Having Particular Key Generator Patents (Class 380/44)
  • Patent number: 10263768
    Abstract: A method for protecting a ciphering algorithm executing looped operations on bits of a first quantity and on a first variable initialized by a second quantity, wherein, for each bit of the first quantity, a random number is added to the state of this bit to update a second variable maintained between two thresholds.
    Type: Grant
    Filed: November 17, 2016
    Date of Patent: April 16, 2019
    Assignee: STMicroelectronics (Rousset) SAS
    Inventor: Yannick Teglia
  • Patent number: 10263792
    Abstract: An escrow platform is described that can be used to enable access to devices. The escrow platform can be used to sign cryptographic network protocol challenges on behalf of clients so that the secrets used to sign cryptographic network protocol challenges do not have to be exposed to the clients. The escrow platform can store or control access to private keys, and the corresponding public keys can be stored on respective target platforms. A client can attempt to access a target platform and in response the target platform can issue a challenge. The client platform can send the challenge to the escrow platform, which can use the corresponding private key to sign the challenge. The signed challenge can be sent back to the client, which can forward it to the target platform. The target platform can verify the expected private key and grant access.
    Type: Grant
    Filed: July 17, 2017
    Date of Patent: April 16, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Graeme David Baer
  • Patent number: 10256983
    Abstract: Described herein are various technologies pertaining to authentication of integrated circuits by using external factors to affect or modify an output of a physically unclonable function (PUF) circuit. In an example, the output of the PUF circuit in response to a challenge signal can be sensitive to changes in environmental factors. In another example, the output of the PUF circuit can be sensitive to user-selectable configuration parameters of the PUF circuit. In yet another example, the output of the PUF circuit can be modified by additional circuitry external to the PUF circuit based upon one or more selectable or configurable inputs. A PUF-based device authentication system that uses external factors as authentication inputs to affect a challenge response of the device authentication system can enhance authentication capabilities by permitting multi-factor authentication.
    Type: Grant
    Filed: March 22, 2016
    Date of Patent: April 9, 2019
    Assignee: National Technology & Engineering Solutions of Sandia, LLC
    Inventors: Todd Bauer, Jason Hamlet, Ryan Michael Birmingham, Lyndon G. Pierson
  • Patent number: 10248800
    Abstract: The technology encompasses new uses of already-known cryptographic techniques. The technology entails computer-based methods of sharing information securely, in particular an asymmetric method of secure computation that relies on the private-key/public key paradigm with homomorphic encryption. The methods and programmed computing apparatuses herein harness mathematical concepts and apply them to services or tasks that are commercially useful and that have not hitherto been possible. Applications of the methods and apparatus herein are far-ranging and include, but are not limited to: purchase-sale transactions such as real estate or automobiles, where some aspect of price negotiation is expected; stock markets; legal settlements; salary negotiation; auctions, and other types of complex financial transactions.
    Type: Grant
    Filed: October 22, 2015
    Date of Patent: April 2, 2019
    Assignee: Openeye Scientific Software, Inc.
    Inventor: Anthony Nicholls
  • Patent number: 10218495
    Abstract: Data processing is performed while personal information is kept concealed. A registrant terminal splits a registration input password and allocates the split pieces to secure computation servers. The secure computation servers verify whether the password matches. The registrant terminal splits target data and allocates the data shared values to the secure computation servers. The secure computation servers store the data shared values. A user terminal splits a utilization input password and allocates the split pieces to the secure computation servers. The secure computation servers verify whether the password matches. The user terminal sends a data processing request to the secure computation servers. The secure computation servers execute secure computation of the data shared values to generate processing result shared values. The user terminal recovers the processing result from the processing result shared values.
    Type: Grant
    Filed: December 5, 2014
    Date of Patent: February 26, 2019
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Teruko Miyata, Hiroyoshi Takiguchi, Naoto Kiribuchi, Koji Chida, Dai Ikarashi, Gembu Morohashi, Hitoshi Fuji, Shigeru Kayaguchi
  • Patent number: 10211982
    Abstract: A method for generating a secret key shared by a group of at least three terminals from characteristics of wireless communication channels connecting the terminals in twos, including, at each of the terminals of the group, the implementation of the following steps of: acquiring signals from wireless communication channels, known as adjacent channels, connected to the terminal and generating a representation of each adjacent channel; for at least one wireless communication channel, known as a non-adjacent channel, not connected to the terminal, acquiring at least one image signal of the non-adjacent channel and generating a representation of the non-adjacent channel, determining the secret key from a combination of the representations of the adjacent channels and at least one representation of non-adjacent channel.
    Type: Grant
    Filed: August 8, 2016
    Date of Patent: February 19, 2019
    Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES
    Inventors: Iulia Tunaru, Benoit Denis, Regis Perrier
  • Patent number: 10205588
    Abstract: A method to protect a device key in a device comprising at least one secure element locally connected to at least one time programmable memory storing a global value in form of a bit string comprising locked bits and unlocked bits. The locked bits are irreversibly pre-programmed in the one-time-programmable memory during an initialization phase of the device while the unlocked bits remaining in an initial state may be programmable by the secure element. The secure element is configured to generate, at initialization of the device, a device specific value by using the global value, program the device specific value previously obtained in the one time programmable memory, and erase the global value by programming the unlocked bits of the corresponding bit string. A further object of the disclosure includes a device configured to carry out the method.
    Type: Grant
    Filed: December 8, 2015
    Date of Patent: February 12, 2019
    Assignee: Nagravision S.A.
    Inventors: Didier Hunacek, Marco Macchetti, Nicolas Fischer
  • Patent number: 10198584
    Abstract: Described is a system for obfuscating a computer program. Sensitive data of an unprotected computer program is received as input. A random oracle is used to algebraically hide a set of polynomial-size point functions representing the sensitive data. The system outputs a set of obfuscated instructions internally hiding the sensitive data. The set of obfuscated instructions are used to transform the unprotected computer program into a protected, obfuscated computer program that is accepting of the set of polynomial-size point functions. The obfuscated computer program is written to a non-volatile computer-readable medium.
    Type: Grant
    Filed: April 5, 2016
    Date of Patent: February 5, 2019
    Assignee: HRL Laboratories, LLC
    Inventors: Karim El Defrawy, Chongwon Cho, Daniel C. Apon, Jonathan Katz
  • Patent number: 10193688
    Abstract: Systems and methods for Physical Coding Sublayer (PCS) encryption implemented by a first network element communicatively coupled to a second network element include utilizing an encryption messaging channel to establish an authenticated session and exchanging one or more encryption keys with a second network element; encrypting a signal, based on the one or more encryption keys; and transmitting the encrypted signal to the second network element.
    Type: Grant
    Filed: December 11, 2015
    Date of Patent: January 29, 2019
    Assignee: Ciena Corporation
    Inventors: Sebastien Gareau, Timothy L. Norman, Marc W. Leclair, Michael Watford
  • Patent number: 10193696
    Abstract: Provided is a process including: receiving with one or more processors, a first request to store a record from a computing entity; encoding, with one or more processors, the record in a first plurality of segments; arranging, with one or more processors, the first plurality of segments in respective content nodes of a first content graph, wherein at least some content nodes of the first content graph have two or more content edges of the first content graph pointing to two or more respective other content nodes of the first content graph; and storing, with one or more processors, the content nodes of the first content graph in a verification graph.
    Type: Grant
    Filed: March 10, 2018
    Date of Patent: January 29, 2019
    Assignee: ALTR SOLUTIONS, INC.
    Inventors: Christopher Edward Struttmann, James Douglas Beecham
  • Patent number: 10187379
    Abstract: Unauthorized installation of software is prevented even at a production site at which software cannot be installed through a communication line. The memory card stores: additional software including a software ID; a recording medium ID; and encrypted information generated by encrypting the software ID, using the recording medium ID as a key. The controller performs the steps of: obtaining the encrypted information from the memory card; obtaining the recording medium ID from the memory card; obtaining the software ID by decrypting the encrypted information, using the recording medium ID as a key; obtaining the software ID from the additional software, comparing the decrypted software ID and the software ID obtained from the additional software; and storing the additional software in the storage when the comparison is successful.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: January 22, 2019
    Assignee: OMRON Corporation
    Inventors: Shinsuke Kawanoue, Takehiko Hioka, Yutaka Abe
  • Patent number: 10171456
    Abstract: Provided is a one time password (OTP) authentication system and an OTP authentication method using a mobile communication terminal having a near field communication (NFC) function, wherein OTP authentication is capable of being carried out by using a mobile communication terminal having an NFC function and an OTP generator provided with a communication function corresponding to NFC.
    Type: Grant
    Filed: July 17, 2014
    Date of Patent: January 1, 2019
    Assignee: SCTECHONE CO, LTD.
    Inventor: Sang-Hern Song
  • Patent number: 10164950
    Abstract: A method for controlling access to data being processed by a remote computing resource includes issuing a public encryption key for a data creator from a public certificate authority, detecting an encounter with a data owner, creating private encryption keys for the data creator and the data owner in response to detecting the encounter, encrypting data being sent to the remote computing resource with the public encryption key, the data creator's private encryption key, and the data owner's private encryption key, decrypting the data based on public verification of the public encryption key and local verification of the data creator's private encryption key and the data owner's private encryption key at the remote computing resource, and controlling the data creator's access to the data by altering the permission of at least one of the public encryption key and data creator's private encryption key.
    Type: Grant
    Filed: December 2, 2016
    Date of Patent: December 25, 2018
    Assignee: Koninklijke Philips N.V.
    Inventor: Brian David Gross
  • Patent number: 10148444
    Abstract: A method may include storing a first set of secrets associated with an information handling system in a credential vault of a management controller configured to be coupled to a processor of a host system of the information handling system in order to provide management of the information handling system via management traffic communicated between the management controller and an external management network such that the first set of secrets are accessible responsive to a verified boot of the management controller and storing a second set of secrets associated with the information handling system in a storage of a cryptoprocessor owned by the management controller such that access to the second set of secrets may be granted in response to an administrator's provision of authorization to the cryptoprocessor, and such that access to the second set of secrets is prevented during runtime of the host system in absence of authorization.
    Type: Grant
    Filed: August 4, 2016
    Date of Patent: December 4, 2018
    Assignee: Dell Products L.P.
    Inventors: Johan Rahardjo, Mukund P. Khatri, Theodore S. Webb
  • Patent number: 10148437
    Abstract: Systems, methods, and other embodiments associated with the recovery of a lost site key value used in encryption are described. In one embodiment, site key recovery logic is configured to analyze an encrypted data item to identify a bin number and a hash table index within a header of the encrypted data item. The bin number is derived from a first portion of the site key value and the hash table index is derived from the site key value. The site key value includes at least the first portion and a second portion. A bin recovery process is performed on the bin number to recover the first portion. A filter matching process is performed using the first portion and a site key filter to recover the second portion. An index matching process is performed using the second portion and the hash table index to recover the site key value.
    Type: Grant
    Filed: August 10, 2016
    Date of Patent: December 4, 2018
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: George R. Pogmore, Pradip K. Pandey
  • Patent number: 10148434
    Abstract: A random number generating device includes an uncertain circuit which outputs uncertain data, and a cipher processing device. The cipher processing device encrypts input data using a cipher function of the cipher processing device, and generates a random number including higher uniformity than data outputted from said uncertain circuit using the cipher function of the cipher processing device and the data outputted from the uncertain circuit.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: December 4, 2018
    Assignee: MegaChips Corporation
    Inventor: Takahiko Sugahara
  • Patent number: 10146464
    Abstract: A data processing system having a PUF and method for providing multiple enrollments, or instantiations, of the PUF are provided. A PUF segment includes a plurality of SRAM cells on an integrated circuit. A PUF response from the PUF segment is used to create a first activation code and a first PUF key. A second PUF key may be created from the PUF response. Initially, during a second enrollment, the PUF response is combined with the first activation code to reproduce a codeword. The first secret string is reconstructed by encoding the codeword. The codeword is combined with the first activation code to reproduce the PUF response. Inverse anti-aging is applied to the PUF response. Then a second secret string is generated using a random number generator (RNG). The second secret string is encoded to produce a new codeword. The new codeword is combined with the recovered PUF response to create a second activation code. The second activation coded is hashed with the second secret string to provide a second PUF key.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: December 4, 2018
    Assignee: NXP B.V.
    Inventors: Bruce Murray, Helmut Alexander Goettl, Sven Heine, Christiaan Kuipers
  • Patent number: 10142339
    Abstract: The present invention provides an identity authentication system, apparatus and method and an identity authentication request apparatus. The system includes: an identity authentication request apparatus, configured to send a verification code issuing request to an identity authentication apparatus; the identity authentication apparatus, configured to respond to the verification code issuing request sent by the identity authentication request apparatus, generate an ID and a corresponding verification code according to the verification code issuing request, bind the generated ID and the verification code, store the generated ID, the verification code, and a binding record, and feed back feedback information that carries the verification code to the identity authentication request apparatus. The present invention provides a practical and effective identity authentication mechanism.
    Type: Grant
    Filed: February 19, 2016
    Date of Patent: November 27, 2018
    Assignee: KUANG-CHI INTELLIGENT PHOTONIC TECHNOLOGY LTD.
    Inventors: Ruopeng Liu, Silu Xu
  • Patent number: 10140370
    Abstract: A computer-implemented method for maintaining encrypted search indexes on third party storage systems may include (1) identifying a plurality of encrypted files, (2) identifying a plurality of keywords contained in the plurality of encrypted files, and (3) generating an encrypted search index for searching the plurality of encrypted files by (i) identifying, for each keyword in the plurality of keywords, a list of encrypted files in the plurality of encrypted files that contain the keyword, (ii) encrypting the list of encrypted files, and (iii) storing the encrypted list of encrypted files such that the encrypted list of encrypted files can be identified using a lookup key generated by applying a pseudo-random function to the keyword. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 18, 2017
    Date of Patent: November 27, 2018
    Assignee: Veritas Technologies LLC
    Inventors: Haibin Zhang, Scott Schneider, Walter Bogorad, Sharada Sundaram
  • Patent number: 10134691
    Abstract: An apparatus for generating an identification key is provided. The apparatus may include a first conductive layer formed on a semiconductor chip, a second conductive layer formed on the semiconductor chip, wherein a spacing between the first conductive layer and the second conductive layer is equal to or greater than a first threshold and equal to or less than a second threshold, and a reader configured to determine whether a first node associated with the first conductive layer and a second node associated with the second conductive layer are shorted, and to provide an identification key.
    Type: Grant
    Filed: February 17, 2014
    Date of Patent: November 20, 2018
    Assignee: ICTK Holdings Co., Ltd.
    Inventors: Byong Deok Choi, Dong Kyue Kim
  • Patent number: 10129886
    Abstract: In a frequency band switching by Fast Session Transfer (FST), a timeout value (link loss timeout: LLT) is determined based on a change in a communication state, a switching setup sequence including a step of transmitting the determined timeout value to a peer wireless station is performed, and frequency switching to the second frequency band is performed when time of the timeout value elapses from when the switching setup sequence is completed. For example, a large timeout value (LLT=T1) is set at time of connection establishment, and the LLT is changed (LLT=T2 to T4) based on, for example, a state of transmission data or a change in a channel state.
    Type: Grant
    Filed: July 11, 2017
    Date of Patent: November 13, 2018
    Assignee: Panasonic Corporation
    Inventors: Yoshio Urabe, Junichi Morita
  • Patent number: 10129020
    Abstract: Systems and methods are provided for protecting identity in an authenticated data transmission. For example, a contactless transaction between a portable user device and an access device may be conducted without exposing the portable user device's public key in cleartext. In one embodiment, an access device may send an access device public key to a portable user device. The user device may return a blinded user device public key and encrypted user device data. The access device may determine a shared secret using the blinded user device public key and an access device private key. The access device may then decrypt the encrypted user device data using the shared secret.
    Type: Grant
    Filed: March 13, 2018
    Date of Patent: November 13, 2018
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventor: Eric Le Saint
  • Patent number: 10122697
    Abstract: Disclosed are various embodiments for providing a native authentication experience with failover. A network service authenticates a first application executed in a computing device in a first instance using one or more authentication factors received via a platform-specific application programming interface that is native to the computing device. After a change to how authentication is performed by the network service, the network service authenticates the first application in a second instance via code-based linking with a second application that is authenticated.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: November 6, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Yogesh Vilas Golwalkar, Anuj Joshi, Bharath Kumar Bhimanaik, Lorne Millwood, Carl Lucian Poston, IV
  • Patent number: 10122780
    Abstract: A method and apparatus for an adaptive Hypertext Transfer Protocol (HTTP) streaming service using metadata of media content are provided. The media content may include a sequence of one or more periods. Each of the periods may include one or more representations. The metadata may include information used to describe a relationship between the representations, and include information for terminals having different display bit depths.
    Type: Grant
    Filed: December 7, 2017
    Date of Patent: November 6, 2018
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Truong Cong Thang, Jin Young Lee
  • Patent number: 10122734
    Abstract: Concepts and technologies are disclosed herein for providing and using a secure email verification service. A processor can receive verification data and identify a user identifier associated with a sender identifier included in the verification data. The processor can generate a hash value of the user identifier, a global time indicator, and message-specific data; and send the hash value to the sender device. The processor can receive a verification package that comprises the hash value and a recipient device version of the verification data and generate a new hash value of the user identifier and the recipient device version of the verification data. The processor can compare the new hash value to the hash value to determine if the email message should be verified.
    Type: Grant
    Filed: November 29, 2016
    Date of Patent: November 6, 2018
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Luis F. Albisu, James Alaimo, Anthony Tortorici
  • Patent number: 10114832
    Abstract: Generating a data stream with a predictable change rate is disclosed, including: receiving a change rate parameter; and using the change rate parameter to provide a modified data stream that differs from a corresponding unmodified non-deduplicatable data stream by an amount determined based at least in part on the change rate parameter, including by: modifying at least a portion of a plurality of data blocks associated with the non-deduplicatable data stream to obtain a corresponding portion of the modified data stream, wherein a data block of the plurality of data blocks is associated with a block size that is based on a segmenting attribute associated with a storage destination.
    Type: Grant
    Filed: September 17, 2014
    Date of Patent: October 30, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Salil Dangi, James Zarbock, Ernest Daza, Scott H. Ogata
  • Patent number: 10114850
    Abstract: Data stream generation using prime numbers is disclosed, including: receiving an initialization parameter; and using the initialization parameter to generate a data stream comprising a merging of a first sequence and a second sequence, wherein the first sequence is generated using a first prime number and the initialization parameter and the second sequence is generated using a second prime number and the initialization parameter.
    Type: Grant
    Filed: September 17, 2014
    Date of Patent: October 30, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Salil Dangi, James Zarbock, Ernest Daza, Scott H. Ogata
  • Patent number: 10114953
    Abstract: The invention discloses a method and a system of upgrading firmware of a card reader. In the method, a card reader is connected to an IC card; the card reader determines whether the IC card is an IC card for upgrading, if it is, the card reader makes one-way or mutual authentication with the IC card; after a successful authentication, the card reader acquires files for upgrading the firmware of the card reader. The system includes a card reader and an IC card. The firmware of card reader is upgraded in the invention by acquiring the files for upgrading from an IC card in which the files for upgrading are pre-stored. The invention improves the efficiency of upgrading the card reader and also improves the security of the upgrading by the authentication between the card reader and the IC card.
    Type: Grant
    Filed: June 4, 2009
    Date of Patent: October 30, 2018
    Assignee: FEITIAN TECHNOLOGIES CO. LTD.
    Inventors: Zhou Lu, Huazhang Yu
  • Patent number: 10103882
    Abstract: In some embodiments, a method may include: enforcing a key rotation policy associated with a current encryption key being used to encrypt and decrypt data stored in an IHS; monitoring a cryptoperiod associated with the current encryption key; in response to a determination that the current encryption key has reached the end of the cryptoperiod, automatically transmitting a request to a key provider for a new encryption key; and in response to the request, automatically: receiving the new encryption key, marking the current encryption key as old, un-encrypting the data using the old encryption key, re-encrypting the data using the new encryption key, and, in response to a determination that all of the data has been re-encrypted with the new encryption key, transmitting a request to the key provider that the old encryption key be discarded, and deleting a local copy of the old encryption key.
    Type: Grant
    Filed: March 3, 2016
    Date of Patent: October 16, 2018
    Assignee: Dell Products, L.P.
    Inventor: Kenneth Wade Stufflebeam
  • Patent number: 10091186
    Abstract: The invention relates to a method for a first communication device to perform authenticated distance measurement between the first communication device and a second communication device, wherein the first and the second communication device share a common secret and the common secret is used for performing the distance measurement between the first and the second communication device. The invention also relates to a method of determining whether data stored on a first communication device are to be accessed by a second communication device. Moreover, the invention relates to a communication device for performing authenticated distance measurement to a second communication device. The invention also relates to an apparatus for playing back multimedia content comprising a communication device.
    Type: Grant
    Filed: November 16, 2016
    Date of Patent: October 2, 2018
    Assignee: Koninklijke Philips N.V.
    Inventor: Franciscus L. A. J. Kamperman
  • Patent number: 10078656
    Abstract: An object-based data storage system receives a request to create a logical data container subject to a condition that data objects are to be unmodifiable until after a specified amount of time has transpired. During the amount of time, the object-based data storage system may deny any requests to modify the data objects stored in the logical data container while allowing read-only access to the data objects. After the amount of time has transpired, the object-based data storage system may be configured to allow a customer to modify or delete any data objects stored within the logical data container. Alternatively, the object-based data storage system may be configured to delete the data objects automatically after the amount of time has transpired for the data objects.
    Type: Grant
    Filed: July 26, 2013
    Date of Patent: September 18, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Craig Keith Carl
  • Patent number: 10079683
    Abstract: Distributed token-less authentication. In an embodiment, a partially-hashed personal identification number (PIN) is received from a terminal via at least one first network, wherein the partially-hashed PIN comprises an unhashed first portion that identifies a service-specific interface associated with the user account, and a hashed second portion. The partially-hashed PIN is relayed to the service-specific interface, identified by the first unhashed portion of the partially-hashed PIN, via at least one second network. Subsequently, a first-level confirmation or rejection is received from the service-specific interface via the at least one second network, and the first-level confirmation or rejection is relayed to the terminal via the at least one first network.
    Type: Grant
    Filed: May 11, 2018
    Date of Patent: September 18, 2018
    Inventor: Toufic Chebaro
  • Patent number: 10057261
    Abstract: A method operable by a computing device for configuring access for a limited user interface (UI) device to a network service via a local network access point is disclosed. The method comprises the steps of: obtaining from the limited UI device a device identifier via a first out-of-band channel. The device identifier is provided to the network service via a secure network link. A zero knowledge proof (ZKP) challenge is received from the network service. Configuration information is provided to the limited-UI device via a second out-of-band channel, the configuration information including information sufficient to enable the limited-UI device to connect to the local network access point. The ZKP challenge is provided to the limited-UI device via the second out-of-band channel.
    Type: Grant
    Filed: November 9, 2015
    Date of Patent: August 21, 2018
    Assignee: FotoNation Limited
    Inventors: Peter Corcoran, Petronel Bigioi, Ilariu Raducan
  • Patent number: 10050782
    Abstract: A decryption condition addition device (300) acquires an original ciphertext cts in which a secret distribution matrix M is set as information specifying a decryption condition and acquires an additional access structure S+ which is a restriction condition to restrict the decryption condition of the original ciphertext cts. The decryption condition addition device (300) adds a row and a column which are indicated in the additional access structure S+ to the secret distribution matrix M set in the original ciphertext cts, and thereby generates an updated ciphertext cts, for which the decryption condition of the original ciphertext cts is restricted.
    Type: Grant
    Filed: December 5, 2014
    Date of Patent: August 14, 2018
    Assignee: MITSUBISHI ELECTRIC CORPORATION
    Inventor: Yutaka Kawai
  • Patent number: 10051337
    Abstract: A system and method for managing an encryption key are provided, which include receiving, from a DRM agent, an RO request message for receiving content; generating a KSP including a first key and a second key; applying hash chains with different directions to the first key and to the second key to generate an encryption key for the content; and transmitting, to the DRM agent, a response message including a context element having an identifier of the content and a key information element. The key information element includes a first encryption key element; a rights encryption key information element; and an encryption data element.
    Type: Grant
    Filed: April 1, 2011
    Date of Patent: August 14, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Sung-Oh Hwang, Sergey Nikolayevich Seleznev
  • Patent number: 10038561
    Abstract: Disclosed are a method and device for generating a digital signature. The method comprises: a device generating a digital signature parameter r that meets an effective determining condition; generating a digital signature parameter s according to the following formula s=((1+dA)?1·(r+k)?r)mod n, by using a private key dA, a random number k, r, and an elliptic curve parameter n, a value range of k being [1, n?1]; determining if the generated s is 0; if s is 0, regenerating r that meets the effective determining condition, and regenerating s by using dA, the regenerated k with the value range of [1, n?1] and the regenerated r and n, until s is not 0; converting data types of r and s that is not 0 into byte strings, to obtain a digital signature (r, s).
    Type: Grant
    Filed: August 14, 2014
    Date of Patent: July 31, 2018
    Assignee: CHINA IWNCOMM CO., LTD.
    Inventors: Zhiyong Li, Hongtao Wan, Xiang Yan
  • Patent number: 10033538
    Abstract: A method for safeguarding a network made up of at least one first device and one second device. The first device derives a first challenge from physical properties of a first communication channel between the first device and the third device. In addition, the first device transmits the first challenge to the second device via a second communication channel between the first device and the second device. The first device receives a first response, corresponding to the first challenge, from the third device via the first communication channel and receives a second response, corresponding to the first challenge, from the second device via the second communication channel. The first device compares the first response and the second response to one another to verify that the second device is communicating with the third device.
    Type: Grant
    Filed: October 13, 2015
    Date of Patent: July 24, 2018
    Assignee: ROBERT BOSCH GMBH
    Inventors: Jan Zibuschka, Paulius Duplys
  • Patent number: 10032729
    Abstract: Provided is an apparatus for generating an identification key by using process variation in a conductive layer manufacturing process. The apparatus may include a first contact connected to a first conductive layer included in a semiconductor chip, wherein a first node is formed by an electrical connection between the first conductive layer and the first contact, a second contact connected to a second conductive layer included in the semiconductor chip, wherein a second node is formed by an electrical connection between the second conductive layer and the second contact, and wherein a value of a spacing between the first contact and the second contact is smaller than a minimum spacing value that guarantees that the first node and the second node are not shorted on a patterning layout, and a reader configured to determine whether the first node and the second node are electrically shorted and to provide the identification key.
    Type: Grant
    Filed: February 17, 2014
    Date of Patent: July 24, 2018
    Assignee: ICTK Holdings Co., Ltd.
    Inventors: Byong Deok Choi, Dong Kyue Kim
  • Patent number: 10021731
    Abstract: A home interior monitoring system includes a master device that can wirelessly communicate with at least one electric device installed in an interior of a home and is not connected to the Internet, and a mobile phone terminal that can wirelessly communicate directly with the master device. The mobile phone terminal, in a case of launching an application, sets, to OFF, a connection invalidity flag that invalidates wireless connection to an access point that is not connected to the Internet. The master device outputs an electromagnetic wave for wireless connection with the mobile phone terminal.
    Type: Grant
    Filed: March 3, 2017
    Date of Patent: July 10, 2018
    Assignee: Panasonic Intellectual Property Management Co., Ltd.
    Inventor: Takeshi Takahashi
  • Patent number: 10015673
    Abstract: When manufacturing, distributing, or selling mobile phones, each phone is associated with an asymmetric cryptographic key pair, comprising a public key and a private key. The private key is stored on the phone, and the public key is stored in a public key repository. When connecting to a cellular network, a phone provides its device ID to the network. The cellular network queries the public key repository to determine the public key of the phone and authenticates the phone using the phone's public key. The cellular network also provides a digital identity certificate to the phone, allowing the phone to authenticate the cellular network using a public key infrastructure (PKI).
    Type: Grant
    Filed: June 21, 2017
    Date of Patent: July 3, 2018
    Assignee: T-Mobile USA, Inc.
    Inventor: Arturo Silis
  • Patent number: 10009763
    Abstract: An apparatus and method for configuring a wireless station for use within a wireless local area network are disclosed. In at least one exemplary embodiment, a pairwise master key is generated by the wireless station and an access point within the wireless local area network. The pairwise master key may be based, at least in part, on a transient identity key pair of the wireless station. The transient identity key pair may be generated by the wireless station in response to receiving a message from the access point. In some embodiments, a public transient identity key of the transient identity key pair may be provided to additional access points to enable the wireless station to authenticate with the additional access points.
    Type: Grant
    Filed: June 6, 2017
    Date of Patent: June 26, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Olivier Jean Benoit, Peerapol Tinnakornsrisuphap
  • Patent number: 10002262
    Abstract: Provided are a device and a method for generating an identification key by using a process variation in a semiconductor process. A semiconductor is manufactured by adjusting a gate side edge position of a contact such that a difference between a probability that a gate of a transistor is shorted from a drain or a source by the contact and a probability that the gate is not shorted is less than or equal to a predetermined threshold. When the manufactured semiconductor does not have a separate process, whether there is a short circuit between the gate and the drain or the source is stochastically generated by the process variation, whether there is a short circuit is detected through a reader, and an identification key is provided.
    Type: Grant
    Filed: February 19, 2014
    Date of Patent: June 19, 2018
    Assignee: ICTK CO., LTD.
    Inventors: Byong Deok Choi, Dong Kyue Kim
  • Patent number: 10003586
    Abstract: A method for generating a secret key via a reciprocal communication channel connecting a first communication node and a second communication node, wherein the first communication node obtains a first sample by a measurement of the communication channel, the first communication node performs a quantization of the first sample, the first communication node performs a matching of the quantized sample with the second communication node via the communication channel, during the matching, the first communication node obtains and quantizes a second sample by a second measurement of the communication channel and the communication nodes obtain the key from the samples by a privacy amplification.
    Type: Grant
    Filed: May 17, 2016
    Date of Patent: June 19, 2018
    Assignee: ROBERT BOSCH GMBH
    Inventors: Rene Guillaume, Christopher Huth
  • Patent number: 9992173
    Abstract: A method of playing back streaming content includes decoding the content based on a first decryption circuit configured based on a first key and outputting the content; requesting a second key from a server; receiving the second key and configuring a second decryption circuit based on the second key; and decoding the content based on a second decryption circuit and outputting the content, wherein the decoding of the content based on the first decryption circuit and outputting the content is performed until the second decryption circuit is configured.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: June 5, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventor: Ju-hyun Choi
  • Patent number: 9985779
    Abstract: An encrypted text matching system is provided. The system is configured to generate first auxiliary data and second auxiliary to verify matching between a first encrypted text that is and a second encrypted text based on a Hamming distance between plaintexts; perform one-way conversion on at least part of the first auxiliary data; perform one-way conversion on intermediate data that is generated based on a difference between the first encrypted text and the second encrypted text and on the second auxiliary data; and determine, by using a result of the one-way conversion performed on the intermediate data as well as using the first auxiliary data that underwent the one-way conversion, whether a Hamming distance between plaintexts is equal to or less than a predetermined certain value, the Hamming distance corresponding to the difference between the first encrypted text and the second encrypted text.
    Type: Grant
    Filed: April 23, 2014
    Date of Patent: May 29, 2018
    Assignee: NEC CORPORATION
    Inventors: Toshiyuki Isshiki, Kengo Mori, Toshinori Araki
  • Patent number: 9967090
    Abstract: Systems and methods are provided for protecting identity in an authenticated data transmission. For example, a contactless transaction between a portable user device and an access device may be conducted without exposing the portable user device's public key in cleartext. In one embodiment, an access device may send an access device public key to a portable user device. The user device may return a blinded user device public key and encrypted user device data. The access device may determine a shared secret using the blinded user device public key and an access device private key. The access device may then decrypt the encrypted user device data using the shared secret.
    Type: Grant
    Filed: April 17, 2017
    Date of Patent: May 8, 2018
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventor: Eric Le Saint
  • Patent number: 9967739
    Abstract: The invention concerns a medical assembly which insures a secured communication between a medical device (like a insulin pump) and its remote control which manages the medical device. To this effect, said assembly use an external microcontroller (MCU) which contains the secured data and uses a cryptographic mechanism to communicate with the medical device. One single external microcontroller (MCU) is paired with only one medical device in such a way the patient can change several times of remote device although aware that the remote device, in which said external protected MCU is inserted, is the single remote device paired with the medical device. In said assembly, said medical device and said external microcontroller (MCU) comprise secured memories which contain the wireless communication configuration in such a way the devices know in advance the good configuration.
    Type: Grant
    Filed: October 26, 2012
    Date of Patent: May 8, 2018
    Assignee: DEBIOTECH S.A.
    Inventors: Stephan Proennecke, Oscar Francois, Frédéric Neftel
  • Patent number: 9967261
    Abstract: A method and system for accessing a resource associated with a resource control entity that includes receiving, by a ledger, a request, corresponding to a user, to access the resource; obtaining, in response to the request, user metadata; sending to the user a ledger authentication token, which a credential application uses to verify that the ledger is a valid ledger; receiving, from the credential application, a public key encrypted payload including signature entries; decrypting, by the ledger, the encrypted payload using a payload secret key to obtain the signature entries and other user data; obtaining results of a verification by successively verifying each of the signature entries until a scoring threshold associated with the resource is met, and transmitting, to the resource control entity, a notification including the results of the verification, which the resource control entity uses to determine whether to grant the user access to the resource.
    Type: Grant
    Filed: April 1, 2016
    Date of Patent: May 8, 2018
    Assignee: Prote.US Converged Systems Corporation
    Inventors: Alois Louis Liebl, III, Edward Holland Johns, Brian Robert Silver
  • Patent number: 9959418
    Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.
    Type: Grant
    Filed: July 20, 2015
    Date of Patent: May 1, 2018
    Assignee: Intel Corporation
    Inventors: Binata Bhattacharyya, Raghunandan Makaram, Amy L. Santoni, George Z. Chrysos, Simon P. Johnson, Brian S. Morris, Francis X. McKeen
  • Patent number: 9959065
    Abstract: A system includes circuitry for performing hybrid blockchain rewrites by trusted parties. The hybrid blockchain may include blocks with multiple parts. In some cases, the blocks may include a core part and a tertiary part. The system may include conditions for validity preserving and/or non-tamper-evident rewrites to the parts of the block. The conditions to support rewrites to the core part may be more stringent than the corresponding conditions to support rewrites to the tertiary part. In some cases, the core part may be write-locked.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: May 1, 2018
    Assignees: Accenture Global Solutions Limited, GSC Secrypt, LLC
    Inventors: Giuseppe Ateniese, Michael T. Chiaramonte, David Treat, Bernardo Magri, Daniele Venturi