Having Particular Key Generator Patents (Class 380/44)
  • Patent number: 11405371
    Abstract: A device for compressing subject data. the device comprises a communication link, the communication link capable of receiving a set of subject data; a compression module, the compression module configured to apply a compression algorithm to the set of subject data, the compression algorithm compressing the set of subject data using a reference string of subject data; and a transmission module, the transmission module configured to transmit the compressed subject data. The device further comprising an encryption module for encrypting the subject data.
    Type: Grant
    Filed: January 24, 2020
    Date of Patent: August 2, 2022
    Assignee: ARC BIO, LLC
    Inventors: Jason Michael Anderson, David A Sinclair, Alejandro Quiroz-Zarate, Roberto Olivares-Amaya, Ricardo Godinez-Moreno
  • Patent number: 11397968
    Abstract: A method for auditing an advertisement impression in which a first advertisement was presented in conjunction with first media content is disclosed. The method generally comprises transmitting to a plurality of second computing devices a plurality of randomly generated first cryptographic proofs; receiving, a first message from a second computing device indicating that the first advertisement was presented in conjunction with the first media content; and evaluating the first targeting model for the first advertisement based on the at least one media content classifier.
    Type: Grant
    Filed: October 7, 2021
    Date of Patent: July 26, 2022
    Inventors: Aaron Brown, Tom Bollich, Adam Helfgott, Rebecca Lerner, Nelson Hunter Prendergast, Nikolaos Melissaris Papanikolaou
  • Patent number: 11394531
    Abstract: Systems, apparatuses, methods, and computer-readable media are provided for reducing or eliminating cryptographic waste for link protection in computer buses. In various embodiments, data packets are encrypted/decrypted in accordance with advanced encryption standard (AES) Galois counter mode (GCM) encryption/decryption. Monotonically increased counter values are used as initialization vectors; and/or accumulated MAC is practiced to reduce or eliminate cryptographic waste. Other related aspects are also described and/or claimed.
    Type: Grant
    Filed: October 18, 2019
    Date of Patent: July 19, 2022
    Assignee: Intel Corporation
    Inventors: Siddhartha Chhabra, Vedvyas Shanbhogue
  • Patent number: 11394699
    Abstract: The disclosed technology relates to broadcasting encrypted data to multiple receiver devices, where some receiver devices have long-term access to the encrypted data and some receiver devices have a temporary access to the encrypted data. Receivers having long-term access are part of a “member group” because these member group devices have a master key and the master key enables the member group devices to derive the necessary information to decrypt the encrypted broadcast. In contrast, devices with temporary access possess only a guest key and not master key, without a master key the devices need to receive the guest key from another device to decrypt the broadcast. Access to the encrypted stream can also be based on broadcasting multiple or single diversifiers, where a diversifier can include group identification information to assist in restricting access to the encrypted stream.
    Type: Grant
    Filed: June 30, 2020
    Date of Patent: July 19, 2022
    Assignee: SONOVA AG
    Inventor: Stephan Gehring
  • Patent number: 11394526
    Abstract: A request is received for specific information that can be determined using data in a database on a first computer system. Either at least some of the data is encrypted or the request is encrypted. The first computer system does not have a decryption key to decrypt the encrypted data or request. The first computer system performs compressible HE operations on the data to determine compressed ciphertext(s) that correspond to the specific information. The operations include using a first uncompressed HE scheme and a second compressed HE scheme. The first HE scheme is used on the data to create other multiple ciphertexts and the second HE scheme is used on the other multiple ciphertexts to pack the other multiple ciphertexts into fewer ciphertexts that are compressed. Both the HE schemes use a same secret key. The first computer system sends a response including compressed ciphertext(s) corresponding to the specific information.
    Type: Grant
    Filed: December 23, 2020
    Date of Patent: July 19, 2022
    Assignee: International Business Machines Corporation
    Inventors: Craig B. Gentry, Shai Halevi
  • Patent number: 11387903
    Abstract: This application relates to the field of space communications technologies, and provides an acquisition, pointing, and tracking (APT) subsystem and a spacecraft communications system. The APT subsystem includes a first controller, a first terahertz transceiver, and a terahertz antenna array that are sequentially connected, where the first terahertz transceiver is configured to modulate and demodulate a terahertz wave; the terahertz antenna array is configured to send and receive the terahertz wave; and the first controller is configured to control the first terahertz transceiver to acquire, point, and track another APT subsystem by using the terahertz antenna array.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: July 12, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Xueliang Shi, Bin Wang, Jun Wang
  • Patent number: 11372929
    Abstract: Sorting an array consisting of large number of elements. The present invention provides an apparatus for executing a multiway merging process which generates one output sequence from N input sequences on an array consisting of a large number of elements. The apparatus includes: an execution unit configured to execute the multiway merging process on N input sequences without rearranging the elements based on a plurality of input sequences; and a generation unit configured to rearrange the elements constituting the input sequences according to an output sequence that has been generated by the multiway merging process in the execution unit so as to generate a sorted array of elements.
    Type: Grant
    Filed: October 17, 2019
    Date of Patent: June 28, 2022
    Assignee: International Business Machines Corporation
    Inventor: Hiroshi Inoue
  • Patent number: 11374569
    Abstract: The physically unclonable function device (DIS) comprises a set of MOS transistors (TR1i, TR2j) mounted in diodes having a random distribution of respective threshold voltages, and comprising N first transistors and at least one second transistor. At least one output node of the function is capable of delivering a signal, the level of which depends on the comparison between a current obtained using a current circulating in the at least one second transistor and a current obtained using a reference current that is equal or substantially equal to the average of the currents circulating in the N first transistors. A first means (FM1i) is configured to impose on each first transistor a respective fixed gate voltage regardless of the value of the current circulating in the first transistor, and a second means (SM2j) is configured to impose a respective fixed gate voltage on each second transistor regardless of the value of the current circulating in the second transistor.
    Type: Grant
    Filed: November 28, 2019
    Date of Patent: June 28, 2022
    Assignee: STMicroelectronics (Rousset) SAS
    Inventors: Nicolas Borrel, Jimmy Fort, Mathieu Lisart
  • Patent number: 11362820
    Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to receive from a pressure sensor matrix data describing a time-varying pressure interaction of the pressure sensor matrix with a second pressure sensor matrix, process the data to obtain a bit sequence, and use the bit sequence as a shared secret in a cryptographic procedure with a device.
    Type: Grant
    Filed: May 20, 2020
    Date of Patent: June 14, 2022
    Assignee: Nokia Technologies Oy
    Inventor: Harm Cronie
  • Patent number: 11354398
    Abstract: A secure cartridge-based storage system includes a set of read/write control electronics on a control board adapted to removably couple with each of a plurality of storage cartridges. For each individual storage cartridge, the read/write electronics are adapted to retrieve a unique device identifier from the storage cartridge; retrieve an encryption key stored on the control board in association with the unique device identifier; and utilize the encryption key to encrypt or decrypt data that is in transit to or from a target storage location on the storage media.
    Type: Grant
    Filed: March 2, 2020
    Date of Patent: June 7, 2022
    Inventors: Riyan Alex Mendonsa, Saravanan Nagarajan, Kenneth A. Haapala
  • Patent number: 11347444
    Abstract: A control circuit configured to associate a plurality of memory with an error correction scheme. The control circuit including an internal operation circuit configured to generate an internal command based on an access unit of the plurality of memory. The control circuit including a storage circuit configured to store information on the access unit of the plurality of memory.
    Type: Grant
    Filed: September 25, 2020
    Date of Patent: May 31, 2022
    Assignee: SK hynix Inc.
    Inventor: Won Ha Choi
  • Patent number: 11343108
    Abstract: A system and method for the generation of composite private keys are provided. First and second bitstreams are retrieved from an addressable cryptographic table by deriving addresses in the addressable cryptographic table from an initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream. The first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length. A first composite encryption key having a length longer than the first and second bitstreams is formed by selecting values of the data stream identified by corresponding bit values of the selector stream.
    Type: Grant
    Filed: June 12, 2020
    Date of Patent: May 24, 2022
    Inventors: Dennis D Booher, Bertrand F Cambou
  • Patent number: 11334322
    Abstract: A security test logic system can include a non-transitory memory configured to store measurements from a measurement apparatus, the measurement outputs comprising indications of presence or absence of coincidences where particles are detected at more than one detector at substantially the same time, the detectors being at the end of different channels from a particle source and having substantially the same length. The system can include a processor configured to compute a test statistic from the stored measurements. The test statistic may express a Bell inequality, and the system can compare the test statistic with a threshold. The processor can be configured to generate and output a certificate certifying that the measurements are from a quantum system if the value of the computed test statistic passes the threshold.
    Type: Grant
    Filed: June 28, 2021
    Date of Patent: May 17, 2022
    Assignee: Cambridge Quantum Computing Limited
    Inventors: Fernando Guadalupe dos Santos Lins Brandão, David John Worrall, Simone Severini
  • Patent number: 11336857
    Abstract: A fuzzy extractor includes an initial key generating part including a true random number generator, and a key regenerating part. The true random number generator generates a true random number using a read-out signal read from the reading part or a pixel signal read from the pixels of the pixel part in a true random number generation mode. The initial key generating part generates helper data and an initial key based on the true random number generated by the true random number generator and variation information acquired as a response when the initial key is generated. The key regenerating part generates, when a key is regenerated, a unique key based on helper data acquired when the initial key is generated and variation information acquired as a response including an error when the key is regenerated.
    Type: Grant
    Filed: March 4, 2020
    Date of Patent: May 17, 2022
    Inventors: Shunsuke Okura, Kenichiro Ishikawa, Masayoshi Shirahata, Takeshi Fujino, Mitsuru Shiozaki, Takaya Kubota
  • Patent number: 11329805
    Abstract: A method for operating a first vehicle-side terminal is provided, wherein the first vehicle-side terminal determines at least one symmetric group key that is assigned to the group of terminals, encrypts the at least one symmetric group key with a public asymmetric individual key that is assigned to a second vehicle-side terminal or with a symmetric pair key that is assigned to the second vehicle-side terminal, transmits the encrypted symmetric group key in the direction of the second vehicle-side terminal, receives an encrypted message from the second vehicle-side terminal, and decrypts the encrypted message depending on the symmetric group key.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: May 10, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Christian Zimmermann, Norbert Bissmeyer
  • Patent number: 11327904
    Abstract: System, methods, and other embodiments described herein relate to improving security of protected values in a memory. In one embodiment, a method includes, in response to receiving a write request indicating at least an item and a write value to write into the memory, determining whether a protected items list (PIL) indicates that the item is protected. The method includes replacing the write value of the write request with a protected value from the PIL that corresponds with the item when the item is listed in the PIL as being protected. The method further includes executing the write request to the memory.
    Type: Grant
    Filed: March 11, 2020
    Date of Patent: May 10, 2022
    Assignees: Denso International America, Inc., Denso Corporation
    Inventor: David M. West
  • Patent number: 11329834
    Abstract: A method for controlling access to a chip includes obtaining first values of a first physically unclonable function of the chip, obtaining second values that correspond to at least one challenge word, performing a simulation based on the first values and the second values, and generating an authentication result for the chip based on results of the simulation. The simulation may generate responses to logical operations corresponding to combinatorial logic in the chip, and the logical operations may be performed based on a predetermined sequence of the first values and the second values. The chip may be authenticated based on a match between the responses generated by the simulation and a second physically unclonable function of the chip.
    Type: Grant
    Filed: February 11, 2020
    Date of Patent: May 10, 2022
    Assignee: NXP B.V.
    Inventor: Jan-Peter Schat
  • Patent number: 11316905
    Abstract: A system may include a traffic interception module configured to intercept network traffic of a host device. A traffic virtualization module may be configured to generate a virtual file on the host device containing the intercepted network traffic. A security system interface module may be configured to provide the virtual file to a secure digital security system over a virtualized file interface coupling the host device to the secure digital security system, and to receive instructions to allow or to deny the network traffic from the secure digital security system over the virtualized file interface. A traffic access management module may be configured to allow or to deny the network traffic based on the instructions.
    Type: Grant
    Filed: May 26, 2020
    Date of Patent: April 26, 2022
    Assignee: CUPP Computing AS
    Inventor: Omar Nathaniel Ely
  • Patent number: 11310243
    Abstract: An example intermediary system allows an owner computer system to securely identify and communicate with an end device. The end device uses master secret and time data shared with the owner computer system to generate and advertise a time-dependent device identifier and potentially an encrypted device message. The intermediary system augments the received device data with a message (e.g., an estimate of the device's location) encrypted using the time-dependent device identifier as an encryption key. Furthermore, it hashes the time-dependent device identifier for additional security. The augmented data is forwarded to a server for retrieval and processing by the owner computer system. The owner uses the shared master secret, time data and hash function to generate a hashed time-dependent device identifier used to retrieve matching augmented data from the server. The retrieved message data is decrypted using the reverse of the encryption operations.
    Type: Grant
    Filed: July 14, 2021
    Date of Patent: April 19, 2022
    Assignee: Luna XIO, Inc.
    Inventors: Alan Gous, Jeffrey Bazar, Arman Maghbouleh
  • Patent number: 11310392
    Abstract: The present disclosure provides a fluid-optical encryption system and a method thereof. The fluid-optical encryption system uses a fluid surface that changes topology over time to modulate the wave front of an electromagnetic signal in an encryption, decryption, authentication or other communication system. The electromagnetic signal can be pulsed or continuous, coherent or non-coherent, and can be optical or in another wavelength range such as micrometer or infrared. The information carrying signal is either transmitted through the fluid system or reflected off the surface of the fluid system. The fluid system time dependent change can be induced by mechanical vibration in the fluid container, distorting the fluid container, acoustic waves through the fluid, or by surface tension changes at the boundary of the fluid cause by electrowetting or electrostatic effects. The fluid surface can exhibit patterns that oscillate or change periodically, or change in a chaotic manner.
    Type: Grant
    Filed: December 12, 2017
    Date of Patent: April 19, 2022
    Assignee: National Tsinghua University
    Inventors: Wei-Chih Wang, David R. Schipf
  • Patent number: 11296871
    Abstract: Embodiments of content management systems that utilize encryption are disclosed. An object management module of a content management system is adapted to encrypt an object using a data key that is generated based on the content. The data key is encrypted using a tenant key associated with a tenant of the system. The encrypted object is stored in an object store, and a storage record for the stored encrypted object is stored in a data store, along with the encrypted data key and a tenant key identifier.
    Type: Grant
    Filed: December 19, 2019
    Date of Patent: April 5, 2022
    Assignee: OPEN TEXT SA ULC
    Inventor: Ryan Cathal Robert O'Toole
  • Patent number: 11290181
    Abstract: Measurement of entangled photon quantum wavefunction properties is vital for studying the fundamentals of entanglement and for future applications in quantum communications, quantum metrology, quantum sensing and imaging. Despite its importance, measuring the wavefunction is difficult, particularly in pulsed and other systems with system features and wavefunctions changing in space and time. This invention uses ghost imaging techniques to directly measure the entangled photon wavefunction of pulsed origin temporal and polarization entangled photons. The invention may be used to improve wavefunction quality after propagation through turbulent or scattering media.
    Type: Grant
    Filed: March 18, 2021
    Date of Patent: March 29, 2022
    Assignee: The United States of America as represented by the Secretary of the Army
    Inventors: Ronald E. Meyers, Keith S. Deacon
  • Patent number: 11283604
    Abstract: Concepts and technologies are described herein for sharing encrypted data with enhanced security. In some configurations, an encryption key is generated from a password by the use of a password-based key generation technology. In addition, input data is encrypted using the encryption key. The encrypted data and the generated key may be then shared with a remote computer, such as a server. The encrypted data can then be decrypted at the remote computer by the use of the key. By the use of the technologies described herein, the contents of an encrypted file may be accessed at a remote computer without requiring a user to share the actual password.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: March 22, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Muhammed Serdar Soran, David C LeBlanc, Adam D. Barr, Tolga Acar, Ray S. Wang, Samantha Schumacher
  • Patent number: 11269984
    Abstract: The present invention provides methods and apparatuses for computer system security. According to certain aspects, embodiments of the invention comprise a portable storage device that, when attached, “unlocks” a computer system, such as a desktop, laptop, tablet computer running a conventional operating system such as Windows, thereby creating added security. More particularly, embodiments of the invention use a standard USB memory stick as an “ignition key” to unlock and operate a PC, tablet or other computer system. The ignition key can be required to boot the computer, utilize peripheral devices, ports, network connections, a keyboard and/or a mouse of the computer system, and limit access to certain parts of computer. According to further aspects, in these and other embodiments, the invention is implemented using a modified BIOS that prevents a computer from fully booting into an operational state until verifying the presence of, and information stored on the “ignition key” connected to the computer.
    Type: Grant
    Filed: December 8, 2015
    Date of Patent: March 8, 2022
    Inventor: Sofin Raskin
  • Patent number: 11272234
    Abstract: Disclosed are an electronic apparatus, a server, and a method of controlling the same, the server including: a communicator configured to connect with an electronic apparatus and an external server; and a processor configured to: generate first encrypted information by encrypting first decryption information received from the electronic apparatus, the first decryption information for reproducing content, control the communicator to transmit, to the external server, the generated first encrypted information, generate second decryption information by decrypting second encrypted information received from the external server, the second encrypted information generated based on the first decryption information, and control the communicator transmit the generated second decryption information to the electronic apparatus to scramble the content by a scrambler of the electronic apparatus.
    Type: Grant
    Filed: December 2, 2019
    Date of Patent: March 8, 2022
    Inventor: Yongcheol Yang
  • Patent number: 11269840
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for efficient media indexing. An example method disclosed herein includes selecting a first hash seed value based on a first entropy value calculated for a first bucket distribution resulting from use of the first hash seed value to store data in a first hash table, selecting a second hash seed value to be used in combination with the first hash seed value based on a second entropy value calculated on a second bucket distribution resulting from use of the first hash seed value in combination with the second hash seed value, and storing data in the first hash table based on the first hash seed value and a second hash table based on the second hash seed value.
    Type: Grant
    Filed: September 5, 2019
    Date of Patent: March 8, 2022
    Assignee: Gracenote, Inc.
    Inventors: Matthew James Wilkinson, Jeffrey Scott, Robert Coover, Konstantinos Antonios Dimitriou
  • Patent number: 11263298
    Abstract: A method of maintaining ongoing authentication of a user of an application without the need to enter and re-enter a username and a corresponding password for each session initiated between a client side application residing on a client side platform and a server; and wherein the password is not stored on the server; the method comprising utilising an unbroken chain of one-time pass codes; each pass code in the chain being unique to the username and client side application; each pass code renewed periodically and preferably at least once during each said session.
    Type: Grant
    Filed: December 17, 2019
    Date of Patent: March 1, 2022
    Assignee: HAVENTEC PTY LTD
    Inventor: Ric B. Richardson
  • Patent number: 11265151
    Abstract: A computing device includes an array of addressable elements. Each addressable element is a hardware element that generates a substantially consistent response when interrogated. The device includes a processor coupled to the array of addressable elements and configured to communicate using a communication network. The processor receives a public key, and processes the public key to produce at least a set of addresses. Each address in the set of addresses identifies one or more hardware elements in the array of addressable elements. The processor generates a set of responses by interrogating the one or more hardware elements in the array of addressable elements identified by the set of addresses according to a set of reading instructions, appends the responses in the set of responses to generate a private key, receives an encrypted message and decrypts the encrypted message using the private key to generate an unencrypted message.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: March 1, 2022
    Assignees: Arizona Board of Regents on Behalf of Northern Arizona University, Government of the United States of America, as represented by the Secretary of the Air Force
    Inventors: Bertrand F Cambou, Christopher Robert Philabaum, Donald A. Telesca, Jr.
  • Patent number: 11258615
    Abstract: A method for managing certificates includes the steps of transmitting, over an electronic network by an electronic device of a client, a certificate request to a certificate management portal separate from the client, establishing an interaction with an electronic interface of a certificate authority by the certificate management portal; generating, by the certificate authority, a certificate package, delivering the generated certificate package to the certificate management portal, and downloading from the certificate management portal, by the client, at least one certificate of the delivered certificate package.
    Type: Grant
    Filed: September 12, 2019
    Date of Patent: February 22, 2022
    Assignee: Cable Television Laboratories, Inc.
    Inventor: Brian A. Scriber
  • Patent number: 11251945
    Abstract: An aggregate maximum is efficiently obtained while keeping confidentiality. A flag converting part (12) converts a form of a share of a flag representing a last element of a group. A flag applying part (13) generates a share of a vector in which a value of a value attribute is set if a flag representing the last element of the group is true, and a predetermined value is set if the flag is false. A sorting part (14) generates a share of a sorted vector obtained by sorting the vector with a permutation which moves elements so that the last elements of each group are sequentially arranged from beginning. An output part (15) generates and outputs a share of a vector representing a maximum of each group from the sorted vector.
    Type: Grant
    Filed: April 22, 2019
    Date of Patent: February 15, 2022
    Inventor: Dai Ikarashi
  • Patent number: 11250165
    Abstract: A processor comprising a first register to store a wrapping key, a second register to store a pointer to a handle stored in a memory coupled to the processor, the handle comprising a cryptographic key encrypted using the wrapping key, and a core to execute a decryption instruction. The core is to, responsive to the decryption instruction, identify, in the decryption instruction, a pointer to ciphertext stored in the memory, retrieve the ciphertext and the handle from the memory, decrypt the cryptographic key of the handle based on the wrapping key, and decrypt the ciphertext based on the decrypted cryptographic key.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: February 15, 2022
    Assignee: Intel Corporation
    Inventors: Michael LeMay, David M. Durham, Jason W. Brandt
  • Patent number: 11251959
    Abstract: A method of manufacturing a secure computing hardware apparatus includes receiving at least a secret generator, wherein the secret generator is configured to generate a module-specific secret, receiving a device identifier, wherein the device identifier is configured to produce at least an output comprising a secure proof of the module-specific secret, and communicatively connecting the device identifier to the secret generator.
    Type: Grant
    Filed: July 9, 2019
    Date of Patent: February 15, 2022
    Assignee: Ares Technologies, Inc.
    Inventor: Christian T Wentz
  • Patent number: 11251953
    Abstract: A device may receive a set of cryptographic parameters associated with an integer, wherein the set of cryptographic parameters includes a linked list of potential prime integers, in an order, used to generate the integer. The device may determine, iteratively and in the order, whether each potential prime integer included in the linked list of potential prime integers is a prime integer using a primality test or a lookup operation based on a set of proven prime integers. The device may determine whether the integer is a proven prime integer based on determining whether each potential prime integer included in the linked list of potential prime integers is a prime integer. The device may authorize, when the integer is a proven prime integer, the integer for use in a cryptographic protocol.
    Type: Grant
    Filed: July 15, 2020
    Date of Patent: February 15, 2022
    Assignee: Juniper Networks, Inc.
    Inventors: Anna M. Johnston, Rathna Ramesh
  • Patent number: 11244693
    Abstract: Embodiments described include systems and methods for incorporating a watermark in an audio output. An embedded browser, which is executable on one or more processors of a client device, may detect an audio data stream from a network application accessed via the embedded browser. A watermarking engine of the embedded browser intercepts the audio data stream responsive to detecting the audio data stream. The watermarking engine incorporates a digital signal corresponding to a watermark into the audio data stream, prior to being produced as an audio output by an audio speaker. The watermarking engine causes the watermark to be present in the audio output produced by the audio speaker, the watermark configured to be inaudible by a human and recordable by an audio recording device.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: February 8, 2022
    Assignee: Citrix Systems, Inc.
    Inventor: Abhishek Chauhan
  • Patent number: 11245522
    Abstract: A method of securely storing a target number is provided based on the Chinese-Remainder Theorem, A set of n congruence pairs of numbers are generated, wherein a target number (a secret) can be uniquely derived from any t out of the n pairs. In one aspect the divisors are pre-selected such that any randomly selected n integers from the sequence are a valid Asmuth-Bloom sequence for any access structure (t, n) where 1<t?n?N. In another aspect, means are provided for pre-storing members of a Mignotte or Asmuth-Bloom sequence of N divisors in a look-up table from which n divisors can be selected. In this way a flexible access structure is supported. CRT secret shares for a selected access structure can be generated without having to perform the laborious process of calculating Mignotte sequences for each secret and access structure. Storage required to store the secret shares is also reduced by storing and retrieving congruence pairs in the form of an index and a remainder.
    Type: Grant
    Filed: November 24, 2017
    Date of Patent: February 8, 2022
    Inventors: Lu Fan, David Lanc
  • Patent number: 11240033
    Abstract: A method includes determining a password-length threshold. The password-length threshold may comprise an integer. The method also includes obtaining, for a first user, a set of nucleotide locations. The number of nucleotide locations in the set may be greater than or equal to the integer. The method also includes obtaining a first sample of the user's DNA. The method also includes determining, in the first sample, a nucleotide at each nucleotide location in the set of nucleotide locations, resulting in a first nucleotide-password sequence. The method also includes performing a one-way hashing operation on the first nucleotide-password sequence with a first hashing algorithm, resulting in a first hashed password.
    Type: Grant
    Filed: September 26, 2019
    Date of Patent: February 1, 2022
    Assignee: International Business Machines Corporation
    Inventors: Andrew J. Lavery, Igor S. Ramos, Silvia Giacone, Bernadette Marie Wing, Fernando Jose Suarez Saiz
  • Patent number: 11240014
    Abstract: Systems, apparatuses, methods, and computer program products are disclosed for post-quantum cryptography (PQC). An example method includes monitoring an enveloped data structure comprising a data envelope and data encrypted based on a first set of PQC encryption attributes. The example method further includes generating an electronic indication of a change in the enveloped data structure. The example method further includes retrieving PQC cryptographic performance information associated with a set of PQC cryptographic techniques. The example method further includes generating a second set of PQC encryption attributes for encrypting the data based on the change in the enveloped data structure and the PQC cryptographic performance information. Subsequently, the example method includes encrypting the data based on the second set of PQC encryption attributes.
    Type: Grant
    Filed: September 10, 2019
    Date of Patent: February 1, 2022
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Ravi K. Maganti, Bradford A. Shea, M. Erik Meinholz, Jeff J. Stapleton, Peter Bordow, Pierre Arbajian, Abhijit Rao, Robert L. Carter, Jr.
  • Patent number: 11232221
    Abstract: An example operation may include one or more of receiving a transaction request into at least one node of a blockchain network, the transaction request comprising one or more transaction parameters and one or more encryption keys, processing the transaction request to produce a transaction result, encrypting one or more parameters of the transaction result to produce an encrypted transaction result, storing the encrypted transaction result in a data block of the blockchain, and storing the one or more encryption keys in one or more key stores of the blockchain network.
    Type: Grant
    Filed: September 17, 2018
    Date of Patent: January 25, 2022
    Assignee: International Business Machines Corporation
    Inventors: Petr Novotny, Donna N. Dillenberger, Nitin Gaur
  • Patent number: 11232718
    Abstract: A method performed by a device for protecting data is provided. The method comprises inputting, to a Physically Unclonable Function, PUF, of the device, a challenge; obtaining, from the PUF, a response; and protecting the data by using the response. A device, a method in an encryption unit, computer program and computer program product are also provided.
    Type: Grant
    Filed: February 1, 2017
    Date of Patent: January 25, 2022
    Inventors: Karl Norrman, Elena Dubrova
  • Patent number: 11233638
    Abstract: Method for generating cryptotokens including identifying an asset; using a secret sharing algorithm, creating a token that corresponds to the asset, wherein the token represents a private key and comprises a first half and a second half; on the client side, generating first half of public key and first half of private key; transmitting first half of public key to a server; on the server, using first half of public key to generate a second half of private key; generating second half of public key using second half of private key; associating the asset with the token; access to the asset requires the first second halves of the private key; performing a transaction with the asset by transferring first half of private key from first user to second user, and re-associating the asset from first to second user; first half of private key is never stored together with second half.
    Type: Grant
    Filed: August 20, 2020
    Date of Patent: January 25, 2022
    Inventors: Anton Jakovlevich Liushits, Alexander Vladimirovich Vlasov
  • Patent number: 11228907
    Abstract: A network usage control method comprises receiving (S2, S5) a handset identifier (e.g. an IMEI number) of a requesting terminal device (2) seeking to use a mobile network (4); retrieving verification information (S7) for verifying an identity of an authorised terminal device associated with the handset identifier; verifying (S9), based on the verification information, whether the requesting terminal device (2) is the authorised terminal device; and controlling (S10, S11) usage of the mobile network by the requesting terminal ON device in dependence on whether the requesting terminal device is verified as the authorised terminal device. Cryptographic keys can be used to bind the handset identifier to a particular handset and verify that a device presenting a given handset identifier is actually the authorised handset for that handset identifier. This prevents thieves being able to circumvent blacklisted handset identifier of a stolen handset by cloning a valid handset identifier from another device.
    Type: Grant
    Filed: November 2, 2017
    Date of Patent: January 18, 2022
    Inventor: Chris Loreskar
  • Patent number: 11228433
    Abstract: Using various embodiments, methods and systems for securing user data are described. In one embodiment, a system includes a server side application accessing a service key from a conventional key vault and an escrowed key which can then be used to compute a key to the key using which information can be encrypted. Other embodiments include using a timer service to further safeguard secure user information.
    Type: Grant
    Filed: June 26, 2019
    Date of Patent: January 18, 2022
    Inventor: Baskaran Dharmarajan
  • Patent number: 11223478
    Abstract: An example system can include a reference biometric template (RBT) reader, an authenticator, and an auxiliary system. In some examples, during an initial enrollment process, the RBT reader obtains a biometric from a user, transforms the biometric into an RBT, and provides different shares of the RBT to the authenticator and the auxiliary system. The authenticator and the auxiliary system create respective shares of helper data. In some examples, the authenticator and the auxiliary system use a non-commutative transformation function to embed a secret key in their respective shares of the helper data. The auxiliary system provides its share of the helper data to the authenticator. The authenticator combines its share of the helper data with the share provided by the auxiliary system to create a full version of the helper data. The helper data can be used in a subsequent authentication process between the RBT reader and the authenticator.
    Type: Grant
    Filed: April 2, 2019
    Date of Patent: January 11, 2022
    Assignee: SRI International
    Inventors: Karim Eldefrawy, Ivan De Oliveira Nunes, Titouan Tanguy
  • Patent number: 11223490
    Abstract: A method and system for authenticating a device is disclosed. The method includes the steps of: receiving a helper bit string and a first MAC; measuring a first response bit string of a physical unclonable function of the device with respect to a challenge bit string; subtracting the first response bit string from the helper bit string; decoding a result of the subtraction using a uniformly distributed random matrix, the shared secret bit string being provided from the decoding if the helper bit string was encoded using a previously measured second response bit string that is within a threshold level of similarity to the first response bit string, the decoding outputting an error value otherwise; determining a second MAC based on the shared secret bit string, the uniformly distributed random matrix, and the helper bit string; and determining whether the second MAC matches the first MAC.
    Type: Grant
    Filed: December 27, 2017
    Date of Patent: January 11, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Jorge Guajardo Merchan, Paulius Duplys, Christopher Huth
  • Patent number: 11218305
    Abstract: A computer-implemented method includes: receiving, by a platform including one or more computing devices, a blockchain authorization information generation request from a client, in which the blockchain authorization information generation request includes a target blockchain identifier and user information; determining, based on the target blockchain identifier, a target blockchain; determining a blockchain parameter of the target blockchain, in which the blockchain parameter indicates one or more requirements for authorization information used to join the target blockchain; generating blockchain authorization information based on the blockchain parameter and the user information, in which the blockchain authorization information conforms to the one or more requirements; and sending the blockchain authorization information to the client.
    Type: Grant
    Filed: April 23, 2021
    Date of Patent: January 4, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Yixiang Zhang, Jun Gu
  • Patent number: 11194933
    Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: December 7, 2021
    Assignee: Intel Corporation
    Inventors: Yaacov Belenky, Gyora Benedek, Reuven Elbaum, David Novick, Elad Peer, Chaim Shen-Orr, Yonatan Shlomovich
  • Patent number: 11194921
    Abstract: Data masking is provided by, for at least one predetermined data item in data to be sent, applying a one-way function to that data item to produce a first value, producing a masked data item by encrypting the first value via a deterministic encryption scheme using a current encryption key for a current epoch, and replacing that data item by the masked data item. A data-provider computer sends the masked data to the data-user computer. On expiry of the current epoch, the data-provider computer generates a new encryption key for the encryption scheme in a new epoch, produces mask-update data, dependent on the current and new encryption keys, and sends the mask-update data to the data-user computer. The mask-update data permits updating, at the data-user computer, of masked data items produced with the current encryption key into masked data items produced with the new encryption key.
    Type: Grant
    Filed: November 25, 2019
    Date of Patent: December 7, 2021
    Inventors: Christian Cachin, Jan L. Camenisch, Eduarda Freire Stögbuchner, Anja Lehmann
  • Patent number: 11171931
    Abstract: This disclosure relates to method and system for providing a light weight secure communication for computing devices. In one example, the method includes generating a new encryption key based on a selected encryption key from among a plurality of encrypted keys and a current synchronized hash based on a set of pre-defined rules, generating an updated synchronized hash based on a message to be transmitted and the current synchronized hash using a pre-defined hash algorithm, encrypting the message to be transmitted using the new encryption key to generate an encrypted message, transmitting the encrypted message, and replacing the current synchronized hash with the updated synchronized hash. The set of pre-defined rules and the pre-defined hash algorithm are retrieved from a pre-installed library. Further, the current synchronized hash, the plurality of encryption keys, and the pre-installed library are synchronized between the first computing device and the second computing device.
    Type: Grant
    Filed: March 30, 2019
    Date of Patent: November 9, 2021
    Assignee: Wipro Limited
    Inventors: Sumit Shovon Mitra, Sayon Sur, Debasish Chanda
  • Patent number: 11171790
    Abstract: A system for establishing a trusted path for secure communication between client devices and server devices, such as between an account holder and a financial institution, can provide the core security attributes of confidentiality (of the parties), integrity (of the information), anti-replay (protection against replay fraud) and/or anti-tampering (protection against unauthorized changes to information being exchanged and/or modules that generate and communicate such information). A messaging layer implementation in favor of a transport layer implementation can provide a trusted path. This infrastructure features secure cryptographic key storage, and implementation of a trusted path built using the cryptographic infrastructure. The trusted path protects against unauthorized information disclosure, modification, or replays. These services can effectively protect against Man-in-the-Middle, Man-in-the-Application, and other attacks.
    Type: Grant
    Filed: February 7, 2020
    Date of Patent: November 9, 2021
    Assignee: ACCERTIFY, INC.
    Inventor: Glenn S. Benson
  • Patent number: 11171777
    Abstract: A computer-implemented method and system for controlling remote access to a computer system is disclosed. A method includes generating a secret value at a first computer system; sharing the secret value with associated computer systems; choosing a time length for validity; computing a derived key based on the secret value; and controlling remote access to the computer system based on the derived key and a unique identifier associated with the first computer system.
    Type: Grant
    Filed: February 12, 2019
    Date of Patent: November 9, 2021
    Inventors: Phani Pavan Kumar Mangaiahgari, David V. Soergel, Aryn Shapiro, Doug Schiffer