Authentication By Digital Signature Representation Or Digital Watermark Patents (Class 713/176)
  • Patent number: 8806616
    Abstract: An authorized user may be provided access to a service only when a wireless token assigned to the user is in the proximity of a computing device. A user's credential may be stored on an RFID token and an RFID reader may be implemented within a security boundary on the computing device. Thus, the credential may be passed to the security boundary without passing through the computing device via software messages or applications. The security boundary may be provided, in part, by incorporating the RFID reader onto the same chip as a cryptographic processing component. Once the information is received by the RFID reader it may be encrypted within the chip. As a result, the information may never be presented in the clear outside of the chip. The cryptographic processing component may cryptographically encrypt/sign the credential received from the token.
    Type: Grant
    Filed: September 14, 2012
    Date of Patent: August 12, 2014
    Assignee: Broadcom Corporation
    Inventors: Mark Buer, Ed Frank, Nambi Seshadri
  • Patent number: 8806211
    Abstract: Methods and systems for maintaining computer security are provided. The method for maintaining security of a computer system comprises determining an initial system certainty value for the computer system, providing access to a database of signatures, each signature including a signature certainty value, receiving data, comparing the received data with the database of signatures, increasing the system certainty value if the received data does not match a signature in the database, decreasing the system certainty value if the received data matches a signature in the database and filtering the data based on the system certainty value and the signature certainty value of a signature matching the received data.
    Type: Grant
    Filed: May 19, 2004
    Date of Patent: August 12, 2014
    Assignee: CA, Inc.
    Inventor: Paul Gassoway
  • Patent number: 8806558
    Abstract: A machine-implementable method for uniquely watermarking a content object according to end user identity includes transcoding an original content object to a format that is compatible with end user systems, and storing the transcoded content object where it is accessible by one or more points of presence (POPs) of a content delivery network. One of the POPs receives identifying information associated with a specific one of the end user systems. A digital watermark engine adds uncorrected digital watermark information correlating to the end user system, to the content object, to form a uniquely watermarked content object. The uncorrected digital watermark information is correctable by error correction capability of the specific end user system to deliver a version of the content object that is indistinguishable by a human from the original content object. The method further includes transmitting the uniquely watermarked content object to the specific end user system.
    Type: Grant
    Filed: December 18, 2013
    Date of Patent: August 12, 2014
    Assignee: Limelight Networks, Inc.
    Inventors: Sean Cassidy, Brandon Smith
  • Patent number: 8806214
    Abstract: Apparatus, systems, and methods may operate to receive, at a trusted third party (TTP), a signed disguised message as a disguised receiver signature from a receiver that has signed a disguised message using a blind signature process to transform the disguised message into the signed disguised message. Additional activities may include sending, from the TTP, an undisguised version of the disguised message to the receiver, and the receiver signature to a sender of the undisguised version, after determining that the receiver signature is valid. Additional apparatus, systems, and methods are disclosed.
    Type: Grant
    Filed: April 7, 2011
    Date of Patent: August 12, 2014
    Assignee: Novell, Inc.
    Inventor: Gosukonda Naga Venkata Satya Sudhakar
  • Patent number: 8804958
    Abstract: A method is provided for protecting data content against illegal copying. The data content is provided by an entertainment system and is output to output units in an authorized playback environment for playing back the data content. The method includes transmitting the data content in the authorized playback environment from the entertainment system to an output unit, and adding an interference signal to the data content such that, during playback of the data content outside the authorized playback environment a disruption is induced.
    Type: Grant
    Filed: August 8, 2012
    Date of Patent: August 12, 2014
    Assignee: Siemens Convergence Creators GmbH
    Inventors: Gabriel Gudenus, Gerald Schreiber
  • Patent number: 8806215
    Abstract: Methods and systems for robust watermark insertion and extraction for digital set-top boxes are disclosed and may include descrambling, detecting watermarking messages in a received video signal utilizing a watermark message parser, and immediately watermarking the descrambled video signal utilizing an embedded CPU. The embedded CPU may utilize code that may be signed by an authorized key, encrypted externally to the chip, decrypted, and stored in memory in a region off-limits to other processors. The video signal may be watermarked in a decompressed domain. The enabling of the watermarking may be verified utilizing a watchdog timer. The descriptors corresponding to the watermarking may be stored in memory that may be inaccessible by the main CPU. The watermark may comprise unique identifier data specific to the chip and a time stamp, and may be encrypted utilizing an on-chip combinatorial function.
    Type: Grant
    Filed: September 6, 2012
    Date of Patent: August 12, 2014
    Assignee: Broadcom Corporation
    Inventors: Sherman Xuemin Chen, Stephane Rodgers
  • Patent number: 8804153
    Abstract: A method for printing a print ready file transmitted by a print client on an imaging device includes creating a print data file associated with the print ready file, where the print data file includes information pertaining to the print ready file and the imaging device. In the method, the print data file is encrypted and transmitted to the imaging device. In addition, the print data file is authenticated in the imaging device and printing of the print ready file is enabled if the print data file is determined to be authentic and the print ready file is invalidated if the print data file is determined to be inauthentic. Also disclosed is an imaging device configured to perform the aforementioned method.
    Type: Grant
    Filed: April 16, 2007
    Date of Patent: August 12, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Tukun Chakraborty, Zakir Ahmed, Debjit Roy, Kah Kit Cheong, Kok Mun Stephen Cheng
  • Patent number: 8805689
    Abstract: Methods and apparatus to generate and use content-aware watermarks are disclosed herein. In a disclosed example method, media composition data is received and at least one word present in an audio track of the media composition data is selected. The word is then located in a watermark.
    Type: Grant
    Filed: April 11, 2008
    Date of Patent: August 12, 2014
    Assignee: The Nielsen Company (US), LLC
    Inventors: Arun Ramaswamy, Robert A. Luff
  • Patent number: 8806197
    Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as ?zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.
    Type: Grant
    Filed: May 23, 2012
    Date of Patent: August 12, 2014
    Assignee: Certicom Corp.
    Inventors: Marinus Struik, Daniel R. Brown, Scott A. Vanstone, Robert P. Gallant, Adrian Antipa, Robert J. Lambert
  • Patent number: 8806640
    Abstract: A computer system may be employed to verify program execution integrity by receiving a request to launch a program that has been instrumented to include at least one integrity marker, instantiating the program with an integrity marker value, and verifying the execution integrity of the program based on the integrity marker value and information received from the program during execution. A computer system may also be employed for program instrumentation by modifying the program to include at least one instruction for passing an integrity marker value to an operating system kernel during execution of the instruction.
    Type: Grant
    Filed: October 21, 2011
    Date of Patent: August 12, 2014
    Assignee: George Mason Intellectual Properties, Inc.
    Inventor: Xinyuan Wang
  • Patent number: 8806212
    Abstract: Provided are methods of generating and verifying an electronic signature of software data, wherein software data is split into a plurality of blocks, electronic signatures corresponding to each of the blocks are generated, and some of the electronic signatures are randomly selected for verification. Accordingly, a time required for verifying an electronic signature can be reduced while maintaining the advantages of an electronic signature system.
    Type: Grant
    Filed: August 14, 2008
    Date of Patent: August 12, 2014
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jun-Bum Shin, Choong-hoon Lee, Su-hyun Nam, Yang-lim Choi, Ji-soon Park
  • Patent number: 8806526
    Abstract: A system includes a transport central processing unit of an information appliance device. The transport central processing unit receives a message from a head-end. The transport central processing unit provides access of the message to the security processing unit. A host central processing unit connected with the transport central processing unit is prohibited access to the message.
    Type: Grant
    Filed: November 13, 2012
    Date of Patent: August 12, 2014
    Assignee: Broadcom Corporation
    Inventor: Stephane Rodgers
  • Patent number: 8806628
    Abstract: In at least one embodiment, a method and a system include capability to fine-tune a data loss prevention system. An example system includes a computer readable storage medium for storing at least one alert database and at least one associated signature set to each alert database; an analytics module in communication to the computer readable storage medium, the analytics module analyzes at least one alert database present on the computer storage medium to determine whether any signatures from the signature set associated with the alert database being analyzed are ineffective based at least on a ratio of valid alerts to false positive alerts for individual signatures selected from a group including a plurality of signatures present in the signature set; and an adjustment module in communication to the computer readable storage medium and the analytics module, the adjustment module removes at least one ineffective signature from the signature set.
    Type: Grant
    Filed: January 4, 2013
    Date of Patent: August 12, 2014
    Assignee: International Business Machines Corporation
    Inventors: Charles Steven Lingafelt, James William Murray, James Thomas Swantek, James Steven Worley
  • Patent number: 8806217
    Abstract: A method, system and non-transitory computer-readable medium product are provided for functionality watermarking and management. In the context of a method, a method is provided that includes identifying a request to establish an association between a watermark template and a function of at least one user device and determining whether the request to establish the association between the watermark template and the function of the at least one user device is authorized. The method further includes authorizing the request to establish the association between the watermark template and the function of the at least one user device in response to a determination that the request to establish the association between the watermark template and the function of the at least one user device is authorized.
    Type: Grant
    Filed: August 6, 2013
    Date of Patent: August 12, 2014
    Inventors: John Marshall, Erich Stuntebeck
  • Publication number: 20140223171
    Abstract: Methods and apparatus to certify digital signatures are disclosed. An example method includes retrieving, from a first database, a first geographical location associated with an identification number associated with a network device and identified in a request to certify a digital signature, comparing the first geographical location associated with the identification number to a second geographical location to verify the second geographical location, determining that the first geographical location matches the second geographical location, and certifying the digital signature to indicate an authenticity of the digital signature based on the verification of the second geographical location and a comparison of (a) biometric information associated with a user associated with the request and (b) stored biometric information.
    Type: Application
    Filed: April 3, 2014
    Publication date: August 7, 2014
    Applicant: AT&T Intellectual Property I, L.P.
    Inventors: Brian M. Novack, David L. Dunmire, Daniel L. Madsen, Michael D. Cheaney, Timothy R. Thompson
  • Publication number: 20140223184
    Abstract: A method, system, and connector interface for authenticating an accessory. the method includes performing a first authentication operation on the accessory by the media player, where an authentication certificate is validated; and performing a second authentication operation on the accessory by the media player, where an authentication signature is validated. According to the system and method disclosed herein, the media player and accessory may utilize a plurality of commands utilized in a variety of environments such as within a connector interface system environment to control access to the media player.
    Type: Application
    Filed: November 19, 2013
    Publication date: August 7, 2014
    Applicant: Apple Inc.
    Inventors: Donald J. Novotney, John B. Filson, David Tupman, Gregory T. Lydon
  • Publication number: 20140223187
    Abstract: With the help of a key management protocol, the transmitted key information is authenticated by at least one certificate signed by the terminals, and at least one fingerprint of the public keys or certificate, which were used for authenticating the key information, is added to the useful part of an SIP message. The identity information present in the header of an SIP message is additionally copied into a region of the header or the useful part, and a signature is produced by way of the fingerprint, the datum information presented in the header of an SIP message, the copied identity information, and optionally the certificate reference information, and is inserted into a further region of the header of the SIP message. The additional signature that is produced and inserted can remain uninfluenced during a transmission across several networks of different network operators.
    Type: Application
    Filed: April 14, 2014
    Publication date: August 7, 2014
    Applicant: Unify GmbH & Co. KG
    Inventors: John Elwell, Kai Fischer
  • Publication number: 20140223185
    Abstract: The present invention relates to a method of verifying that an action is authorised by a user, including receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user, associating the user identifier with data relating to the requested action, communicating the data to a second user device associated with the same user identifier via a second communications channel, receiving a user verification code associated with the user identifier, and determining if the user verification code includes the data, which is digitally signed using a code generation algorithm based on at least a key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user.
    Type: Application
    Filed: July 24, 2012
    Publication date: August 7, 2014
    Applicant: Emue Holdings Pty Ltd.
    Inventors: Jason Frederick Bender, James Evan Lenon
  • Publication number: 20140223186
    Abstract: A system and method for verifying a digital signature on a certificate, which may be used in the processing of encoded messages. In one embodiment, when a digital signature is successfully verified in a signature verification operation, the public key used to verify that digital signature is cached. When a subsequent attempt to verify the digital signature is made, the public key to be used to verify the digital signature is compared to the cached key. If the keys match, the digital signature can be successfully verified without requiring that a signature verification operation in which some data is decoded using the public key be performed.
    Type: Application
    Filed: April 11, 2014
    Publication date: August 7, 2014
    Applicant: BLACKBERRY LIMITED
    Inventors: Michael K. Brown, Michael S. Brown
  • Patent number: 8799641
    Abstract: Methods and apparatus for secure proxying using network intermediaries. A system may include one or more servers and a network intermediary. The network intermediary may generate security metadata associated with a client request, comprising an identification of a source of the client request, and transmit an encoded version of the security metadata and a backend request to a server. The server may determine whether the security metadata is valid. If the security metadata is validated, the server may perform one or more operations in accordance with the backend request and the security metadata.
    Type: Grant
    Filed: December 16, 2011
    Date of Patent: August 5, 2014
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin E. Seidenberg, Gregory B. Roth, Graeme D. Baer
  • Patent number: 8799659
    Abstract: A method, computer program product, and computing device for modifying a first channel portion of a digital media data file to include at least a first primary watermark. A second channel portion of the digital media data file is modified to include at least a first secondary watermark, wherein the first secondary watermark is the complement of the first primary watermark.
    Type: Grant
    Filed: August 18, 2008
    Date of Patent: August 5, 2014
    Assignee: Intel Corporation
    Inventors: Venugopal Srinivasan, Atul Puri
  • Patent number: 8800053
    Abstract: A executable content message stream filter applies a plurality of executable content filters to a stream of parsed elements of a network message. Each of the plurality of executable content filters targets executable content and is instantiated based on a set of one or more rule sets selected based, at least in part, on a type of the network message. For each of the plurality of executable content filters, it is determined if one or more of the stream of parsed elements includes executable content targeted by the executable content filter. The executable content message stream filter modifies those of the stream of parsed elements that include the executable content targeted by the plurality of executable content filters to disable the executable content.
    Type: Grant
    Filed: July 2, 2012
    Date of Patent: August 5, 2014
    Assignee: International Business Machines Corporation
    Inventors: Ai Ishida, Todd E. Kaplinger, Satoshi Makino, Masayoshi Teraguchi, Naohiko Uramoto
  • Patent number: 8799672
    Abstract: The present disclosure relates generally to an apparatus, system and method, and more particularly to an apparatus, system and method providing for referees to communicate with each other and/or other officiators on or off the field using an article of headwear equipped with communication means attached thereto, where the communication means is in communication with at least one portable remote terminal and as such the referee can dynamically receive electronic communications concerning video replays, field incidents on or off the field, play calls, signal calls, etc., from other referees on/or off the field or court.
    Type: Grant
    Filed: December 17, 2009
    Date of Patent: August 5, 2014
    Inventor: Isaac Sayo Daniel
  • Patent number: 8799660
    Abstract: A communication apparatus includes: a first storage unit storing a received electronic mail; a verification unit executing a first verification about an electronic signature attached to the received electronic mail; a printing unit printing the received electronic mail if a verification result of the first verification is positive; a deletion unit deleting the printed electronic mail from the first storage unit; and a storage control unit controlling a second storage unit to store the mail information about the received electronic mail in the second storage unit if the verification result of the first verification is negative. The verification unit again executes the first verification about a specific electronic signature attached to a specific electronic mail which mail information is stored in the second storage unit. The printing unit prints the specific electronic mail if a verification result by again executing the first verification about the specific electronic signature is positive.
    Type: Grant
    Filed: March 19, 2010
    Date of Patent: August 5, 2014
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventor: Shohei Tsujimoto
  • Patent number: 8799675
    Abstract: A system and method for authenticating data. Data may be received that is individually encrypted in a first encryption layer by each of a plurality of users using user-specific private keys. The received data may be encrypted together in a second encryption layer to create multi-layered encrypted data. The multi-layered encrypted data may be transferred to a beneficiary device to determine if the encrypted data is authentic. At the beneficiary device, the second encryption layer may be decrypted to expose the first encryption layer. Then, the first encryption layer may be decrypted using public keys that only decrypt data encrypted by private keys assigned to a plurality of authorizers pre-designated to authenticate the data. If the first encryption layer is properly decrypted using the authorizers' decryption keys, it may be determined that the users are the pre-designated authorizers.
    Type: Grant
    Filed: January 5, 2012
    Date of Patent: August 5, 2014
    Assignee: House of Development LLC
    Inventor: Mohammed Alawi Geoffrey
  • Patent number: 8800011
    Abstract: In one embodiment a method for receiving a request from a user to update a pointer record of a domain name system (DNS) in a DNS service includes issuing a query from the DNS service to a resource of a first service of the data center from the DNS service using a uniform resource indicator (URI) of the request corresponding to the resource, receiving a list of Internet protocol (IP) addresses in the DNS service from the first service, determining whether an IP address received in the request corresponds to one of the IP addresses of the list, and if so, enabling the user to update the pointer record.
    Type: Grant
    Filed: May 31, 2012
    Date of Patent: August 5, 2014
    Assignee: Rackspace US, Inc.
    Inventors: Keith Bray, Daniel Morris, Randall Burt
  • Patent number: 8799656
    Abstract: Methods for anonymous authentication and key exchange are presented. In one embodiment, a method includes initiating a two-way mutual authentication between a device and a remote entity. The device remains anonymous to the remote entity after performing the authentication. The method also includes establishing a mutually shared session key for use in secure communication, wherein the initiating and the establishing are in conjunction with direct anonymous attestation (DAA).
    Type: Grant
    Filed: October 27, 2010
    Date of Patent: August 5, 2014
    Assignee: Intel Corporation
    Inventors: Ernest F. Brickell, Jiangtao Li, Jesse Walker
  • Patent number: 8799661
    Abstract: The present invention includes a system and process for monitoring the existence of secured, marked digital files. A cryptographic token inertly embedded in markup language tags of digital files is sought in relation to external, third-party databases, e.g. files over the Internet. Instances of files lacking the cryptographic token are identified.
    Type: Grant
    Filed: March 24, 2012
    Date of Patent: August 5, 2014
    Assignee: Mach 1 Development, Inc.
    Inventors: Paul L. Greene, Charles M. Tellechea, Jr.
  • Patent number: 8799663
    Abstract: Secure execution of workflow tasks are executed according to a given execution pattern in a decentralized workflow system with a central workflow engine and multiple task execution agents. The method starts at an i'th execution agent which is selected by at least one preceding execution agent in accord with the execution pattern to perform an i'th task of the workflow. The method includes receiving, from the at least one preceding execution agent via a secure channel, a task-based private key generated by the at least one preceding execution agent, signing workflow information of the workflow for at least one subsequent execution agent with a workflow signature, selecting at least one appropriate subsequent execution agent, computing a task-based private key for the at least one subsequent execution agent, and forwarding to the at least one subsequent execution agent the workflow information with its associated workflow signature.
    Type: Grant
    Filed: September 14, 2012
    Date of Patent: August 5, 2014
    Assignee: SAP AG
    Inventor: Hoon Wei Lim
  • Patent number: 8799662
    Abstract: A method and apparatus for validating the integrity of computer software installer files prior to installation of computer software comprising: generating at least one signature file for at least one corresponding installer file, the at least one signature file comprising a file name, a file size and a checksum, wherein the checksum is calculated for the corresponding installer file; and packaging the at least one signature file with the corresponding installer file, wherein the checksum in the signature file is used to validate the integrity of the installer file prior to installation of the installer file.
    Type: Grant
    Filed: July 27, 2012
    Date of Patent: August 5, 2014
    Assignee: Adobe Systems Incorporated
    Inventors: Afroz Muzammil, Piyush Gupta, Himanshu Garg, Mansukh Patidar
  • Patent number: 8800006
    Abstract: A method may include authenticating a node over layer 2 in a network based on authentication rules; sending a node authentication code to the node; and providing layer 3 network access based on the node authentication code.
    Type: Grant
    Filed: August 31, 2012
    Date of Patent: August 5, 2014
    Assignee: Juniper Networks, Inc.
    Inventors: Roger Chickering, Derek Brown, Paul Funk, Oliver Tavakoli
  • Patent number: 8799665
    Abstract: A third-party watermark is inserted into a file or files uploaded by a client to a storing party such as a file backup server. The third-party watermark may contain information about the upload itself, such as time and date of the upload and the identity of the client. The third-party watermark may also contain authentication information received from the client or elsewhere that establishes that the client is in proper possession of the file, e.g., it is not a bootlegged copy.
    Type: Grant
    Filed: June 13, 2013
    Date of Patent: August 5, 2014
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Thomas Killian, Norman L. Schryer
  • Patent number: 8799664
    Abstract: Embodiments disclosed allow authentication between two entities having agreed on the use of a common modulus N. The authentication includes generating a pseudorandom string value; generating a public key value based on the modulus N and the pseudorandom string value; generating a private key value corresponding to the public key value; receiving a verifier's public key value; generating a shared secret value based on the modulus N, the private key value and the verifier's public key value; calculating an authentication signature value using the shared secret value; and transmitting the authentication signature value for authentication. When the authentication signature is received, the public key value and the shared value are generated to calculate an authentication signature value. Thereafter, the authentication signature values are compared and authenticated.
    Type: Grant
    Filed: April 9, 2013
    Date of Patent: August 5, 2014
    Assignee: QUALCOMM Incorporated
    Inventors: Alexander Gantman, Gregory Gordon Rose, John W. Noerenberg, II, Philip Michael Hawkes
  • Publication number: 20140215224
    Abstract: Systems and methods are described for, e.g., providing a statutory audio content service on a portable device that complies with the provisions of the Digital Millennium Copyright Act (DMCA). The user can select a playlist subject to DMCA restrictions but cannot access individual items. Content playback, including skipping of content, is restricted to enforce relevant DMCA provisions. Encryption used to implement digital rights management (DRM) may be modified to enforce such content play rules or, alternatively, an additional layer of encryption may be imposed. Limitations on playback are stored along with the playlist structure in a form that is protected against modification. Information logging content playback is maintained in protected form to be uploaded and relayed to the service provider for the purpose of calculating royalty payments.
    Type: Application
    Filed: April 1, 2014
    Publication date: July 31, 2014
    Applicant: Sony Computer Entertainment America LLC
    Inventors: Murgesh Navar, Audrey Yruski, Rajiv Puranik, Michael Hsu
  • Publication number: 20140215220
    Abstract: The present invention relates to an application distribution system and method, and the application distribution system according to the present invention includes a developer terminal for requesting registration of an application; and an application trading server for registering and posting the application in an application store in response to the request of the developer terminal, in which if the application does not have an electronic signature, the application trading server performs security verification on the application based on preset application security verification criteria, generates an electronic signature for the application and transmits the electronic signature to the developer terminal, and if the application has an electronic signature, the application trading server performs security verification on the application by verifying the electronic signature.
    Type: Application
    Filed: October 11, 2013
    Publication date: July 31, 2014
    Applicant: Korea Internet & Security Agency
    Inventors: Mi Joo KIM, Mi Yeon Yoon, Kyung Ho Son, Hae Ryong Park
  • Publication number: 20140215219
    Abstract: A method for verifying an electronic signature is described including determining a residue class given by the signature; determining an integer having the residue class; determining a field element of a finite field such that the field element corresponds to the integer according to a predetermined mapping of the finite field to the set of integers; determining whether the field element fulfills a predetermined criterion and deciding whether the signature is valid based on whether the field element fulfills the predetermined criterion.
    Type: Application
    Filed: January 29, 2013
    Publication date: July 31, 2014
    Applicant: INFINEON TECHNOLOGIES AG
    Inventors: Bernd Meyer, Erwin Hess
  • Publication number: 20140215222
    Abstract: Provided an information processing apparatus including a number generation unit configured to generate numbers used in coefficients of terms included in a pair of multi-order multivariate polynomials F=(f1, . . . , fm), using a predetermined function, from information shared between entities executing an algorithm of a public-key authentication scheme or a digital signature scheme that uses a public key including the pair of multi-order multivariate polynomials F, and an allocation unit configured to allocate the numbers generated by the number generation unit to the coefficients of the multi-order multivariate polynomials for which the pair of multi-order multivariate polynomials F are included in constituent elements.
    Type: Application
    Filed: August 14, 2012
    Publication date: July 31, 2014
    Applicant: SONY CORPORATION
    Inventors: Koichi Sakumoto, Taizo Shirai, Harunaga Hiwatari, Kazuya Kamio
  • Publication number: 20140215221
    Abstract: In a hitless manual cryptographic key refresh scheme, a state machine is independently maintained at each network node. The state machine includes a first state, a second state, and a third state. In the first state, which is the steady state, a current cryptographic key is used both for generating signatures for outgoing packets and for authenticating signatures of incoming packets. In the second state, which is entered when a new cryptographic key is provisioned, the old (i.e. formerly current) key is still used for generating signatures for outgoing packets, however one or, if necessary, both of the old key and the newly provisioned key is used for authenticating signatures of incoming packets. In the third state, the new key is used for generating signatures for outgoing packets and either one or both of the old key and new key are used for authenticating signatures of incoming packets.
    Type: Application
    Filed: December 18, 2013
    Publication date: July 31, 2014
    Applicant: ROCKSTAR CONSORTIUM US LP
    Inventors: RICHARD GAUVREAU, MICHAEL AALDERS, KIM EDWARDS
  • Publication number: 20140215223
    Abstract: An information processing apparatus which updates a basic software package is disclosed. The information processing apparatus includes an encryption and decryption unit which stores values calculated uniquely from software and encrypts information based on the calculated values and decrypts encrypted information based on the calculated values. The basic software package includes a firmware authenticating module for authenticating a firmware updating file which includes new software for updating the basic software package, a value uniquely calculated from the new software, and a public key signature. The information processing apparatus further includes a software updating module which updates the basic software package by using the authenticated firmware updating file, and an encryption key managing module for encrypting again the information encrypted by the values based on a value changed by updating the basic software package.
    Type: Application
    Filed: April 1, 2014
    Publication date: July 31, 2014
    Applicant: RICOH COMPANY, LTD.
    Inventor: Hidekazu Segawa
  • Patent number: 8793487
    Abstract: A public key infrastructure comprising a participant that issues digital certificates. Each digital certificate can be relied upon in at least two different trust domains. The public key infrastructure does not employ policy mapping between or among the trust domains. Furthermore, the public key infrastructure does not link any pair of trust domains via cross-certificates. Just one trust domain is bound to the digital certificate at any given moment. The current trust domain that is to be bound to the digital certificate is elected by a relying party at the time of reliance, based upon a specific certificate validation methodology selected by the relying party.
    Type: Grant
    Filed: January 16, 2009
    Date of Patent: July 29, 2014
    Assignee: Identrust, Inc.
    Inventors: William C. Epstein, Lawrence R. Miller
  • Patent number: 8793390
    Abstract: Systems, methods, and computer products for detecting protocols in a network proxy are provided. Protocol detection includes receiving from a first computer a request for connection to a second computer, the request conforming to a first protocol; establishing a connection with at least one of the first computer and the second computer; receiving data from at least one of the first computer and the second computer, wherein the data conforms to a second protocol; and performing protocol detection on the data.
    Type: Grant
    Filed: May 23, 2006
    Date of Patent: July 29, 2014
    Assignee: Blue Coat Systems, Inc.
    Inventors: Jamshid Mahdavi, Ron Frederick, Srinath Joshi
  • Patent number: 8792416
    Abstract: In a mobile communication system, a radio device is configured to transmit notification information transmitted from a distribution server, to a mobile station, by use of broadcast communication. The distribution server 10 includes a key transmitter unit 12 configured to transmit a public key of the distribution server 10 to the mobile station UE; the radio device RNC, Node B includes a notification information transmitter unit 22, 42, 42A configured to transmit, to the mobile station UE, the notification information transmitted from the distribution server 10; and the mobile station UE includes an authentication unit 36 configured to authenticate the validity of the received notification information in reference to an electronic signature for the notification information.
    Type: Grant
    Filed: June 19, 2007
    Date of Patent: July 29, 2014
    Assignee: NTT DoCoMo, Inc.
    Inventors: Ryo Kitahara, Katsuhiro Noguchi
  • Patent number: 8793769
    Abstract: A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.
    Type: Grant
    Filed: December 31, 2009
    Date of Patent: July 29, 2014
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Oscar Marcia, Stuart Hoggan, Simon Krauss
  • Patent number: 8793500
    Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination.
    Type: Grant
    Filed: March 15, 2012
    Date of Patent: July 29, 2014
    Assignees: Certicom Corp., Pitney Bowes Inc.
    Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
  • Patent number: 8793499
    Abstract: A system and method are provided for implementing a digital signature scheme for embedding and validating multiple nested digital signatures in digitally produced documents without modifying a file size of the digitally produced and signed documents or otherwise corrupting previously-embedded digital signatures. A number of fixed fields are included in a digitally produced document, upfront, that will be populated with multiple digital signatures. With the fixed fields in the digitally produced documents, the entire file is cryptographically “hashed” and the individual digital signatures are independently verifiable via simple cryptographic schemes. Multiple digital signatures are embedded in documents including complex file formats in a manner that does not corrupt the documents. Known cryptographic techniques such as, for example, a known hash algorithm, are applied to the digitally produced documents including the multiple sequentially input digital signatures in a process that is independently verifiable.
    Type: Grant
    Filed: January 20, 2012
    Date of Patent: July 29, 2014
    Assignee: Lockheed Martin Corporation
    Inventor: Robert Joseph Loughry
  • Patent number: 8792110
    Abstract: Systems and methods for securing a document for transmission are discussed. In one embodiment, a document is checked for an indication of confidentiality. The document is then passed to a secure driver, in response to a finding of the indication of confidentiality. The document is passed to a non-secure driver, in response to a failure to find the indication of confidentiality. The document is then transmitted after processing by the secure driver or the non-secure driver.
    Type: Grant
    Filed: May 30, 2008
    Date of Patent: July 29, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Keith Moore
  • Patent number: 8793498
    Abstract: A method and system for identifying a source of a copied work that in one embodiment includes obtaining at least some portions of a reference work, collecting at least some portions of the suspect work, matching the suspect work with the reference work, wherein the matching includes temporally aligning one or more frames of the reference work and the suspect work, spatially aligning frames of the reference work and the suspect work, and detecting forensic marks in the suspect work by spatiotemporal matching with the reference work.
    Type: Grant
    Filed: November 24, 2008
    Date of Patent: July 29, 2014
    Assignee: NBCUniversal Media, LLC
    Inventors: Zhaohui Sun, Catherine Mary Graichen, Corey Nicholas Bufi, Anthony James Hoogs, Aaron Shaw Markham, Budhaditya Deb, Roderic Greene Collins, Michael Shane Wilkinson, Anthony Christopher Anderson, Jenny Marie Weisenberg
  • Publication number: 20140208120
    Abstract: A trusted rendering system for use in a system for controlling the distribution and use of digital works. A trusted rendering system facilitates the protection of rendered digital works which have been rendered on a system which controls the distribution and use of digital works through the use of dynamically generated watermark information that is embedded in the rendered output. The watermark data typically provides information relating to the owner of the digital work, the rights associated with the rendered copy of the digital work and when and where the digital work was rendered. This information will typically aid in deterring or preventing unauthorized copying of the rendered work to be made. The system for controlling distribution and use of digital works provides for attaching persistent usage rights to a digital work. Digital works are transferred between repositories which are used to request and grant access to digital works.
    Type: Application
    Filed: January 24, 2014
    Publication date: July 24, 2014
    Applicant: ContentGuard Holdings, Inc.
    Inventors: Mark J. Stefik, Glen W. Petrie, Steve A. Okamoto, Nicholas H. Briggs
  • Publication number: 20140208122
    Abstract: In an example, a method of securing content is described. The method may include instantiating a content server on a client device. The method may also include operating the content server to retrieve content identified by a Uniform Resource Identifier (URI). The method may also include serving the content from the content server to a content renderer on the client device. The content renderer may be configured to render the content at the client device and to prohibit saving the content in the clear on the client device.
    Type: Application
    Filed: March 26, 2014
    Publication date: July 24, 2014
    Applicant: QUMU CORPORATION
    Inventors: Priyadarshee Deeptarag Mathur, Robert J. Reutiman, Samir Mittal
  • Publication number: 20140208119
    Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.
    Type: Application
    Filed: January 21, 2013
    Publication date: July 24, 2014
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: John Y-C. Chang, Ching-Yun CHao, Bertrand Be-Chung Chiu, Ki Hong Park