kirk S. Yap
  • Patent number: 10146701
    Abstract: A method of providing security in a computer system includes producing an initial block of data from a respective address of a memory location. An updated block of data may be calculated for each round of a plurality of rounds in a substitution-permutation network. This may include mixing an input block through a substitution layer including a plurality of substitution boxes, and a linear transformation layer including a permutation, to produce the updated block, before or after which respectively the input block or updated block may be mixed with a round key. The input block may be the initial block for the first round, and the updated block for an immediately preceding round for each round thereafter. A block of ciphertext may be produced with a key composed of the updated block for the last round, and the block of ciphertext may be written at the memory location.
    Type: Grant
    Filed: August 29, 2014
    Date of Patent: December 4, 2018
    Assignee: The Boeing Company
    Inventor: Laszlo Hars
  • Patent number: 10140458
    Abstract: A processing system implementing techniques for parallelized authentication encoding is provided. In one embodiment, the processing system includes an accumulator, a register representing a pipeline stage and a processing core coupled to the accumulator and to the register. The processing core is to split an input message into a first input stream and a second input stream. For each input stream, the processing core is further to add, to the accumulator, a data block from the input stream. Contents of the accumulator multiplied by a squared nonce value are stored in the register and a result of applying a modulo reduction operation to the contents of the register is stored in the accumulator. Thereupon, an authentication tag for the input message is generated based on the result stored in the accumulator and the contents of the register.
    Type: Grant
    Filed: April 7, 2016
    Date of Patent: November 27, 2018
    Assignee: Intel Corporation
    Inventors: Chang Yong Kang, Pierre Laurent
  • Patent number: 10134087
    Abstract: Architectures and techniques are configured to distribute and activate payment cards. The techniques include providing payment cards to distributors, who then sell or distribute these cards to other users. Each of these payment cards may include activation information for activating the card as well as redemption information for redeeming a value associated with the card. The distributor may activate a card by, for instance, taking a picture of or scanning an identifier on the card and sending this image to a provider of the card. In response, the provider may activate the card.
    Type: Grant
    Filed: February 16, 2011
    Date of Patent: November 20, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Michal J. Geller, Gregory M. Hart, Jeffrey P. Bezos, Michael Carr, Brian R. Williams
  • Patent number: 10129225
    Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.
    Type: Grant
    Filed: November 18, 2016
    Date of Patent: November 13, 2018
    Assignee: BLACKHAWK NETWORK, INC.
    Inventor: Derk Norton
  • Patent number: 10127390
    Abstract: There is provided a method of performing a cryptographic algorithm in software, the cryptographic algorithm comprising one or more processing steps, wherein each processing step is arranged to process a respective input to the processing step so as to generate an output corresponding to the input, characterized in that, for each of at least one of the one or more processing steps, the method comprises: providing a respective input for the processing step as an input to a plurality of implementations of the processing step, wherein each implementation is arranged to output a corresponding intermediate result represented using a respective predetermined output representation; and using the representation of the intermediate results to generate a result for the processing step that is based on each of the intermediate results, wherein, if each intermediate result is the output that corresponds to the input for the processing step then the result for the processing step is the output that corresponds to the input
    Type: Grant
    Filed: March 27, 2013
    Date of Patent: November 13, 2018
    Assignee: IRDETO B.V.
    Inventor: Michael Wiener
  • Patent number: 10129018
    Abstract: A processing system includes a memory and a processing logic operatively coupled to the memory. The processing logic includes a message scheduling module selectively operating in one of a SHA mode or an SM3 mode to generate a sequence of message words based on an incoming message. The processing logic also includes a round computation module selectively operating in one of the SHA mode or the SM3 mode to perform at least one of a message expansion or a message compression based on at least one message word of the sequence of message words.
    Type: Grant
    Filed: November 12, 2015
    Date of Patent: November 13, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Vikram B. Suresh, Sanu K. Mathew
  • Patent number: 10129026
    Abstract: A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q?1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd?48.
    Type: Grant
    Filed: May 3, 2016
    Date of Patent: November 13, 2018
    Assignee: Certicom Corp.
    Inventor: Daniel Richard L. Brown
  • Patent number: 10122691
    Abstract: The present disclosure provides a receiving apparatus for preprocessing at least one segment data packet to a data packet. The receiving apparatus includes a packet parser, a data memory, a decrypt engine, a transmission engine, a header processing unit and a controller. The packet parser fetches segment-packet-header information from a segment packet header of each segment data packet. The decrypt engine decrypts an encrypted data of each segment data packet to obtain a segment payload and a QUIC private header including sequence information. The transmission engine transmits the segment payload to a specific location of a system memory. The header processing unit calculates packet information and updates the segment packet header stored in the data memory to generate a packet header. The controller controls the transmission engine based on the sequence information to output the packet header to the system memory for generating the data packet.
    Type: Grant
    Filed: July 6, 2016
    Date of Patent: November 6, 2018
    Assignee: REALTEK SEMICONDUCTOR CORP.
    Inventors: Chia-Hung Lin, Chang-Shiuan Yang, Yi-Huei Lei, Chun-Hao Lin
  • Patent number: 10117006
    Abstract: Digital information can be carried on the fiber leg of an access network using binary modulation. Binary modulated data received at an O/E node can then be modulated onto an analog waveform using quadrature amplitude modulation or some other technique for modulating an analog waveform and transmitted over, for example, the coaxial leg of the network. The O/E node may also receive an analog signal, over the coaxial leg, modulated to carry upstream data from subscriber devices. The O/E node may demodulate the upstream signal to recover the upstream data and forward that upstream data over the fiber leg using a binary modulated optical signal.
    Type: Grant
    Filed: March 31, 2010
    Date of Patent: October 30, 2018
    Assignee: Comcast Cable Communications, LLC
    Inventors: Jorge Daniel Salinger, David Urban
  • Patent number: 10116448
    Abstract: Authorizing transactions by an authentication provider involves at least one preparatory phase and an authorization phase. The preparatory phase includes registering a user account with several personal devices, each with an authentication application installed. The authorization phase receives knowledge of the transaction; determines the user account related to the transaction; determines at least one personal device registered with the user account related to the transaction; receives a request for details specific to the transaction from at least one personal device; provides the authentication application of the at least one personal device with the requested details specific to the transaction; receives from the authentication application a digitally signed transmission which indicates transaction-specific instructions received by the authentication application; and authorizes or denies the transaction based on the received transaction-specific instructions.
    Type: Grant
    Filed: March 21, 2014
    Date of Patent: October 30, 2018
    Assignee: Meontrust Inc
    Inventor: Markku Mehtälä
  • Patent number: 10108659
    Abstract: An approach for fingerprinting large data objects at the wire speed has been disclosed. The techniques include Fresh/Shift pipelining, split Fresh, optimization, online channel sampling, and pipelined selection. The architecture can also be replicated to work in parallel for higher system throughput. Fingerprinting may provide an efficient mechanism for identifying duplication in a data stream, and deduplication based on the identified fingerprints may provide reduced storage costs, reduced network bandwidth consumption, reduced processing time and other benefits. In some embodiments, fingerprinting may be used to ensure or verify data integrity and may facilitate detection of corruption or tampering. An efficient manner of generating fingerprints (either via hardware, software, or a combination) may reduce a computation load and/or time required to generate fingerprints.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: October 23, 2018
    Assignee: WESTERN DIGITAL TECHNOLOGIES, INC.
    Inventors: Cyril Guyot, Dongyang Li, Qingbo Wang, Ken Yang
  • Patent number: 10110376
    Abstract: A computing device (e.g., an FPGA or integrated circuit) processes an incoming packet comprising data to compute a Galois hash. The computing device includes a plurality of circuits, each circuit providing a respective result used to determine the Galois hash, and each circuit including: a first multiplier configured to receive a portion of the data; a first exclusive-OR gate configured to receive an output of the first multiplier as a first input, and to provide the respective result; and a second multiplier configured to receive an output of the first exclusive-OR gate, wherein the first exclusive-OR gate is further configured to receive an output of the second multiplier as a second input. In one embodiment, the computing device further comprises a second exclusive-OR gate configured to output the Galois hash, wherein each respective result is provided as an input to the second exclusive-OR gate.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: October 23, 2018
    Assignee: Secturion Systems, Inc.
    Inventors: Sean Little, Jordan Anderson
  • Patent number: 10103877
    Abstract: A processing system includes a memory and a processing logic operatively coupled to the memory. The processing logic identifies one or more constant bits of an output bit sequence. The processing logic generates a plurality of variable bits of the output bit sequence. The processing logic produces the output bit sequence including the identified constant bits and the generated plurality of variable bits.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: October 16, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Kirk S. Yap, Vinodh Gopal
  • Patent number: 10101969
    Abstract: A system includes an integrated circuit configured to receive a multiplicand number, a multiplier number, and a modulus at one or more data inputs. The multiplicand number is partitioned into a plurality of multiplicand words. Each multiplicand word has a multiplicand word width. The multiplier number is partitioned into a plurality of multiplier words. Each multiplier word has a multiplier word width different from the multiplicand word width. A plurality of outer loop iterations of an outer loop is performed to iterate through the plurality of the multiplicand words. Each outer loop iteration of the outer loop includes a plurality of inner loop iterations of an inner loop performed to iterate through the plurality of the multiplier words. A Montgomery product of the multiplicand number and the multiplier number with respect to the modulus is determined.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: October 16, 2018
    Assignee: XILINX, INC.
    Inventors: Ming Ruan, Fengshou Guo
  • Patent number: 10103876
    Abstract: A processor is disclosed for ciphering of first data. The processor includes a key store and a first data store. In use the processor for ciphering the first data in accordance with a first cipher process and a first secret key to provide output data, during ciphering of the first data inserting within the cipher processor other data for ciphering in accordance with at least a portion of the first cipher process, the other data inserted within a sequence of cipher processor operations and scheduled for obfuscating the output data.
    Type: Grant
    Filed: October 17, 2013
    Date of Patent: October 16, 2018
    Assignee: Synopsys, Inc.
    Inventors: Neil Hamilton, François Bourdon, Michael Borza
  • Patent number: 10104088
    Abstract: A method, computer program product, and system for providing verification processes associated with a commitment-based authentication protocol are described. A request by a user for access to one or more resources is received, and a presentation policy is transmitted to the user indicating required credentials. A commitment to a revocation handle is received, including an indication of an associated Sigma protocol executed by the user. A challenge value selected from a challenge value set associated with the associated Sigma protocol is transmitted to the user. Based on the selected challenge value, a presentation token and a value parameter that is distinct from the presentation token are received from the user. Based on a determination as to whether the presentation token and value parameter are valid in accordance with the associated Sigma protocol, access for the user to the one or more resources is granted to the user or prevented.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: October 16, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jan L. Camenisch, Robert R. Enderlein, Anja Lehmann, Gregory Neven
  • Patent number: 10104055
    Abstract: A system, method and computer program product protects client information used for online transactions by storing transaction details on the client side of a network and avoiding storage on the host side. A hash function may be generated representing a transaction and its details on both the client and server sides. For the transaction to be processed, the hash function from the client side must match the hash function on the host side. Once authenticated, the transaction details may be read and processed while maintaining storage of the client information on the client side of the network.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: October 16, 2018
    Inventors: David Joseph Ponder, Stephen Wang, Matthew Richmond
  • Patent number: 10103881
    Abstract: A permutation method for reconciling bit errors in a quantum key reconciliation protocol performing an iterative reconciliation process, includes: obtaining a bit string through a previous reconciliation step; and permuting bits in athe bit string obtained from a the previous reconciliation step before a subsequent reconciliation step by performing a linear modulo operation based on a length of the bit string and a length of a block for the subsequent reconciliation step.
    Type: Grant
    Filed: April 23, 2015
    Date of Patent: October 16, 2018
    Assignee: SK TELECOM CO., LTD.
    Inventor: Jeong-woon Choi
  • Patent number: 10102383
    Abstract: A system for protecting data includes a virtual zeroisation device which receives data to be encrypted and key material for encrypting the data. The key material is stored in a storage device. As the encryption unit encrypts the data using the key material, the encrypted data is stored in the storage device and overwrites the key material.
    Type: Grant
    Filed: August 16, 2012
    Date of Patent: October 16, 2018
    Assignee: QUINTESSENCELABS PTY LTD.
    Inventors: Vikram Sharma, John Leiseboer
  • Patent number: 10097521
    Abstract: One embodiment provides a system that facilitates efficient and transparent encryption of packets between a client computing device and a content producing device. During operation, the system receives, by a content producing device, an interest packet that includes a masked name which corresponds to an original name, wherein the original name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. The system obtains the original name based on the masked name. The system computes a symmetric key based on the original name and a generated nonce. The system generates a content object packet that corresponds to the original name and includes the masked name, the nonce, and a payload encrypted based on the symmetric key, wherein the content object packet is received by a client computing device.
    Type: Grant
    Filed: November 20, 2015
    Date of Patent: October 9, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Christopher A. Wood
  • Patent number: 10097206
    Abstract: There are provided an encoding method and an encoder performing an encoding by an operation of generating a first output message by encoding an input message based on a first block code, an operation of generating a second output message by encoding some of the input message based on a second block code, and an operation of concatenating the first output message and the second output message.
    Type: Grant
    Filed: October 1, 2016
    Date of Patent: October 9, 2018
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Taegyun Noh, Hyukjun Oh, Sung Cheol Chang, Jihoon Choi
  • Patent number: 10097342
    Abstract: A method for a keyed cryptographic operation by a cryptographic system mapping an input message to an output message, including: receiving input data for the keyed cryptographic operation; calculating a first mask value based upon the input data; and applying the first mask value to a first intermediate value of the keyed cryptographic operation.
    Type: Grant
    Filed: July 30, 2015
    Date of Patent: October 9, 2018
    Assignee: NXP B.V.
    Inventors: Wil Michiels, Jan Hoogerbrugge, Philippe Teuwen
  • Patent number: 10089617
    Abstract: Embodiments of the disclosure can include systems and methods for facilitating card present transactions. In one embodiment, a computer-implemented method for conducting card present transactions can be provided. The method can include receiving, by a merchant system comprising one or more computers, a request for a card present electronic commerce transaction on behalf of a consumer; determining, by the merchant system, an identifier of a mobile device of the consumer; obtaining, by the merchant system from the mobile device, validation information associated with a payment application stored on the mobile device; and outputting, by the merchant system for communication to an issuer system, a proposed card present transaction and the validation information.
    Type: Grant
    Filed: September 26, 2012
    Date of Patent: October 2, 2018
    Assignee: First Data Corporation
    Inventors: Vijay Kumar Royyuru, Todd Nuzum
  • Patent number: 10085152
    Abstract: The present invention provides a data processing method, which is used for a terminal comprising a plurality of operating systems, and the method comprises: determining a first operating system currently used by the terminal when a command to store data in a Subscriber Identity Module (SIM) card in the terminal is received; storing the data in a first storage area of the SIM card when the first operating system currently in use is a designated operating system amongst the plurality of operating systems of the terminal, and storing the data in a second storage area of the SIM card when the first operating system currently in use is a non-designated operating system amongst the plurality of operating systems of the terminal. Correspondingly, the present invention also provides a data processing apparatus and a terminal.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: September 25, 2018
    Assignee: YULONG COMPUTER TELECOMMUNICATION SCIENTIFIC (SHENZHEN) CO., LTD.
    Inventor: Limin Luo
  • Patent number: 10075288
    Abstract: Remote terminals are configured to generate ciphertexts from plaintext polynomials. Each ciphertext corresponds to a plaintext polynomial bound to a message space of a polynomial-based fully homomorphic cryptographic scheme. At least one server is configured to receive ciphertexts via a network from the plurality of remote terminals. The server performs a multiplication operation and an addition operation on the ciphertexts to obtain resultant ciphertexts. The multiplication operation includes performing a bitwise decomposition function on a ciphertext to obtain a bitwise decomposed ciphertext. The bitwise decomposition function maps a multi-bit data type to a sequence of bits. The multiplication operation further includes performing matrix multiplication on the bitwise decomposed ciphertext and a data element belonging to a set of data elements. Message filters, data search engines, and other applications are discussed.
    Type: Grant
    Filed: February 28, 2015
    Date of Patent: September 11, 2018
    Inventors: Alhassan Khedr, Glenn Gulak, Vinod Vaikuntanathan
  • Patent number: 10074063
    Abstract: A method and system for storing and retrieving a packaging hierarchy of traceable physical items includes at an item marking location, marking physical items to be packaged in the packaging hierarchy, with a unique code with a first and second identifier, transferring packaging relationships between the codes to a track and trace system, identifying for each code in the packaging relationships, hierarchical code relations expressed as parent and/or child codes, and for each code, storing the hierarchical code relations in a section of a data storage location of the first computer system, wherein a start position of the section is determined by a combination of the first and second identifiers of the code.
    Type: Grant
    Filed: December 13, 2013
    Date of Patent: September 11, 2018
    Assignee: KEZZLER AS
    Inventors: Magnar Løken, Morten Haraldsen
  • Patent number: 10068070
    Abstract: A method of obscuring software code implementing an elliptic curve cryptography (ECC) point multiplication function, including: receiving ECC parameters including a multiplier d having N bits; transforming multiplier d into an array d(i) with ?1, 0, and +1 values while maintaining the same value for d; and generating ECC point multiplication function operations using the transformed multiplier array d(i) and N, wherein the generated ECC point multiplication function operations are split variable operations.
    Type: Grant
    Filed: July 31, 2015
    Date of Patent: September 4, 2018
    Assignee: NXP B.V.
    Inventors: Jan Hoogerbrugge, Wil Michiels, Pim Vullers
  • Patent number: 10069850
    Abstract: A system and method in a virtual universe system for triggering scans of virtual items and inventories of virtual items and for scanning the virtual items and inventories wherein the scans may be triggered by an avatar moving or teleporting from one region to another, or by an avatar picking up, dropping off, or accepting or purchasing an item. The degree of scanning may depend upon factors such as location where these scan triggers occur. The signature of the item may be identified by the scan process. The item signature may be compared against signatures of known malicious items stored in an inventory item signatures database and a summary of the signature comparison may be sent to a resident and stored in the resident's inventory.
    Type: Grant
    Filed: January 4, 2016
    Date of Patent: September 4, 2018
    Assignee: International Business Machines Corporation
    Inventors: Rick A. Hamilton, II, Brian M. O'Connell, Clifford A. Pickover, Keith R. Walker
  • Patent number: 10068097
    Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.
    Type: Grant
    Filed: August 12, 2015
    Date of Patent: September 4, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Olga Ohrimenko, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Markulf Kohlweiss, Divya Sharma
  • Patent number: 10063524
    Abstract: A method of transmitting messages from a sender to a recipient over a wireless channel, the messages including a sequence counter and a frame counter. The method comprises establishing initial values of the sequence counter and the frame counter at the sender. Initial values of the frame counter and the sequence counter are provided to the recipient. The sender sends compressed messages including the value of the sequence counter and not the frame counter and monitors for an acknowledgement of receipt by the recipient. When no acknowledgment is received, the sender sends uncompressed messages until an acknowledgement of receipt is received from the recipient. The sequence counter is incremented and the next value of the frame counter is established as the integer next larger than previous value of the frame counter which is congruent to the sequence counter modulo 256.
    Type: Grant
    Filed: August 27, 2014
    Date of Patent: August 28, 2018
    Assignee: Certicom Corp.
    Inventor: Marinus Struik
  • Patent number: 10057654
    Abstract: Disclosed herein are system, apparatus, article of manufacture, method, and/or computer program product embodiments for selection and alignment of video segments for adaptive streaming. An embodiment operates by receiving one or more variant segments, the one or more variant segments including a first variant segment having a first bitrate and a second variant segment having a second bitrate for decoding and playback and generating a first packetized elementary stream (PES) collection based on the first variant segment and a second PES collection based on the second variant segment. The embodiment further operates by storing the generated first PES collection and second PES collection in a processing buffer; and determining a first out-of-tolerance splicing location and associated first out-of-tolerance offset between the first PES collection and the second PES collection based on a maximum tolerance offset.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: August 21, 2018
    Assignee: Roku, Inc.
    Inventor: Francis Degrange
  • Patent number: 10057063
    Abstract: A decryption method includes receiving encrypted data, in which the encrypted data is encrypted according to an RSA public key; and performing a plurality of operations in sequence according to an RSA private key and the encrypted data to acquire a decrypted data. The operations include a plurality of decryption operations and at least one false operation. The decryption operations include at least one decryption multiplication operation and at least one decryption square calculation, and the at least one false operation includes at least one of at least one first false multiplication operation and at least one first false square calculation.
    Type: Grant
    Filed: April 20, 2016
    Date of Patent: August 21, 2018
    Assignee: REALTEK SEMICONDUCTOR CORPORATION
    Inventor: Tzung-Juei Wu
  • Patent number: 10057060
    Abstract: A user computer generates a secret cryptographic key through communication with a server. A secret user value is provided at the user computer. A secret server value is provided at the server with a check value which encodes the secret user value and a user password. In response to input of an input password, the user computer encodes the secret user value and the input password to produce a first value corresponding to said check value, and communicates the first value to the server. The server compares the first value and check value to check whether the input password equals the user password. If so, the server encodes the first value and secret server value to produce a second value and communicates the second value to the user computer. The user computer generates the secret cryptographic key by encoding the second value, the input password and the secret user value.
    Type: Grant
    Filed: August 18, 2017
    Date of Patent: August 21, 2018
    Assignee: International Business Machines Corporation
    Inventors: Jan Camenisch, Robert Enderlein, Stephan Krenn, Anja Lehmann, Gregory Neven
  • Patent number: 10057064
    Abstract: In Elliptic Curve Cryptography (ECC), one performs a great number of modular multiplications. These are usually done by Montgomery Multiplication algorithm, which needs the operands to be preprocessed (namely, converted to the Montgomery Domain), which is normally done by an equivalent of a long division. We provide a method to perform this conversion by a single Montgomery multiplication on the raw data. The method is formulated for elliptic curve points represented in Jacobian coordinates but can be extended to other representations.
    Type: Grant
    Filed: March 17, 2016
    Date of Patent: August 21, 2018
    Assignee: Winbond Electronics Corp.
    Inventor: Uri Kaluzhny