Search Patents
  • Method, apparatus and product for RFID authentication
    Patent number: 8332645
    Abstract: A method and apparatus for repeated communication sessions between a sender (e.g., RFID tag) and a receiver (RFID reader) that employs a proactive information security scheme is based on the assumption that the information exchanged during at least one of every n successive communication sessions is not exposed to an adversary. The sender and the receiver maintain a vector of n entries that is repeatedly refreshed by pairwise XORING entries, with a new vector of n entries that is randomly chosen by the sender and sent to the receiver as a part of each communication session. Also, a computational secure scheme based on the information secure scheme is employed to ensure that even in the case that the adversary listens to all the information exchanges, the communication between the sender and the receiver is secure. In particular, the scheme can be used in the domain of remote controls (e.g., for cars).
    Type: Grant
    Filed: September 11, 2007
    Date of Patent: December 11, 2012
    Assignees: Yeda Research and Development Co. Ltd, Sami Shamoon College of Engineering, Shlomi Dolev
    Inventors: Shlomi Dolev, Marina Kopeetsky, Adi Shamir
  • The Generation Of One Way Functions, Based On Mutual Hiding Predefined Success Criteria
    Publication number: 20230269073
    Abstract: A method for creating a one-way function from a computation problem instances with a predefined success criteria, based on mutual hiding of the success criteria, comprising the steps of selecting at least a first and a second original computation tasks, each having an original corresponding success criterion; applying a function (such as a bitwise XOR operation) over both original corresponding success criteria, to form a single combined success criterion for a mutual computation task being a combination of the at least a first and a second original computation tasks; outputting the original computation tasks along with the combined success criterion, while excluding the original corresponding success criteria.
    Type: Application
    Filed: July 1, 2021
    Publication date: August 24, 2023
    Applicant: B.G. Negev Technologies and Applications Ltd., at Ben-Gurion University
    Inventors: Shlomi Dolev, Hagar Dolev
  • Dynamic firewall for NSP networks
    Patent number: 7808911
    Abstract: Method for protecting an NSP data network against data overflow, according to which the NSP data network is divided to a protected sub-network and an unprotected sub-network. Connectivity to external data networks is allowed through the unprotected sub-network via a set of predefined controlled data ports. A maximum available bandwidth that can be processed by a user is determined for each user and maximal sub-bandwidth is allocated for each router. Whenever the data packet flow intended to the user exceeds the sub-bandwidth at one of the routers, the excess packet flow is filtered.
    Type: Grant
    Filed: February 15, 2008
    Date of Patent: October 5, 2010
    Assignee: Deutsche Telekom AG
    Inventor: Shlomo Dolev
  • Secret shared random access machine
    Patent number: 10467389
    Abstract: A method of providing a distributed scheme for executing a RAM program, without revealing any information regarding the program, the data and the results, according to which the instructions of the program are simulated using SUBLEQ instructions and the execution of the program is divided among a plurality of participating computational resources such as one or more clouds, which do not communicate with each other, while secret sharing all the program's SUBLEQ instructions, to hide their nature of operation and the sequence of operations. Private string matching is secretly performed by comparing strings represented in secret shares, for ensuring the execution of the right instruction sequence. Then arithmetic operations are performed over secret shared bits and branch operations are performed according to the secret shared sign bit of the result.
    Type: Grant
    Filed: January 14, 2016
    Date of Patent: November 5, 2019
    Assignee: SECRETSKYDBLTD
    Inventors: Shlomo Dolev, Yin Li
  • SECRET SHARED RANDOM ACCESS MACHINE
    Publication number: 20180011996
    Abstract: A method of providing a distributed scheme for executing a RAM program, without revealing any information regarding the program, the data and the results, according to which the instructions of the program are simulated using SUBLEQ instructions and the execution of the program is divided among a plurality of participating computational resources such as one or more clouds, which do not communicate with each other, while secret sharing all the program's SUBLEQ instructions, to hide their nature of operation and the sequence of operations. Private string matching is secretly performed by comparing strings represented in secret shares, for ensuring the execution of the right instruction sequence. Then arithmetic operations are performed over secret shared bits and branch operations are performed according to the secret shared sign bit of the result.
    Type: Application
    Filed: January 14, 2016
    Publication date: January 11, 2018
    Inventors: Shlomo Dolev, Yin Li
  • ACCUMULATING AUTOMATA AND CASCADED EQUATIONS AUTOMATA FOR NON-INTERACTIVE AND PERENNIAL SECURE MULTI-PARTY COMPUTATION
    Publication number: 20160149866
    Abstract: A method of securely executing practically unbounded input stream of symbols, by non-interactive, multi-party computation, according to which the input stream is distributed among a plurality of parties, which do not communicate among themselves throughout execution, by a dealer with a secret initial state. The dealer distributes shares of the secret state between the parties. The input stream is executed by a finite-state automaton which may be an accumulating automaton with accumulating nodes or an automaton that is defined by a series of cascaded equations. During any execution stage, the input stream and the current state of the original automaton are concealed from any coalition of participants being smaller than a given threshold. Upon receiving a signal from the dealer, the parties terminate the execution and submit their internal state to the dealer, which computes the current state that defines the computation result.
    Type: Application
    Filed: April 23, 2014
    Publication date: May 26, 2016
    Inventors: Shlomo Dolev, Niv Gilboa, Ximing Li
  • Accumulating automata and cascaded equations automata for non-interactive and perennial secure multi-party computation
    Patent number: 9742739
    Abstract: A method of securely executing practically unbounded input stream of symbols, by non-interactive, multi-party computation, according to which the input stream is distributed among a plurality of parties, which do not communicate among themselves throughout execution, by a dealer with a secret initial state. The dealer distributes shares of the secret state between the parties. The input stream is executed by a finite-state automaton which may be an accumulating automaton with accumulating nodes or an automaton that is defined by a series of cascaded equations. During any execution stage, the input stream and the current state of the original automaton are concealed from any coalition of participants being smaller than a given threshold. Upon receiving a signal from the dealer, the parties terminate the execution and submit their internal state to the dealer, which computes the current state that defines the computation result.
    Type: Grant
    Filed: April 23, 2014
    Date of Patent: August 22, 2017
    Assignee: SECRETSKYDB LTD.
    Inventors: Shlomo Dolev, Niv Gilboa, Ximing Li
  • NOVEL DYNAMIC FIREWALL FOR NSP NETWORKS
    Publication number: 20080212481
    Abstract: Method for protecting an NSP data network against data overflow, according to which the NSP data network is divided to a protected sub-network and an unprotected sub-network. Connectivity to external data networks is allowed through the unprotected sub-network via a set of predefined controlled data ports. Each user is connected to the protected sub-network via a proxy router and to the unprotected sub-network via gateway routers that are connected to the proxy router through interconnected intermediating routers and to unprotected sub-network via the set of controlled data ports. A maximum available bandwidth that can be processed by a user is determined for each user and maximal sub-bandwidth is allocated for each router, such that the sub-bandwidth is smaller than the bandwidth.
    Type: Application
    Filed: February 15, 2008
    Publication date: September 4, 2008
    Applicant: Deutsche Telekom AG
    Inventor: Shlomo Dolev
  • COLLABORATIVE SYSTEM FOR PROTECTING AGAINST THE PROPAGATION OF MALWARES IN A NETWORK
    Publication number: 20110113491
    Abstract: The present invention is a system for using a collective computing power of a plurality of network stations in a communication network in order to overcome threats generated by malicious applications. Collaboratively, a large group of simple network stations implement a vaccination mechanism, proliferating information concerning malicious applications (malwares) throughout the network in an efficient manner.
    Type: Application
    Filed: November 8, 2010
    Publication date: May 12, 2011
    Applicant: DEUTSCHE TELEKOM AG
    Inventors: Yaniv Altshuler, Yuval Elovici, Shlomi Dolev, Asaf Shabtai, Yuval Fledel
  • Optical implementation of bounded non-deterministic turing machines
    Publication number: 20050013531
    Abstract: Method and an optical computation device for obtaining an indication about the existence of a feasible solution for a bounded instance of a problem that belongs to the non-deterministic polynomial class of problems, using parallel optical computations employing a multitude of light rays simultaneously propagating along paths in an optical arrangement. An optical arrangement that can implement a universal non deterministic Turing Machine that can solve bounded instances of problems of the class is determined. An initial incoming ray is directed to a point in the optical arrangement, that represents the initial configuration of the universal non deterministic Turing Machine, such that the initial configuration corresponds to the bounded instance. Each incoming ray is split within the optical arrangement into two or more outgoing rays at pre-determined locations in the optical arrangement.
    Type: Application
    Filed: May 18, 2004
    Publication date: January 20, 2005
    Inventors: Shlomo Dolev, Yuval Nir
  • Optical implementation of bounded non-deterministic Turing Machines
    Patent number: 7130093
    Abstract: Method and an optical computation device for obtaining an indication about the existence of a feasible solution for a bounded instance of a problem that belongs to the non-deterministic polynomial class of problems, using parallel optical computations employing a multitude of light rays simultaneously propagating along paths in an optical arrangement. An optical arrangement that can implement a universal non deterministic Turing Machine that can solve bounded instances of problems of the class is determined. An initial incoming ray is directed to a point in the optical arrangement, that represents the initial configuration of the universal non deterministic Turing Machine, such that the initial configuration corresponds to the bounded instance. Each incoming ray is split within the optical arrangement into two or more outgoing rays at pre-determined locations in the optical arrangement.
    Type: Grant
    Filed: May 18, 2004
    Date of Patent: October 31, 2006
    Inventors: Shlomo Dolev, Yuval Nir
  • DIGITAL ARBITRATION
    Publication number: 20140101440
    Abstract: A method for resolving disputes between users in network communications using digital arbitration. The method comprising the steps of agreeing on a contract between the users and choosing a set of arbitrators; appealing to the arbitrators by a first user, if he/she suspects the second user violates the agreement; and giving the information needed to reconstruct a resource of the second user, if a large enough number of arbitrators agree that the second user actually violated the agreement.
    Type: Application
    Filed: October 10, 2012
    Publication date: April 10, 2014
    Applicant: Ben-Gurion University of the Negev
    Inventors: Ofer Hermoni, Niv Gilboa, Shlomi Dolev
  • Digital arbitration
    Patent number: 8868903
    Abstract: A method for resolving disputes between users in network communications using digital arbitration. The method comprising the steps of agreeing on a contract between the users and choosing a set of arbitrators; appealing to the arbitrators by a first user, if he/she suspects the second user violates the agreement; and giving the information needed to reconstruct a resource of the second user, if a large enough number of arbitrators agree that the second user actually violated the agreement.
    Type: Grant
    Filed: October 10, 2012
    Date of Patent: October 21, 2014
    Assignee: Ben-Gurion University of the Negev
    Inventors: Ofer Hermoni, Niv Gilboa, Shlomi Dolev
  • SYSTEM AND METHOD FOR SECURING A COMMUNICATION CHANNEL
    Publication number: 20190034618
    Abstract: A system and method for securing a communication channel may include obtaining a first value by first and second devices. A second value may be randomly selected by the first device and may be provided to the second device. The first and second devices may independently from one another apply a function to the first and second values and may use a result of the function to secure and authenticate a communication channel between the first and second devices.
    Type: Application
    Filed: January 26, 2017
    Publication date: January 31, 2019
    Applicant: SECRET DOUBLE OCTOPUS LTD
    Inventors: Shlomi DOLEV, Shimrit TZUR-DAVID, Chen TETELMAN, Amit LAVI, Amit RAHAV, Raz RAFAELI
  • A METHOD FOR ATTRIBUTE BASED BROADCAST ENCRYPTION WITH PERMANENT REVOCATION
    Publication number: 20140226816
    Abstract: The invention is a method for broadcast encryption that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt said data. The method comprises modifications to the four stages of the basic Cipher-text Policy Attribute-Based Encryption techniques. The method can be adapted to transform any Attribute-Based Encryption scheme that supports only temporary revocation into a scheme that supports the permanent revocation of users.
    Type: Application
    Filed: August 22, 2012
    Publication date: August 14, 2014
    Inventors: Shlomi Dolev, Niv Gilboa, Marina Kopeetsky
  • METHOD AND SYSTEM FOR TESTING AND CHECKING THE CORRECTNESS OF A COMPUTER PROGRAM DURING RUNTIME
    Publication number: 20180196732
    Abstract: The present invention is directed to a method and system for testing, during runtime, the correctness of a computer program (such as a hypervisor, an operating system or an interpreter) that controls a system and has one or more software modules. Accordingly, a reflexive code of a reflex function is integrated into the software modules or into a virtual infrastructure that executes the computer program. Whenever desired, the reflexive code is activated by an input and its corresponding output is processed. Then, the correctness of the one or more software modules or of the computer program is determined according to the processing results.
    Type: Application
    Filed: October 4, 2017
    Publication date: July 12, 2018
    Inventors: Shlomi DOLEV, Amit ROKACH, Roman MANEVICH
  • System and method for securing a communication channel
    Patent number: 11170094
    Abstract: A system and method for securing a communication channel may include obtaining a first value by first and second devices. A second value may be randomly selected by the first device and may be provided to the second device. The first and second devices may independently from one another apply a function to the first and second values and may use a result of the function to secure and authenticate a communication channel between the first and second devices.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: November 9, 2021
    Assignee: SECRET DOUBLE OCTOPUS LTD.
    Inventors: Shlomi Dolev, Shimrit Tzur-David, Chen Tetelman, Amit Lavi, Amit Rahav, Raz Rafaeli
  • System and method for validating an entity
    Patent number: 11233637
    Abstract: A system and method for validating an entity and sending secret shared public key for securely communicating data that may include providing first and second entities with an identical sequence of bits; encrypting data, by the first entity, using bits in a first portion of the identical sequence as an encryption key, to produce encrypted data; XORing the encrypted data based on bits in a second portion of the sequence to produce encrypted and XORed data; sending the encrypted and XORed data to the second entity; and using the sequence of bits, by the second entity, to un-XOR and decrypt the encrypted and XORed data.
    Type: Grant
    Filed: October 18, 2018
    Date of Patent: January 25, 2022
    Assignee: SECRET DOUBLE OCTOPUS LTD
    Inventors: Shlomi Dolev, Lior Shiponi
  • Method for attribute based broadcast encryption with permanent revocation
    Patent number: 9413528
    Abstract: The invention is a method for broadcast encryption that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt said data. The method comprises modifications to the four stages of the basic Cipher-text Policy Attribute-Based Encryption techniques. The method can be adapted to transform any Attribute-Based Encryption scheme that supports only temporary revocation into a scheme that supports the permanent revocation of users.
    Type: Grant
    Filed: August 22, 2012
    Date of Patent: August 9, 2016
    Assignee: Ben-Gurion University of the Negev Research and Development Authority
    Inventors: Shlomi Dolev, Niv Gilboa, Marina Kopeetsky
  • SYSTEM AND METHOD FOR VALIDATING AN ENTITY
    Publication number: 20200127821
    Abstract: A system and method for validating an entity and sending secret shared public key for securely communicating data that may include providing first and second entities with an identical sequence of bits; encrypting data, by the first entity, using bits in a first portion of the identical sequence as an encryption key, to produce encrypted data; XORing the encrypted data based on bits in a second portion of the sequence to produce encrypted and XORed data; sending the encrypted and XORed data to the second entity; and using the sequence of bits, by the second entity, to un-XOR and decrypt the encrypted and XORed data.
    Type: Application
    Filed: October 18, 2018
    Publication date: April 23, 2020
    Applicant: Secret Double Octopus Ltd
    Inventors: Shlomi Dolev, Lior Shiponi
Narrow Results

Filter by US Classification