User-to-user Key Distributed Over Data Link (i.e., No Center) Patents (Class 380/283)
  • Patent number: 11882123
    Abstract: Disclosed are various examples for kernel level application data protection. In one example, a security label and a list of permitted applications are received. The security label is utilized to limit access to files that embed the security label. A security label map is written within a kernel layer of the client device. The security label map includes the security label and the list of permitted applications. A secured file is generated by embedding the security label within a file stored on the client device.
    Type: Grant
    Filed: May 18, 2022
    Date of Patent: January 23, 2024
    Assignee: VMware, Inc.
    Inventors: Akash Pati, Shivam Srivastav, Anirudh Singh Rathore
  • Patent number: 11811948
    Abstract: Disclosed are methods, devices, and computer-readable media for securing data in motion and at rest in a secure memory device. In one embodiment, a memory device is disclosed comprising a storage medium and a processor, the processor configured to: receive a software image, validate a digital signature associated with the software image, write the software image to the storage medium, receive a request to launch the software image from a host processor, validate the software image, and transmit the software image to the host processor.
    Type: Grant
    Filed: April 8, 2021
    Date of Patent: November 7, 2023
    Assignee: Micron Technology, Inc.
    Inventor: Michael Tex Burk
  • Patent number: 11785510
    Abstract: A communication system is described in which user plane communication and control plane communication for a particular mobile communication device can be split between a base station that operates a small cell and a macro base station. Appropriate security for the user plane and control plane communications is safeguarded by ensuring that each base station is able to obtain or derive the correct security parameters for protecting the user plane or control plane communication for which it is responsible.
    Type: Grant
    Filed: August 19, 2022
    Date of Patent: October 10, 2023
    Assignee: NEC CORPORATION
    Inventor: Vivek Sharma
  • Patent number: 11778090
    Abstract: A system comprising: (a) a compliance server adapted to receive an audio feed of a telephone conversation; (b) an identification module adapted to ascertain IP addresses from which said audio feed originates and identify participants in said telephone conversation using said IP addresses; and (c) an analysis module adapted to ascertain a subject of said telephone conversation.
    Type: Grant
    Filed: May 28, 2020
    Date of Patent: October 3, 2023
    Inventors: Levi Yitzchak Orbach, David Schwadron
  • Patent number: 11743720
    Abstract: A foreign wireless communication system is operated in a local communication network as if the foreign wireless communication system were a local wireless communication system. A data communication link is established between the wireless communication system and a service provider in a local wireless communication network. An outgoing request for authentication information is communicated from the wireless communication system to a remote administration system over the data communication link. The authentication information is received over the data communication link from the administration system and is transmitted over a signal link from the wireless communication system to the service provider. A requested wireless communication service is received at the wireless communication system based on authentication of the wireless communication system by the service provider using the authentication information.
    Type: Grant
    Filed: January 24, 2020
    Date of Patent: August 29, 2023
    Assignee: Simo Holdings, Inc.
    Inventors: Jing Liu, Richard Xu, Xiaolei Qin
  • Patent number: 11740642
    Abstract: Examples of the disclosure are directed to dynamic selection of a specific location at a destination for delivery or transfer of an item. A connected speaker can communicate with an autonomous carrier using an audio signal. The audio signal can contain identifying information associated with the specific location. The autonomous carrier can complete delivery of the item at the specific location.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: August 29, 2023
    Assignee: VMware, INC.
    Inventor: Rohit Pradeep Shetty
  • Patent number: 11743241
    Abstract: A computer-implemented method includes receiving, by a transcoder, second encrypted data. The second encrypted data is data that has been encrypted in a first key to create first encrypted data that is then encrypted in a second key to create the second encrypted data. The method includes receiving the second key and decrypting the second encrypted data using the second key to obtain the first encrypted data. The method includes encrypting the first encrypted data using a third key to create third encrypted data, and sending the third encrypted data to a destination node. A computer-implemented method includes receiving, by a transcoder, a second encrypted key. The second encrypted key is a key that has been encrypted in a first key to create a first encrypted key that is then encrypted in a second key to create the second encrypted key.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: August 29, 2023
    Assignee: International Business Machines Corporation
    Inventors: Steven Robert Hetzler, Guerney D. H. Hunt
  • Patent number: 11671248
    Abstract: A computer system and a method are provided for storage and distribution of encryption keys in sequence. Encryption keys, such as public keys, are provided key pointers as properties, the key pointer indicating another key, to thereby form a sequence. A current key is designated, and the sequence is advanced to a successor key indicated by the key pointer of the current key upon a predetermined succession event. The current key is transmitted upon receipt of a key request. In various embodiments, succession events can include occurrence of an expiration date, or the addition of a new key to the sequence.
    Type: Grant
    Filed: November 16, 2020
    Date of Patent: June 6, 2023
    Assignee: Wildfi Pty Ltd
    Inventor: Mark Rodney Anson
  • Patent number: 11646888
    Abstract: A system allows a user to store his personally identifiable information (PII) on a personal device. When a third party wants to access the user's PII (e.g., to update the PII or to retrieve the PII), a notification will be presented to the user on the personal device seeking consent to the access. The notification may inform the user as to what information is being requested and which entity is requesting the access. The requested access will be denied unless the user consents to the access. In this manner, the user is given control over the dissemination of his PII. Additionally, the system alters or adjusts the PII that is stored in third-party servers so that even if these servers are breached, the user's actual PII is not exposed.
    Type: Grant
    Filed: November 4, 2021
    Date of Patent: May 9, 2023
    Assignee: THE PRUDENTIAL INSURANCE COMPANY OF AMERICA
    Inventors: Venkatesh Sarvottamrao Apsingekar, Sahil Vinod Motadoo, Christopher John Schille, James Francis Lavine
  • Patent number: 11632245
    Abstract: Techniques are described to generate a first security key when a user equipment operating in an inactive state initiates a data transmission or a procedure to resume network connection. The first security key is generated based on a second security key associated with a first network node and a counter value, and the first security key is associated with a second network node and is used to generate user plane security keys to transmit data to or to receive data from one or more network nodes.
    Type: Grant
    Filed: January 27, 2021
    Date of Patent: April 18, 2023
    Assignee: ZTE Corporation
    Inventors: Jianxun Al, He Huang
  • Patent number: 11606207
    Abstract: A system, method, and computer program product are provided for sending and receiving messages using a noisy cryptographic system. To send a message, N secret keys are negotiated using a noisy cryptographic system, where K secret keys are expected to be noiseless. A secret polynomial that includes the N secret keys is generated, and K points on the secret polynomial are derived. For each of the N secret keys, a secret key MAC key is derived and a secret key MAC is calculated using the derived secret key MAC key. A secret key MAC header is generated that includes an array of each of the secret key MACs and possibly a corresponding public key. Message integrity plaintext is generated that includes an encrypted message, the secret key MAC header, and an array of the K points on the secret polynomial. A final message that includes the message integrity plaintext is generated for being sent.
    Type: Grant
    Filed: January 4, 2022
    Date of Patent: March 14, 2023
    Assignee: DIGITAL 14 LLC
    Inventors: Alexander Sherkin, Milap Sheth
  • Patent number: 11606197
    Abstract: This disclosure relates to method and system for encrypting and decrypting a facial segment in an image with a unique server key. The method includes receiving an image from one of a plurality of users. The image includes a plurality of facial segments. The method further includes, for each facial segment from the plurality of facial segments, identifying a unique user associated with the facial segment using a facial recognition algorithm, encrypting the facial segment with a unique server key, generating a protection frame, unlockable with the unique server key, to cover the facial segment, and decrypting the facial segment while rendering the image for at least one of the plurality of users upon receiving the unique server key from the at least one of the plurality of users.
    Type: Grant
    Filed: July 26, 2020
    Date of Patent: March 14, 2023
    Assignee: HCL Technologies Italy S.p.A.
    Inventors: Antonio Secomandi, Viviana Tripodi
  • Patent number: 11546960
    Abstract: An electronic apparatus includes: a wireless communication unit wirelessly communicating with an external access point; and a processing unit performing communication control for the wireless communication unit. The processing unit performs uninstallation of driver software causing the wireless communication unit to operate and installation of the driver software after the uninstallation, as a self-repair and reboot, when there is an error in wireless connection with the external access point.
    Type: Grant
    Filed: March 24, 2021
    Date of Patent: January 3, 2023
    Assignee: Seiko Epson Corporation
    Inventor: Junpei Koizumi
  • Patent number: 11522689
    Abstract: The present invention relates to the field of quantum communication, especially a quantum key distribution device that can be configured with multiple protocols. It uses the simplified Faraday-Michelson interference ring in combination with the intensity modulator to perform timestamp encoding in a chopping manner. The phase modulation is completed with a Sagnac ring device composed of a single-polarization phase modulator, a polarization beam splitter and a Faraday rotator, so as to achieve the purpose of composite encoding and decoding, thus realizing a quantum key distribution device which can be configured with multiple protocols and multiple decoy state schemes. This device can be compatible with multiple protocols including BB84 protocol, the reference frame-independent protocol, the six-state protocol and SARG protocol and is characterized with polarization-independent phase modulation and low system complexity.
    Type: Grant
    Filed: January 26, 2022
    Date of Patent: December 6, 2022
    Assignee: NANJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS
    Inventors: Qin Wang, Qingqing Jiang, Huajian Ding, Chunhui Zhang, Jian Li
  • Patent number: 11516659
    Abstract: There is provided a method for authentication in device to device discovery. A method performed by a Discoverer device, comprises broadcasting a direct discovery request, receiving a direct discovery response from a Discoveree device, the direct discovery response comprising a first token, and the Discoverer device using the first token to verify that the Discoveree device is authorized to respond to the direct discovery request.
    Type: Grant
    Filed: June 7, 2018
    Date of Patent: November 29, 2022
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Lehtovirta, Karl Norrman, Monica Wifvesson
  • Patent number: 11457000
    Abstract: An information intermediating apparatus in an information transaction system including an information providing apparatus, an information acquiring apparatus and the information intermediating apparatus connected to a communication network, includes: a first receiver that receives second information, of first and second information necessary for restoring transaction object information, and first feature information indicating a feature of the first information; a second receiver that receives second feature information from the information acquiring apparatus, the second feature information being calculated from the first information transmitted to the information acquiring apparatus from the information providing apparatus; a feature information determination unit that determines whether an identity is present between the first feature information and the second feature information; and a transmitter that transmits the second information to the information acquiring apparatus, when the feature information d
    Type: Grant
    Filed: July 15, 2019
    Date of Patent: September 27, 2022
    Assignees: DENSO CORPORATION, TOHOKU UNIVERSITY
    Inventors: Tsuneo Nakata, Naoki Iwata, Masao Sakai, Masayuki Fukumitsu, Shingo Hasegawa, Shuji Isobe, Junya Iwazaki, Eisuke Koizumi
  • Patent number: 11432039
    Abstract: A method of authenticating data received from a user device by a service provider may include receiving user credentials from the user device via a secure communication channel; upon verifying the user credentials, providing to the user device via the secure channel a permission token, where the permission token includes at least a shared secret, where a data within the permission token is not observable to the user device and a shared secret data outside the data of the permission token, the shared secret data observable to the user device; and receiving a request from the user device via a non secure communication channel, where the request may include at least the permission token and a hash digest formed using at least a portion of the shared secret data.
    Type: Grant
    Filed: August 11, 2021
    Date of Patent: August 30, 2022
    Assignee: SYNAMEDIA LIMITED
    Inventors: Ian Bastable, Gareth Bowen
  • Patent number: 11405220
    Abstract: In one implementation, the disclosure provides systems and methods for generating a secure signature using a device-specific and group-specific moving target authentication protocol. According to one implementation, generating the secure signature entails determining a state of a first device in association with a select time interval. The state of the first device is defined by one or more time-variable characteristics of the first device. The device computes an output for a signing function that depends upon the determined state of the first device associated with the first time interval.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: August 2, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Vipin Singh Sehrawat, Dmitriy Vassilyev
  • Patent number: 11304054
    Abstract: A communication method and a device, the method including obtaining, by a terminal device, a security key, where the terminal device performs the obtaining while the terminal device is in a state in which the terminal device has disconnected a radio resource control (RRC) connection from a first network device, and in which the terminal device retains context information for a context, in the first network device, of the terminal device, and sending, by the terminal device, a first message to a second network device, where the first message includes an identifier of the terminal device and at least one of encrypted uplink data or encrypted signaling, the at least one of encrypted uplink data or encrypted signaling is encrypted by using the security key, and where the second network device is different from the first network device.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: April 12, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Li Chai, Jian Zhang, Bingzhao Li, Wei Quan
  • Patent number: 11290848
    Abstract: The controller circuitry is configured to identify one of the plurality of different position assistance information for use by the terminal device to identify a position of the terminal device, and to estimate the position of the terminal device by combining the identified position assistance information with the radio signal received by the position detection receiver circuitry. The position assistance information is identified in accordance with a permission allocated to the terminal device. By providing system information which is unencrypted and other system information which is encrypted, conditional access to the position assistance information can be provided in which a lowest level of position assistance information can provide the least level of position estimation accuracy.
    Type: Grant
    Filed: November 15, 2018
    Date of Patent: March 29, 2022
    Assignee: SONY CORPORATION
    Inventors: Vivek Sharma, Hideji Wakabayashi, Yuxin Wei, Shinichiro Tsuda
  • Patent number: 11284322
    Abstract: An SeNB informs an MeNB that it can configure bearers for the given UE. At this time, the MeNB manages the DRB status, and then sends a key S-KeNB to the SeNB. The MeNB also sends a KSI for the S-KeNB to both of the UE and the SeNB. After this procedure, the MeNB informs an EPC (MME and S-GW) about the new bearer configured at the SeNB, such that the S-GW 50 can start offloading the bearer(s) to the SeNB 30. Prior to the offloading, the EPC network entity (MME or S-GW) performs verification that: 1) whether the request is coming from authenticated source (MeNB); and 2) whether the SeNB is a valid eNB to which the traffic can be offload.
    Type: Grant
    Filed: May 16, 2019
    Date of Patent: March 22, 2022
    Assignee: NEC CORPORATION
    Inventors: Xiaowei Zhang, Anand Raghawa Prasad
  • Patent number: 11271739
    Abstract: A system, method, and computer program product are provided for sending and receiving messages using a noisy cryptographic system. To send a message, N secret keys are negotiated using a noisy cryptographic system, where K secret keys are expected to be noiseless. A secret polynomial that includes the N secret keys is generated, and K points on the secret polynomial are derived. For each of the N secret keys, a secret key MAC key is derived and a secret key MAC is calculated using the derived secret key MAC key. A secret key MAC header is generated that includes an array of each of the secret key MACs and possibly a corresponding public key. Message integrity plaintext is generated that includes an encrypted message, the secret key MAC header, and an array of the K points on the secret polynomial. A final message that includes the message integrity plaintext is generated for being sent.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: March 8, 2022
    Assignee: DIGITAL 14 LLC
    Inventors: Alexander Sherkin, Milap Sheth
  • Patent number: 11258611
    Abstract: Electronically signed data is persistently stored in data storage. After the passage of time, the data may be accessed and presented to a trusted entity for verification of the data. The trusted entity may have access to secret information used to sign the data. The trusted entity may use the secret information to verify an electronic signature of the data. One or more actions may be taken based at least in part on a response provided by the verification system.
    Type: Grant
    Filed: January 11, 2019
    Date of Patent: February 22, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin Elias Seidenberg, Gregory Branchek Roth, Benjamin Tillman Farley
  • Patent number: 11234128
    Abstract: A Method and a system for managing undesired service requests sent from at least one terminal to a network are described, wherein the network comprises a network node for storing trusted service-information. The method comprises the steps of: the network receiving a service request from a terminal, the request comprising service request information; and, sending, preferably via a secure communication channel, a user verification request for requesting the user to verify the service requested by the terminal if at least part of the service request information is not listed in the trusted service-information.
    Type: Grant
    Filed: February 6, 2017
    Date of Patent: January 25, 2022
    Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast- Natuurwetenschappelijk Onderzoek TNO
    Inventors: Jeroen Laarakkers, Frank Muller, Tim Hartog
  • Patent number: 11228438
    Abstract: A security device providing a security function for an image, a camera device including the same, and a system on chip (SOC) for controlling the camera device are provided. An image transmitting device may include an image processor configured to process an image to be transmitted to an external device, and a security circuit including a key shared with the external device. The security circuit may be configured to generate a tag used for image authentication by using data of a partial region of the image and the key based on region information for selecting the partial region of the image. The image transmitting device may be configured to transmit the tag, generated to correspond to the image, to the external device with data of the image.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: January 18, 2022
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Jong-hoon Shin, Ki-seok Bae, Hong-mook Choi, Ji-su Kang, Jae-hyeok Kim, Hye-soo Lee, Hyo-sun Hwang
  • Patent number: 11196547
    Abstract: A lifecycle management method, system, and computer program product include establishing a public key infrastructure (PKI) for end-to-end encryption of control plane and data plane communications by providing encryption between arbitrary components for applicant execution where an interaction pattern is isolated, secure, and a multi-tenant environment.
    Type: Grant
    Filed: March 20, 2019
    Date of Patent: December 7, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jayaram Kallapalayam Radhakrishnan, Vinod Muthusamy, Vatche Isahagian, Scott Boag, Benjamin Herta, Atin Sood
  • Patent number: 11176239
    Abstract: Embodiments as disclosed herein may provide systems and methods for component integration and security. In particular, in one embodiment, a native component that presents a network based interface may be on a device, where that native component may expose a network based interface for access by other components. This native component can then be accessed through the network based interface. To address security concerns and other issues, the native component may be configured to determine if a received request is associated with the same user space and only respond to requests originating from the same user space.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: November 16, 2021
    Assignee: Open Text SA ULC
    Inventors: Jonathan Carroll, Michel Gagnon, Gregory Pekofsky, Khanh Tuan Vu
  • Patent number: 11082844
    Abstract: A method performed by a network server is provided for authentication and key management for a terminal device in a wireless communication network. The method includes authenticating the terminal device during a primary authentication session for the terminal device. The method further includes responsive to a successful authentication of the terminal device, obtaining a first key. The method further includes generating bootstrapping security parameters. The parameters include a second key derived from the first key and a temporary identifier. The temporary identifier identifies the terminal device and the bootstrapping security parameters.
    Type: Grant
    Filed: January 26, 2021
    Date of Patent: August 3, 2021
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Noamen Ben Henda, Helena Vahidi Mazinani, Vesa Lehtovirta
  • Patent number: 11068611
    Abstract: The disclosed computer-implemented method for preventing data loss from data containers may include (1) identifying, at a computing device, a process running in a data container on the computing device, (2) intercepting an attempt by the process to exfiltrate information from the computing device via at least one of a file system operation or a network operation, and (3) performing a security action to prevent the intercepted attempt. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: July 20, 2021
    Assignee: CA, Inc.
    Inventor: Sumit Sarin
  • Patent number: 10999068
    Abstract: An authentication method for a QKD process includes: a sender selects a basis for preparing authentication information according to an algorithm in an algorithms library, and respectively applies different wavelengths to send quantum states of control information and data information according to a preset information format; a receiver filters the received quantum states, employs a basis of measurement corresponding to the algorithm to measure the authentication information quantum state, sends reverse authentication information when the measurement result is in line with the algorithm, and terminates the distribution process otherwise. In addition, the sender terminates the distribution process when its local authentication information is inconsistent with the reverse authentication information.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: May 4, 2021
    Assignee: Alibaba Group Holding Limited
    Inventor: Yingfang Fu
  • Patent number: 10960314
    Abstract: The present disclosure relates to processing operations configured to efficiently enable a client and a server to establish secure communication upon initial connection between the client and the server. Upon initial connection to with the server, the client provides an encrypted token which serves as both proof of authentication/identity and provides, in the encrypted token, an encryption key that the server can utilize to initiate secure communication with the client. The server is able to trust the encrypted token and the encryption key because the encrypted token is signed and encrypted by an authentication service that has a trusted relationship with the server and because the authentication service has pre-shared decryption and signature verification keys with the server. The server utilizes the encrypted key to secure communications with the client without requiring additional processing to lookup client identity or any further intervention from the authentication service.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: March 30, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kyle Schouviller, Scott Guest
  • Patent number: 10938556
    Abstract: A method of sharing of a reference key (AppKey) between a connected object and at least one server. The method includes the object applying a function (f) to at least one datum (DevEUI, AppEUI, DevNonce) and to a key (KSE) specific to a secure element of the object to generate the reference key, transmitting to the server a join request of the object to a network of connected objects, which include the datum, and the key (KSE) of the secure element not being transmitted to the server. The method further includes obtaining, by the server, of the key (KSE) of the secure element on the basis of the request, the server applying the function (f) to the datum and to the key (KSE) obtained by the server, so as to obtain the reference key.
    Type: Grant
    Filed: November 30, 2018
    Date of Patent: March 2, 2021
    Assignee: IDEMIA IDENTITY & SECURITY FRANCE
    Inventors: Julien Bringer, Vincent Bouatou
  • Patent number: 10902137
    Abstract: This application relates to a technique that enables a software application to perform an operation on a file stored on a file system, while enforcing privacy measures. The technique includes receiving, from a file browser, a selection of file made accessible by a file access service. The file access service is associated with the file system storing the file. The file browser executes in a mode that prevents the software application from identifying content displayed within the file browser. The technique also includes, provided the software application is authorized to access the file, communicating a first list of operations for receipt by the software application, in which the software application selects a first subset of operations, to perform on the file. Furthermore, the technique includes establishing, to perform the first subset of operations on the file, a first direct communication link between the software application and the file access service.
    Type: Grant
    Filed: November 3, 2017
    Date of Patent: January 26, 2021
    Assignee: Apple Inc.
    Inventors: Jean-Gabriel Morard, Anthony S. Parker, Rony Fadel, Kevin S. Perry
  • Patent number: 10902392
    Abstract: An improved financial terminal automatically reconfigures into different financial processing terminal types. In one embodiment, the terminal comprises a housing; a card reader configured to accept at least a portion of a card having an integrated circuit; at least one display; at least one processor; and at least one memory configured to store machine readable code, the machine readable code comprising a first kernel corresponding to a first transaction type and a second kernel corresponding to a second transaction type.
    Type: Grant
    Filed: November 19, 2019
    Date of Patent: January 26, 2021
    Assignee: Everi Payments Inc.
    Inventors: Timothy Richards, Dale Baltzell, Brian T. Sullivan
  • Patent number: 10896413
    Abstract: Methods, systems and apparatus are provided for facilitating financial transactions using an IC type financial card via a terminal. A user is provided a list of transaction types, such as PIN-based, signature-based, etc., and a requested transaction is processed via a first selected transaction type. If the transaction is unsuccessful, the terminal automatically presents a list of remaining available transaction types from which the user may select and the transaction is processed by the next selected transaction type. If the transaction is successful, funds are provided to the user, such as in the form of currency/coins or funds transfer.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: January 19, 2021
    Assignee: Everi Payments Inc.
    Inventors: Timothy Richards, Dale Baltzell, Brian T. Sullivan
  • Patent number: 10860744
    Abstract: A system and method of downloading firmware into an embedded device while maintaining the integrity and confidentiality of the firmware is disclosed. In one embodiment, the process comprises four phases. In the first phase, unauthenticated content is written into the memory of the embedded device. In the second phase, this content is verified. In the third step, a secure connection is established between the host and the embedded device. In the fourth step, the firmware is loaded into the embedded device using this secure connection. The firmware is encrypted as it is transferred from the host to the embedded device and is never accessible outside of the embedded device.
    Type: Grant
    Filed: November 20, 2018
    Date of Patent: December 8, 2020
    Assignee: Silicon Laboratories, Inc.
    Inventor: Joshua Jay Norem
  • Patent number: 10812252
    Abstract: In aspects of string matching in encrypted data, a computing device stores homomorphic encrypted data as a dataset, and implements a string matching application that receives an encrypted query string as a query of the homomorphic encrypted data. The string matching application can then apply algorithms to perform addition and multiplication operations, and determine whether there are matching strings of the encrypted query string in the dataset. The string matching application can compute, for each row of the dataset, a sum of some function of dataset bits and query bits for a row result, and multiply the row results of the computed rows to determine matching strings. Alternatively, the string matching application can compute, for each row of the dataset, a product over some function of the dataset bits and the query bits for a row result, and add the row results of the computed rows to determine matching strings.
    Type: Grant
    Filed: June 22, 2017
    Date of Patent: October 20, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kim Henry Martin Laine, Hao Chen, Gizem S. Cetin, Yuhou Xia, Peter B. Rindal, Kristin Estella Lauter
  • Patent number: 10742413
    Abstract: Embodiments of the present invention may provide the capability for performing public-key encryption with proofs of plaintext knowledge using a lattice-based scheme that provides improved efficiency over conventional techniques. For example, in an embodiment, a computer-implemented method of verifying encryption may comprise generating a ciphertext, derived from a plaintext, via an encryption scheme, proving validity of the ciphertext, wherein the proof includes at least one challenge value, and using a decryption procedure that recovers a plaintext by choosing at least one additional challenge value at random from a challenge space.
    Type: Grant
    Filed: April 25, 2017
    Date of Patent: August 11, 2020
    Assignee: International Business Machines Corporation
    Inventors: Vadim Lyubashevsky, Gregory Neven
  • Patent number: 10721064
    Abstract: Various embodiments relate to a key protocol exchange that provide a simple but still secure key exchange protocol. Security of key exchange protocols has many aspects; providing and proving all these properties gets harder with more complex protocols. These security properties may include: perfect forward secrecy; forward deniability; key compromise impersonation resistance; security against unknown key share attack; explicit or implicit authentication; key confirmation; protocol is (session-)key independent; key separation (different keys for encryption and MACing); extendable, e.g. against DOS attacks . . . (e.g. using cookies, . . . ); support of early messages; small communication footprint; and support of for public-key and/or password authentication.
    Type: Grant
    Filed: May 30, 2018
    Date of Patent: July 21, 2020
    Assignee: NXP B.V.
    Inventor: Bjorn Fay
  • Patent number: 10708978
    Abstract: Systems and methods that efficiently combine multiple wireless networks or devices resulting in faster, more reliable, and more secure mobile Internet. A Virtual Private Network (VPN) service application is operated to route outgoing and incoming data packets of a mobile device. The mobile device is (i) either coupled to a remote server through the VPN service application for data packets transfer between the remote server and the mobile device or (ii) performs cross-layer translation for data packets transfer between the mobile device and direct target hosts on the Internet. Concurrently using multiple channels secures data packets transfer by sending encrypted data packets over multiple channels and receiving the encrypted data packets by a single apparatus. Data packets are designated to be transferred via a Wi-Fi channel or a cellular channel, and then transferred using both the Wi-Fi channel and the cellular channel.
    Type: Grant
    Filed: December 31, 2018
    Date of Patent: July 7, 2020
    Assignee: SHOELACE WIRELESS, INC.
    Inventors: Minh Thoai Anh Le, James A. Mains
  • Patent number: 10687263
    Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a user equipment concurrently communicates with a source base station (BS) and a target BS on a connection with the source BS and a connection with the target BS as part of a make-before-break (MBB) handover procedure; and performs a common packet data convergence protocol (PDCP) function for the connection with the source BS and the connection with the target BS before the connection with the source BS is released as part of the MBB handover procedure. Numerous other aspects are provided.
    Type: Grant
    Filed: February 13, 2019
    Date of Patent: June 16, 2020
    Assignee: QUALCOMM Incorporated
    Inventors: Karthika Paladugu, Gavin Bernard Horn, Prashanth Haridas Hande, Keiichi Kubota, Prasad Reddy Kadiri, Alberto Rico Alvarino, Masato Kitazoe, Umesh Phuyal, Supratik Bhattacharjee
  • Patent number: 10685333
    Abstract: In one embodiment, a method for automatic inference of meeting attendance is provided. The method comprises sending a calendar request to a plurality of users that are invited to a meeting. The method further comprises receiving from each user of the plurality, a unique string identifying the user. The method further comprises generating a lookup table identifying the users of the plurality and their respective unique strings. The method further comprises receiving a first string broadcasted by a first user during the meeting. The method further comprises, responsive to determining that the broadcasted first string does not match one of the unique strings in the lookup table, performing an action to prevent the first user from receiving meeting content determined to be confidential.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: June 16, 2020
    Assignee: International Business Machines Corporation
    Inventors: Christopher J. Poole, Mark A. Woolley, Andrew Wright
  • Patent number: 10671747
    Abstract: A system and related methods for providing greater security and control over access to classified files and documents and other forms of sensitive information based upon a multi-user, multi-modality permission strategy centering on organizational structure, thereby making authentication strategy unpredictable so to significantly reduce the risk of exploitation. Based on the sensitivity or classification of the information being requested by a user, approvers are selected dynamically based on the work environment, e.g., mobility, use of the computing device seeking access, authentication factors under applicable environmental settings, access policy, and the like.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: June 2, 2020
    Inventors: Dipankar Dasgupta, Arunava Roy, Debasis Ghosh
  • Patent number: 10616213
    Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.
    Type: Grant
    Filed: January 8, 2019
    Date of Patent: April 7, 2020
    Assignee: Airbnb, Inc.
    Inventors: Ismail Cem Paya, Kevin Nguyen
  • Patent number: 10600506
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for creating source-specific, persistent patient identifiers for healthcare service providers. One method includes accessing a record of healthcare data, wherein the record includes patient identifying information (PII) associated with one or more persons to whom the healthcare data pertains. The portions of PII included in the accessed record of healthcare data are extracted from the accessed record and encrypted. Based on one or more business rules, one or more hashed tokens are created by applying one or more hashing functions to the extracted portions of PII. A source-specific identifier is received, the source-specific identifier having been encoded in a manner specific to an organization associated with the computer system and having been encoded with reference to the one or more hashed tokens. An association is stored between the source-specific identifier and the accessed record of healthcare data.
    Type: Grant
    Filed: May 13, 2015
    Date of Patent: March 24, 2020
    Assignee: IQVIA Inc.
    Inventors: Christopher Blum, Geoff Wall, John Giannouris
  • Patent number: 10599677
    Abstract: A computer-implemented method of a distributed database system includes generating a database index. The method includes mapping a first specified number of bits of the database index to a database key. The method includes mapping a second specified number of bits to a data object associated with the database key. The method includes storing the first specified number of bits of the database key in a dram memory. The method includes storing second specified number of bits with the data object in a solid-state device (SSD) storage.
    Type: Grant
    Filed: January 19, 2016
    Date of Patent: March 24, 2020
    Inventors: Brian J. Bulkowski, Andrew Gooding, Venkatachary Srinivasan
  • Patent number: 10594480
    Abstract: This invention establishes means and protocols to secure data, and practice online authentication, using large undisclosed amounts of randomness, replacing the algorithmic complexity paradigm. Computation is limited to basic primitives like transposition, and bit-flipping. Security is credibly appraised through combinatorics calculus, and this transfers the security responsibility to the user who determines how much randomness to use.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: March 17, 2020
    Inventor: Gideon Samid
  • Patent number: 10587585
    Abstract: Users desire a system that provides for the setting of custom, content-agnostic, permissions at a message, document, and/or sub-document-level through a communications network. Such a system may also allow the user to apply customized privacy settings and encryption keys differently to particular parts of a document. Customized encryption keys may be applied to particular parties (or groups of parties) to enhance the security of the permissions settings. In the case of structured document file types, dynamically-rendered content can present a challenge to accurately display to viewers, because one or more of the document's values referred to by the dynamically-rendered content may be encrypted or otherwise unavailable to the recipient—even though the dynamically-rendered content itself is viewable by the recipient.
    Type: Grant
    Filed: December 31, 2016
    Date of Patent: March 10, 2020
    Assignee: Entefy Inc.
    Inventor: Alston Ghafourifar
  • Patent number: RE48643
    Abstract: Using the same mathematical principle of paring with errors, which can be viewed as an extension of the idea of the LWE problem, this invention gives constructions of a new key exchanges system, a new key distribution system and a new identity-based encryption system. These new systems are efficient and have very strong security property including provable security and resistance to quantum computer attacks.
    Type: Grant
    Filed: November 8, 2019
    Date of Patent: July 13, 2021
    Inventor: Jintai Ding
  • Patent number: RE48644
    Abstract: Using the same mathematical principle of paring with errors, which can be viewed as an extension of the idea of the LWE problem, this invention gives constructions of a new key exchanges system, a new key distribution system and a new identity-based encryption system. These new systems are efficient and have very strong security property including provable security and resistance to quantum computer attacks.
    Type: Grant
    Filed: November 21, 2019
    Date of Patent: July 13, 2021
    Inventor: Jintai Ding