Having Separate Add-on Board Patents (Class 713/192)
-
Patent number: 7636439Abstract: Data to be encrypted is effectively encrypted by a data delivery system for encrypting the data to be encrypted with a transmitting apparatus and decrypting a cipher thereof with a receiving apparatus. In a configuration for encrypting and decrypting the data to be encrypted by using a random number sequence generated by a random number generating portion for generating the random number sequence uniquely decided from an input parameter, the transmitting apparatus generates the input parameter to perform encryption based on metadata of the data to be encrypted while the receiving apparatus generates the input parameter to perform cipher decryption based on the metadata embedded in the data to be encrypted.Type: GrantFiled: September 9, 2005Date of Patent: December 22, 2009Assignee: Hitachi Kokusai Electric, Inc.Inventors: Sumie Nakabayashi, Kazuhito Yaegashi, Munemitsu Kuwabara, Hirotake Usami
-
Patent number: 7634666Abstract: A crypto-engine for cryptographic processing has an arithmetic unit and an interface controller for managing communications between the arithmetic unit and a host processor. The arithmetic unit has a memory unit for storing and loading data and arithmetic units for performing arithmetic operations on the data. The memory and arithmetic units are controlled by an arithmetic controller.Type: GrantFiled: August 15, 2003Date of Patent: December 15, 2009Assignee: Cityu Research LimitedInventors: Lee Ming Cheng, Ting On Ngan, Ka Wai Hau
-
Publication number: 20090307501Abstract: An apparatus, system, and method are disclosed for interfacing a driver with an encryption source that uses a communication module that allows the driver and the encryption source to communicate messages to one another, wherein the messages result in the encryption source providing encryption data that the communication module relays to the driver.Type: ApplicationFiled: June 5, 2008Publication date: December 10, 2009Inventors: David Luciani, Raymond Anthony James
-
Patent number: 7624444Abstract: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.Type: GrantFiled: June 13, 2002Date of Patent: November 24, 2009Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Patent number: 7610493Abstract: Embodiments of system and method for adapting to attacks of cryptographic processes on multiprocessor systems with shared cache are generally described herein. Other embodiments may be described and claimed.Type: GrantFiled: August 31, 2005Date of Patent: October 27, 2009Assignee: Intel CorporationInventor: David Walter Young
-
Patent number: 7603561Abstract: An image input device which includes a means for inputting image data, a memory for storing a secret information and an operator for carrying out an operation by using the image data and the secret information.Type: GrantFiled: August 26, 2005Date of Patent: October 13, 2009Assignee: Canon Kabushiki KaishaInventor: Kazuomi Oishi
-
Patent number: 7600132Abstract: Various embodiments are provided for authenticating an embedded device on a motherboard. An exemplary embodiment includes generating a unique authentication code (UAC) based on a serial number for a motherboard, and providing the UAC to a computer system having the motherboard. A determination is then made as to whether the provided UAC is correct for the motherboard, and an option ROM BIOS designed for the embedded device is executed when the provided UAC is correct for the motherboard.Type: GrantFiled: December 19, 2003Date of Patent: October 6, 2009Assignee: Adaptec, Inc.Inventor: Fadi A. Mahmoud
-
Patent number: 7600131Abstract: Provided is an architecture for a cryptography accelerator chip that allows significant performance improvements over previous prior art designs. In various embodiments, the architecture enables parallel processing of packets through a plurality of cryptography engines and includes a classification engine configured to efficiently process encryption/decryption of data packets. Cryptography acceleration chips in accordance may be incorporated on network line cards or service modules and used in applications as diverse as connecting a single computer to a WAN, to large corporate networks, to networks servicing wide geographic areas (e.g., cities). The present invention provides improved performance over the prior art designs, with much reduced local memory requirements, in some cases requiring no additional external memory. In some embodiments, the present invention enables sustained full duplex Gigabit rate security processing of IPSec protocol data packets.Type: GrantFiled: July 6, 2000Date of Patent: October 6, 2009Assignee: Broadcom CorporationInventors: Suresh Krishna, Christopher Owen, Derrick C. Lin, Joseph J. Tardo, Patrick Law
-
Patent number: 7599492Abstract: A system, method and computer program product for recovering a key used to produce a ciphertext document from a plaintext document, including, in the ciphertext document encrypted using an N-bit key, identifying location of an M-bit control value; converting the control value to an M-bit portion of a gamma that corresponds to (a) the ciphertext document and (b) the N-bit key; accessing a file that corresponds to the M-bit portion of the gamma, wherein the file includes approximately 2N-M keys that correspond to the M-bit portion of the gamma out of the 2N keys; testing the 2N-M keys using a cryptographic key validity function, until a valid key is found; and decrypting the ciphertext document using the valid key to produce the plaintext document. The keys in the file can be tested sequentially. The file can be requested from a server prior to accessing it, or can be local. The name of the file can include the M-bit portion of the gamma.Type: GrantFiled: April 17, 2006Date of Patent: October 6, 2009Assignee: Elcomsoft Co. Ltd.Inventors: Andrey E. Malyshev, Dmitry V. Sklyarov, Vladimir Y. Katalov, Ivan V. Golubev
-
Patent number: 7593526Abstract: A method and apparatus are disclosed for compressing Rabin signatures. The disclosed compression scheme compresses a Rabin signature, s, for a user having a public key, n, based on a continued fraction expansion of s/n. The continued fraction expansion of s/n can be performed by (i) computing principal convergents, ui/vi, for i equal to 1 to k, of a continued fraction expansion of s/n, where k is a largest integer for which principal convergents are defined; establishing an index l, such that vl<?{square root over (n)}?vl+1; and generating a compressed Rabin signature (vl, m) for a message, m.Type: GrantFiled: January 23, 2004Date of Patent: September 22, 2009Assignee: Alcatel-Lucent USA Inc.Inventor: Daniel Bleichenbacher
-
Patent number: 7594121Abstract: Methods and apparatuses for determining the identity of the user detect a current user's electronic device activity pattern; compare the detected activity pattern against a plurality of user action identification profiles, wherein each user action identification profile is associated with a particular user; and use the comparing to identify the current user as being the particular user.Type: GrantFiled: January 22, 2004Date of Patent: September 22, 2009Assignees: Sony Corporation, Sony Electronics Inc.Inventors: Edward Eytchison, Dan M. Phan, Nisha Srinivasan, Saket Kumar
-
Patent number: 7594265Abstract: A method and system for prevention of unauthorized access to multimedia data are disclosed herein. A tamper-resistant system having a software driver, a peripheral device, and a system memory is used to encrypt sensitive routines used by the software driver. The software driver is used to interface between one component of the system, such as a processor, and a peripheral device, such as a graphics chip. The driver incorporates one or more sensitive routines, that if divulged, could possibly allow an unauthorized party access to data processed by the software driver. Accordingly, in one embodiment, the sensitive routines are stored in an encrypted format with the driver. To access a sensitive routine, the driver submits the associated encrypted routine to the peripheral device, as well as a decryption method, if desired, where it is decrypted and stored in a plaintext format in a location, such as system memory, accessible to both the driver and the peripheral device.Type: GrantFiled: November 14, 2001Date of Patent: September 22, 2009Assignee: ATI Technologies, Inc.Inventors: Daniel W. Wong, Kenneth Man
-
Patent number: 7584501Abstract: Embodiments of a device authorization system authorize a connection device to be communicatively coupled to a processing system. One embodiment comprises a communication system interface configured to receive authorization from a network administrator device for a processing system to communicatively couple to a connection device; a card detector to detect the presence of the connection device when coupled to the processing system; and a card power switch configured to receive an authorization signal when the processing system is authorized to communicatively couple to the connection device, and configured to supply power to the connection device only when the authorization signal is present and when the card detector detects the presence of the connection device.Type: GrantFiled: March 2, 2004Date of Patent: September 1, 2009Assignee: Hewlett-Packard Development Company, L.P.Inventor: Charles J. Stancil
-
Patent number: 7571328Abstract: A system and method for distributing digital content over a computer network. A set of digital content is provided in a storage location that is accessible by the network. One or more physical tokens store data related to accessing the set of digital content. When a token is at a remote location, a request for the set of digital content to be presented at the remote location is received. In response to this request, presentation of the digital content is allowed at the remote location.Type: GrantFiled: February 1, 2005Date of Patent: August 4, 2009Assignee: Microsoft CorporationInventors: David W. Baumert, Flora P. Goldthwaite, Gregory L. Hendrickson, Jonathan C. Cluts, Pamela J. Heath
-
Patent number: 7565536Abstract: Secure authentication of a user on a host computer to a web server including a security device acquiring trust or a security context from the web server. The security device is operable of providing an X.509 certificate to a browser plug-in on the host computer. The browser plug-in on the host computer performing authentication of the security device and in response providing user credentials to the security device. The security device performing authentication of the user and requests a security context from the web server. In response, the web server provides a security context to the security device. The security device delegates the web server trust by transmitting the context to the host computer and enabling the user to securely access resources on the web server.Type: GrantFiled: September 2, 2005Date of Patent: July 21, 2009Assignee: Gemalto IncInventors: Apostol Vassilev, Kapil Sachdeva
-
Patent number: 7565553Abstract: Systems and methods for controlling access to data on a computer with a secure boot process can provide a highly efficient mechanism for preventing future access to encrypted digital resources. This may be advantageous in a range of scenarios, for example where a computer is sold and assurance is desired that no stray private data remains on the hard disk. Data resources, for example all data associated with one or more particular hard disk partitions, may be encrypted. The decryption key may be available through a secure boot process. By erasing, altering, or otherwise disabling a secret, such as a decryption key or a process that obtains a decryption key, the data formerly accessible using such secret becomes inaccessible.Type: GrantFiled: January 14, 2005Date of Patent: July 21, 2009Assignee: Microsoft CorporationInventors: Jamie Hunter, Paul England, Russell Humphries, Stefan Thom, James Anthony Schwartz, Jr., Kenneth D. Ray, Jonathan Schwartz
-
Patent number: 7565552Abstract: The invention relates to a method for protecting against manipulation of a controller for at least one motor vehicle component, the control device (1) comprising at least one microcomputer (?C) and at least one memory module (2, 3), at least one of the memory modules (2, 3) constituting a reversible read-only memory (3), characterized in that the reversible read-only memory (3) stores data which have been encrypted by an encryption process, and the key used in the encryption process comprises at least one part of at least one original identifier (ID) of at least one of the modules (?C, 2, 3) of the control device, which identifier is specific to the module.Type: GrantFiled: July 23, 2003Date of Patent: July 21, 2009Inventors: Oliver Feilen, Rudiger Stadtmuller
-
Patent number: 7558387Abstract: A device coupled to a smart card reader may request random data from a smart card inserted into the smart card reader, and the smart card reader may incorporate the random data into its randomness pool. A device having a source of random data may have a driver installed thereon for another device and the driver may extract random data from the source and transmit it securely over a wireless communication link to the other device. The other device, which may be a smart card reader, may incorporate the extracted random data into its randomness pool. A smart card reader may incorporate traffic received from a smart card inserted therein into its randomness pool.Type: GrantFiled: April 15, 2005Date of Patent: July 7, 2009Assignee: Research In Motion LimitedInventors: Neil Adams, Michael S. Brown, Herb Little, Michael McCallum, Michael K. Brown
-
Patent number: 7555654Abstract: A computer program product has a check routine and an active part. When the computer program product is called, a computer, while processing the check routine, initiates a transmitter to send a launch signal. A transponder receives this signal, checks whether a time-dependent and/or usage-dependent transmission condition is met and transmits an enable code as warranted. A receiver receives the enable code and communicates it to the computer. The computer checks the enable code and undertakes processing of the active part only when the enable code satisfies an enable condition.Type: GrantFiled: November 8, 2002Date of Patent: June 30, 2009Assignee: Siemens AktiengesellschaftInventors: Rainer Kuth, Martin Requardt, Markus Vester, Christoph Zindel
-
Patent number: 7540024Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.Type: GrantFiled: November 3, 2004Date of Patent: May 26, 2009Assignee: Microsoft CorporationInventors: Thomas G Phillips, Christopher A Schoppa, William J Westerinen, Mark A Myers
-
Patent number: 7539864Abstract: Methods and device for digitally signing documents by using a portable device that encodes a signature string to sound. The acoustic signature string may be transmitted and then decoded back into digital data. The signature string may be further processed to verify the signature of the document and to produce a certificate of identity and integrity for the document. The certificate of identity and integrity may be used to further identify and validate the document and its signer.Type: GrantFiled: February 16, 2007Date of Patent: May 26, 2009Assignee: Enco-Tone Ltd.Inventor: Isaac J Labaton
-
Patent number: 7539863Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.Type: GrantFiled: November 4, 2004Date of Patent: May 26, 2009Assignee: Microsoft CorporationInventors: Thomas G Phillips, Christopher A Schoppa, William J Westerinen, Mark A Myers
-
Patent number: 7526658Abstract: Method and apparatus that enable secure transmission of data in a scalable private network are described. Each station that is to be part of a private network registers with a key table. A group security association associated with the private network is forwarded to each trusted ingress and egress point that communicates with each member of the private network. When a member of the private network seeks to communicate with another member, it simply forwards the communication to the trusted ingress point. The trusted ingress point uses the security association associated with the private network to transform the communication and forwards the transformed communication through other intermediate stations in the network until it reaches a trusted egress point. The trusted egress point uses the stored security association to decode the transformed communication and forwards the communication to the appropriate destination.Type: GrantFiled: September 12, 2003Date of Patent: April 28, 2009Assignee: Nortel Networks LimitedInventors: Haixiang He, Donald Fedyk, Lakshminath Dondeti
-
Patent number: 7519816Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.Type: GrantFiled: November 4, 2004Date of Patent: April 14, 2009Assignee: Microsoft CorporationInventors: Thomas G Phillips, Christopher A Schoppa, William J Westerinen, Mark A Myers
-
Patent number: 7519834Abstract: Method and apparatus that enable secure transmission of data in a scalable private network are described. Each station that is to be part of a private network registers with a key table. A group security association associated with the private network is forwarded to each trusted ingress and egress point that communicates with each member of the private network. When a member of the private network seeks to communicate with another member, it simply forwards the communication to the trusted ingress point. The trusted ingress point uses the security association associated with the private network to transform the communication and forwards the transformed communication through other intermediate stations in the network until it reaches a trusted egress point. The trusted egress point uses the stored security association to decode the transformed communication and forwards the communication to the appropriate destination.Type: GrantFiled: September 12, 2003Date of Patent: April 14, 2009Assignee: Nortel Networks LimitedInventors: Lakshminath Dondeti, Haixiang He, Donald Fedyk
-
Patent number: 7516333Abstract: A network appliance that runs both C and Java integrated software to provide a flexible architecture for rapid prototyping of XML security functionality, including SSL acceleration, XML encryption, XML decryption, XML signature, and XML verification, while the network appliance continues to provide high-speed performance.Type: GrantFiled: August 2, 2004Date of Patent: April 7, 2009Inventors: Mamoon Yunis, Rizwan Mallal, Thomas C. Stickle
-
Patent number: 7516479Abstract: File systems of a plurality of service providers are allocated in a single memory area so that the service providers share a single information recording medium. In an initial state, an IC card issuer manages the entire memory area. When a different service provider separates the memory area to generate a new file system, the service provider is required for the authority of separating the memory area and authentication by the IC card issuer. After the file is separated, in order to access the file system, authentication by the service provider which has separated the file is required. The IC card provides a user with ease of use as if the IC card were directly issued by the service provider of the service that the user is currently using.Type: GrantFiled: December 22, 2004Date of Patent: April 7, 2009Assignee: Sony CorporationInventor: Taro Kurita
-
Patent number: 7512812Abstract: A method of and apparatus for protecting data in a data storage system. A method of securely erasing data stored in a data storage system includes: determining whether a security-erase command is received together with a random number and an encrypted random number; decrypting the encrypted random number using a security-erase algorithm and an associated key when the security-erase command is received; determining whether the decrypted random number is identical to the received random number; and executing the security-erase command when the decrypted random number is identical to the received random number, and stopping the execution of the security-erase command when the decrypted random number is not identical to the received random number.Type: GrantFiled: January 31, 2005Date of Patent: March 31, 2009Assignee: Samsung Electronics Co., Ltd.Inventor: Hak-yeol Sohn
-
Patent number: 7506176Abstract: An embodiment describes a method of implementing higher level and more robust encryption by using a multi-core processor. The clear text is segmented into text segments based on predefined segment lengths by master processor. Text segments are sent to processing elements which in turn encrypted and encrypted segments are sent back to master processor which is aggregated into encrypted text. To decrypt the text, encrypted text is split into encrypted segments per predefined lengths by master processor and sent to processing elements to be decrypted. The resulted plain text segments are sent back to master processor which is aggregated into original plain text.Type: GrantFiled: March 10, 2008Date of Patent: March 17, 2009Assignee: International Business Machines CorporationInventors: Yohichi Miwa, Aya Minami
-
Patent number: 7502474Abstract: One aspect of the invention relates to a network interface system for interfacing a host system with a network. The network interface system includes a bus interface system, a media access control system, and a security system. The security system selectively perform security processing on data incoming from the network based on security associations stored in a memory external to the network interface system, typically a host system memory. The security association for any given frame, when available, is fetched from the external memory after the frame begins to arrive in the network interface system based in part on information contained in the frame. Preferably, the fetch begins before the frame is fully received and the security association is queued whereby security processing can begin without having to wait for the security association to be fetched.Type: GrantFiled: May 6, 2004Date of Patent: March 10, 2009Assignee: Advanced Micro Devices, Inc.Inventors: Marufa Kaniz, Jeffrey Dwork, Robert Alan Williams, Mohammad Maniar, Somnath Viswanath
-
Patent number: 7502475Abstract: Certain aspects of the invention for producing a secure key may comprise a secure key generator that receives a first, second and third input keys and utilizes these keys to generate a first output key. The first, second and third input keys may be a customer key, customer key selection and key variation, respectively. The first output key may be generated so that it is unique, differs from the first input key and is not a weak or semi-weak key. The first, second and third input keys may be mapped to generate mapped output key data and an intermediate key generated based on the first input key. The intermediate key and the output key data may be scrambled to create a scrambled output. At least a portion of the output key data may be masked and XORed with the scrambled output to generate the first output key.Type: GrantFiled: November 14, 2003Date of Patent: March 10, 2009Assignee: Broadcom CorporationInventors: Sherman (Xuemin) Chen, Iue-Shuenn Chen, Robert Brownhill, Wade K. Wan
-
Patent number: 7496765Abstract: System, method and program product for protecting access to a portable memory or storage device. There can be detection if the portable memory or storage device is more than a predetermined distance from a reference location. If so, access to a portion or all of data within the portable memory or storage device is automatically prevented. The reference location can be the location of a computing apparatus which is authorized to access the portable memory or storage device. Also, there can be detection of lapse of a predetermined time the portable memory or storage device has been unable to communicate with a predetermined computing apparatus. In response, access to a portion or all of data stored on the portable memory or storage device is prevented. Also, there can be detection of lapse of a predetermined time since the portable memory or storage device has been accessed by an information processing apparatus in which the device is installed.Type: GrantFiled: March 15, 2005Date of Patent: February 24, 2009Assignee: International Business Machines CorporationInventor: Yasuhiko Sengoku
-
Patent number: 7496768Abstract: Techniques are disclosed to provide security for user output and input in which a first, host operating system is used along with a second, high assurance operating system (nexus), where the first system provides at least some of the infrastructure for the second system. A trusted UI engine has a trusted input manager and a trusted output manager. The trusted input manager controls access to trusted input, distributing decrypted input to the host operating system where appropriate, or to the appropriate process running in the nexus. The trusted output manager manages output to the display, and allows trusted agents in the nexus to output data for display without needing to be aware of output-device-dependent details.Type: GrantFiled: October 24, 2003Date of Patent: February 24, 2009Assignee: Microsoft CorporationInventors: Paul C. Roberts, Christine M. Chew, Bryan Willman, Kenneth D. Ray
-
Patent number: 7496198Abstract: The present invention is suitable for use in a partial dual encrypted system. The present invention allows for two different decryption devices (e.g., an incumbent, or first, set-top and an overlay, or second, set-top) to be located in a single system having an incumbent encryption scheme and a second encryption scheme. Each set-top is designed to decrypt the first or second proprietary encryption schemes, respectively. In accordance with the present invention, the second set-top utilizes a novel program map table to ensure that the second set-top chooses correct elementary streams in the partial dual-encrypted stream (i.e., a combined stream including a first encrypted stream, a second encrypted stream, and a clear stream) for a desired program.Type: GrantFiled: December 6, 2005Date of Patent: February 24, 2009Assignee: Cisco Technology, Inc.Inventors: Howard Pinder, Jonathan Bradford Evans, Anthony J. Wasilewski, William D. Woodward, Jr.
-
Patent number: 7493487Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.Type: GrantFiled: October 15, 2004Date of Patent: February 17, 2009Assignee: Microsoft CorporationInventors: Thomas G Phillips, Christopher A Schoppa, William J Westerinen, Mark A Myers
-
Publication number: 20090037747Abstract: Two kinds of security chips having a security interface are provided. One kind of security chip comprises a processor module, an encrypt/decrypt module, a memory module, a power detecting module and a security I/O module, and all of the modules are connected with each other by an internal bus in the security chip; the other kind of security chip comprises a processor module, an encrypt/decrypt module, a memory module, a power detecting module and an I/O interface module, all of the modules being connected with each other by the internal bus in the security chip, wherein, the security chip also comprises a security input module, a security output module and a south bridge interface module, and all of the modules are connected with each other by the internal bus in the security chip.Type: ApplicationFiled: November 29, 2005Publication date: February 5, 2009Applicants: Beijing Lenovo Software Ltd., Lenovo (Beijing) LimitedInventor: Wei Xie
-
Patent number: 7484247Abstract: In a computer system, a first electronic data processor is communicatively coupled to a first memory space and a second memory space. A second electronic data processor is communicatively coupled the second memory space and to a network interface device. The second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device. A video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format. The computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.Type: GrantFiled: August 7, 2004Date of Patent: January 27, 2009Inventors: Allen F Rozman, Alfonso J Cioffi
-
Patent number: 7477923Abstract: The invention refers to an exchangeable power-supplying unit (200, 300) arranged to supply electric power to a device (100, 400). The power-supplying unit (200, 300) is arranged so as to provide the device (100, 400) with one or several additional functionalities and it can preferably be attached so as to form an integral part of the device (100, 400). The additional functionality is accomplished by one or several processing units (220, 312, 319) contained in the power-supplying unit (200, 300) for pre-processing information, which is subsequently communicated from the power-supplying unit (200, 300) to the device (100, 400).Type: GrantFiled: December 18, 2003Date of Patent: January 13, 2009Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Magnus Wallmark, Mattias Jonsson
-
Patent number: 7474748Abstract: In methods for determining, in a way that is protected against spying, the modular inverse b of a value a in relation to a module n for a cryptographic application, an auxiliary value ? and an auxiliary module ? are determined at least depending on the value a, the module n and at least one masking parameter r, an auxiliary inverse ?? is determined as the modular inverse of the auxiliary value ? in relation to the auxiliary module ?, and the modular inverse b is determined at least depending on the auxiliary inverse ??, the at least one masking parameter r, and the auxiliary value ? and/or the auxiliary module ?. A computer program product and a portable data carrier have corresponding features. The invention provides a method for modular inversion, secured against spying, which is suitable for applications where security is critical, such as, e.g. cryptographic calculations on a portable data carrier.Type: GrantFiled: May 13, 2003Date of Patent: January 6, 2009Assignee: Giesecke & Devrient GmbHInventor: Sven Bauer
-
Patent number: 7472425Abstract: A service provider makes requests to an information processing center for processing for an IC card in card command units. The information processing center issues encrypted card commands that can be interpreted by the IC card itself based on requests received from the service provider and sends these to the IC card via the computer network, client, and card reader/writer device. This enables an IC card connected to a client to be accessed using secure communication.Type: GrantFiled: April 4, 2003Date of Patent: December 30, 2008Assignee: Sony CorporationInventors: Mitsushige Suzuki, Junichi Sato, Takashi Matsuo
-
Patent number: 7463739Abstract: Disclosed are a system and a method for transferring with improved security root keys from a key provider system to a customer system via an information network that is other than secure. The key provider provides a secure module having a super-root key stored therein within the customer system. The super-root key is accessible internally to the module only by program code executable on a processor internal to the module, and only in response to a request from a corresponding module of the key provider system. The super-root key is only for use in decrypting encrypted root keys that are provided from the key provider system, which decrypted root keys are stored internally to the secure module.Type: GrantFiled: August 2, 2001Date of Patent: December 9, 2008Assignee: SafeNet, Inc.Inventor: Bruno Couillard
-
Patent number: 7457960Abstract: A processing system supporting a secure mode of operation is disclosed. The processing system includes a read-only hardware key that is only accessible in secure mode.Type: GrantFiled: November 30, 2004Date of Patent: November 25, 2008Assignee: Analog Devices, Inc.Inventor: Joshua Kablotsky
-
Patent number: 7448083Abstract: The security apparatus comprises a memory unit which stores data that is a target of security; a CPU which counts the number of processing relating to the secret data as processing access count data, and counts the number of times the processing access count data is updated by outside causes as monitor count data. The processing access count data has exceeded a preset processing access count threshold, the CPU restricts subsequent processing, and, when the monitor count data has exceeded a preset monitor count threshold, the CPU restricts subsequent processing.Type: GrantFiled: March 29, 2002Date of Patent: November 4, 2008Assignee: Fujitsu LimitedInventor: Takeshi Kashiwada
-
Patent number: 7434066Abstract: In a portable electronic device, pointer information used to access files which are divided into a plurality of record data areas is held for each logical channel, and when a file selection command which specifies a logical command is received from the exterior, access to the file is controlled based on pointer information corresponding to the logical channel specified by the file selection command.Type: GrantFiled: December 8, 2004Date of Patent: October 7, 2008Assignee: Kabushiki Kaisha ToshibaInventor: Ryouichi Kuriyama
-
Patent number: 7412722Abstract: A security system (150) in a network includes a softswitch (440) and a detection unit (420). The detection unit (420) detects activity directed to the softswitch (440) and records the detected activity. In another implementation, a method for configuring a security device (150) for use in a network includes installing a detection unit (420) to monitor and record traffic directed to the security device (150), installing a deceptive operating system (430), installing a softswitch (440), and configuring the deceptive operating system (430) and softswitch (440) to mirror settings used in an active softswitch (140) in the network.Type: GrantFiled: August 8, 2002Date of Patent: August 12, 2008Assignee: Verizon Laboratories Inc.Inventors: Edward James Norris, David Kenneth Dumas
-
Publication number: 20080189555Abstract: A memory controller for a smart card including a non-volatile memory can include an internal circuit that is configured to perform cryptographic key processing responsive to a first clock and a non-volatile memory interface circuit for transferring/receiving a signal to/from the internal circuit in synchronization with the first clock and transferring/receiving the signal to/from an external device in synchronization with a second clock that is asynchronous relative to the first clock.Type: ApplicationFiled: June 27, 2007Publication date: August 7, 2008Inventor: Keon-Han Sohn
-
Publication number: 20080189556Abstract: A Personal Computer Memory Card International Association (PCMCIA) card is disclosed. The PCMCIA card may include a cryptographic module, a communications interface, and a processor. The cryptographic module may perform Type 1 encryption of data received from a computer into which the card is inserted. The cryptographic module may support High Assurance Internet Protocol Encryption (HAIPE). The communications interface may provide connectivity to a network adapter. The communications interface may include a Universal Serial Bus (USB) interface. The processor may detect whether a network adapter is coupled to the communications interface, identify a device driver that corresponds to the network adapter, and employ the device driver to provide operative communication between the cryptographic module and the network adapter. The PCMCIA card may contain a datastore that maintains a plurality device drivers. For example, the plurality of device drivers support any one of IEEE 802.x, Ethernet, V.Type: ApplicationFiled: July 13, 2007Publication date: August 7, 2008Applicant: L3 Communications CorporationInventors: John A. Modica, Kenneth White
-
Patent number: 7400726Abstract: An apparatus for preventing an unauthorized use of a copyright medium adapted to identify a purchaser by authentication of the purchaser's fingerprint at the time of purchasing an encrypted copyright medium, so that only the purchaser can reproduce or copy work data recorded in the copyright medium. Data is read from a copyright medium identification database in order to write a copyright medium unique identification database and a cipher key database into a Smart card or other recording mediums using a Smart card or other recording medium data reading/writing device. Moreover, fingerprint data of the purchaser of the copyright medium is read by using a fingerprint authentication device. The purchaser's fingerprint data, the copyright medium unique identification data, and the cipher key are written into the Smart card or other recording medium using the Smart card or other recording medium data reading/writing device.Type: GrantFiled: July 7, 2003Date of Patent: July 15, 2008Assignee: Mitsubishi Denki Kabushiki KaishaInventor: Koichi Hori
-
Patent number: 7398553Abstract: Detecting and identifying an interpreted language virus, such as a scripting virus, and reasonably identifiable polymorphs of the virus source code. Scripting virus source is extracted and represented in a language independent form. This form includes a linearized set of key actions, termed an executing thread, rather than the scripting source code. The executing thread can be utilized to generate a virus signature and virus pattern file for use in identifying the virus in later extracted scripting virus source code. Further the executing thread may be compared to existing virus signatures to determine the identity of the virus, if a match is made. The scripting virus scan engine detects reasonably identifiable polymorphs of a scripting virus source code that involve lexical and grammatical transformations, such as manipulation of white space, renaming of identifiers, and change of program layout.Type: GrantFiled: October 29, 2001Date of Patent: July 8, 2008Assignee: Tread Micro, Inc.Inventor: Jianghao Li
-
Patent number: 7395551Abstract: A method of managing software use in a desired mode and with ease of handling upgrades or other changes includes a sales company or other software provider adding a password to software, inserting identification information into a dongle, and distributing the same to users. A secret key and an open key are prepared and the open key is transmitted to the user. When the user tries to obtain a license, the password is sent to the sales company. The sales company detects identification information based on the password, encodes the same by using the secret key, and sends the same to the user as encoded license information. The user decodes the encoded license information by the open key and matches the same against the identification information included in the dongle. If the information match, the software effectively starts up, while if not, the execution of the software is stopped.Type: GrantFiled: December 13, 2000Date of Patent: July 1, 2008Assignee: Sony CorporationInventor: Kazuo Watanabe