Search Patents
  • One-Round Secure Multiparty Computation of Arithmetic Streams and Evaluation of Functions
    Publication number: 20210167946
    Abstract: A method for performing, in a single round of communication and by a distributed computational system, Secure MultiParty Computation (SMPC) of an arithmetic function ƒ:pk?p represented as a multivariate polynomial over secret shares for a user, comprising the steps of sharing secrets among participants being distributed computerized systems, using multiplicative shares, the product of which is the secret, or additive shares, that sum up to the secret by partitioning secrets to sums or products of random elements of the field; implementing sequences of additions of secrets locally by addition of local shares or sequences of multiplications of secrets locally by multiplication of local shares; separately evaluating the monomials of ƒ by the participants; adding the monomials to obtain secret shares of ƒ.
    Type: Application
    Filed: April 14, 2019
    Publication date: June 3, 2021
    Inventors: Dor Bitan, Daniel Berend, Shlomi Dolev
  • Method and system for testing and checking the correctness of a computer program during runtime
    Patent number: 10949326
    Abstract: The present invention is directed to a method and system for testing, during runtime, the correctness of a computer program (such as a hypervisor, an operating system or an interpreter) that controls a system and has one or more software modules. Accordingly, a reflexive code of a reflex function is integrated into the software modules or into a virtual infrastructure that executes the computer program. Whenever desired, the reflexive code is activated by an input and its corresponding output is processed. Then, the correctness of the one or more software modules or of the computer program is determined according to the processing results.
    Type: Grant
    Filed: October 4, 2017
    Date of Patent: March 16, 2021
    Assignee: B.G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD.
    Inventors: Shlomi Dolev, Amit Rokach, Roman Manevich
  • SYSTEM AND METHOD FOR SECURING A COMMUNICATION CHANNEL
    Publication number: 20190089717
    Abstract: A system and method for validating an entity may include obtaining by at least a first system, a set of entity details related to the entity; associating with the entity, by the first system, a first trust level based on at least some of the entity details; and validating the entity based on the first trust level. A system and method for validating an entity may include providing at least one of first and second values to a respective at least one of first and second devices; providing the entity, by at least one of the first and second devices, with the at least one of first and second values; and using the at least one of first and second values, by the entity, to identify the entity to an identifying entity.
    Type: Application
    Filed: February 28, 2017
    Publication date: March 21, 2019
    Applicant: SECRET DOUBLE OCTOPUS LTD
    Inventors: Shlomi DOLEV, Shimrit TZUR-DAVID, Chen TETELMAN, Amit RAHAV, Amit LAVI
  • METHOD AND SYSTEM FOR PERFORMING ADAPTIVE CACHE MANAGEMENT
    Publication number: 20200210349
    Abstract: A method for efficiently method for performing adaptive management of a cache with predetermined size and number of cells with different locations with respect to the top or bottom of the cache, for storing at different cells, data items to be retrieved upon request from a processor. A stream of requests for items, each of which has a temporal probability to be requested is received and the jump size is incremented on cache misses and decremented on cache hits by automatically choosing a smaller jump size and using a larger jump size when the probability of items to be requested is changed. The jump size represents the number of cells by which a current request is promoted in the cache, on its way from the bottom, in case of a cache hit, or from the outside in case of a cache miss, towards the top cell of the cache.
    Type: Application
    Filed: December 30, 2019
    Publication date: July 2, 2020
    Inventors: Shlomi DOLEV, Daniel BEREND, Marina KOGAN-SADETSKY
  • Apparatus and methods for stabilization of processors, operating systems and other hardware and/or software configurations
    Patent number: 7971104
    Abstract: Apparatus and methods for converting a processor, having a plurality of states and being operative to execute software operations stored in a memory device, into a self-stabilizing processor, comprising providing self-stabilizing watchdog hardware that, with given timing, interacts with the processor, in accordance with an interaction sequence that includes at least one trigger that sets the processor to a known state from among a set of at least one known states. Also described are applications for stabilization of operating systems and other hardware or software configurations, apparatus and methods for ensuring eventual invariance of software executed by a processor, and apparatus and methods for enforcing fixed software configurations.
    Type: Grant
    Filed: September 24, 2007
    Date of Patent: June 28, 2011
    Inventors: Shlomi Dolev, Avraham Yinnon Haviv
  • System and method for securing a communication channel
    Patent number: 11388174
    Abstract: A system and method for validating an entity may include obtaining by at least a first system, a set of entity details related to the entity; associating with the entity, by the first system, a first trust level based on at least some of the entity details; and validating the entity based on the first trust level. A system and method for validating an entity may include providing at least one of first and second values to a respective at least one of first and second devices; providing the entity, by at least one of the first and second devices, with the at least one of first and second values; and using the at least one of first and second values, by the entity, to identify the entity to an identifying entity.
    Type: Grant
    Filed: February 28, 2017
    Date of Patent: July 12, 2022
    Assignee: SECRET DOUBLE OCTOPUS LTD
    Inventors: Shlomi Dolev, Shimrit Tzur-David, Chen Tetelman, Amit Rahav, Amit Lavi
  • System and Method for Performing Information-Theoretically Secure Quantum Gate Computation and Quantum Key Distribution, Based on Random Rotation of Qubits
    Publication number: 20220231844
    Abstract: A computer implemented method for encoding bits by qubits to perform information-theoretically secure quantum gate computation, according to which pairs of quantum bits consisting of a first qubit as an encoding of “0” and a second qubit as an encoding of “1” are randomly selected, such that the first and second qubits are orthogonal to each other as quantum states and are interchanged by a NOT gate. Each qubit rotating to a desired initial direction and then each rotated qubit is further rotated to its antipodal direction by applying a quantum NOT or CNOT gate to the each rotated qubit, without any knowledge about the desired direction. A unitary gate is further applied over the qubits, using an ancillary |0 qubit that creates an equally weighted superposition of the qubits.
    Type: Application
    Filed: May 19, 2020
    Publication date: July 21, 2022
    Inventors: Daniel Berend, Dor Bitan, Shlomi Dolev
  • Method for encryption and decryption of messages
    Publication number: 20090296931
    Abstract: A communication system that includes a sender computer and plurality of designated receiver computers coupled to the sender through a communication link. Each one of the receiver computers is equipped with computational resources stronger than the computational resources of an adversary computer. There is provided a method for sending a secret from the sender computer to a designated receiver computer. The sender computer defining a succession of computational tasks having respective solutions. The computational tasks are so defined such that the duration of solving each task by the receiver computer is shorter than what would have been required for the adversary computer to solve the task. Next, the sender computer sending through the link the succession of tasks encrypted by previous solutions and the receiver computer receiving the tasks and is capable of decrypting the secret faster than what would have been required for the adversary computer to decrypt the secret.
    Type: Application
    Filed: June 23, 2005
    Publication date: December 3, 2009
    Inventors: Shlomi Dolev, Ephraim Korach, Gait Uzan
  • METHOD FOR ESTABLISHING A SECURE PRIVATE INTERCONNECTION OVER A MULTIPATH NETWORK
    Publication number: 20170093811
    Abstract: A method for establishing a fully private, information theoretically secure interconnection between a source and a destination, over an unmanaged data network with at least a portion of a public infrastructure. Accordingly, n shares of the source data are created at the source according to a predetermined secret sharing scheme and the shares are sent to the data network, while encrypting the sent data using (n,k) secret sharing. A plurality of intermediating nodes are deployed in different locations over the network, to create a plurality of fully and/or partially independent paths in different directions on the path from the source to the destination, and with sufficient data separation. Then, the shares are sent over the plurality of fully and/or partially independent paths while forcing shares' carrying packets to pass through selected intermediate nodes, such that no router at any intermediating nodes intercepts k or more shares.
    Type: Application
    Filed: May 18, 2015
    Publication date: March 30, 2017
    Inventors: Shlomi DOLEV, Shimrit TZUR-DAVID
  • SYSTEM AND METHOD FOR MEKLE PUZZLES SYMETERIC KEY ESTABLISHMENT AND GENERATION OF LAMPORT MERKLE SIGNATURES
    Publication number: 20190140819
    Abstract: A system and method for signing a message and establishing a symmetric key between two entities. A plurality of leaves are generated, each including public and private values of a Lamport signature; a plurality of trees are generated each including a subgroup of leaves; leaves of a first nested tree are used for signing messages sent to a second entity. If a first nested tree is exhausted, then a leaf of a following tree is used for signing and a root of the following tree together with an auxiliary value are published, the auxiliary value enabling the second entity to verify that the root of the following tree was generated by the first entity. The symmetric key is generated using a modified Merkel puzzle including a plurality of rows, each including a plurality of hashed values. The modified Merkel puzzle may be signed using a leave of a nested tree.
    Type: Application
    Filed: November 8, 2017
    Publication date: May 9, 2019
    Applicant: SECRET DOUBLE OCTOPUS LTD
    Inventor: Shlomi DOLEV
  • METHOD FOR ESTABLISHING A SECURE PRIVATE INTERCONNECTION OVER A MULTIPATH NETWORK
    Publication number: 20190306131
    Abstract: A method for establishing a fully private, information theoretically secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n,k) secret sharing. Further, defining for at least one node vi a directed edge (vi1, vi2) that has a k?1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.
    Type: Application
    Filed: April 11, 2019
    Publication date: October 3, 2019
    Applicant: SECRET DOUBLE OCTOPUS LTD
    Inventors: Shlomi DOLEV, Shimrit TZUR-DAVID
  • Method and system for performing adaptive cache management
    Patent number: 11106601
    Abstract: A method for efficiently method for performing adaptive management of a cache with predetermined size and number of cells with different locations with respect to the top or bottom of the cache, for storing at different cells, data items to be retrieved upon request from a processor. A stream of requests for items, each of which has a temporal probability to be requested is received and the jump size is incremented on cache misses and decremented on cache hits by automatically choosing a smaller jump size and using a larger jump size when the probability of items to be requested is changed. The jump size represents the number of cells by which a current request is promoted in the cache, on its way from the bottom, in case of a cache hit, or from the outside in case of a cache miss, towards the top cell of the cache.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: August 31, 2021
    Assignee: B. G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY
    Inventors: Shlomi Dolev, Daniel Berend, Marina Kogan-Sadetsky
  • Self-stabilizing secure and heterogeneous systems
    Patent number: 11128446
    Abstract: A method for providing self-stabilization of functionality security and privacy to a distributed computer system with self-stabilizing machines, according to which the system periodically and constantly recovers from cyber-attacks performed by an adversary who gained access to the system during a vulnerability window. Then a True Random Number Generator (TRNG) generates a random number from which generating a pair of public and private keys are generated. The public key of the pair is distributed among neighboring machines, to generate a common symmetric secret key. Each machine to exchanges messages with any other machine using messages that are encrypted and decrypted by their established common symmetric secret key, where all keys are generated using random numbers that were generated by the True Random Number Generator.
    Type: Grant
    Filed: April 13, 2017
    Date of Patent: September 21, 2021
    Assignee: B.G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY
    Inventor: Shlomi Dolev
  • SELF-STABILIZING SECURE AND HETEROGENEOUS SYSTEMS
    Publication number: 20190190705
    Abstract: A method for providing self-stabilization of functionality security and privacy to a distributed computer system with self-stabilizing machines, according to which the system periodically and constantly recovers from cyber-attacks performed by an adversary who gained access to the system during a vulnerability window. Then a True Random Number Generator (TRNG) generates a random number from which generating a pair of public and private keys are generated. The public key of the pair is distributed among neighboring machines, to generate a common symmetric secret key. Each machine to exchanges messages with any other machine using messages that are encrypted and decrypted by their established common symmetric secret key, where all keys are generated using random numbers that were generated by the True Random Number Generator.
    Type: Application
    Filed: April 13, 2017
    Publication date: June 20, 2019
    Applicant: B. G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY
    Inventor: Shlomi DOLEV
  • System and method for performing information—theoretically secure quantum gate computation and quantum key distribution, based on random rotation of qubits
    Patent number: 11985233
    Abstract: A computer implemented method for encoding bits by qubits to perform information-theoretically secure quantum gate computation, according to which pairs of quantum bits consisting of a first qubit as an encoding of “0” and a second qubit as an encoding of “1” are randomly selected, such that the first and second qubits are orthogonal to each other as quantum states and are interchanged by a NOT gate. Each qubit rotating to a desired initial direction and then each rotated qubit is further rotated to its antipodal direction by applying a quantum NOT or CNOT gate to the each rotated qubit, without any knowledge about the desired direction. A unitary gate is further applied over the qubits, using an ancillary |0 qubit that creates an equally weighted superposition of the qubits.
    Type: Grant
    Filed: May 19, 2020
    Date of Patent: May 14, 2024
    Assignee: B.G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY
    Inventors: Daniel Berend, Dor Bitan, Shlomi Dolev
  • METHOD, APPARATUS AND PRODUCT FOR RFID AUTHENTICATION
    Publication number: 20090225985
    Abstract: A method and apparatus for repeated communication sessions between a sender (e.g., RFID tag) and a receiver (RFID reader) that employs a proactive information security scheme is based on the assumption that the information exchanged during at least one of every n successive communication sessions is not exposed to an adversary. The sender and the receiver maintain a vector of n entries that is repeatedly refreshed by pairwise XORING entries, with a new vector of n entries that is randomly chosen by the sender and sent to the receiver as a part of each communication session. Also, a computational secure scheme based on the information secure scheme is employed to ensure that even in the case that the adversary listens to all the information exchanges, the communication between the sender and the receiver is secure. In particular, the scheme can be used in the domain of remote controls (e.g., for cars).
    Type: Application
    Filed: September 11, 2007
    Publication date: September 10, 2009
    Applicants: Sami Shamoon College of Engineering, Yeda Research & Development Co. Ltd.
    Inventors: Shlomi Dolev, Marina Kopeetsky, Adi Shamir
  • Method for establishing a secure private interconnection over a multipath network
    Patent number: 10356054
    Abstract: A method for establishing a fully private, information theoretically secure interconnection between a source and a destination, over an unmanaged data network with at least a portion of a public infrastructure. Accordingly, n shares of the source data are created at the source according to a predetermined secret sharing scheme and the shares are sent to the data network, while encrypting the sent data using (n,k) secret sharing. A plurality of intermediating nodes are deployed in different locations over the network, to create a plurality of fully and/or partially independent paths in different directions on the path from the source to the destination, and with sufficient data separation. Then, the shares are sent over the plurality of fully and/or partially independent paths while forcing shares' carrying packets to pass through selected intermediate nodes, such that no router at any intermediating nodes intercepts k or more shares.
    Type: Grant
    Filed: May 18, 2015
    Date of Patent: July 16, 2019
    Assignee: SECRET DOUBLE OCTOPUS LTD
    Inventors: Shlomi Dolev, Shimrit Tzur-David
  • Method for encryption and decryption of messages
    Patent number: 9008311
    Abstract: A communication system that includes a sender computer and plurality of designated receiver computers coupled to the sender through a communication link. Each one of the receiver computers is equipped with computational resources stronger than the computational resources of an adversary computer. There is provided a method for sending a secret from the sender computer to a designated receiver computer. The sender computer defining a succession of computational tasks having respective solutions. The computational tasks are so defined such that the duration of solving each task by the receiver computer is shorter than what would have been required for the adversary computer to solve the task. Next, the sender computer sending through the link the succession of tasks encrypted by previous solutions and the receiver computer receiving the tasks and is capable of decrypting the secret faster than what would have been required for the adversary computer to decrypt the secret.
    Type: Grant
    Filed: June 23, 2005
    Date of Patent: April 14, 2015
    Assignee: Ben-Gurion University of the Negev Research and Development Authority
    Inventors: Shlomi Dolev, Ephraim Korach, Galit Uzan
  • Certificating vehicle public key with vehicle attributes
    Patent number: 9769658
    Abstract: A method for providing secure connection between vehicles. A unique pair of digitally signed public key and private key is provided to each vehicle, along with additional vehicle-related data. A certificate number is generated for each vehicle and the public key, the certificate number and the attributes of the vehicle is signed by a trusted certificate generating authority. Before communicating with a second vehicle, the first vehicle sends its unique certificate to a second vehicle; the second vehicle verifies the authenticity of received unique certificate number and visible attributes by a camera. If the attributes are verified successfully, the second vehicle sends its unique certificate number to the first vehicle, along with a secret key, which is valid for the current session only. Then the first vehicle verifies the authenticity of received certificate of the second vehicle and attributes by a camera that captures visible attributes of the second vehicle.
    Type: Grant
    Filed: June 20, 2014
    Date of Patent: September 19, 2017
    Inventors: Shlomi Dolev, Nisha Panwar, Michael Segal, Lukasz Krzywiecki
  • CERTIFICATING VEHICLE PUBLIC KEY WITH VEHICLE ATTRIBUTES
    Publication number: 20150052352
    Abstract: A method for providing secure connection between vehicles over channels of a wireless communication network, according to which, a first unique pair of digitally signed public key and private key is provided to each vehicle, along with additional vehicle-related data including a visually static collection of attributes of the vehicle. A unique certificate number is generated for each vehicle and monolithic data consisting of the public key, the certificate number and the attributes is signed by a trusted certificate generating authority. Prior to wireless communication between a first vehicle and a second vehicle, a verification step is performed during which the first vehicle sends its unique certificate number to a second vehicle over a communication channel; the second vehicle verifies the authenticity of received unique certificate number of the first vehicle and attributes by a camera that captures attributes which are visible, using image processing means.
    Type: Application
    Filed: June 20, 2014
    Publication date: February 19, 2015
    Inventors: Shlomi DOLEV, Nisha PANWAR, Michael SEGAL, Lukasz KRZYWIECKI
Narrow Results

Filter by US Classification