Having Particular Key Generator Patents (Class 380/44)
-
Patent number: 12087253Abstract: A transparent data display window apparatus, system, and method that receives and processes encrypted data in the form of non-fungible token (NFT) for display thereon. The transparent data display window receives and displays encrypted NFT data. The transparent data display window generates and embeds a unique time code within the transparent data display specific to a current display of the encrypted NFT data on the transparent data display such that the embedded unique time code is readable and recordable at a particular time by a user device proximate to the transparent data display window and useful for continuing the current display of the encrypted NFT data from the particular time of the recording of the embedded unique time code by the user device proximate to the transparent data display on another display device.Type: GrantFiled: October 4, 2022Date of Patent: September 10, 2024Inventor: Troy R. Holliday
-
Patent number: 12081677Abstract: Described are a system, method, and computer program product for secure real-time n-party computation. The method includes receiving a first computation input and a first portion of a one-time key from a first computer device, and receiving a second computation input and a second portion of the one-time key from a second computer device. The method also includes generating the one-time key based on the first and second portion of the one-time key, and executing a computation based on the first and second computation input. The method further includes generating an encrypted output by encrypting the computation with the one-time key, and communicating the encrypted output to the first computer device. The method further includes receiving a proof of publication from the first computer device and, in response to receiving the proof of publication, communicating the one-time key to the first computer device.Type: GrantFiled: September 6, 2023Date of Patent: September 3, 2024Assignee: Visa International Service AssociationInventors: Rohit Sinha, Ranjit Kumar Kumaresan, Sivanarayana Gaddam, Mihai Christodorescu, Srinivasan Raghuraman
-
Patent number: 12074972Abstract: The invention is a method for updating a first secret data in a credential container including a subscriber identity module. The credential container comprises a set of secret parameters customized for a network operator and is configured to execute a symmetric mutual authentication algorithm using said set. The credential container receives from a remote server a second secret data enciphered using a second algorithm different from said symmetric mutual authentication algorithm and a subset of said secret parameters, the credential container deciphers the enciphered second secret data by using both the subset and a third algorithm and replaces the first secret data with the second secret data.Type: GrantFiled: August 22, 2019Date of Patent: August 27, 2024Assignee: THALES DIS FRANCE SASInventors: Michel Anslot, Jean-Yves Fine
-
Patent number: 12069159Abstract: A method for redacting a private blockchain comprises applying a hash function to a prefix and new content to compute a hash for a block of the blockchain; performing a modulo operation to convert the hash to an integer modulo; determining an inverse of the integer modulo; computing a redactable suffix from the prefix and the inverse of the integer modulo; replacing current content of the blockchain with the new content; and applying the redactable suffix to the block having the new content.Type: GrantFiled: June 17, 2022Date of Patent: August 20, 2024Assignee: Research Foundation of the City University of New YorkInventors: Vladimir Shpilrain, Dima Grigoriev
-
Patent number: 12069164Abstract: A method for securing communications for a given network is provided. The method comprises by at least one node(i) of the network configured to utilize pairwise keys: generating a set of encryption keys; and transmitting the set of encryption keys to a controller for the network; by the controller, executing a key selection process wherein for each node(j) in the network an encryption key J is selected from the set of encryption keys; assigning the encryption key J to the node(j); and transmitting the selected encryption key J to the node(j); by each node(j), generating an encryption key I to the node(i); and sending the encryption key I to the node(i) via the controller.Type: GrantFiled: September 13, 2019Date of Patent: August 20, 2024Assignee: Cisco Technology, Inc.Inventors: Syed Khalid Raza, Praveen Raju Kariyanahalli, Venugopal Hemige
-
Patent number: 12067575Abstract: Disclosed is a method, system, and computer program product for determining solvency of a digital asset exchange system. The method includes identifying a plurality of blockchain addresses corresponding to a plurality of users of a digital asset exchange system, generating a first commitment to an amount of digital assets corresponding to the plurality of blockchain addresses, and generating a second commitment to a balance of each user of the plurality of users. The method also includes generating a first component of a zero-knowledge algorithm that is configured to receive, as input, the first commitment. The method further includes generating, with at least one processor, a second component of the zero-knowledge algorithm that is configured to receive, as input, the second commitment. The method further includes determining that the digital asset exchange system is solvent based on the zero-knowledge algorithm.Type: GrantFiled: March 24, 2023Date of Patent: August 20, 2024Assignee: Visa International Service AssociationInventors: Payman Mohassel, Shashank Agrawal, Chaya Ganesh
-
Patent number: 12063293Abstract: A collation system 20, which is provided with a client 30 and a server 40, the client 30 includes: a random number generation unit 31 which generates a random number; a concealed information storage unit 32 which stores concealed information generated by concealing registered information and the generated random number using a concealment key; and a concealed index computation unit 33 which, on the basis of the collation information input for collation with the registered information and the concealed information, computes a concealed index, generated by concealing an index indicating closeness between the registered information and the collation information; the server 40 includes a determination unit 41 which uses a release key corresponding to the concealment key and the random number transmitted from the client 30 to determine whether or not the index can be acquired from the concealed index transmitted from the client 30.Type: GrantFiled: December 12, 2018Date of Patent: August 13, 2024Assignee: NEC CORPORATIONInventors: Toshiyuki Isshiki, Haruna Fukuda, Hiroto Tamiya, Masahiro Nara
-
Patent number: 12052359Abstract: Various aspects of the subject technology relate to systems, methods, and machine-readable media for encrypting data. The method includes adding a new encryption key for encrypting and/or decrypting data of a database, the data previously encrypted by an old encryption key. The method also includes hashing the new encryption key to generate a new hash. The method also includes comparing the new hash and an old hash with values in an encryption log, the old hash generated by hashing an old encryption key. The method also includes in response to the comparing, decrypting the data with the old encryption key when the new hash and old hash match the values in the encryption log. The method also includes encrypting the data with the new encryption key. The method also includes adding a new entry into the encryption log, the new entry comprising the new hash.Type: GrantFiled: July 30, 2021Date of Patent: July 30, 2024Assignee: AppDirect, Inc.Inventors: Daniel P. Craggs, Jonathan David Fok kan
-
Patent number: 12047519Abstract: Methods and endpoint nodes and controllers are disclosed for mutual authentication and key exchange. In an embodiment, physical unclonable function circuits on the endpoint nodes are used in combination with key masks to allow mutual authentication and key exchange between the endpoint nodes.Type: GrantFiled: July 15, 2022Date of Patent: July 23, 2024Assignee: Nanyang Technological UniversityInventors: Yue Zheng, Chip Hong Chang, Wenye Liu
-
Patent number: 12047500Abstract: The present invention is a platform and/or agnostic method and system operable to protect data, documents, devices, communications, and transactions. Embodiments of the present invention may be operable to authenticate users and may be operable with any client system. The method and system are operable to disburse unique portions of anonymous related information amongst multiple devices. These devices disburse unique portions of anonymous information and are utilized by the solution to protect sensitive data transmissions, and to authenticate users, data, documents, device and transactions. When used for authentication, login-related information is not stored in any portion of the solution, users and devices are anonymously authenticated. The solution also permits a user to access secured portions of the client system through a semi-autonomous process and without having to reveal the user's key.Type: GrantFiled: May 12, 2023Date of Patent: July 23, 2024Assignee: AUTNHIVE CORPORATIONInventor: Devi Selva Kumar Vijayanarayanan
-
Patent number: 12041063Abstract: Systems, devices, and methods are disclosed for exchanging electronic information over a communication network and, more specifically, to authenticating and verifying data integrity between two or more interacting users exchanging information. A client computing device generates a split secret that is transmitted to a server via two distinct communication channels. The split secret is generated based on a public key of a public-private key pair generated by the client computing device based on a unique identifier. Validity of the public key can authenticate source identity.Type: GrantFiled: May 23, 2023Date of Patent: July 16, 2024Assignee: Uledger, Inc.Inventors: Joshua McIver, Taulant Ramabaja
-
Patent number: 12032704Abstract: Systems, apparatuses, and methods for improving security of a silicon-based system by creating a glitch-resistant process for executing a software code block on the silicon-based system are disclosed. An example method may begin by marking the software code block as non-executable. Second, intent to execute the software code block is registered with a staging register. Third, the software code block is compressed into a compression constant. Fourth, the compression constant is compared with a first predetermined value using two comparators. Fifth, responsive to the comparators providing a true result after comparison, the software code block is marked as executable to allow the software code block to execute. In another aspect, the example method may be repeated for n>1 iterations, and in each iteration i, an ith software code block is compressed into an ith compression constant that is compared to an ith predetermined value.Type: GrantFiled: August 31, 2021Date of Patent: July 9, 2024Assignee: Google LLCInventors: Marius P. Schilder, Timothy Chen, Scott D. Johnson, Derek L Martin
-
Patent number: 12013830Abstract: There is disclosed a system (100) comprising computing nodes (102A, 102B, 102C, 102D), wherein each computing node includes processor (104A, 104B, 104C, 104D), wherein each computing node comprises hash value of each data entity of pre-existing data entities therein, and wherein system (100) operates to provide verified recordal of data entities therein to ensure consistent recordal of data that assists to ensure reliable, efficient and robust operation of the system (100).Type: GrantFiled: October 16, 2020Date of Patent: June 18, 2024Inventor: Lum Ramabaja
-
Patent number: 12015707Abstract: A communication method and a related product are provided. The communication method includes: When UE switches from a source slice to a target slice mutually exclusive with the source slice, both the UE and a target AMF serving the target slice can obtain a first AMF key Kamf_new. The first AMF key Kamf_new is different from a second AMF key Kamf, and the second AMF key Kamf is a key of a source AMF serving the source slice. According to the application communication security and effectiveness are significantly improved_in a mutually exclusive slice switching scenario.Type: GrantFiled: July 20, 2021Date of Patent: June 18, 2024Assignee: Huawei Technologies Co., Ltd.Inventors: Juan Deng, Chengdong He
-
Patent number: 12010219Abstract: Disclosed is a highly available distributed key management system (KMS). The system receives a request for an encrypted data encryption key (DEK) from a user at an instance of the KMS. The instance of the KMS generates a blob that is signed with a symmetric key, and negotiated keys based on a key agreement scheme between the instance of the KMS and another instance of the KMS. The negotiation steps are performed using different public/private key pairings, while producing equivalent negotiated keys shared between KMS instances. This blob is sent to the user where it is stored by the user. Subsequently, when the user needs a decrypted DEK, the user may send this blob to any instance of the KMS and obtain a decrypted DEK for use in encrypting user data.Type: GrantFiled: October 25, 2021Date of Patent: June 11, 2024Assignee: Salesforce, Inc.Inventor: Lionel L Zhang
-
Patent number: 11995648Abstract: The invention relates to a computer-implemented method for enabling zero-knowledge proof or verification of a statement in which a prover proves to a verifier that a statement is true while keeping a witness to the statement a secret. The method includes the prover sending to the verifier a set of data including a statement, which for a given function circuit output and an elliptic curve point, the function circuit input is equal to the corresponding elliptic curve point multiplier. The data includes individual wire commitments and/or a batched commitment for wires of the circuit, a function circuit output, and a prover key, which enables the verifier to determine that the circuit is satisfied and calculate the elliptic curve point and validate the statement, thus determining that the prover holds the witness to the statement.Type: GrantFiled: March 18, 2019Date of Patent: May 28, 2024Assignee: nChain Licensing AGInventor: Thomas Trevethan
-
Patent number: 11991266Abstract: Some embodiments are directed to a fully homomorphic encryption (FHE) cryptography, wherein some encrypted data items are clipped, thereby reducing a bit-size of the encrypted data item and increasing an associated noise level of the encrypted data item. An FHE operation or a decrypt operation that operates on the clipped encrypted data item as input, has noise tolerance above a noise level associated with the clipped encrypted data item.Type: GrantFiled: October 28, 2021Date of Patent: May 21, 2024Assignee: ZAMA SASInventor: Marc Joye
-
Patent number: 11979385Abstract: A blockchain-implemented transaction from an originator node is to be broadcast. The originator node is communicatively coupled to proxy nodes. The method, implemented by a proxy node, includes: receiving a transaction including an input taking x+r units of computing resources, an output providing x units to the output address and another output providing d+r units to a 1-of-n multi-signature address unlockable by any one of a set of private keys associated the proxy nodes. The proxy node selects a quantity of computing resources, t units, to be allocated to the proxy node for broadcasting the transaction and having it included in the blockchain and generates a further transaction taking d+r units sourced from the multi-signature address and an output providing t units to the proxy node. The proxy node broadcasts both transactions timed to permit their inclusion in the same block of the blockchain.Type: GrantFiled: March 29, 2022Date of Patent: May 7, 2024Assignee: nChain Licensing AGInventors: Silvia Bartolucci, Pauline Bernat, Daniel Joseph
-
Patent number: 11971998Abstract: A data comparison device holds first and second encrypted data of first and second plaintext, respectively. The first plaintext is divided into a plurality of blocks and the first encrypted data is generated by executing encryption of each of the plurality of blocks and shuffling of the plurality of blocks. The second plaintext is divided into a plurality of blocks and the second encrypted data is generated by executing encryption of each of the plurality of blocks. In at least one of the first encrypted data and the second encrypted data, a plaintext value is embedded as a value indicating a magnitude comparison result, and the data comparison device compares blocks at the same position before shuffling of the first encrypted data and the second encrypted data based on the embedded value and determines a magnitude relationship between the first plaintext and the second plaintext.Type: GrantFiled: June 2, 2020Date of Patent: April 30, 2024Assignee: HITACHI, LTD.Inventors: Masayuki Yoshino, Ken Naganuma, Hisayoshi Sato
-
Patent number: 11962696Abstract: Systems and methods are described for removing unused encryption key files from a computing device. In an example, a key removal tool can identify three sets of keys to preserve. For the first set, the key removal tool can append a device identifier to known key names and add the resulting key file names to a whitelist. For the second set, the key removal tool can identify keys associated with certificates on the computing device and add their corresponding file names to the whitelist. The third set can correspond to keys created after a cutoff timestamp. The key removal tool can delete all key files with key file names not on the whitelist that were created before the cutoff timestamp.Type: GrantFiled: October 5, 2021Date of Patent: April 16, 2024Assignee: VMware, Inc.Inventors: Keith Robertson, Sagar Date
-
Patent number: 11945688Abstract: Proper use of a remote monitoring function is realized in an elevator-control-device that monitors an elevator. An elevator-control-device is connected with a remote-monitoring-server that remotely monitors an elevator, via a communication network. The elevator-control-device includes a processor that performs a monitoring-control-process for monitoring the elevator, and a memory. The memory stores a communication function in which a control program for communicating with the remote-monitoring-server for the elevator is stored, a remote-monitoring-function in which a control program for the monitoring-control-process is stored, and a maintenance terminal function in which a control program for connection with a maintenance terminal is stored. The remote-monitoring-function is encrypted and is stored in the memory.Type: GrantFiled: June 19, 2020Date of Patent: April 2, 2024Assignee: MITSUBISHI ELECTRIC BUILDING SOLUTIONS CORPORATIONInventor: Akihiko Watanabe
-
Patent number: 11949799Abstract: Disclosed is an input/output circuit for a physical unclonable function generator circuit. In one embodiment, a physical unclonable function (PUF) generator includes: a PUF cell array comprising a plurality of bit cells configured in a plurality of columns and at least one row, and at least one input/output (I/O) circuit each coupled to at least two neighboring columns of the PUF cell array, wherein the at least one I/O circuit each comprises a sense amplifier (SA) with no cross-coupled pair of transistors, wherein the SA comprises two cross-coupled inverters with no access transistor and a SA enable transistor, and wherein the at least one I/O circuit each is configured to access and determine logical states of at least two bit cells in the at least two neighboring columns; and based on the determined logical states of the plurality of bit cells, to generate a PUF signature.Type: GrantFiled: April 5, 2021Date of Patent: April 2, 2024Assignee: Taiwan Semiconductor Manufacturing Co., Ltd.Inventors: Jui-Che Tsai, Shih-Lien Linus Lu, Cheng Hung Lee, Chia-En Huang
-
Patent number: 11942099Abstract: Disclosed example people monitoring methods include detecting a first watermark in a first audio signal obtained from an acoustic sensor, the first watermark identifying media presented by a monitored media device, determining whether a second watermark, different from the first watermark, is embedded in the first audio signal obtained from the acoustic sensor, the second watermark identifying at least one of a mobile device or a user of the mobile device, classifying the second watermark as a media watermark or a people monitoring watermark based on a characteristic of the second watermark, and when the second watermark is determined to be embedded in the first audio signal, reporting at least one of the second watermark or information decoded from the second watermark to identify at least one of the mobile device or the user of the mobile device as being exposed to the media presented by the monitored media device.Type: GrantFiled: December 29, 2021Date of Patent: March 26, 2024Assignee: The Nielsen Company (US), LLCInventors: Alexander Topchy, Padmanabhan Soundararajan, Venugopal Srinivasan
-
Patent number: 11943352Abstract: A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.Type: GrantFiled: April 16, 2021Date of Patent: March 26, 2024Assignee: Google LLCInventors: Kevin Yeo, Sarvar Patel, Phillipp Schoppmann
-
Patent number: 11924345Abstract: Embodiments described herein relate to apparatuses and methods for registering and storing a local key associated with a local application of a communication device, including, but not limited to, receiving a request from the communication device to register and store the local key, evaluating the request based on at least one first policy, and sending the request to register and store the local key to a secure key storage.Type: GrantFiled: March 26, 2021Date of Patent: March 5, 2024Assignee: Fornetix LLCInventors: Charles White, Joseph Brand
-
Patent number: 11922384Abstract: The method of the invention comprises: an identification step (E30-E50) of identifying the user of the mobile terminal; a generation step, triggered if identification is successful, of a secure element of the terminal generating (E70) at least one identification value for the terminal by using a first secret key shared between the secure element and a token service provider device; a sending step (E100) of sending a request to the token service provider device to obtain at least one security token, the request including said at least one identification value for the terminal; and a reception step (F90) of receiving from the token service provider device said at least one security token in encrypted form, each security token being associated with a random number generated by the token service provider device and being encrypted by means of an encryption key generated for that token from the random number and from a second secret key shared between the token service provider device and the secure element of thType: GrantFiled: April 14, 2017Date of Patent: March 5, 2024Assignee: ORANGEInventors: Alicia Filipiak, SaĂŻd Gharout, Jacques Traore, VĂ©ronique Cortier
-
Patent number: 11909871Abstract: There is a need for more effective and efficient secure data transmission. This need can be addressed by, for example, solutions for secure data transmission that utilize per-user-functionality secret shares. In one example, a method includes generating a hashed user identifier based on a received user identifier; transmitting the hashed user identifier to an external computing entity; and receiving a data retrieval secret share from the external computing entity, wherein: (i) the data retrieval secret share is selected from a plurality of per-user-functionality secret shares, (ii) the plurality of per-user-functionality secret shares are generated based on a secret value, (iii) the secret value is generated based on the hashed user identifier, (iv) the secret value is used to generate a user data private key, and (v) the external computing entity is configured to encrypt user-provided data using the user data private key prior to transmission of the encrypted user-provided data.Type: GrantFiled: July 20, 2022Date of Patent: February 20, 2024Assignee: LIBERTY MUTUAL INSURANCE COMPANYInventor: Gregory Frasco
-
Patent number: 11902424Abstract: Securely re-encrypting homomorphically encrypted data by receiving fully homomorphically encrypted (FHE) information from a client device, training a machine learning model using the FHE information, yielding FHE ciphertexts, applying a first transform to the FHE ciphertexts, yielding obfuscated FHE ciphertexts, sending the obfuscated FHE ciphertexts to a secure device, receiving a re-encrypted version of the obfuscated FHE ciphertexts from the secure device, applying a second transform to the re-encrypted version of the obfuscated FHE ciphertexts yielding de-obfuscated re-encrypted FHE ciphertexts, determining FHE ML model parameters according to the de-obfuscated re-encrypted ciphertexts, and sending the FHE ML model parameters to the client device.Type: GrantFiled: November 20, 2020Date of Patent: February 13, 2024Assignee: International Business Machines CorporationInventors: Nalini K. Ratha, Karthik Nandakumar, Sharathchandra Pankanti
-
Patent number: 11887120Abstract: A system and method is described for the touchless entry of a personal identification number (PIN) at a self-service terminal such as an automated teller machine (ATM). A mobile device includes a PIN entry application. The self-service terminal includes a wireless interface for communicating wirelessly with the PIN entry application in the mobile device. A communication channel is established between a particular customer's mobile device and the self-service terminal. The PIN entry application verifies a public key for the self-service terminal at the mobile device. The customer's PIN is encrypted by the PIN entry application at the mobile device using either an ephemeral symmetric encryption key or a one-time RSA PIN transport public key. The encrypted PIN is transmitted to an encryption processor at the self-service terminal. The encryption processor decrypts the PIN using the appropriate encryption key.Type: GrantFiled: September 24, 2020Date of Patent: January 30, 2024Assignee: NCR Atleos CorporationInventors: Charles Harrow, Robert White
-
Patent number: 11882210Abstract: A method for tracing a digital information element in a computer system including electronic devices of users and a system for archiving digital information elements including a blockchain-type distributed database, the method including a step of making the digital information element from the electronic device of one of the users, a step of archiving the digital information element, the archiving step including a substep of generating an identification element of the version of the digital information element, the method including a step of adding the identification element signed with a secure element associated to this user and/or to their electronic device in the distributed database, the addition step including a substep of encrypting the identification element from a cryptographic algorithm and the secure element, the cryptographic algorithm including at least one metric variable associated to the user.Type: GrantFiled: June 2, 2021Date of Patent: January 23, 2024Assignee: The Swatch Group Research and Development LtdInventor: Jean-Luc Bazin
-
Patent number: 11882441Abstract: A wireless communication network performs quantum authentication for a wireless User Equipment (UE). In the wireless communication network, quantum circuitry selects polarization states for qubits, generates and transfers the qubits, exchanges cryptography information with edge quantum circuitry, generates cryptography keys based on polarization states and cryptography information, and transfers the cryptography keys to network authentication circuitry. The edge quantum circuitry receives and process the qubits, determines the polarization states for the qubits, exchanges the cryptography information with the network quantum circuitry, generates the cryptography keys based on the polarization states and cryptography information, and transfers the cryptography keys to the wireless UE. The wireless UE generates authentication data based on the cryptography keys and wirelessly transfers the authentication data for delivery to the network authentication circuitry.Type: GrantFiled: June 21, 2021Date of Patent: January 23, 2024Assignee: T-MOBILE INNOVATIONS LLCInventor: Marouane Balmakhtar
-
Patent number: 11860868Abstract: Methods, systems, and computer program products for a secure database-as-a-service are provided herein. A computer-implemented method includes obtaining, by a database service, data associated with one or more client devices to be stored in at least one encrypted database; encrypting, without mutation and in accordance with one or more security requirements, at least a portion of the data using an order preserving encryption scheme, wherein the encrypting comprises (i) computing a set of encryption parameters for the portion of the data and (ii) applying a process that converts a fixed-length cipher text corresponding to the portion of the data to a variable-length cipher text; and storing the encrypted data in the at least one encrypted database, wherein the database service enables one or more indexes to be built over the encrypted data to improve performance of query processing.Type: GrantFiled: December 14, 2021Date of Patent: January 2, 2024Assignee: International Business Machines CorporationInventors: Akshar Kaul, Dhinakaran Vinayagamurthy, Pankaj Satyanarayan Dayama, Santosh Ravi Kiran Penubothula
-
Patent number: 11856028Abstract: The described technology provides a capability to perform in-session updates to entitlements associated with a user's access to content served by a web application. The content may be from one or more external servers. The technology provides for automatically detecting changes to entitlements, and without requiring a user of an active session to initiate a new session, updating entitlement data in a memory such that subsequent requests for data made by the client in the same active session are serviced using the updated entitlements.Type: GrantFiled: April 8, 2021Date of Patent: December 26, 2023Assignee: NASDAQ, INC.Inventor: Vladimir Mitevski
-
Patent number: 11849035Abstract: Instructions and logic provide for a Single Instruction Multiple Data (SIMD) SM4 round slice operation. Embodiments of an instruction specify a first and a second source data operand set, and substitution function indicators, e.g. in an immediate operand. Embodiments of a processor may include encryption units, responsive to the first instruction, to: perform a slice of SM4-round exchanges on a portion of the first source data operand set with a corresponding keys from the second source data operand set in response to a substitution function indicator that indicates a first substitution function, perform a slice of SM4 key generations using another portion of the first source data operand set with corresponding constants from the second source data operand set in response to a substitution function indicator that indicates a second substitution function, and store a set of result elements of the first instruction in a SIMD destination register.Type: GrantFiled: April 11, 2022Date of Patent: December 19, 2023Assignee: Intel CorporationInventors: Sean M. Gulley, Gilbert M. Wolrich, Vinodh Gopal, Kirk S. Yap, Wajdi K. Feghali
-
Patent number: 11836561Abstract: A key fob duplication device is disclosed. The duplication device may have a housing and a display device attached to the housing. The duplication device may also have a controller enclosed within the housing. The controller may read data stored in the first key fob. The controller may also determine whether the first key fob can be duplicated based on the data. When the data indicates that the first key fob can be duplicated, the controller may write the data of the first key fob and an indicator value on a second key fob. The indicator value may indicate that the second key fob cannot be duplicated. When, however, the data indicates that the first key fob cannot be duplicated, the controller may display a message on the display device, indicating that the first key fob cannot be duplicated.Type: GrantFiled: May 16, 2022Date of Patent: December 5, 2023Assignee: The Hillman Group, Inc.Inventor: Rodrigo Serzedello
-
Patent number: 11831758Abstract: A system and method for securely encrypting and booting a headless appliance. A method includes providing the headless appliance with content stored in a memory, wherein the content is encrypted with a key, and wherein the key is separately stored on a remote computing device; booting the headless appliance and loading a fallback configuration; in response to a user device connecting to the headless appliance, directing the user device to a captive portal and capturing credentials of a user; forwarding the credentials to the remote computing device for verification by an identity provider; in response to the credentials being verified as a non-administrator, granting access to a public network for the user; and in response to the credentials being verified as an administrator, obtaining the key from the remote computing device to decrypt the content to provide access to a private network for the user.Type: GrantFiled: July 20, 2022Date of Patent: November 28, 2023Inventors: Ioannis Beredimas, Snigdhendu Mukhopadhyay, Adam Phillip Schultz
-
Patent number: 11824988Abstract: Systems and methods for inter-service authentication are disclosed. In one embodiment, a system may include a plurality of services and a cloud platform. The first service may generate a token comprising a first service identifier for communicating with a second service, and may request, from the cloud platform, a private key for the first service. The cloud platform may provide the private key to the first service. The first service may sign the token with the private key and may communicate a request to the second service with the signed token. The second service may retrieve the first service identifier and may request, from the cloud platform, a public key for the first service identifier. The cloud platform may provide the public key to the second service. The second service may validate the token using the public key, and may grant the request in response to the validation.Type: GrantFiled: April 14, 2021Date of Patent: November 21, 2023Assignee: JPMORGAN CHASE BANK, N.A.Inventors: Deepak Sarda, Ramji Venkateswaran
-
Patent number: 11818245Abstract: Some embodiments are directed to an electronic cryptographic device arranged to perform a cryptographic operation on input data obtaining output data. The cryptographic device stores an internal state as sets of shares. Fourier coefficients corresponding to the sets of shares satisfy a predetermined relationship among them. The cryptographic operation is performed by repeatedly updating the internal state.Type: GrantFiled: February 22, 2022Date of Patent: November 14, 2023Assignee: Koninklijke Philips N.V.Inventors: Sebastiaan Jacobus Antonius De Hoogh, Ronald Rietman, Ludovicus Marinus Gerardus Maria Tolhuizen
-
Patent number: 11804842Abstract: A physically unclonable function device includes a set of diode-connected MOS transistors having a random distribution of respective threshold voltages. A first circuit is configured to impose, on each first transistor, a fixed respective gate voltage regardless of the value of a current flowing in this first transistor. A second circuit is configured to impose, on each second transistor, a fixed respective gate voltage regardless of the value of a current flowing in this second transistor. A current mirror stage is coupled between the first circuit and the second circuit and is configured to deliver the reference current from a sum of the currents flowing in the first transistors. A comparator is configured to deliver a signal whose level depends on a comparison between a first current obtained from a reference current based on the first transistors and a second current of the second transistors.Type: GrantFiled: June 22, 2022Date of Patent: October 31, 2023Assignee: STMicroelectronics (Rousset) SASInventors: Nicolas Borrel, Jimmy Fort, Mathieu Lisart
-
Patent number: 11803644Abstract: Techniques are described herein for security hardened processing devices. For example, a method can include performing a secure boot of a processing device of a computer system. The processing device is configured as a root of trust for a secure boot process. The computer system can include the processing device and a non-volatile memory storing a basic input/output system (BIOS) for the secure boot process. The method can include identifying a set of programmable fuses of the processing device, deriving an encryption key using a value encoded by the set of programmable fuses in the processing device, and authenticating the BIOS to perform the secure boot process using a key derivation algorithm based on the encryption key.Type: GrantFiled: July 21, 2020Date of Patent: October 31, 2023Assignee: SDG Logic Inc.Inventor: Sergiu Ghetie
-
Patent number: 11799632Abstract: A method including determining a first master key based on receiving a master string; decrypting, based on utilizing the first master key, an encrypted first cryptographic key; decrypting, based on utilizing the first cryptographic key, first factor authentication information to enable determination of a first factor; transmitting the first factor for authentication of the first factor; transmitting, based on successful authentication of the first factor and on verifying biometric information, a decryption request including an encrypted second cryptographic key in association with an identifier to indicate that the encrypted second cryptographic key is to be decrypted based on utilizing a second master key identified by the second identifier; decrypting, based on receiving the second cryptographic key, second factor authentication information to enable determination of a second factor; and transmitting the second factor for authentication to enable receipt of a service based on successful authentication of thType: GrantFiled: June 29, 2022Date of Patent: October 24, 2023Assignee: UAB 360 ITInventor: Mindaugas Valkaitis
-
Patent number: 11784798Abstract: Systems, methods, and computer program products for data security store, in memory, a plurality of ciphers in association with a plurality of public keys, the plurality of ciphers including a plurality of secret keys encrypted with a key encryption key, and the plurality of secret keys corresponding to the plurality of public keys; receive, a data chunk for encryption; generate, a data encryption key based on a hash function, a public key of the plurality of public keys, and a random number; encrypt, the data chunk with the data encryption key to generate an encrypted data chunk; generate, a header including a cipher of the plurality of ciphers corresponding to the public key of the plurality of public keys and key encapsulation data; and store, in a database, a cipher text including the header and the encrypted data chunk.Type: GrantFiled: March 30, 2021Date of Patent: October 10, 2023Assignee: Visa International Service AssociationInventors: Sivanarayana Gaddam, Yogesh Lokhande, Biju Abraham
-
Performing key server redundancy verification to verify a key is obtained from redundant key servers
Patent number: 11784810Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.Type: GrantFiled: May 25, 2022Date of Patent: October 10, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov -
Patent number: 11775657Abstract: Enhancing security achieved via encryption that is performed within an encryption device by combining entropy that is generated within the encryption device with additional entropy, that is generated external to the encryption device, into the generation of an encryption key. Prior to an encryption device utilizing a deterministic algorithm to generate the encryption key, multiple random numbers may be obtained from different entropy sources—at least one of which is internal to the encryption device and at least one of which is external to the encryption device. The encryption device combines the multiple random numbers into a combined entropy input that cannot be determined from either one of the random numbers alone. This combined entropy input is then utilized to generate the encryption key that is ultimately used to perform the device-internal encryption.Type: GrantFiled: October 15, 2020Date of Patent: October 3, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventor: Kirill Motil
-
Patent number: 11770241Abstract: A method including determining, by a user device, an assigned key pair including an assigned public key and an associated assigned private key; determining, for content to be encrypted, an access key pair including an access public key and an associated access private key; encrypting the access private key by utilizing the assigned public key; encrypting a randomly generated key by utilizing the access public key; and encrypting content utilizing the randomly generated key. Various other aspects are contemplated.Type: GrantFiled: October 2, 2021Date of Patent: September 26, 2023Assignee: UAB 360 ITInventor: Mindaugas Valkaitis
-
Patent number: 11748500Abstract: A module such as an M2M device or a mobile phone can include a removable data storage unit. The removable data storage unit can include a nonvolatile memory, a noise amplifying memory, and a cryptographic unit. The nonvolatile memory can include (i) shared memory for access by both the module and the cryptographic unit, and (ii) protected memory accessible only by the cryptographic unit. The cryptographic unit can use a noise memory interface and noise amplifying operations in order to increase and distribute bit errors recorded in the noise amplifying memory. The cryptographic unit can (i) generate a random number using the noise amplifying memory and (ii) input the random number into a set of cryptographic algorithms in order to internally derive a PKI key pair. The private key can be recorded in protected memory and the public key signed by a certificate authority.Type: GrantFiled: July 12, 2021Date of Patent: September 5, 2023Assignee: Huawei Device Co., Ltd.Inventor: John A. Nix
-
Patent number: 11743044Abstract: Multiple systems, methods, and computer program product embodiments for password-less authentication using key agreement and multi-party computation (MPC). In one or more embodiments, following an authentication request received by a host computing device, the host computing device and a user computing device generate a shared key using a key agreement algorithm. Then, the host computing device generates a challenge that is encrypted using the shared key and transmitted to the user computing device. The user computing device decrypts the challenge after regenerating the shared key and sends the decrypted result to the host computing device as the challenge response. The authentication request is granted by the host computing device if the challenge and the challenge response match. New keys and a new challenge are generated for each authentication request. This process relies on public key cryptography eliminating the needs for passwords.Type: GrantFiled: September 21, 2021Date of Patent: August 29, 2023Assignee: Salesforce, Inc.Inventors: Prasad Peddada, Taher Elgamal, Vishal Agarwal
-
Patent number: 11736289Abstract: A method including determining an assigned key pair associated with a device, the assigned key pair including an assigned public key and an associated assigned private key; determining an access key pair associated with content to be encrypted, the access key pair including an access public key and an associated access private key; encrypting the access private key using a combination encryption key determined based at least in part on the access private key and the assigned public key; encrypting a randomly generated key by utilizing the access public key; and encrypting the content utilizing the randomly generated key. Various other aspects are contemplated.Type: GrantFiled: October 2, 2021Date of Patent: August 22, 2023Assignee: UAB 360 ITInventor: Mindaugas Valkaitis
-
Patent number: 11736460Abstract: The present disclosure relates to implementations of physically unclonable functions (PUFs) for cryptographic and authentication purposes. Specifically, the disclosure describes implementations of systems using PUFs that may replace existing public key infrastructures (PKIs).Type: GrantFiled: October 12, 2021Date of Patent: August 22, 2023Assignee: ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITYInventor: Bertrand Francis Cambou
-
Patent number: 11722297Abstract: A device for generating a key has a multimode interferometer which can be coupled to a light source and has a light path having an electro-optical material, the light path being configured to obtain light at an input side, influence the light under the influence of a locally varying refraction index of the electro-optical material and provide influenced light at an output side. The device has a receiver configured to receive the influenced light at the output side, and has an evaluator configured to perform an evaluation based on the influenced light and to generate the key based on the evaluation.Type: GrantFiled: February 28, 2020Date of Patent: August 8, 2023Assignee: Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V.Inventors: Martin Blasl, Florenta Costache