Having Particular Key Generator Patents (Class 380/44)
  • Patent number: 11070358
    Abstract: A computation device (200) arranged to evaluate a data function (S) mapping a number (n) of input variables to a number of output variables (m). The computation device comprises selection mechanism (220) receiving as input selection variables and an evaluation mechanism (210) arranged to receive the one or more evaluation variables and to evaluate the evaluation functions for the received evaluation variables, an evaluation function receiving as input the evaluation variables.
    Type: Grant
    Filed: December 14, 2016
    Date of Patent: July 20, 2021
    Assignee: Koninklijke Philips N.V.
    Inventors: Sebastiaan Jacobus Antonius De Hoogh, Ronald Rietman, Ludovicus Marinus Gerardus Maria Tolhuizen, Hendrik Dirk Lodewijk Hollmann
  • Patent number: 11070375
    Abstract: An apparatus comprises an encryption key generator to generate a media encryption key to encrypt data in number of memory components, where the encryption key generator is configured to wrap the media encryption key to generate an encrypted media encryption key, The encrypted media encryption key is stored in a non-volatile memory. The apparatus comprises firmware having instructions to transition the apparatus to and from a secure state using the encrypted media encryption key.
    Type: Grant
    Filed: August 14, 2018
    Date of Patent: July 20, 2021
    Assignee: Micron Technology, Inc.
    Inventors: Nathan A. Eckel, Steven D. Check
  • Patent number: 11070975
    Abstract: A method for transmitting, by a transmitter, a packet to a receiver of a communication system. The packet including data encrypted according to a symmetric key encryption protocol by determining the value of a generation information and determining an encryption key according to the value of the generation information. The data to be included in the encrypted packet to be transmitted is encrypted according to the encryption key. A truncated information is calculated based on the generation information. A verification code for the encrypted packet is calculated according to the encrypted data and the first portion of the generation information. The encrypted packet to be transmitted is formed according to the truncated information, the verification code and the encrypted data.
    Type: Grant
    Filed: November 9, 2017
    Date of Patent: July 20, 2021
    Assignee: SIGFOX
    Inventor: Guillaume Larignon
  • Patent number: 11057186
    Abstract: A device may store raw random data in a raw random data store. The raw random data may include a first plurality of data strings. The device may generate, using a quotient ring transform (QRT), cryptographic random data based on the raw random data. The cryptographic random data includes a second plurality of data strings that is transformed from the first plurality of data strings based on an extraction state stored in an extraction state store. The device may store the cryptographic random data in a cryptographic random data store and may use the cryptographic random data for various purposes.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: July 6, 2021
    Assignee: Juniper Networks, Inc.
    Inventors: Anna M. Johnston, Purushottam Anant Kulkarni
  • Patent number: 11057372
    Abstract: A system and method provides access to one or more web services by capturing a human perceptible rendering on a separate device, identifying a code from the human-perceptible rendering captured and granting access to the one or more web services, responsive to the code identified and an identifier of the user.
    Type: Grant
    Filed: December 14, 2019
    Date of Patent: July 6, 2021
    Assignee: Charles Schwab & Co., Inc.
    Inventors: Valery Zubovsky, Suwat Phruksawan, Toby R. Kendall, Patrick C. McGraw, Dominic E. Caudell
  • Patent number: 11057209
    Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of confidential and critical data, referred to as “secrets,” within distributed computer systems. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. The multiple secret-share-storing nodes additionally cooperate to periodically alter the stored secret shares corresponding to a secret in a way that allows agents to recover the original secret, or derived data, from all or a portion of the altered secret shares or derived-data shares.
    Type: Grant
    Filed: February 28, 2018
    Date of Patent: July 6, 2021
    Assignee: VMware, Inc.
    Inventors: Asaf Kariv, Ittai Abraham, Yotam Harchol
  • Patent number: 11050745
    Abstract: An information processing apparatus that authenticates sets of distributed authentication information without collecting, the sets of distributed authentication information, to be collected at any one of apparatuses included in a system.
    Type: Grant
    Filed: August 18, 2016
    Date of Patent: June 29, 2021
    Assignee: NEC CORPORATION
    Inventors: Yuki Tanaka, Jun Furukawa, Kazuma Ohara, Toshinori Araki
  • Patent number: 11050555
    Abstract: A method for remotely acquiring secret key, comprising steps of detecting an injection key acquisition instruction; generating a temporary key pair when the injection key acquisition instruction is detected; acquiring a locally stored private key in a random key pair, and using a private key in the random key pair to perform signature on a public key in the temporary key pair to generate a temporary key signature; acquiring a first identity authentication certificate; sending the temporary key signature and the first identity authentication certificate to a remote injection server; receiving an injection key ciphertext signature and a second identity authentication certificate which is returned by the remote injection server according to the temporary key signature and the first identity authentication certificate; and acquiring and storing an injection key according to the injection key ciphertext signature and the second identity authentication certificate.
    Type: Grant
    Filed: September 22, 2017
    Date of Patent: June 29, 2021
    Assignee: PAX COMPUTER TECHNOLOGY (SHENZHEN) CO., LTD.
    Inventors: Chuan Liu, Yongquan Yang
  • Patent number: 11050556
    Abstract: Secure vehicular communication is described herein. An example apparatus can include a processor and a vehicular communication component. The vehicular communication component can be configured to generate a vehicular private key and a vehicular public key, provide the vehicular public key to a plurality of external communication components wherein each respective one of the plurality of external communication components is positioned on a different transportation assistance entity, provide data to at least one of the plurality of external communication components, receive, in response to providing the data, additional data from the at least one of the plurality of external communication components, wherein the additional data is encrypted using the vehicular public key, and decrypt the additional data using the vehicular private key.
    Type: Grant
    Filed: July 13, 2018
    Date of Patent: June 29, 2021
    Assignee: Micron Technology, Inc.
    Inventors: Antonino Mondello, Michelangelo Pisasale, Alberto Troia
  • Patent number: 11042610
    Abstract: Embodiments herein describe techniques for validating binary files used to configure a hardware card in a computing system. In one embodiment, the hardware card (e.g., an FPGA) includes programmable logic which the binary file can configure to perform a specialized function. In one embodiment, multiple users can configure the hardware card to perform their specialized tasks. For example, the computing system may be server on the cloud that hosts multiple VMs or a shared workstation. Permitting multiple users to directly configure and use the hardware card may present a security risk. To mitigate this risk, the embodiments herein describe techniques for validating encrypted binary files.
    Type: Grant
    Filed: October 4, 2017
    Date of Patent: June 22, 2021
    Assignee: XILINX, INC.
    Inventors: Hem C. Neema, Sonal Santan, Bin Ochotta
  • Patent number: 11036392
    Abstract: A data encryption system receives data to be encrypted prior to being transmitted to a storage unit. The received data is analyzed to determine a secure storage approach based on a risk level associated with the received data. In response to the risk level satisfying a threshold risk level the data encryption system uses a convergent encryption technique to encrypt the received data, but in response to the risk level failing to satisfy the threshold risk level, the data encryption system encrypts the received data using a key based on a random number. The encrypted data is transmitted to a storage unit.
    Type: Grant
    Filed: July 21, 2017
    Date of Patent: June 15, 2021
    Assignee: PURE STORAGE, INC.
    Inventor: Jason K. Resch
  • Patent number: 11029858
    Abstract: A method of encoding data, including: obtaining a data stream comprising a first sequence of values; duplicating of the first sequence of values; offsetting the duplicate first sequence of values; braiding the first sequence of values and the offset duplicate first sequence of values, creating a braided data sequence; and outputting the braided data sequence.
    Type: Grant
    Filed: April 3, 2020
    Date of Patent: June 8, 2021
    Assignee: Kara Partners LLC
    Inventors: Brian Penny, Giovanni Viscardi
  • Patent number: 11025426
    Abstract: The disclosure concerns an encryption function applied to a first word, a second word, a third word, and a fourth word including: multiplying the third word by the fourth word; adding the result of the multiplication; subtracting the result of the addition to the second word from the result of the addition to the first word; adding the result of the subtraction; combining with a constant the result of the addition of the third word to the result of the subtraction; and multiplying by two the result of said combination and circularly shifting the codes of the respective results of the addition of the fourth word to the result of the subtraction, of the addition of the second word to the result of the multiplication, and of the addition of the first word to the result of the multiplication.
    Type: Grant
    Filed: January 16, 2019
    Date of Patent: June 1, 2021
    Assignee: PROTON WORLD INTERNATIONAL N.V.
    Inventors: Joan Daemen, Michael Peeters
  • Patent number: 11019073
    Abstract: Techniques are presented for efficiently provisioning application-agnostic resource access to a variety of applications without modification to the native access control mechanisms of the applications and without transmission of a user's credentials over the network. A user of an application is authenticated by an authorization provider. An access token for the authenticated user is generated. A session password is generated based at least in part on the access token. The session password is applied by the user to the native access control mechanism of an application to facilitate access to resources (e.g., set of subject data) by the application. The resource access is achieved without modification to the native access control mechanism of the application and without transmission of the credentials (e.g., username, password, etc.) of the user over the network.
    Type: Grant
    Filed: March 6, 2018
    Date of Patent: May 25, 2021
    Assignee: AtScale, Inc.
    Inventors: Matthew Baird, David Vigdor Schreibman, Gaurav Nitin Shetti
  • Patent number: 11018847
    Abstract: A method to protect a device key in a device comprising at least one secure element locally connected to at least one time programmable memory storing a global value in form of a bit string comprising locked bits and unlocked bits. The locked bits are irreversibly pre-programmed in the one-time-programmable memory during an initialization phase of the device while the un-locked bits remaining in an initial state may be programmable by the secure element. The secure element is configured to generate, at initialization of the device, a device specific value by using the global value, program the device specific value previously obtained in the one time programmable memory, and erase the global value by programming the unlocked bits of the corresponding bit string. A further object of the disclosure includes a device configured to carry out the method.
    Type: Grant
    Filed: January 2, 2019
    Date of Patent: May 25, 2021
    Assignee: NAGRAVISION S.A.
    Inventors: Didier Hunacek, Marco Macchetti, Nicolas Fischer
  • Patent number: 11012230
    Abstract: A cryptographic communication method using a dynamically-generated private key is provided. A signal generation unit outputs a second signal obtained by giving an error in a predetermined range to a signal obtained based on a first signal. An error correction generation unit outputs a third signal obtained based on the second signal and auxiliary information for correcting an error included in the second signal. A private-key generation unit generates a first private key based on the third signal. An encryption calculation unit outputs an encrypted signal obtained by encrypting a fourth signal based on the first private key.
    Type: Grant
    Filed: November 16, 2017
    Date of Patent: May 18, 2021
    Assignee: RENESAS ELECTRONICS CORPORATION
    Inventor: Daisuke Moriyama
  • Patent number: 10990663
    Abstract: There is disclosed a method of handling a sensor, comprising the steps of: challenging a subset of sensor components under uniform conditions; receiving output signal values from said subset; for each component, determining the statistical moment of order i of the temporal distribution of the output signal value of said each sensor component; and determining one or more pathological sensor components whose sum of the distances of values to other components of the subset is greater than a threshold, the distance between two sensor components being determined by the difference of the ith statistical moment values of the two temporal distributions associated to the components obtained when challenging said subset under uniform conditions. Described developments comprise the use of imaging sensors, key or identifier generation, authentication mechanisms, determination of thresholds, use of helper data files, adjustments of light sources and/or beam shaping, handling of lossy compression and of videos.
    Type: Grant
    Filed: October 16, 2018
    Date of Patent: April 27, 2021
    Assignee: SECURE-IC SAS
    Inventors: Adrien Facon, Sylvain Guilley
  • Patent number: 10992465
    Abstract: A computer-implemented method includes: receiving, by a platform including one or more computing devices, a blockchain authorization information generation request from a client, in which the blockchain authorization information generation request includes a target blockchain identifier and user information; determining, based on the target blockchain identifier, a target blockchain; determining a blockchain parameter of the target blockchain, in which the blockchain parameter indicates one or more requirements for authorization information used to join the target blockchain; generating blockchain authorization information based on the blockchain parameter and the user information, in which the blockchain authorization information conforms to the one or more requirements; and sending the blockchain authorization information to the client.
    Type: Grant
    Filed: September 28, 2020
    Date of Patent: April 27, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Yixiang Zhang, Jun Gu
  • Patent number: 10985912
    Abstract: A processor of a remote crypto cluster (RCC) may obtain an encrypted specific key from at least one data source through at least one network. The processor of the RCC may derive intermediate data in blind based on the encrypted specific key. The intermediate data may include information from which a derived key is derived. The processor of the RCC may send the intermediate data in blind to a client device.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: April 20, 2021
    Assignee: INTUIT INC.
    Inventors: Gleb Keselman, Yaron Sheffer, Alon Rosen
  • Patent number: 10972292
    Abstract: Disclosed is an input/output circuit for a physical unclonable function generator circuit. In one embodiment, a physical unclonable function (PUF) generator includes: a PUF cell array comprising a plurality of bit cells configured in a plurality of columns and at least one row, and at least one input/output (I/O) circuit each coupled to at least two neighboring columns of the PUF cell array, wherein the at least one I/O circuit each comprises a sense amplifier (SA) with no cross-coupled pair of transistors, wherein the SA comprises two cross-coupled inverters with no access transistor and a SA enable transistor, and wherein the at least one I/O circuit each is configured to access and determine logical states of at least two bit cells in the at least two neighboring columns; and based on the determined logical states of the plurality of bit cells, to generate a PUF signature.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: April 6, 2021
    Assignee: Taiwan Semiconductor Manufacturing Co., Ltd.
    Inventors: Jui-Che Tsai, Shih-Lien Linus Lu, Cheng Hung Lee, Chia-En Huang
  • Patent number: 10965456
    Abstract: Various techniques provide systems and methods for facilitating data encryption/decryption and almost immediate erasure of associated information. In one example, a method includes receiving first data in a first memory. The method further includes receiving a first key in a second memory. The method further includes generating, by a logic circuit, second data based on the first data and the first key. The method further includes providing the second data for transmission. The method further includes erasing the first data and/or the first key in one-half clock cycle of generating the second data. Related methods and devices are also provided.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: March 30, 2021
    Assignee: The Boeing Company
    Inventors: Jeffrey H. Hunt, Wayne R. Howe
  • Patent number: 10958415
    Abstract: A method, apparatus, and computer-readable medium for searching polymorphically encrypted data includes generating one or more pseudonymous tokens by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm to the same plaintext, storing, the one or more pseudonymous tokens in one or more data stores, and identifying data in the one or more data stores that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the plaintext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.
    Type: Grant
    Filed: July 11, 2018
    Date of Patent: March 23, 2021
    Assignee: Informatica LLC
    Inventors: Igor Balabine, Richard Grondin
  • Patent number: 10936711
    Abstract: A data management system manages secured data for a plurality of users. The data management system utilizes an access authorization system to authenticate users seeking access to the data management system. The access authorization system provides access tokens to authenticated users. The access tokens enable the authenticated users to access the data management system without again providing authentication data. The access authorization system includes, for each user, an access policy that governs whether the users can use the access tokens to access the data management system. The access tokens have a finite lifetime. If the users use the access tokens within the finite lifetime and if the users satisfy all of the access rules of the access policies, then the lifetime of the access tokens can be extended a finite number of times.
    Type: Grant
    Filed: April 18, 2017
    Date of Patent: March 2, 2021
    Assignee: Intuit Inc.
    Inventors: Parul Jain, Doug Foiles, Erik Peterson
  • Patent number: 10922982
    Abstract: An active shooter response system is disclosed. The system utilizes a system of sensors and drones which may receive data at a base station. The base station may centrally process the data from the drones and the sensors so that a coordinated attack on the active shooter can be formulated either automatically without human intervention or manually at the base station by an operator of the system.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: February 16, 2021
    Assignee: GUARDIAN ROBOTICS, INC.
    Inventor: Andrew Magdaleno
  • Patent number: 10917785
    Abstract: A method and apparatus provides a communication connection between a user equipment and a network entity including a plurality of radio bearers having security keys. A connection reconfiguration message is received, which identifies bearer specific changes to be made to a subset of radio bearers including less than all of the plurality of radio bearers, that impact the security keys being used by the subset of radio bearers, where the connection reconfiguration message includes a bearer identification field that identifies the radio bearers included in the subset and a chaining counter. The requested changes are applied to the subset of radio bearers associated with the bearer identification field without resetting the communication connection with the communication network.
    Type: Grant
    Filed: June 23, 2018
    Date of Patent: February 9, 2021
    Assignee: Motorola Mobility LLC
    Inventors: Prateek Basu Mallick, Joachim Löhr, Ravi Kuchibhotla
  • Patent number: 10911230
    Abstract: A method begins or continues with deleting a security code from random access memory (RAM) of a computing device when the computing device is inactive. The security code is required for functionality of the computing device and is stored in the RAM. The method continues with detecting a reactivation request. In response to the reactivation request, the method continues with obtaining authentication data from an activation requester, generating a set of blinded random numbers, and requesting a plurality of encoded data slices from a plurality of other devices. The method continues with performing a sequence of operations on the plurality of encoded data slices using the authentication data and the set of blinded random numbers to produce a recovered security code. When the recovered security code is verified, the method continues with storing the recovered security code as the security code in RAM and activating operation of the computing device.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: February 2, 2021
    Assignee: Pure Storage, Inc.
    Inventors: S. Christopher Gladwin, Jason K. Resch, Thomas F. Shirley, Jr.
  • Patent number: 10895799
    Abstract: The present disclosure provides a method and device for identifying a flashing light source. The method includes as follows. A processor obtains an image captured via a rolling shutter image sensor, the rolling shutter image sensor capturing an image of an environmental background, wherein the environmental background may include movable flashing light sources. A processor obtains stripe sets in the image, wherein the stripe sets can be obtained by capturing the flashing light sources via the rolling shutter image sensor. A processor takes a center of each stripe set as a reference point, and samples along a first direction to obtain n sampling points. A processor identifies the flashing light source by processing the n sampling points. With this disclosure, the identifying automatically of the flashing light source can be achieved.
    Type: Grant
    Filed: December 24, 2018
    Date of Patent: January 19, 2021
    Assignee: GUANGDONG VIRTUAL REALITY TECHNOLOGY CO., LTD.
    Inventors: Yongtao Hu, Jingwen Dai, Jie He
  • Patent number: 10887080
    Abstract: A method and computer-readable storage medium for a computer system to perform an encryption scheme is disclosed that is capable of encrypting big data that includes complex data, including image data, sensor data, and text data, and supporting both symmetric and asymmetric-key handling. The encryption scheme uses double hashing using two different consecutively-applied hash functions. With double hashing, the encryption scheme eliminates the threat of known cryptanalysis attacks and provides a highly secure ciphering scheme. Also, the ciphertext header generated in the encryption scheme enables efficient cloud data sharing. A user can share the encrypted data later by re-encrypting the seed and sharing a new ciphertext header without the need of re-encrypting the data or changing the secret or private key. Thus, the encrypted data stays as is in the cloud, and only the seed is encrypted and shared as needed.
    Type: Grant
    Filed: March 14, 2018
    Date of Patent: January 5, 2021
    Assignee: King Fahd University of Petroleum and Minerals
    Inventors: Sultan Ahmad Almuhammadi, Ahmed Amro
  • Patent number: 10885415
    Abstract: Disclosed herein is an authenticating mark formed on the surface of a product or package. The said mark comprising: at least an overt portion of visible 3D random image in the form of physically unclonable function (PUF) characterized in that the said PUF is random cracks or colors. Additionally, phosphor particles might be added to this pattern as covert features. It further disclose a system and method for identifying genuine or counterfeited products by analyzing the image of a 3D-PUF and its encrypted image using a commonly held scanning device.
    Type: Grant
    Filed: September 7, 2018
    Date of Patent: January 5, 2021
    Assignee: TRANSPACKS TECHNOLOGIES PRIVATE LIMITED
    Inventors: Deepak Gupta, Ankit Nagar
  • Patent number: 10878083
    Abstract: A mechanism for securing a mobile app for execution on a mobile device. The mechanism includes loading a non-trusted portion of the mobile app from a non-trusted application provider onto the mobile device, operating a key provisioning server to generate keys associated with a trusted execution environment, transmitting the keys associated with the trusted execution environment to the mobile device and to a key directory server, authenticate the mobile device, and upon authenticating the mobile device, transmitting a trusted portion of the mobile app including a trusted application to the mobile device, and installing the trusted portion of the mobile app on the mobile device thereby providing a trusted execution environment. Other systems and methods are disclosed.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: December 29, 2020
    Assignee: THALES DIS FRANCE SA
    Inventors: Min Hlaing, SM Sohiduzzaman SK Abdul Aziz, Sriram Ramachandran, Véronique Charpeignet, Patrice Angelini
  • Patent number: 10880763
    Abstract: A computer-automated maintaining a physical configuration of an antenna operating within radio access network (RAN) of a mobile wireless network is described. A feature subset of a covering set of features for the antenna is specified. A centroid is generated for the antenna, wherein the centroid comprises a current long-term values of the feature subset obtained by processing multiple data sets for the feature subset over a relatively long time period. An antenna change detection decision is rendered, wherein the rendering an antenna change detection decision comprises first applying a current short-term values of the feature subset, which are representative of a current status of the antenna, to the centroid to render a current distance from centroid. In accordance with detecting an antenna change event during the applying, an antenna change event notification is issued that corresponds to the detected antenna change event.
    Type: Grant
    Filed: February 21, 2020
    Date of Patent: December 29, 2020
    Assignee: United States Cellular Corporation
    Inventors: Mario Vela, David Brent Amos, Michael Reed Hobson, Kenneth Wotring, Zachary Wozich, Michael S. Irizarry, Narothum Saxena
  • Patent number: 10873459
    Abstract: A white-box system for authenticating a user-supplied password, including: a password database including a salt value and an authentication value for each user; a white-box implementation of a symmetric cipher configured to produce an encrypted value by encrypting the user-supplied password using the salt value associated with the user as an encoded secret key; and a comparator configured to compare the encrypted value with the authentication value associated with the user to verify the user-supplied password.
    Type: Grant
    Filed: September 24, 2018
    Date of Patent: December 22, 2020
    Assignee: NXP B.V.
    Inventors: Joppe Willem Bos, Rudi Verslegers, Wilhelmus Petrus Adrianus Johannus Michiels
  • Patent number: 10873454
    Abstract: Techniques are disclosed for securing data in a cloud storage. Plaintext files are stored as secured, encrypted files in the cloud. The ciphering scheme employs per-block authenticated encryption and decryption. A unique file-key is used to encrypt each file. The file-key is wrapped by authenticated encryption in a wrapping-key that may be shared between files. A centralized security policy contains policy definitions which determine which files will share the wrapping-key. Wrapping-keys are stored in a KMIP compliant key manager which may be backed by a hardware security module (HSM). File metadata is protected by a keyed-hash message authentication code (HMAC). A policy engine along with administrative tools enforce the security policy which also remains encrypted in the system. Various embodiments support blocks of fixed as well as variable sizes read/written from/to the cloud storage.
    Type: Grant
    Filed: July 3, 2018
    Date of Patent: December 22, 2020
    Assignee: ZETTASET, INC.
    Inventors: Eric A. Murray, Maksim Yankovsky
  • Patent number: 10860724
    Abstract: In aspects of active key rolling for sensitive data protection, a data security system includes memory storage implemented as a data store to maintain a batch of sensitive data instruments each encrypted with a previous encryption key. A data encryption service can receive a request from a client device for data in a sensitive data instrument from the batch of the sensitive data instruments. The data encryption service can decrypt the sensitive data instrument with the previous encryption key making the requested data in the sensitive data instrument available for access by the client device. The data encryption service can then re-encrypt the sensitive data instrument with a new encryption key effective to update the encryption of the sensitive data instrument, the updated encryption being triggered based on the request for the data and the decryption of the sensitive data instrument.
    Type: Grant
    Filed: June 13, 2017
    Date of Patent: December 8, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Malcolm Eric Pearson, Tolga Acar
  • Patent number: 10855458
    Abstract: Disclosed is a random binary sequence-based sequence encryption method accompanied with random reconfiguration of a key.
    Type: Grant
    Filed: October 16, 2019
    Date of Patent: December 1, 2020
    Inventors: Zhineng Xu, Yefan Xu
  • Patent number: 10855464
    Abstract: Methods, apparatus, systems and articles of manufacture manage credentials in hyper-converged infrastructures are disclosed. An example method includes establishing, by executing an instruction with at least one processor, a communication between a software defined data center manager of the hyper-converged infrastructure and a component of the hyper-converged infrastructure using first credentials included in a known hosts file. The example method also includes generating, by executing an instruction with the at least one processor, second credentials at the component in response to a power-on event detected by the software defined data center manager. The example method also includes recording, by executing an instruction with the at least one processor, the second credentials at the known host file.
    Type: Grant
    Filed: April 7, 2017
    Date of Patent: December 1, 2020
    Assignee: VMWARE, INC.
    Inventor: Vishesh Kumar Nirwal
  • Patent number: 10848469
    Abstract: Arrangements for dynamically authenticating multiple devices in a key network are provided. In some examples, registration information associated with a plurality of devices in a key network may be received. The registration information may include device attributes. Device keys including cross reference data may be generated and transmitted to the plurality of devices. A reference key including one or more starting points for executing one or more hop sequences based on generated hop counts in the reference key may be generated. A first authentication code may also be generated and a hash value of the first authentication code may be stored. Upon receiving a request for authentication, the reference key may be transmitted to the requesting device. The hop sequence(s) may then be executed by one or more of the computing devices in the key network to generate a comparison authentication code.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: November 24, 2020
    Assignee: Bank of America Corporation
    Inventors: Vijay Kumar Yarabolu, Nagasubramanya Lakshminarayana
  • Patent number: 10839380
    Abstract: A method for anonymously carrying out a transaction, wherein one-time passwords encrypted by means of a one-way function are sent by an authentication server to a service device. The non-encrypted one-time passwords are sent by the authentication server to a secure element of a mobile device. In order for a transaction to be effected, the secure element sends the one-time passwords to the service device.
    Type: Grant
    Filed: September 22, 2015
    Date of Patent: November 17, 2020
    Assignee: Giesecke+Devrient Mobile Security GmbH
    Inventor: Caroline Grosser
  • Patent number: 10841107
    Abstract: According to various aspects, a delay-based physical unclonable function (PUF) device is provided. According to one embodiment, the PUF device includes circuitry for generating output bits of entropy by comparing, or “racing”, a plurality of PUF cells. A PUF cell is a building block of the PUF device. For example, the PUF device may include two identically designed circuits with only process related variations and each circuit can be a PUF cell. According to another aspect, if PUF cells with same history of winning or losing are being compared in a race, adversaries cannot predict the outcome of the current race based on previous race results. Accordingly, systems and methods are described herein for generating multiple rounds of races based on the previous rounds of races. Thus, one PUF cell can be used in multiple pairwise comparisons while maximal entropy is extracted.
    Type: Grant
    Filed: November 20, 2017
    Date of Patent: November 17, 2020
    Assignee: Analog Devices, Inc.
    Inventors: Tze Lei Poo, Sadaf Ahmad
  • Patent number: 10841795
    Abstract: A method for protected communication between a mobile unit coupled to a smartphone and a server, wherein it is possible to access a service of the server via the smartphone by registration data. Processes are provided for the first-time input of a PIN number in association with the registration data; definition of a secret of the mobile unit; storage of the registration data; the PIN number and the secret in a secure memory in the smartphone; input of the PIN number on the mobile unit; transmission of the PIN number and the secret from the mobile unit to the secure memory; reading of at least a portion of the registration data from the secure memory if the transmitted PIN number and the transmitted secret match the stored PIN number and the stored secret; and transmission of at least the portion of the registration data from the smartphone to the server.
    Type: Grant
    Filed: December 1, 2016
    Date of Patent: November 17, 2020
    Assignee: VOLKSWAGEN AKTIENGESELLSCHAFT
    Inventors: Matthias Gerlach, Michael Anteboth
  • Patent number: 10841087
    Abstract: The present invention relates to a security device which performs processes such as authentication or cryptography, for example a security device for securely holding a key used in a cryptographic process, and a security method therefore.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: November 17, 2020
    Assignee: MITSUBISHI ELECTRIC CORPORATION
    Inventors: Hisashi Fukuda, Takeshi Yoneda, Nobuhiro Kobayashi, Daisuke Suzuki, Manabu Misawa, Koichi Shimizu, Takeshi Sugawara
  • Patent number: 10833855
    Abstract: A wireless device (24) includes a modem (56) and processing circuitry (50, 52). The modem is configured to modulate signals for transmission over wireless channels, and demodulate signals received over the wireless channels. The processing circuitry is configured to receive a first frame from a second wireless device over a wireless channel via the modem, and transmit a second frame to the second wireless device via the modem over the wireless channel, to calculate a first Channel State Information (CSI) based on the first frame, to calculate a first normalized CSI by applying to the first CSI a normalization procedure, and generate, based on the first normalized CSI, a first key that due to the normalization procedure has an increased likelihood to match a second key generated in the second wireless device based on the second frame, and to communicate securely with the second wireless device over the wireless channel using the first key.
    Type: Grant
    Filed: March 19, 2017
    Date of Patent: November 10, 2020
    Assignee: CELENO COMMUNICATIONS (ISRAEL) LTD.
    Inventors: Nir Shapira, Shachar Hauzner
  • Patent number: 10826875
    Abstract: Securely communicating requests may include transmitting an encrypted response including an encryption library and a public key to a client device, the encrypted response encrypted using transport encryption established between a router device and the client device, receiving an encrypted request including data encrypted using the encryption library and the public key, the encrypted request encrypted using transport encryption established between the client device and router device, and transmitting an encrypted agent message to agent software in a customer environment, the encrypted agent message including the data encrypted using the encryption library and the public key, the encrypted agent message encrypted using transport encryption established between the router device and agent software, wherein the encrypted agent message is decryptable by the agent software using a private key inaccessible within the provider environment.
    Type: Grant
    Filed: July 22, 2016
    Date of Patent: November 3, 2020
    Assignee: ServiceNow, Inc.
    Inventor: John H. Kim
  • Patent number: 10812259
    Abstract: Methods and systems for generating a random number include extracting feature information from a structure having a random physical configuration. The feature information is converted to a string of binary values to generate a random number. Pseudo-random numbers are generated using the random number as a seed to improve the security of encrypted information.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: October 20, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Huan Hu, Kafai Lai, Sharathchandra Pankanti, Rasit Onur Topalogu
  • Patent number: 10812476
    Abstract: Techniques are disclosed relating to authenticating a second mobile device for participation in a multi-factor authentication process. In disclosed embodiments, a server generates an authentication decision, based on communicating with a first mobile device as a factor in the multi-factor authentication process. After receiving a request from the first mobile device to authorize participation of a second mobile device in the multi-factor authentication process, the server may generate a secret and transmit the secret to the first mobile device. The server may receive information from the second mobile device, based on the second mobile device capturing an image of a display by the first mobile device, where the display is based on the transmitted secret. In some embodiments, the server then verifies the content of the information using the secret and verifies that the information is received within a determined time interval from transmitting the secret.
    Type: Grant
    Filed: May 22, 2018
    Date of Patent: October 20, 2020
    Assignee: salesforce.com, inc.
    Inventor: Joshua David Alexander
  • Patent number: 10805073
    Abstract: Provided are a computer program product, system, and method for generating master and wrapper keys for connected devices in a key generation scheme. For each of the devices, a wrapped master key comprising a master key for the device and a wrapper key is stored. The wrapper keys for a plurality of the devices are generated by another of the devices. For each of a plurality of the devices, the master key for the device is used to generate the wrapper key for a target device comprising another of the devices. For each of the devices, the wrapper key for the device is used to decrypt the stored wrapped master key. At least one of the devices uses the master key for the device to encrypt and decrypt data at the device.
    Type: Grant
    Filed: January 2, 2019
    Date of Patent: October 13, 2020
    Assignee: International Business Machines Corporation
    Inventors: Ronen Gazit, Ron S. Shapiro, Lior Shlomov, Ariel Waizel, Guy-Arie Yur
  • Patent number: 10790973
    Abstract: A computer-implemented method includes: receiving, by a platform including one or more computing devices, a blockchain authorization information generation request from a client, in which the blockchain authorization information generation request includes a target blockchain identifier and user information; determining, based on the target blockchain identifier, a target blockchain; determining a blockchain parameter of the target blockchain, in which the blockchain parameter indicates one or more requirements for authorization information used to join the target blockchain; generating blockchain authorization information based on the blockchain parameter and the user information, in which the blockchain authorization information conforms to the one or more requirements; and sending the blockchain authorization information to the client.
    Type: Grant
    Filed: February 27, 2020
    Date of Patent: September 29, 2020
    Assignee: Alibaba Group Holding Limited
    Inventors: Yixiang Zhang, Jun Gu
  • Patent number: 10790984
    Abstract: A method for user credential location using prefix matching is described. In one embodiment, the method may include enabling a user to generate remotely a cryptographic hash of a user credential of the user, receiving a portion of the cryptographic hash from the user, comparing the portion of the cryptographic hash with a plurality of cryptographic hashes of user credentials stored at a database, determining whether a match exists between the portion of the cryptographic hash and at least one of the plurality of cryptographic hashes, and transmitting a notification to the user indicating whether the user credential is stored at the database based at least in part on a result of the comparing.
    Type: Grant
    Filed: March 21, 2018
    Date of Patent: September 29, 2020
    Assignee: ALTIRIS, INC.
    Inventor: Adam J. Stiles
  • Patent number: 10791100
    Abstract: The disclosure relates to systems, methods and devices for secure routing and recording of network data streams passing through a network switch. Specifically, the disclosure relates to systems, methods and devices for reversibly deconstructing networks' OSI L1-L7 in time and space, in the process of selectively recording network data streams for secure access, as well as providing external rule-based security auditing and functioning as a black-box in industry-specific applications.
    Type: Grant
    Filed: March 10, 2018
    Date of Patent: September 29, 2020
    Assignee: OVSECURE LTD.
    Inventor: Oleg Vaisband
  • Patent number: 10785023
    Abstract: An apparatus and method for managing meter data. The apparatus for managing meter data includes a metering unit for acquiring meter data from a target device based on time information; a communication unit for receiving a message including the time information from a server device and transmitting the meter data to the server device; and a security unit for creating a private key using the time information and encrypting the meter data using the private key.
    Type: Grant
    Filed: June 4, 2018
    Date of Patent: September 22, 2020
    Assignee: ELECTRONICS AND TELECOMMUNCATIONS RESEARCH INSTIITUTE
    Inventors: Hong-Il Ju, Young-Ho Kim, Yun-Kyung Lee, Bo-Heung Chung, Jeong-Nyeo Kim, Jae-Deok Lim