Nbs/des Algorithm Patents (Class 380/29)
-
Patent number: 12155751Abstract: A processor with a block cipher algorithm and a data encryption and decryption method operated by the processor are shown. The processor uses a register to store an input key pointer pointing to an input key. In response to one single block cipher instruction of an instruction set architecture (ISA), the processor obtains input data from a first system memory area, performs the block cipher algorithm on the input data based on the input key indicated by the input key pointer stored in the register to encrypt or decrypt the input data to generate output data, and stores the output data in a second system memory area, or an internal storage area within the processor.Type: GrantFiled: June 10, 2022Date of Patent: November 26, 2024Assignee: SHANGHAI ZHAOXIN SEMICONDUCTOR CO., LTD.Inventors: Zhenhua Huang, Yingbing Guan, Yanting Li
-
Patent number: 12113891Abstract: Methods, systems, and devices for encrypting and decrypting data. In one implementation, an encryption method includes inputting plaintext into a recurrent artificial neural network, identifying topological structures in patterns of activity in the recurrent artificial neural network, wherein the patterns of activity are responsive to the input of the plaintext, representing the identified topological structures in a binary sequence of length L and implementing a permutation of the set of all binary codewords of length L. The implemented permutation is a function from the set of binary codewords of length L to itself that is injective and surjective.Type: GrantFiled: January 30, 2023Date of Patent: October 8, 2024Assignee: INAIT SAInventors: Kathryn Hess Bellwald, Henry Markram
-
Patent number: 12111774Abstract: A computing system uses AES-XTS encryption to encrypt data of a first part of first data stream using a tweak key, a data key, an initial tweak value, in a first encryption session, store the encrypted first part, then encrypts a second part of the first data stream in a second encryption session commenced after the termination of the first encryption session; and store the encrypted second part in the encrypted data store. The second part of the first data stream is encrypted using a modified tweak value computed based on the initial tweak value, the tweak key, and a block index of a last cipher block of the first part of the first data stream.Type: GrantFiled: May 25, 2022Date of Patent: October 8, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Yevgeny Yankilevich, Vadim Makhervaks, Robert Groza, Jr., Yi Yuan, Oren Ish-Am
-
Patent number: 11849024Abstract: A device is suggested for processing input data including a hardware accelerator generating a first hash value based on a first portion of the input data and a second hash value based on a second portion of the input data, wherein the first hash value is generated based on a first configuration of the hardware accelerator and wherein the second hash value is generated based on a second configuration of the hardware accelerator. Also, a method for operating such device is provided.Type: GrantFiled: July 25, 2022Date of Patent: December 19, 2023Assignee: Infineon Technologies AGInventors: Alexander Zeh, Laurent Heidt, Stefan Koeck
-
Patent number: 11843701Abstract: A non-transitory computer-readable recording medium stores a generation program for causing a computer to execute a process including: dividing a target content into a plurality of blocks so that head information of the target content is distributed to the blocks different from each other, according to a predetermined rule; generating a hash value corresponding to each of the plurality of divided blocks; generating an aggregation hash value by aggregating the generated hash values; and outputting the generated aggregation hash value.Type: GrantFiled: June 3, 2021Date of Patent: December 12, 2023Assignee: Fujitsu LimitedInventor: Fumihiko Kozakura
-
Patent number: 11843689Abstract: Embodiments of present disclosure relates to and systems to reduce propagation delays in hardware implementation of 3GPP confidentiality or standardized algorithm 128-EEA3 and 3GPP integrity algorithm 128-EIA3 using ZUC module. The reduction of the propagation delays is achieved by improving or optimizing secondary critical paths, which are subsequent to primary critical path, related to the 3GPP confidentiality or standardized algorithm 128-EEA3 and the 3GPP integrity algorithm 128-EIA3. Non-conventional modifications in the hardware implementation are proposed for the improvement or optimization.Type: GrantFiled: June 9, 2022Date of Patent: December 12, 2023Assignee: Samsung Electronics Co., Ltd.Inventors: Akshay Karkal Kamath, Sachin Kashyap, Subramanian Parameswaran, Sunil Aggarwal, Tarun Rajendra Mittal
-
Patent number: 11824641Abstract: The invention relates to a method for determining an access right to a service, the method comprises: receiving a service request, generating at least one token, the at least one token being broadcast by at least one beacon device; receiving a message comprising at least data interpretable as a token, data from which the at least one beacon device is identifiable and data from which a position of the terminal device is derivable. By applying the received pieces of data it is possible to determine if an access to the service may be granted to the terminal device. The invention also relates to a network controller, a communication system and a computer program product.Type: GrantFiled: October 2, 2020Date of Patent: November 21, 2023Assignee: TELIA COMPANY ABInventor: Michael Huber
-
Patent number: 11632233Abstract: A method of generating a cryptographic algorithm according to one embodiment of the present disclosure includes generating one or more key tables on the basis of a seed value; generating a first transformation function that converts an input bit string, which is input to one of input branches of a Feistel structure, into a first random bit string having a length that extends beyond a length of the input bit string; generating a second transformation function that converts a second random bit string generated by referencing the one or more key tables into a third random bit string having a length that is the same as the length of the input bit string; and generating a block cryptographic algorithm of a Feistel structure which includes a round function to which the one or more key tables, the first transformation function, and the second transformation function are applied.Type: GrantFiled: October 25, 2019Date of Patent: April 18, 2023Assignees: SAMSUNG SDS CO., LTD., Korea Advanced Institute of Science and TechnologyInventors: Duk-Jae Moon, Kyu-Young Choi, Joo-Young Lee
-
Patent number: 11632234Abstract: A method of generating a cryptographic algorithm includes generating at least one key table on the basis of a seed value; generating, by using a round tweak bit string and an input bit string that is input to one of input branches of a Feistel structure, a first transformation function converting the input bit string into a first random bit string having a length that extends beyond a length of the input bit string, generating a second transformation function converting a second random bit string generated by referencing the one or more key tables into a third random bit string having a length that is the same as the length of the input bit string, and generating a block cryptographic algorithm of a Feistel structure which includes a round function to which the one or more key tables, the first transformation function, and the second transformation function are applied.Type: GrantFiled: October 25, 2019Date of Patent: April 18, 2023Assignees: SAMSUNG SDS CO., LTD., Korea Advanced Institute of Science and TechnologyInventors: Duk-Jae Moon, Kyu-Young Choi, Joo-Young Lee
-
Patent number: 11569978Abstract: Methods, systems, and devices for encrypting and decrypting data. In one implementation, an encryption method includes inputting plaintext into a recurrent artificial neural network, identifying topological structures in patterns of activity in the recurrent artificial neural network, wherein the patterns of activity are responsive to the input of the plaintext, representing the identified topological structures in a binary sequence of length L and implementing a permutation of the set of all binary codewords of length L. The implemented permutation is a function from the set of binary codewords of length L to itself that is injective and surjective.Type: GrantFiled: March 18, 2019Date of Patent: January 31, 2023Assignee: INAIT SAInventors: Kathryn Hess, Henry Markram
-
Patent number: 11558371Abstract: Authentication processing is provided which includes generating an authentication parameter as a function of a time-dependent input using a predetermined transformation having an inverse transformation. Multiple authentication modes are supported, with a bit-length of the time-dependent input of one authentication mode being different from a bit-length of the time-dependent input of another authentication mode. Generating the authentication parameter is dependent, in part, on whether the time-dependent input is of the one authentication mode or the other authentication mode, and includes performing multiple rounds of transformation of the time-dependent input. A time-dependent password including a character string is generated from the authentication parameter using another predetermined transformation having another inverse transformation. The time-dependent password is forwarded within the authentication system for authentication by an authenticator.Type: GrantFiled: February 11, 2022Date of Patent: January 17, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ross David Cooper, Michael Onghena
-
Patent number: 11523156Abstract: A method for distributing an audiovisual content to a terminal is disclosed. The content is received by the terminal in the form of a succession of consecutive segments, each segment being distributed to the terminal following a transmission of a request by the terminal and being obtained by an application of a workflow to a portion of the content.Type: GrantFiled: December 20, 2019Date of Patent: December 6, 2022Assignee: QUORTEXInventors: Thierry Trolez, Marc Baillavoine, Julien Villeret, Jérôme Vieron
-
Patent number: 11469882Abstract: A receiver apparatus and method for optimized decryption and despreading of a very low frequency (VLF) bitstream is disclosed. In embodiments, the receiver includes antenna elements for receiving a transmission security (TRANSEC) encoded bitstream associated with an uncertainty window size and a spread factor. The receiver includes cryptographic processors that, when the spread factor is sufficiently large, select key section numbers A and data section numbers B based on the window size and spread factor. The cryptographic processors generate an output sequence of correlation windows, each correlation window associated with a symbol of the bitstream, via pipelined sectional mirrored-key convolution based on a key section number A and data section number B chosen to optimize performance (e.g., processor performance, memory performance).Type: GrantFiled: April 8, 2021Date of Patent: October 11, 2022Assignee: Rockwell Collins, Inc.Inventors: Stephen A. Ganje, Christopher M. Trebisovsky
-
Patent number: 11398897Abstract: A device is suggested for processing input data including a hardware accelerator generating a first hash value based on a first portion of the input data and a second hash value based on a second portion of the input data, wherein the first hash value is generated based on a first configuration of the hardware accelerator and wherein the second hash value is generated based on a second configuration of the hardware accelerator. Also, a method for operating such device is provided.Type: GrantFiled: September 30, 2020Date of Patent: July 26, 2022Inventors: Alexander Zeh, Laurent Heidt, Stefan Koeck
-
Patent number: 11354427Abstract: The present invention relates to an encrypting/decrypting method for a multi-digit number and an encrypting/decrypting server.Type: GrantFiled: January 17, 2018Date of Patent: June 7, 2022Assignee: WELAB INFORMATION TECHNOLOGY (SHENZHEN) LIMITEDInventors: Rongcun Huang, Hanquan Liang, Hui Yang
-
Patent number: 11340798Abstract: A method includes receiving, by a first microprocessor, a request of modification of a content of a first memory of the first microprocessor, the first memory being accessible only by the first microprocessor. The method includes accessing, by the first microprocessor, first data associated with the request and a signature generated from the first data with an asymmetric cipher algorithm. The first data and the signature are available in a second memory of a second microprocessor, and the first data is representative of a modification to be applied to the content of the first memory. The modification is representative of a modification of a set of services exposed by the first microprocessor. The method includes verifying, by the first microprocessor, authenticity of the first data based on the signature; and modifying the content of the first memory according to the first data, the modifying being conditioned by the verifying.Type: GrantFiled: June 11, 2020Date of Patent: May 24, 2022Assignees: STMICROELECTRONICS (GRAND OUEST) SAS, STMICROELECTRONICS (ROUSSET) SASInventors: William Orlando, Julien Couvrand, Pierre Guillemin
-
Patent number: 11335213Abstract: The disclosure discloses a method and apparatus for encrypting data, and a method and apparatus for decrypting data. The method for encrypting data includes: acquiring a to-be-encrypted data block; executing a first encryption on the to-be-encrypted data block to obtain a data ciphertext; executing a hash operation on the to-be-encrypted data block to obtain an index key; designating a last ciphertext block as a first target ciphertext block, and decrypting the first target ciphertext block to acquire an index value of the first target ciphertext block; executing a preset operation on the index value of the first target ciphertext block to obtain the index value of the to-be-encrypted data block, and executing a second encryption on the index value of the to-be-encrypted data block based on the index key to generate an index ciphertext; and combining the data ciphertext and the index ciphertext to generate a ciphertext block.Type: GrantFiled: September 18, 2020Date of Patent: May 17, 2022Assignee: APOLLO INTELLIGENT DRIVING (BEIJING) TECHNOLOGY CO., LTD.Inventors: Yuepeng Liu, Peng Yun
-
Patent number: 11336425Abstract: Digital n-state switching devices are characterized by n-state switching tables with n greater than 4. N-state switching tables are transformed by a Finite Lab-transform (FLT) into an FLTed n-state switching table. Memory devices, processors and combinational circuits with inputs and an output are characterized by an FLTed n-state switching table and perform switching operations between physical states in accordance with an FLTed n-state switching table. The devices characterized by FLTed n-state switching tables are applied in cryptographic devices. The cryptographic devices perform standard cryptographic operations or methods that are modified in accordance with an FLT. One or more standard cryptographic methods are specified in Federal Information Processing Standard (FIPS) Publications. Security is improved by at least a factor n2.Type: GrantFiled: December 17, 2019Date of Patent: May 17, 2022Assignee: Ternarylogic LLCInventor: Peter Lablans
-
Patent number: 11323239Abstract: A system and method for determining whether a cryptographic system is being observed for power consumption analysis in an attempt to decipher secret keys. The system comprises a first external connection to receive an input voltage, an internal voltage regulator with an external capacitor to produce the desired voltage for the cryptographic system. The internal voltage regulator typically includes a switch that passes current from the first external connection to the external capacitor. By monitoring the frequency at which the switch is activated, it is possible to detect that an external voltage is being applied to the external capacitor. This external voltage is typically used to perform SPA or DPA operations. Thus, the cryptographic system may cease performing any encryption or decryption operations if an external voltage is detected.Type: GrantFiled: August 20, 2020Date of Patent: May 3, 2022Assignee: Silicon Laboratories Inc.Inventor: Dewitt Clinton Seward, IV
-
Patent number: 11315013Abstract: Techniques are provided for implementing a parameter server within a networking infrastructure of a computing system to reduce the communication bandwidth and latency for performing communication synchronization operations of the parameter server. For example, a method includes executing a distributed deep learning (DL) model training process to train model parameters of a DL model using a plurality of worker nodes executing on one or more server nodes of a computing system, and executing a parameter server within a networking infrastructure of the computing system to aggregate local model parameters computed by the plurality of worker nodes and to distribute aggregated model parameters to the plurality of worker nodes using the networking infrastructure of the computing system.Type: GrantFiled: April 23, 2018Date of Patent: April 26, 2022Assignee: EMC IP Holding Company LLCInventors: Dragan Savic, Junping Zhao
-
Patent number: 11294676Abstract: Memory access circuitry enforces ownership rights for memory regions. A given memory region is associated with an owner realm specified from multiple realms, each realm corresponding to a portion of at least one software process executed by processing circuitry. In response to a first variant of an exception return instruction the processing circuitry returns from processing of an exception while staying within the same realm. In response to a second variant of the exception return instruction the processing circuitry switches processing from a current realm to a destination realm.Type: GrantFiled: June 8, 2018Date of Patent: April 5, 2022Assignee: Arm LimitedInventors: Matthew Lucien Evans, Jason Parker, Gareth Rhys Stockwell, Martin Weidmann
-
Patent number: 11265146Abstract: An electronic apparatus for managing data based on a block chain and a method therefor are provided. The electronic apparatus includes a communication interface, a memory, and a processor to receive a request for accessing data from an authenticated user, generate first block information regarding the request by including information on the request and at least one second block information related to the request from among a plurality of second block information stored in the memory, transmit the generated first block information to at least one of a plurality of external apparatuses constituting a block chain, and update the plurality of second block information stored in the memory based on the generated first block information. The plurality of second block information includes information on a block regarding a latest access history by category among a plurality of blocks included in block chain data shared by the plurality of external apparatuses.Type: GrantFiled: April 30, 2019Date of Patent: March 1, 2022Assignee: Samsung Electronics Co., Ltd.Inventors: Sangbok Han, Hyuncheol Park, Sangmin Kim, Seonjae Kim, Donghyun Lee, Changhoon Lee, Isak Choi, Kyungwan Han
-
Patent number: 11223692Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing service execution. One of the methods includes receiving a service request sent by a user by a service device. The service device determines a service execution policy that matches the service request based on a predetermined data analysis model and the service request by performing data analysis on a first-type blockchain transaction in a blockchain of each first-type blockchain network of at least two first-type blockchain networks. A service is executed by the service device for the service request based on the service execution policy.Type: GrantFiled: January 25, 2021Date of Patent: January 11, 2022Assignee: Advanced New Technologies Co., Ltd.Inventor: Xinying Yang
-
Patent number: 11218292Abstract: A method for secure transmission of a data stream between at least one sender and at least one recipient comprises packetizing the data stream into a plurality of data packets of data bits. Each data packet is split into at least two subpackets and the subpackets are encrypted with a one-time pad stored at the sender. The encrypted subpackets are transmitted to the receiver by transmitting one of the two encrypted subpackets over a first transmission path and transmitting another one of the two encrypted subpackets over a second transmission path wherein the first transmission path is different from the second transmission path. At the receiver, the encrypted subpackets are decrypted using an identical copy of the one-time pad stored at the receiver and the information of the data packet is restored from the at least two subpackets. Furthermore, a system for secure transmission is provided.Type: GrantFiled: September 5, 2017Date of Patent: January 4, 2022Assignee: Multitiv GmbHInventors: Mohammad Shefaat, Vladimir Beliavski, Tatjana Carle
-
Patent number: 11200348Abstract: A side-channel attack resistant circuit topology for performing logic functions. This topology includes combinatorial logic to perform the at least one logic function. A logic input selector alternately supplies, in response to a first timing reference signal, an input to the combinatorial logic with noise generating input values and valid input values. A first latch input selector alternately supplies, in response to the first timing reference signal, a first memory element input with noise generating input values and valid logic output values. The valid logic output values are received from the combinatorial logic. A first memory element latches the valid logic output values in response to a second timing reference signal.Type: GrantFiled: October 24, 2019Date of Patent: December 14, 2021Assignee: Cryptography Research, Inc.Inventors: Roberto Rivoir, Elke De Mulder, Jean-Michel Cioranesco
-
Patent number: 11177936Abstract: A message authenticator generation apparatus (10) generates a message authenticator using a block cipher E having a block size n. A hash function unit (21) calculates a hash value w with a hash function h having an output length longer than n bits, taking as input a message M. A post-processing unit (22) performs calculations using the block cipher E on the hash value w calculated by the hash function unit (21), so as to calculate a message authenticator T not larger than the block size n for the message M.Type: GrantFiled: February 22, 2017Date of Patent: November 16, 2021Assignee: MITSUBISHI ELECTRIC CORPORATIONInventor: Yusuke Naito
-
Patent number: 11163469Abstract: Provided is a data management system capable of properly managing data to undergo masking processing in the secondary use of data. This data storage management system is equipped with a storage unit which stores masked data of real data at a first point in time, and a data control unit which extracts data of a storage area that has not been masked from update data based on first information representing a masked storage area in the masked data and second information representing a masked storage area in the masked data of update data, which is data obtained by updating the real data from the first point in time to a second point in time, extracts data of the masked storage area, from which the same masked data has been removed, from the masked data of the update data, and generates the extracted data as difference data.Type: GrantFiled: September 10, 2019Date of Patent: November 2, 2021Assignee: HITACHI, LTD.Inventors: Kazuhiko Mizuno, Tsuyoshi Tanaka, Yohsuke Ishii
-
Patent number: 11159940Abstract: A method for mutual authentication between user equipment and a communications network. The network includes a mobility management entity and a home subscriber server. The method, implemented by the user equipment, includes: receiving an authentication challenge having an token based on a first index and a first authentication message calculated by the home subscriber server and based on a first sequence number; checking that a condition of a set is true, the set including: the first sequence number is the same as a second sequence number stored in the user equipment, and the first sequence number is the same as a preceding value of the second sequence number and the first index is higher than a second index stored in the client equipment; and calculating and sending, when a condition is true, an authentication result and an authentication message, based on the preceding value of the second sequence number.Type: GrantFiled: October 2, 2017Date of Patent: October 26, 2021Assignee: ORANGEInventors: Benjamin Richard, Todor Gamishev, Gilles Macario-Rat
-
Patent number: 11108552Abstract: Plaintext data is encrypted and decrypted using a symmetric encryption algorithm that generates a sequence of pseudorandom values from a cryptographic key. A portion of the sequence of pseudorandom values is discarded. For example, in an embodiment, each value in the sequence of pseudorandom values is truncated by a number of bits. Encryption and decryption is performed by combining plaintext or ciphertext with the truncated sequence of pseudorandom values. In an embodiment, the combination is made by performing a bitwise exclusive or operation between the truncated pseudorandom values and the plaintext or ciphertext. In an embodiment, a number of bits discarded from each value is encoded into a message authentication code which is provided with any resulting ciphertext.Type: GrantFiled: May 2, 2018Date of Patent: August 31, 2021Assignee: Amazon Technologies, Inc.Inventors: Shay Gueron, Matthew John Campagna
-
Patent number: 11093213Abstract: Operational n-state digital gates execute Finite Lab-transformed (FLT) n-state switching functions or n-state switching function tables to process n-state signals provided on at least 2 inputs to generate an n-state signal on an output, with n>2, n>3 and n>64. The FLT is an enhancement of a computer architecture. Cryptographic apparatus and methods apply circuits that are characterized by FLT-ed addition and multiplication over finite field GF(n) or by addition and multiplication modulo-n that are modified in accordance with reversible n-state inverters, and are no longer characterized by known operations. Known cryptographic methods executed with novel n-state digital gates include encryption/decryption, public key generation, message digest and Elliptic Curve Cryptography wherein one n-state switching function is replaced by an FLT'ed n-state switching function.Type: GrantFiled: October 26, 2018Date of Patent: August 17, 2021Assignee: Ternarylogic LLCInventor: Peter Lablans
-
Patent number: 11030278Abstract: A novel code signing system, computer readable media, and method are provided. The code signing method includes receiving a code signing request from a requestor in order to gain access to one or more specific application programming interfaces (APIs). A digital signature is provided to the requestor. The digital signature indicates authorization by a code signing authority for code of the requestor to access the one or more specific APIs. In one example, the digital signature is provided by the code signing authority or a delegate thereof. In another example, the code signing request may include one or more of the following: code, an application, a hash of an application, an abridged version of the application, a transformed version of an application, a command, a command argument, and a library.Type: GrantFiled: August 16, 2019Date of Patent: June 8, 2021Assignee: BlackBerry LimitedInventors: David Paul Yach, Herbert Anthony Little, Michael Stephen Brown
-
Patent number: 11023567Abstract: Presented are software intellectual property (IP) protection systems and methods that prevent potential attackers as well as customers from having access to plain text versions of both library source code and binary code. Potential attackers are prevented from reusing the software on other platforms. The protection mechanism does not impact the functionality or the performance of the library itself and does not interfere with existing software update mechanisms or application developer tools, such as Joint Test Action Group (JTAG).Type: GrantFiled: July 18, 2018Date of Patent: June 1, 2021Assignee: Maxim Integrated Products, Inc.Inventors: Yann Yves Rene Loisel, Frank Lhermet, Stephane Di Vito, Vincent Albanese
-
Patent number: 11017393Abstract: Embodiments of the invention are directed to passing a plurality of communications directly from a merchant to a payment processing network. A first communication may include payment information in an authorization request, while a second transaction may include non-payment transaction data. The communications may be linked with a transaction identifier. In other embodiments, a capture file process is disclosed where capture files are generated by the payment processing network, and transactions are subsequently cleared and settled.Type: GrantFiled: April 20, 2018Date of Patent: May 25, 2021Assignee: Visa International Service AssociationInventors: Phil Kumnick, Krishna Koganti, Davidson Wuichet, Lloyd Cato, Jeffrey Kusheba
-
Patent number: 10997272Abstract: A method of manufacturing an apparatus and a method of constructing an integrated circuit are provided. The method of manufacturing an apparatus includes forming the apparatus on a wafer or a package with at least one other apparatus, wherein the apparatus comprises a polynomial generator, a first matrix generator, a second matrix generator, a third matrix generator, and a convolution generator; and testing the apparatus, wherein testing the apparatus comprises testing the apparatus using one or more electrical to optical converters, one or more optical splitters that split an optical signal into two or more optical signals, and one or more optical to electrical converters.Type: GrantFiled: July 2, 2019Date of Patent: May 4, 2021Inventors: Weiran Deng, Zhengping Ji
-
Patent number: 10984420Abstract: A transaction system performs a transaction for a purchase of goods or services. Information about a purchase of goods or services is displayed on a display of a transaction device. The transaction device receives from a user, primary identification data which comprises biometric data that identifies the user. The transaction device receives from the user, secondary identification data which identifies the user. The secondary identification data is in addition to the primary identification data, and the secondary identification is of a different type than the primary identification data. A primary biometric identification parameters database is accessed to verify identification of the user. A secondary identification parameters database is accessed to confirm identification of the user.Type: GrantFiled: March 15, 2017Date of Patent: April 20, 2021Inventors: Sujay Abhay Phadke, Binata Abhay Phadke
-
Patent number: 10972268Abstract: A Cryptographic Unit (CU) of a microcontroller, the CU including a first accelerator configured to generate first encrypted output data based on input data; and a second accelerator which is configured to be diversely implemented with respect to the first accelerator, and is configured to generate second encrypted output data based on the input data; and a comparator configured to compare a first comparator data obtained from the generation of the first encrypted output data with a second comparator data obtained from the generation of the second encrypted output data, and if the comparison indicates that the first and second comparator data differ, output an event signal pertaining to an event in a safety domain or a security domain.Type: GrantFiled: September 18, 2018Date of Patent: April 6, 2021Assignee: Infineon Technologies AGInventors: Alexander Zeh, Viola Rieger
-
Patent number: 10944544Abstract: A method and apparatus for reducing a variable number of pre-key bits to a fix key size is disclosed. The resulting key is used with a symmetric block cipher to descramble content. By being able to directly adapt a large and variable number of bits, it is possible to use cryptographic algorithms that were not thought possible, such as the output of modem public key and hashing functions, in order to create a key to directly use with a symmetric block cipher. Some or all of the pre-key bits may be used in the creation of the key.Type: GrantFiled: November 7, 2018Date of Patent: March 9, 2021Assignee: Sony CorporationInventor: Brant Candelore
-
Patent number: 10943020Abstract: A system includes at least two buses including a first bus and a second bus, an encryption and decryption system corresponding to each bus, at least one signal processing module corresponding to each bus, and a bus converter coupled between the first bus and the second bus. According to the system provided in embodiments of the present invention, because data transmitted on a bus is encrypted data, even though an attacker obtains bus data by means of a probe attack, it is quite difficult to break a key, and an anti-attack capability of the system can be improved.Type: GrantFiled: August 24, 2018Date of Patent: March 9, 2021Assignee: Huawei Technologies Co., Ltd.Inventors: Cui Hu, ZhuFeng Tan, Shaojie Sun
-
Patent number: 10936703Abstract: A method for compiling a matrix-product program into an obfuscated-matrix-product program includes receiving a plurality of matrices that form the matrix-product program, randomly generating a set of independent and invertible tensor-product matrices, randomly generating a set of independent and invertible linear-transform matrices, and generating a dynamic-fence-generation gadget by processing at least one of the plurality of matrices, the set of tensor-product matrices and the set of linear-transform matrices. The dynamic-fence-generation gadget is an obfuscated version of computer program represented by the plurality of matrices.Type: GrantFiled: August 2, 2018Date of Patent: March 2, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Craig Broadwell Gentry, Charanjit Singh Jutla
-
Patent number: 10931658Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: GrantFiled: August 6, 2019Date of Patent: February 23, 2021Assignee: Jonetix CorporationInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 10903995Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: May 16, 2019Date of Patent: January 26, 2021Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 10896267Abstract: Examples relate to Input/Output (I/O) data encryption and decryption. In an example, an encryption/decryption engine on an Integrated Circuit (IC) of a computing device obtains at least one plaintext data. Some examples determine, by the encryption/decryption engine, whether the at least one plaintext data is to be sent to a memory in the computing device or to an I/O device. Some examples apply, when the at least one plaintext data is to be sent to the I/O device and by the encryption/decryption engine, an encryption primitive of a block cipher encryption algorithm to the at least one plaintext data to create output encrypted data, wherein an initialization vector that comprises a random number is applied to the encryption primitive.Type: GrantFiled: January 31, 2017Date of Patent: January 19, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Pratyusa K Manadhata, Christopher L. Dalton, Adrian Shaw, Stuart Haber
-
Patent number: 10860997Abstract: A secure point-of-sale (POS) portal architecture for delivering multiple services is provided. According to one exemplary aspect of the architecture, a number of services offered by various parties are integrated for delivery to merchants. The parties offering the services include, for example, payment processors and merchant acquirers and other external value-added service providers. The integrated services, in turn, are offered to merchants and/or their respective customers via one or more POS devices and its supporting system infrastructure at the merchant locations. The integrated services include, for example, acceptance of multiple payment instruments, payment processing, user dialog management, sales promotion and customer support, loyalty programs, back office processing, receipt capture, employee training, risk management, dispute resolution, system security, system administration etc.Type: GrantFiled: January 11, 2016Date of Patent: December 8, 2020Assignee: Visa U.S.A. Inc.Inventors: Eric Redmond, Jean Huang, Pete Heisinger
-
Patent number: 10834649Abstract: The present disclosure relates to a method, in a mobility function (MF) node. The method comprises receiving (S1) information about a mapping to a property, of each of a plurality of radio bearers of a radio device for carrying data traffic between the radio device and a first radio access network (RAN). The method also comprises determining (S2) based on the received (S1) information, that at least one of the radio bearers can be handed over to a second RAN. The method also comprises initiating (S3) a handover command to the radio device instructing the radio device to hand over the at least one radio bearer to the second RAN.Type: GrantFiled: May 28, 2014Date of Patent: November 10, 2020Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Dinand Roeland, Stefan Rommer, Mattias Bergström, Oumer Teyeb
-
Patent number: 10819502Abstract: The present invention relates to a method for symmetrical encryption or decryption of a data block from a secret key (K), the method comprising steps of: permutation (100) of at least one portion of the secret key (K) by means of a first permutation table (PC1?) so as to produce initial data, execution of several iterations, an iteration comprising steps of: rotation (102) of data dependent on the initial data so as to produce shifted data, permutation (104) of the shifted data by means of a second permutation table (PC2?) so as to produce a round key, execution of a plurality of encryption rounds (200) from the data block, an encryption round (200) using one of the round keys, generation of at least one of the permutation tables (PC1?, PC2?), the generation comprising determination of at least one function (F, G) variable from one encryption or decryption to another, composition of said function (F, G) with a predetermined permutation table (PC1, PC2), application of the inverse of said function (F,Type: GrantFiled: September 26, 2017Date of Patent: October 27, 2020Assignee: IDEMIA IDENTITY & SECURITY FRANCEInventors: Houssem Maghrebi, Guillaume Dabosville, Emmanuel Prouff
-
Patent number: 10810314Abstract: Embodiments for a database connector are disclosed. The database connector can encrypt data from an application before storing the data in the database using attribute-based encryption (ABE). The database connector can also decrypt data retrieved from the database using an ABE private key before sending the data to the application. The database connector can generate a logical attribute statement for encryption of data from the application based on attributes, logical relations, and/or relational operators received from the application, directly from a user, or imbedded within rules governing logical attribute statement genesis.Type: GrantFiled: December 22, 2017Date of Patent: October 20, 2020Inventors: Ryan C. Marotz, Barry A. Trent
-
Patent number: 10756892Abstract: Methods and apparatus, including computer program products, are provided for securing data in a multi-tenant cloud-based system. In some implementations, there is provided a method. The method may include requesting access to at least one encrypted data element; obtaining, in response to the requesting, a long bit stream assigned to a client associated with the requested access; generating a key to decrypt the at least one data element, the key generated by selecting, based on a permutation, portions of the long bit stream; and decrypting, based on the generated key, the at least one data element. Related systems, methods, and articles of manufacture are also disclosed.Type: GrantFiled: February 9, 2017Date of Patent: August 25, 2020Assignee: SAP SEInventor: Vipul Gupta
-
Patent number: 10742405Abstract: System and methods for generating round keys for a cryptographic operation are disclosed. The systems and method can use logic circuits that are operable to: obtain first inputs and second inputs; perform a bit-mixer operation on each of the first inputs and the second inputs; and generate round keys based on the performing the bit-mixer operation. The first inputs include a plurality of equal sized subkeys from a key material that is divided into a plurality of equal sized key material sub-blocks, a cipher key and the second inputs include a random input, one or more previous round keys, a round number. The cryptographic operation includes a cipher, a hash function, or a stream generator. The bit-mixer operation includes an exclusive-OR (XOR) tree, a substitution-permutation network, or a double-mix Feistel network, or a Rotate-Add-XOR (RAX) construction.Type: GrantFiled: December 16, 2016Date of Patent: August 11, 2020Assignee: THE BOEING COMPANYInventor: Laszlo Hars
-
Patent number: 10742419Abstract: A method for validating an interaction is disclosed. A first interaction cryptogram can be generated by a first device using information about a first party to the interaction and a second party to the interaction. A second interaction cryptogram can be generated by a second device also using information about the first party to the interaction and the second party to the interaction. Verifying each cryptogram can validate that the interaction details have not been changed, and that both the first party and second party legitimately authorized the interaction.Type: GrantFiled: March 10, 2017Date of Patent: August 11, 2020Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Phillip Lavender, Vikram Modi, Glenn Leon Powell
-
Patent number: 10721067Abstract: A CPU package includes an encryption and decryption module disposed in a communication path between an instruction path of a processor core and a data register that is externally accessible through a debug port, and a key store accessible to the module. The module is configured to encrypt and store data in the data register for each of a plurality of processes being handled in the instruction path, wherein data owned by each process is encrypted and decrypted by the module using an encryption key assigned to the process. The key store is configured to store the encryption key assigned to each of a plurality of processes, wherein the key store is inaccessible outside the CPU package. The data is only decrypted for a requesting process having a process identifier that matches the process identifier stored in the processor data structure along with the requested data.Type: GrantFiled: August 10, 2016Date of Patent: July 21, 2020Assignee: LENOVO ENTERPRISE SOLUTIONS (SINGAPORE) PTE. LTD.Inventors: Fred A. Bower, III, William G. Holland, Scott Kelso, Christopher L. Wood