Nbs/des Algorithm Patents (Class 380/29)
  • Patent number: 10756892
    Abstract: Methods and apparatus, including computer program products, are provided for securing data in a multi-tenant cloud-based system. In some implementations, there is provided a method. The method may include requesting access to at least one encrypted data element; obtaining, in response to the requesting, a long bit stream assigned to a client associated with the requested access; generating a key to decrypt the at least one data element, the key generated by selecting, based on a permutation, portions of the long bit stream; and decrypting, based on the generated key, the at least one data element. Related systems, methods, and articles of manufacture are also disclosed.
    Type: Grant
    Filed: February 9, 2017
    Date of Patent: August 25, 2020
    Assignee: SAP SE
    Inventor: Vipul Gupta
  • Patent number: 10742405
    Abstract: System and methods for generating round keys for a cryptographic operation are disclosed. The systems and method can use logic circuits that are operable to: obtain first inputs and second inputs; perform a bit-mixer operation on each of the first inputs and the second inputs; and generate round keys based on the performing the bit-mixer operation. The first inputs include a plurality of equal sized subkeys from a key material that is divided into a plurality of equal sized key material sub-blocks, a cipher key and the second inputs include a random input, one or more previous round keys, a round number. The cryptographic operation includes a cipher, a hash function, or a stream generator. The bit-mixer operation includes an exclusive-OR (XOR) tree, a substitution-permutation network, or a double-mix Feistel network, or a Rotate-Add-XOR (RAX) construction.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: August 11, 2020
    Assignee: THE BOEING COMPANY
    Inventor: Laszlo Hars
  • Patent number: 10742419
    Abstract: A method for validating an interaction is disclosed. A first interaction cryptogram can be generated by a first device using information about a first party to the interaction and a second party to the interaction. A second interaction cryptogram can be generated by a second device also using information about the first party to the interaction and the second party to the interaction. Verifying each cryptogram can validate that the interaction details have not been changed, and that both the first party and second party legitimately authorized the interaction.
    Type: Grant
    Filed: March 10, 2017
    Date of Patent: August 11, 2020
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Phillip Lavender, Vikram Modi, Glenn Leon Powell
  • Patent number: 10721067
    Abstract: A CPU package includes an encryption and decryption module disposed in a communication path between an instruction path of a processor core and a data register that is externally accessible through a debug port, and a key store accessible to the module. The module is configured to encrypt and store data in the data register for each of a plurality of processes being handled in the instruction path, wherein data owned by each process is encrypted and decrypted by the module using an encryption key assigned to the process. The key store is configured to store the encryption key assigned to each of a plurality of processes, wherein the key store is inaccessible outside the CPU package. The data is only decrypted for a requesting process having a process identifier that matches the process identifier stored in the processor data structure along with the requested data.
    Type: Grant
    Filed: August 10, 2016
    Date of Patent: July 21, 2020
    Assignee: LENOVO ENTERPRISE SOLUTIONS (SINGAPORE) PTE. LTD.
    Inventors: Fred A. Bower, III, William G. Holland, Scott Kelso, Christopher L. Wood
  • Patent number: 10706159
    Abstract: Technologies for dynamically protecting memory of the mobile compute device include a main memory, a location sensor that produces sensor data indicative of a present location of the mobile compute device, a sensor hub communicatively coupled to the location sensor, and a security engine communicatively coupled to the sensor hub. The sensor hub determines a present location security zone of the mobile compute device based on the present location of the mobile compute device and a geofence policy, which maps locations to location security zones. The security engine encrypts the main memory of the mobile compute device and determines whether the present location security zone has changed relative to a most-previous location security zone of the mobile compute device. If the present location security zone has changed to a safe zone, the security engine decrypts the main memory.
    Type: Grant
    Filed: June 14, 2017
    Date of Patent: July 7, 2020
    Assignee: Intel Corporation
    Inventors: Siddhartha Chhabra, Prashant Dewan
  • Patent number: 10686764
    Abstract: The disclosure provides for two or more devices that securitize transmission(s) transmitted to and received from these devices comprising at least one executable coded cipher key(s), at least one executable coded encryption key (ECEK) device that encrypts transmission(s) that uses executable cipher coded key(s), and at least one executable coded decryption key (ECDK) device that decrypts transmission(s) and that also uses at least one executable coded cipher key(s), such that transmission(s) are sent to an encrypter/decrypter memory that stores transmission(s) while the transmission(s) is encrypted and/or decrypted. When encryption/decryption is completed, the transmission(s) is sent to at least one transmitter such that encryption/decryption of the transmission(s) is controlled and manipulated by the executable coded cipher key(s), wherein the executable coded cipher key(s) remain in the computer memory long enough to achieve encryption/decryption completion.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: June 16, 2020
    Inventor: Daniel Maurice Lerner
  • Patent number: 10680798
    Abstract: A secure computing device, including: a processor configured to carry out a secure operation; a memory in communication with the processer configured to store secure data; and a memory controller configured control storage of data in the memory and reading data from the memory, wherein the secure data is split into shares before being stored in the memory and wherein the memory controller is configured to: apply a masking storage transform (MST) to one of the shares to produce a masked share before storing the shares in the memory, wherein the MST is a permutation without a fixed point; apply an inverse MST to the masked share when reading the shares from the memory; and combine the read shares to reconstruct the secure data.
    Type: Grant
    Filed: February 15, 2017
    Date of Patent: June 9, 2020
    Assignee: NXP USA, Inc.
    Inventors: Miroslav Knezevic, Ventzislav Nikov
  • Patent number: 10680802
    Abstract: Various embodiments relate to a method of hashing a message M using a block cipher, including: producing N block cipher inputs by XORing message indices i, . . . i+N?1 respectively with state values S0, . . . SN?1, wherein N is an integer greater than 1; producing N block cipher keys by XORing N different blocks of message M and at least one of state values S0, . . . SN?1 for each of the N block cipher keys; encrypting the N block cipher inputs using the respective N block cipher keys to produce N block cipher outputs; combining the N block cipher outputs with N block cipher inputs to produce N block cipher combined outputs Tt, for t=0, . . . , N?1; calculating Y0=T0; calculating Yt=Yt?1?Tt, for t=1, . . . , N?1, calculating SN?1?=YN?1<<<a, where a is a number of bits to rotate where S0?, . . . , SN?1? are new state values; and calculating St?=Yt?SN?1?, for t=0, . . . , N?2.
    Type: Grant
    Filed: May 31, 2018
    Date of Patent: June 9, 2020
    Assignee: NXP B.V.
    Inventor: Bjorn Fay
  • Patent number: 10645070
    Abstract: An access control system and associated devices are described that conceal and securitize data transmissions between one or more secure databases for various user devices to ensure proper entrance or access into secure locations by approved personnel only. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications that combine securing communications for wireless/cellular phones with personnel access card readers for entry into secure locations are also described. These combined communication and access devices require using specific encryption techniques that cannot be corrupted and are essential to denying fraudulent or otherwise unauthorized personnel the ability to enter or access security protected devices or locations.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: May 5, 2020
    Inventor: Daniel Maurice Lerner
  • Patent number: 10616192
    Abstract: The disclosure provides for one or more devices and associated system that securitize and conceal data transmitted to and/or data received from the devices that utilize one or more master keys comprising at least one device that conceals and reveals such that the data and/or associated data files utilize both master keys and one or more key selectors, wherein the master keys and key selectors produce a specific set of one or more keys that conceal the data and/or associated data files such that one or more key selectors coincide with at least one value that directly corresponds with created cipher data and/or cipher data files. The key selectors can also be concealed and revealed as required. Produced concealed data and concealed data files can only be concealed and revealed with one or more master keys and one or more key selectors.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: April 7, 2020
    Inventor: Daniel Maurice Lerner
  • Patent number: 10608822
    Abstract: A method of computing a message authentication code (MAC) for a message having a common part and an independent part using a constrained processor, including: performing a MAC function on the common part of the message using a first secret key to produce a first output; performing a pseudorandom function on the independent part of the message using a second key to produce a second output, wherein the computation time of the pseudorandom function is significantly less than the computation time of the MAC function; and combining the first output and the second output to produce a computed MAC for the message.
    Type: Grant
    Filed: April 26, 2017
    Date of Patent: March 31, 2020
    Assignee: NXP B.V.
    Inventors: Florian Boehl, Simon Johann Friedberger, Thierry G. C. Walrant
  • Patent number: 10601805
    Abstract: One more devices and/or access control systems are described that securitize data and data transmissions using three sets of computing operations including authentication, validation, and securitization that allows or denies access to the data and/or the data transmissions. The system includes securitization of signals between one or more secure master and/or partial DASA databases for various user devices. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications that offer the combination of securing communications from user devices with reader devices, are also is provided.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: March 24, 2020
    Inventor: Daniel Maurice Lerner
  • Patent number: 10572271
    Abstract: Efficient instantiation of encrypted guests is disclosed. In an example, a first host with a first hypervisor is separated from a second host with a second hypervisor by a network. The first hypervisor executes to allocate a requested amount of memory associated with a first guest on the first host. Pages of the requested amount of memory written to by a boot process of the first guest are tracked. The second hypervisor is requested to allocate the requested amount of memory on the second host. All tracked pages written to by the boot process are transferred to the second host. In response to transferring all of the tracked pages, a transfer completion confirmation is sent to the second hypervisor and a second guest that is a migrated copy of the first guest is instantiated on the second host with the transferred pages from the first guest.
    Type: Grant
    Filed: August 29, 2018
    Date of Patent: February 25, 2020
    Assignee: RED HAT, INC.
    Inventors: Michael Tsirkin, David Hildenbrand
  • Patent number: 10536445
    Abstract: An access control system with devices that securitize one or more blockchains using three sets of rules including authentication, validation, and access is provided. The system also can include protection of signals between one or more secure DASA databases and/or one or more blockchains for various user devices. The DASA databases may exist external to, along with, or within the blockchains. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications offering the combination of securing communications from user devices with reader devices, are also provided. This disclosure also provides for the securitization and/or encryption of blockchain(s) for ensuring communication signals transmitted from and data residing within databases and/or the blockchain itself are not corruptible or compromised.
    Type: Grant
    Filed: April 5, 2019
    Date of Patent: January 14, 2020
    Inventor: Daniel Maurice Lerner
  • Patent number: 10530567
    Abstract: A noise generation module generates power consumption noise to conceal the power consumption characteristics of a cryptographic module. The cryptographic module performs first non-linear transformation on received data, and the noise generation module performs second non-linear transformation on received data during the operational period of the first non-linear transformation.
    Type: Grant
    Filed: October 3, 2017
    Date of Patent: January 7, 2020
    Assignee: MEGACHIPS CORPORATION
    Inventors: Takahiko Sugahara, Hiromu Yutani, Hajime Yoshimura, Masayuki Imagawa
  • Patent number: 10523427
    Abstract: In accordance with embodiments of the present disclosure, a management controller configured to provide management-domain management of an information handling system may include a processor and a key management utility embodied in non-transitory computer-readable media. The key management utility may be configured to issue one or more commands to a cryptoprocessor for storing and sealing a key encryption key on the cryptoprocessor, wherein the key encryption key is for decrypting a media encryption key for encrypting and decrypting data stored to a storage resource of a host domain of the information handling system. The key management utility may also be configured to issue one or more commands to the cryptoprocessor for unsealing and retrieving the key encryption key from the cryptoprocessor.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: December 31, 2019
    Assignee: Dell Products L.P.
    Inventors: Gobind Vijayakumar, Johan Rahardjo, Theodore Stratton Webb
  • Patent number: 10521608
    Abstract: A device may obtain information included in a corpus of documents relating to an organization. The device may identify a set of values indicating personal information for one or more individuals by using a set of natural language processing (NLP) techniques to analyze the information included in the corpus. The device may determine a set of relationships between one or more values, of the set of values indicating the personal information using one or more additional NLP techniques and/or one or more rules. The device may generate a set of user profiles for the one or more individuals based on the set of relationships between the one or more values indicating the personal information. The device may perform one or more actions associated with using the set of user profiles to service a request for information.
    Type: Grant
    Filed: January 9, 2018
    Date of Patent: December 31, 2019
    Assignee: Accenture Global Solutions Limited
    Inventors: Urvesh Bhowan, Bogdan Eugen Sacaleanu, Navdeep Sharma, Gavin Kearney, Laura O'Malley, Aoife Whelan, Qurrat Ul Ain, Anthony McCoy
  • Patent number: 10476669
    Abstract: Space-efficient key allocations in broadcast encryption systems are provided. In some embodiments, a key bundle is read. The key bundle includes a first cryptographic key, an associated first key identifier, and an associated first cryptographic function identifier. A plurality of encrypted keys is received. Each encrypted key has an associated identifier. A first encrypted key is selected from the plurality of encrypted keys such that the key identifier of the first encrypted is equivalent to the first key identifier. A first cryptographic function is determined corresponding to the first cryptographic function identifier. The first cryptographic function is applied to the first encrypted key using the first cryptographic key to obtain a first intermediate cryptographic key. A content cryptographic key is determined using the first intermediate cryptographic key. The content cryptographic key is adapted for decryption of encrypted content.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: November 12, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Dulce B. Ponceleon
  • Patent number: 10447657
    Abstract: A communications system, and a method suitable for use therein, are described which are suitable for transmitting and receiving both secure and non-secure data. The system comprises: means for transmitting data comprising both ciphered secure data and unciphered non-secure data; means for receiving transmitted data; means for deciphering the received data to produce deciphered data; and means for: validating the deciphered data to produce a first validation result and outputting the deciphered data depending upon the first validation result; or validating the received data to produce a second validation result and outputting the received data depending upon the second validation result; or validating the deciphered data to produce a first validation result and outputting the deciphered data depending upon the first validation result, and also validating the received data to produce a second validation result and outputting the received data depending upon the second validation result.
    Type: Grant
    Filed: March 17, 2009
    Date of Patent: October 15, 2019
    Assignee: Qualcomm Incorporated
    Inventors: Mungal Singh Dhanda, Simon Walke
  • Patent number: 10434981
    Abstract: A method for protecting a vehicle, the method may include providing, by an immobilizer, false error information that is associated with a false error; wherein the false error information, once received or processed by an electronic control unit (ECU) of the vehicle, contributes to an immobilizing the vehicle during a vehicle start process; and sending the false error information to the ECU, during a vehicle shut down process that preceded the vehicle start process.
    Type: Grant
    Filed: June 20, 2016
    Date of Patent: October 8, 2019
    Assignee: Traffilog
    Inventors: Robert Izraeli, Assi Bitton, Arik Greenberger
  • Patent number: 10425808
    Abstract: A method of operating a node for performing handover between access networks wherein a user has authenticated for network access in a first access network. The method comprises receiving from a home network a first session key and a temporary identifier allocated to the user for the duration of a communication session. The identifier is mapped to the first session key, and the mapped identifier and key are stored at the node. A second session key is derived from the first session key and the second session key is sent to an access network, and the identifier sent to a user terminal. When the user subsequently moves to a second access network, the node receives the identifier from the user terminal. The node then retrieves the first session key mapped to the received identifier, derives a third session key and sends the third session key to the second access network.
    Type: Grant
    Filed: January 19, 2017
    Date of Patent: September 24, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Mats Naslund, Jari Arkko
  • Patent number: 10419416
    Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.
    Type: Grant
    Filed: June 8, 2018
    Date of Patent: September 17, 2019
    Assignee: Jonetix Corporation
    Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
  • Patent number: 10387654
    Abstract: A method for providing a computer program for a computing unit of an electronic device, in particular a control device of a motor vehicle or of a household appliance, wherein the method includes: evaluation of properties of the electronic device relating to a susceptibility to side channel attacks and/or fault attacks, as a result of which an evaluation result is obtained, selection of at least one influencing parameter that has an influence on the susceptibility of the electronic device to side channel attacks and/or fault attacks, in particular as a function of the evaluation result, use of the at least one influencing parameter to diversify the computer program for the computing unit.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: August 20, 2019
    Assignee: Robert Bosch GmbH
    Inventors: Hans Loehr, Herve Seudie, Paulius Duplys, Robert Szerwinski, Sebastien Leger
  • Patent number: 10387120
    Abstract: Systems and methods for a random number generator including a systolic array to receive a plurality of first inputs, and to provide a random number output. In one embodiment, the systolic array can be arranged in two or greater dimensions, and each cell of the array comprises a ring oscillator. Data is read from a random access memory to provide the inputs to the systolic array. A linear feedback shift register receives the random number output as a feedback signal used to address the memory to read data to provide as the inputs to the systolic array.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: August 20, 2019
    Assignee: SECTURION SYSTEMS, INC.
    Inventor: Richard J. Takahashi
  • Patent number: 10389531
    Abstract: An authentication system includes a terminal having a transmitter, a processor, and a memory, and a server having a receiver, a processor and a memory. The terminal transmits request information to the server. The terminal acquires time information, generates a first one-time password at a pre-determined cycle by using the time information within the terminal, and generates encryption information which is acquired by encrypting the request information using the first one-time password as a key, the encryption information being transmitted from the terminal to the server. The server acquires time information within the server, generates a second one-time password at the pre-determined cycle as the cycle within the terminal by using the time information within the server, generates reference information which is acquired by decoding the encryption information using the second one-time password as a key, and compares the request information with the reference information.
    Type: Grant
    Filed: July 6, 2017
    Date of Patent: August 20, 2019
    Assignee: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD.
    Inventors: Saburo Toyonaga, Hiroyuki Tanaka, Masakatsu Matsuo
  • Patent number: 10382193
    Abstract: Systems and methods for performing cryptographic data processing operations in a manner resistant to external monitoring attacks. An example method may comprise: executing, by a processing device, a first data manipulation instruction, the first data manipulation instruction affecting an internal state of the processing device; executing a second data manipulation instruction, the second data manipulation instruction interacting with said internal state; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by executing a third data manipulation instruction utilizing an unpredictable data item.
    Type: Grant
    Filed: May 15, 2015
    Date of Patent: August 13, 2019
    Assignee: Cryptography Research, Inc.
    Inventors: Sami James Saab, Pankaj Rohatgi, Craig E. Hampel
  • Patent number: 10341309
    Abstract: Aspects of the disclosure relate to a system and method for cryptographically protecting data transferred between spatially distributed computing devices. An intermediary database may be used to facilitate the protected data transfer and/or record the data transfers. A first computing device may transfer, to the intermediary database, encrypted data that may be securely transferred to other computing devices. A second computing device may generate a GUI used to view data available from the intermediary database. Once data is selected by the second device, the second device may transfer a key (or other encryption mechanism) to the first device. The first computing device may encrypt the data using the received key and transmit the encrypted data to the intermediary database. The intermediary database may transmit the encrypted data to the second computing device, and the second computing device may decrypt and use the data.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: July 2, 2019
    Assignee: Allstate Insurance Company
    Inventors: Philip Peter Ramirez, Michael J. McNichol, Jr., Tao Chen, Vincent Quigley, Brian Rice
  • Patent number: 10341104
    Abstract: An encryption apparatus includes a table generator configured to generate a key table based on each of a plurality of encryption keys, the plurality of encryption keys having different attributes, generate a key-independent table independent of the plurality of encryption keys, and generate an encryption algorithm based on the key table and the key-independent table; and a transmitter configured to transmit the key table and the key-independent table to a client terminal, wherein the table generator and the transmitter are implemented by using at least one hardware processor.
    Type: Grant
    Filed: January 13, 2016
    Date of Patent: July 2, 2019
    Assignee: SAMSUNG SDS CO., LTD.
    Inventors: Duk-Jae Moon, Ji-Hoon Cho, Kyu-Young Choi
  • Patent number: 10341089
    Abstract: The Advanced Encryption Standard (AES) cipher can be performed in a manner that preserves the secrecy of cryptographic keys, even under the intense scrutiny of a reverse-engineer observing every aspect of the computation. A method can include loading a key in a non-standard representation. The method can also include processing the key with respect to data in at least three first type rounds and a plurality of second type rounds. The processing the key with respect to data can include either encrypting the data using the key or decrypting the data using the key. The first type rounds can be configured to maintain an order of channels of bits at an output from the order of corresponding channels of bits at an input. The second type rounds can be configured to vary the order of channels of bits at an output from the order of corresponding channels of bits at an input.
    Type: Grant
    Filed: April 20, 2016
    Date of Patent: July 2, 2019
    Assignee: MICROSEMI CORP. - SECURITY SOLUTIONS
    Inventor: Scott D. Miller
  • Patent number: 10341356
    Abstract: A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.
    Type: Grant
    Filed: November 13, 2017
    Date of Patent: July 2, 2019
    Assignee: Certicom Corp.
    Inventor: Marinus Struik
  • Patent number: 10341860
    Abstract: Systems, devices, and methods are described for allowing a first device to learn how to connect to a first network using information that a second device obtained about a second network that is related to the first network. The second device can perform a virtual network discovery of the first network on behalf of the first device. The second device can describe how to initiate one or more connections to the first network by modifying the information the second device obtained about the second network. The second device can send the information identifying how to initiate the connections to the first network to the first device. The first device can automatically initiate connections to the first network without requiring user input.
    Type: Grant
    Filed: August 9, 2017
    Date of Patent: July 2, 2019
    Assignee: Apple Inc.
    Inventors: Vinesh Pallen, Hyeonkuk Jeong, Kapil Chhabra
  • Patent number: 10313315
    Abstract: Aspects of the disclosure relate to ensuring information security in data transfers by utilizing proximity keys. A computing platform may receive a data collection comprising one or more data sets to be transferred to one or more remote recipient systems, as well as one or more transfer path specifications defining a specific sequence of hop points via which the data collection is to be transferred. Subsequently, the computing platform may receive, from a quorum of authorization devices, a plurality of authorization keys. Based on validating the plurality of authorization keys, the computing platform may encrypt the data collection using the plurality of authorization keys. Then, the computing platform may send the encrypted data collection to a first hop point associated with the specific sequence of hop points defined by the one or more transfer path specifications, so as to initiate a transfer of the data collection to a decryption platform.
    Type: Grant
    Filed: August 25, 2017
    Date of Patent: June 4, 2019
    Assignee: Bank of America Corporation
    Inventor: Manu Kurian
  • Patent number: 10277391
    Abstract: There is provided an encryption device including a data encryption unit configured to conduct encryption on the basis of a white box model in which at least a part of a plurality of round functions for sequentially conducting encryption processing on an input value is tabulated, and input and output values of the round function are recognizable from an outside. The plurality of round functions each have an encryption function that is tabulated and encrypts an input value in a black box model in which input and output values are recognizable from the outside and an intermediate value is not recognizable from the outside.
    Type: Grant
    Filed: September 2, 2016
    Date of Patent: April 30, 2019
    Assignees: SONY CORPORATION, TECHNICAL UNIVERSITY OF DENMARK
    Inventors: Takanori Isobe, Andrey Bogdanov
  • Patent number: 10278195
    Abstract: A method for serving node establishment includes sending, by a network device, information about a micro network time-frequency resource pool to a terminal; and sending measurement configuration information to the terminal. The measurement configuration information instructs the terminal to serve, when the terminal determines that the terminal meets a preset condition of a first measurement event, as a first serving node to send exclusive information of the first serving node on a first time-frequency resource in the micro network time-frequency resource pool according to the information about the micro network time-frequency resource pool, and the first measurement event is any one of the at least one measurement event.
    Type: Grant
    Filed: September 15, 2017
    Date of Patent: April 30, 2019
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Mingchao Li, Xin Xiong, Yi Shi
  • Patent number: 10230523
    Abstract: In a computer implemented method for generating a random seed with high entropy as an entropy source a machine instruction ‘compare-and-swap’ -CAS- is used to calculate a random seed.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: March 12, 2019
    Assignee: HOB GMBH & CO. KG
    Inventor: Klaus Brandstätter
  • Patent number: 10205598
    Abstract: Temporal key generation devices and methods are described. One such device of a first domain receives a “seed” to generate a private key associated with a public key for use in a second domain. The device uses the private key in cryptographic operations with the second domain. When the device loses power or is no longer connected to the second domain, the private key may be erased or no longer stored on the device.
    Type: Grant
    Filed: May 3, 2016
    Date of Patent: February 12, 2019
    Inventor: Ronald Francis Sulpizio, Jr.
  • Patent number: 10171444
    Abstract: An access control system and associated devices are described that conceal and securitize data transmissions between one or more secure databases for various user devices to ensure proper entrance or access into secure locations by approved personnel only. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications that combine securing communications for wireless/cellular phones with personnel access card readers for entry into secure locations are also described. These combined communication and access devices require using specific encryption techniques that cannot be corrupted and are essential to denying fraudulent or otherwise unauthorized personnel the ability to enter or access security protected devices or locations.
    Type: Grant
    Filed: June 11, 2018
    Date of Patent: January 1, 2019
    Assignee: IronClad Encryption Corporation
    Inventor: Daniel Maurice Lerner
  • Patent number: 10171435
    Abstract: The disclosure provides for one or more devices and associated system that securitize and conceal data transmitted to and/or data received from the devices that utilize one or more master keys comprising at least one device that conceals and reveals such that the data and/or associated data files utilize both master keys and one or more key selectors, wherein the master keys and key selectors produce a specific set of one or more keys that conceal the data and/or associated data files such that one or more key selectors coincide with at least one value that directly corresponds with created cipher data and/or cipher data files. The key selectors can also be concealed and revealed as required. Produced concealed data and concealed data files can only be concealed and revealed with one or more master keys and one or more key selectors.
    Type: Grant
    Filed: June 12, 2018
    Date of Patent: January 1, 2019
    Assignee: IronClad Encryption Corporation
    Inventor: Daniel Maurice Lerner
  • Patent number: 10154015
    Abstract: The disclosure provides for two or more devices that securitize transmission(s) transmitted to and received from these devices comprising at least one executable coded cipher key(s), at least one executable coded encryption key (ECEK) device that encrypts transmission(s) that uses executable cipher coded key(s), and at least one executable coded decryption key (ECDK) device that decrypts transmission(s) and that also uses at least one executable coded cipher key(s), such that transmission(s) are sent to an encrypter/decrypter memory that stores transmission(s) while the transmission(s) is encrypted and/or decrypted. When encryption/decryption is completed, the transmission(s) is sent to at least one transmitter such that encryption/decryption of the transmission(s) is controlled and manipulated by the executable coded cipher key(s), wherein the executable coded cipher key(s) remain in the computer memory long enough to achieve encryption/decryption completion.
    Type: Grant
    Filed: June 12, 2018
    Date of Patent: December 11, 2018
    Assignee: IRONCLAD ENCRYPTION CORPORATION
    Inventor: Daniel Maurice Lerner
  • Patent number: 10154021
    Abstract: One more devices and/or access control systems are described that securitize data and data transmissions using three sets of computing operations including authentication, validation, and securitization that allows or denies access to the data and/or the data transmissions. The system includes securitization of signals between one or more secure master and/or partial DASA databases for various user devices. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications that offer the combination of securing communications from user devices with reader devices, are also is provided.
    Type: Grant
    Filed: June 11, 2018
    Date of Patent: December 11, 2018
    Assignee: IRONCLAD ENCRYPTION CORPORATION
    Inventor: Daniel Maurice Lerner
  • Patent number: 10148427
    Abstract: An information processing apparatus for encrypting or decrypting data by AES scheme, includes a processor; and a memory storing a first table including mixed components based on exclusive OR of first random components and key data, a second table, and a third table. The processor executes selecting four bytes of sub-round data from the data; a first transformation based on the first table, for each of one-byte data items of the sub-round data, to generate first data by taking exclusive OR of the one-byte data items and the mixed components; a second transformation based on the second table to transform the first data into second data; a third transformation based on the third table to transform the second data into multiple items of third data; calculating exclusive OR of the third data.
    Type: Grant
    Filed: April 21, 2017
    Date of Patent: December 4, 2018
    Assignee: FUJI ELECTRIC CO., LTD.
    Inventor: Kenji Takatsukasa
  • Patent number: 10142099
    Abstract: One feature pertains to methods for generating cryptographic values associated with substitution boxes (S-box). The methods includes first obtaining an input value and a first value. One method includes generating an S-box output value by performing an exclusive OR (XOR) operation on the input value and the first value to generate an intermediate value, and performing a bitwise rotation on the intermediate value by a number of bits equal to the Hamming Weight of the intermediate value. In one aspect, the output of this bitwise rotation is further XOR-ed with a second value. Another method includes generating the S-box output value by performing a bitwise rotation on the input value by a number of bits equal to the Hamming Weight of the input value to generate an intermediate value, and performing an XOR operation on the intermediate value and the first value.
    Type: Grant
    Filed: July 5, 2013
    Date of Patent: November 27, 2018
    Assignee: QUALCOMM Incorporated
    Inventor: Gregory Gordon Rose
  • Patent number: 10122690
    Abstract: A method of encrypting and authenticating messages in a communication system includes generating new keys by receiving a plurality of parameters including at least one of an initial key, a nonce, a sequence number, and a previous key. The method may include applying a mix function to generate a subsequent key based on the plurality of parameters for key rolling. The method may include encrypting and authenticating data using different subsequent keys.
    Type: Grant
    Filed: July 13, 2015
    Date of Patent: November 6, 2018
    Assignee: The Boeing Company
    Inventor: Laszlo Hars
  • Patent number: 10097343
    Abstract: A data processing apparatus that encrypts or decrypts data by Advanced Encryption Standard in which a plurality of key data are respectively prepared for a plurality of round processes that are performed in order, includes a selector that selects sub-round data of 4 bytes from input data that is a process target of a first round process; a converter that converts each data of 1 byte of the sub-round data, based on a first table by which a result same as performing a predetermined process is output, to generate converted data of 4 bytes; and an exclusive OR calculator that calculates exclusive OR of the converted data of the sub-round data, respectively, the predetermined process including an encryption process or a decryption process using at least a part of key data prepared for a second round process which is performed later than the first round process.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: October 9, 2018
    Assignee: FUJI ELECTRIC CO., LTD.
    Inventor: Kenji Takatsukasa
  • Patent number: 10038550
    Abstract: Instructions and logic provide secure cipher hashing algorithm round functionality. Some embodiments include a processor comprising: a decode stage to decode an instruction for a secure cipher hashing algorithm, the first instruction specifying a source data, and one or more key operands. Processor execution units, are responsive to the decoded instruction, to perform one or more secure cipher hashing algorithm round iterations upon the source data, using the one or more key operands, and store a result of the instruction in a destination register. One embodiment of the instruction specifies a secure cipher hashing algorithm round iteration using a Feistel cipher algorithm such as DES or TDES. In one embodiment a result of the instruction may be used in generating a resource assignment from a request for load balancing requests across the set of processing resources.
    Type: Grant
    Filed: August 8, 2013
    Date of Patent: July 31, 2018
    Assignee: Intel Corporation
    Inventors: Vinodh Gopal, Wajdi K. Feghali
  • Patent number: 10032007
    Abstract: A novel code signing system, computer readable media, and method are provided. The code signing method includes receiving a code signing request from a requestor in order to gain access to one or more specific application programming interfaces (APIs). A digital signature is provided to the requestor. The digital signature indicates authorization by a code signing authority for code of the requestor to access the one or more specific APIs. In one example, the digital signature is provided by the code signing authority or a delegate thereof. In another example, the code signing request may include one or more of the following: code, an application, a hash of an application, an abridged version of the application, a transformed version of an application, a command, a command argument, and a library.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: July 24, 2018
    Assignee: BlackBerry Limited
    Inventors: David Paul Yach, Herbert Anthony Little, Michael Stephen Brown
  • Patent number: 10027670
    Abstract: A method can include receiving a request from a requestor to a given resource, which requestor is registered to access a set of one or more resources. The request includes a ticket that includes signature data generated by an authenticating entity in response to authenticating the requestor. The signature data may be decrypted to provide a decrypted signature. The ticket may be validated in response to the request based on evaluating the decrypted signature. A response can be provided to the requestor based on the validation, and the response can grant the requestor access to the given resource if the validation determines the ticket to be authentic and authorized for the given resource or the response can deny the requestor access to the given resource if the validation determines to reject the ticket.
    Type: Grant
    Filed: May 4, 2017
    Date of Patent: July 17, 2018
    Assignee: Mitel Networks, Inc.
    Inventors: Michael S. W. Tovino, Amy S. Pendleton
  • Patent number: 10021085
    Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.
    Type: Grant
    Filed: March 16, 2017
    Date of Patent: July 10, 2018
    Assignee: Jonetix Corporation
    Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
  • Patent number: 10015009
    Abstract: A method of implementing a method of mapping an input message to an output message by a keyed cryptographic operation, wherein the keyed cryptographic operation includes a plurality of rounds using a Feistel network, including: receiving an input having a first half and a second half; performing, by a basic block, a portion of a round function on the second half to produce a portion of an encoded output, and wherein the basic block provides a portion of the second half as a portion of an encoded first input to a next round; and XORing the portion of the encoded output and a portion the first half to produce a portion of an encoded second input to the next round.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: July 3, 2018
    Assignee: NXP B.V.
    Inventor: Wilhelmus Petrus Adrianus Johannus Michiels
  • Patent number: 9942756
    Abstract: Methods, systems and apparatus for securing credential distribution are disclosed. One method includes receiving notification from a credential management system that a wireless device is associated with an authenticated user of the credential management system. The method further includes receiving the private network credentials of the authenticated user, storing the private network credentials and the identifier of the wireless device, receiving an authentication request from a router, returning a response to the authentication request to the router, wherein the response includes internet domains and connection bandwidths the wireless device is allowed to use, authenticating the wireless device, ensuring that the wireless device is authorized to receive private network credentials; and distributing, by the cloud system, the private network credentials to the wireless device, thereby allowing the wireless device to obtain local network access with the private network credentials.
    Type: Grant
    Filed: November 12, 2015
    Date of Patent: April 10, 2018
    Assignee: Cirrent, Inc.
    Inventors: Robert A. Conant, Barbara Nelson