Follow us on Twitter
twitter icon@FreshPatents


Crypto patents

      

This page is updated frequently with new Crypto-related patent applications.




 Wwan-wlan aggregation security patent thumbnailWwan-wlan aggregation security
One feature pertains to a method for secure wireless communication at an apparatus of a network. The method includes receiving a user equipment identifier identifying a user equipment and a cryptographic key from a wireless wide area network node, and using the cryptographic key as a pairwise master key (pmk).
Qualcomm Incorporated


 Cryptographic key generation and distribution patent thumbnailCryptographic key generation and distribution
Methods, apparatuses, systems, and program products are disclosed for cryptographic key generation and distribution. A method includes generating a cryptographic key that may be divided into a plurality of key segments such that the key is re-constructed by combining each of the plurality of key segments.
Callware Technologies, Inc.


 Network payment tokenization for processing payment transactions patent thumbnailNetwork payment tokenization for processing payment transactions
The present disclosure relates to systems, methods, and devices for network payment tokenization for processing payment transactions. In particular, the message system allows a consumer to initiate a payment transaction with a merchant.
Facebook, Inc.


 Management of workflows patent thumbnailManagement of workflows
When a user of an interface system defines a workflow, the interface system transmits a notification to a user that is to perform the first step of the workflow. When the user requests to initiate the step of the workflow, the interface system creates a transaction for the workflow step.
Peernova, Inc.


 System,  license key permutation patent thumbnailSystem, license key permutation
A system and method of dynamically altering the encoding, structure or other attribute of a cryptographic key, typically a license activation key, to render useless keys that have been created by illegal key generation “cracks”. An encoding/decoding engine provides a plurality of key obfuscation algorithms that may alter the structure, encoding or any other attribute of a given key.
Iii Holdings 12, Llc


 Method and  triggering machine type communications applications patent thumbnailMethod and triggering machine type communications applications
A method and apparatus for machine type communication (mtc) authentication and triggering may be performed by an mtc interworking function (mtc-iwf). On a condition an internet protocol (ip) connection does not exist between a services capability server (scs) and an mtc device, a device trigger message may be received by the mtc device over a tsp interface.
Interdigital Patent Holdings, Inc.


 Cryptographic hash generation system patent thumbnailCryptographic hash generation system
A first module divides a string into a number of blocks. A second module associates the blocks with monoid elements in a list of first monoid elements to produce second monoid elements.
Securerf Corporation


 Encryption key lifecycle management patent thumbnailEncryption key lifecycle management
In some embodiments, a method may include: enforcing a key rotation policy associated with a current encryption key being used to encrypt and decrypt data stored in an ihs; monitoring a cryptoperiod associated with the current encryption key; in response to a determination that the current encryption key has reached the end of the cryptoperiod, automatically transmitting a request to a key provider for a new encryption key; and in response to the request, automatically: receiving the new encryption key, marking the current encryption key as old, un-encrypting the data using the old encryption key, re-encrypting the data using the new encryption key, and, in response to a determination that all of the data has been re-encrypted with the new encryption key, transmitting a request to the key provider that the old encryption key be discarded, and deleting a local copy of the old encryption key.. .
Dell Products, L.p.


 Cryptographic apparatuses and methods for encrypting and decrypting data using automata patent thumbnailCryptographic apparatuses and methods for encrypting and decrypting data using automata
The invention is, firstly, a cryptographic apparatus for encrypting unencrypted data, comprising an input module for inputting the unencrypted data and an output module for outputting encrypted data, and a key automaton (44) adapted for converting the unencrypted data into the encrypted data, and the key automaton (44) is an composition of automata said composition of automata having a set of states and a set of input signals identical to each other and being implemented as a permutation automaton without output signals, said composition of automata comprises at least one factor automaton without output signals, each of the unencrypted data and the encrypted data has a character set identical to each other, and the set of states and the set of input signals, respectively, consist of blocks obtained from all possible combinations of said character set, wherein the blocks are of a predetermined block length. The invention is, furthermore, a cryptographic apparatus for decrypting encrypted data.
Pannon Szoftver Kft.


 System and  one-time chinese-remainder-theorem exponentiation for cryptographic algorythms patent thumbnailSystem and one-time chinese-remainder-theorem exponentiation for cryptographic algorythms
A system, method and computer-readable storage medium with instructions for protecting an electronic device against fault attack. The technology includes operating the electronic device to determine two half-size exponents, dp and dq, from the exponent d; to split the base m into two sub-bases mp and mq determined from the base m; and to iteratively compute a decryption result s by repeatedly multiplying an accumulator a by m, mp, mq or 1 depending on the values of the i-th bit of dp and dq for each iteration i′.
Gemalto Sa


Exponent splitting for cryptographic operations

A first share value and a second share value may be received. A combination of the first share value and the second share value may correspond to an exponent value.
Cryptography Research, Inc.

Systems and methods for providing block chain state proofs for prediction market resolution

An outcome reported by a first prediction market may be determined. A state root hash from a given block in a block chain created during or after a resolution process of the first prediction market may be obtained.
Forecast Foundation Ou

Systems and methods for domain restriction with remote authentication

A process for combining domain restriction and remote authentication may include receiving a token from a plug-in application to conduct a transaction associated with a user of a communicating device. The process may include sending an authentication request to a remote access control sever to authenticate the user, and receiving, from the remote access control server, an authentication tracking value that the remote access control server used in generation of an authentication cryptogram.

Systems and methods for media codecs and containers

Systems and methods for enabling and enforcing cryptocurrency transactions associated with at least a portion of data are provided. Systems and methods may include a cryptocurrency transaction service, the cryptocurrency transaction service including one or more transaction servers and one or more ledger processing devices.
1usf, Inc.

Method for communicating in a network comprising a virtual network , and a communication node comprising a virtual network entity

The invention relates to a method of a communication node communicating in a network comprising a plurality of nodes, said nodes belonging to at least one virtual network, wherein the method comprises the communication node identifying whether a first data packet belongs to said virtual network based on at least one of:—a cryptographic key used for the data packet;—a cryptographic key identifier present in the first data packet;—a personal area network identifier present in the first data packet; or the combination of a cryptographic key and a sender ip address used for the first data packet.. .
Philips Lightings Holding B.v.

Database security model

A system, method and program product for implementing a database security model. A database security model is disclosed that includes: a system for maintaining private data in an encrypted storage area; an encr system for implementing a plurality of encr routines, wherein each of the encr routines is callable from a database application to access and process private data and wherein the encr system operates in a functional space separate from the database application; and a crypto system having a private key and decryption system, wherein the crypto system decrypts private data in response to receiving a decrypt request and public key from an encr routine, and wherein the crypto system operates in a functional space separate from the encr system..
Jjd Software Llc

Instructions and logic to provide simd sm3 cryptographic hashing functionality

Instructions and logic provide simd sm3 cryptographic hashing functionality. Some embodiments include a processor comprising: a decoder to decode instructions for a simd sm3 message expansion, specifying first and second source data operand sets, and an expansion extent.
Lntel Corporation

Communication processing system, processing device, and non-transitory recording medium for computer readable program

The first processing device includes a first communication unit for performing cryptographic communication and plaintext communication, a determination portion for determining whether to set the cryptographic communication, and a communication unit controller. The second processing device includes a second communication unit for performing the cryptographic communication and the plaintext communication with the first communication unit.
Konica Minolta, Inc.

System and shared parameter-level data

A computationally implemented method includes, but is not limited to: configuring a centrally administered data template including one or more data parameters, each of the one or more data parameters configured to be exchanged between one or more remote computing environments; assigning access permissions for each of the one or more data parameters to enable one or more requestors to access or exchange the one or more data parameters; and individually encrypting the one or more data parameters as individual database fields in to enable each of the one or more requestors with a cryptographic key that identifies each of the one or more requestors as qualified to retrieve the one or more data parameters via an api query. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure..

Systems and methods for certification of data units and/or certification verification

In some implementations, a data unit may be hashed to generate a hash. A cryptographic structure, such as a merkle tree or other cryptographic structure, maybe generated based on the hash and published on a block chain or distributed ledger.
Stampery Inc.

Device provisioning service

A computing device is provisioned to be remotely managed by a current owner. The device has an initial cryptographic basis of trust, and an owner identifier that facilitates establishment of communication with the current owner of the device.

Cryptographic key storage in a dispersed storage network

Methods for use in a storage unit of a dispersed storage network (dsn) to securely store cryptographic key information. In various examples, the storage unit receives a slice access request relating to a key slice generated by performing a dispersed storage error encoding function on an encryption key.
International Business Machines Corporation

Methods and resources for generating secure communications

A method of generating wireless communications from a transmit-only device, the method comprising: generating, at the transmit-only device, a first current session key; generating, at the transmit-only device, operational data; generating, at the transmit-only device, crypto-data by performing a cryptographic operation on the operational data using the first current session key; transmitting, from the transmit-only device, a first identifier to enable a resource derive the first current session key; transmitting, from the transmit-only device, the crypto-data.. .
Arm Ip Limited

Reconfigurable free-space quantum cryptography system

A system, and methods, for transmitting encrypted information as a quantum transmission between a first node and a second node, or among more than two nodes. Each node is characterized by an instantaneous spatial position, and the instantaneous spatial position of the second node is repositionable within a frame of reference associated with the first node.
Duke University

Trans vernam cryptography: round one

This invention establishes means and protocols to secure data, using large undisclosed amounts of randomness, replacing the algorithmic complexity paradigm. Its security is credibly appraised through combinatorics calculus, and it transfers the security responsibility to the user who determines how much randomness to use.

Secure data cache

This invention is generally concerned with methods, apparatus and computer program code for securely caching \ data, in particular for caching data stored on smart card systems such as those used in icao-compliant eu electronic passports. A caching system for providing a secure data cache for data stored in an electronic document, the comprising: an input to receive data to be cached; a processor configured to use all or part of said received data to calculate a unique cryptographic key for said data; encrypt all or part of said data with said unique cryptographic key; and discard said unique cryptographic key after encryption and an output to send said encrypted data to a data cache, with decryption of encrypted data requiring said unique cryptographic key to be recalculated from said electronic document whereby said data cache is secure.
Cryptomathic

Secure crypto module including electrical shorting security layers

A security matrix layer between a first and second conductive shorting layers are located within a printed circuit board (pcb) that carries out cryptographic data handling functions. The security matrix layer includes at least two microcapsules each containing one or more reactants.
International Business Machines Corporation

Local verification of code authentication

Embodiments are directed to a computing device having execution hardware including at least one processor core, and non-volatile memory that stores verification module and a private symmetric key unique to the computing device. The verification module, when executed on the execution hardware, causes the execution hardware to perform pre-execution local authenticity verification of externally-supplied code in response to a command to launch that code.

User authentication over networks

Methods are provided for authenticating user authentication data, associated with a user id, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server.
International Business Machines Corporation

Operation method based on white-box cryptography and secure terminal for performing the method

Provided are an operation method and a secure terminal for performing the method. The operation method may include receiving, from a user terminal, a plain text on which an external encoding operation is to be performed, performing the external encoding operation on the plain text, and transmitting the external encoding operated plain text to the user terminal, and the operation method may include receiving, from a user terminal, a cryptogram in which a white-box cryptography operation is performed on an external encoding operated plain text; performing an external decoding operation on the cryptogram; and transmitting the external decoding operated cryptogram to the user terminal..
Hancom Secure Inc.

Component for connecting to a data bus, and methods for implementing a cryptographic functionality in such a component

A component for connecting to a data bus wherein the component implements at least one cryptographic functionality. Also disclosed is a method for implementing a cryptographic functionality in such a component.
Volkswagen Ag

Securely exchanging vehicular sensor information

Technologies for securely exchanging sensor information include an in-vehicle computing system of a vehicle to establish a trusted execution environment and a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server. A private key is bound to the trusted execution environment of the in-vehicle computing system.
Intel Corporation

Generating cryptographic checksums

). .

System for managing cryptographic keys and trust relationships in a secure shell (ssh) environment

A system for managing cryptographic keys and trust relationships in a secure shell (ssh) environment by mapping network servers, clients, and appliances and locating ssh keys and key pairs associated with each device. The system provides for mapping the network topology and all ssh keys and key pairs stored on network connected devices, and the creation of a master database of all devices, keys and key pairs, key types and encryption strength, and user accounts with which each key or key pair is associated.
Venafi, Inc.

Method of testing the resistance of a circuit to a side channel analysis

The present invention relates to a test method of a circuit, comprising: acquiring a plurality of value sets comprising values of a physical quantity linked to the activity of a circuit to be tested when the circuit executes an operation of a set of distinct cryptographic operations applied to a secret data, selecting at least a first subset in each value set, for each value set, counting by a processing unit occurrence numbers of values transformed by a first surjective function applied to the values of the first subset of the value set, to form an occurrence number set for the value set, for each operation of the operation set, and each of the possible values of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets by adding the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value or equivalent value of the possible values of the part of the secret data, provide a partial operation result having a same transformed value resulting from the application of a second surjective function, merging according to a selected merging scheme, cumulative occurrence numbers in the cumulative occurrence number sets, and analyzing the merged cumulative occurrence number sets to determine the part of the secret data.. .
Eshard

Method of testing the resistance of a circuit to a side channel analysis of second order or more

A test method for a circuit can include: acquiring a plurality of value sets including values corresponding to activity of the circuit when the circuit executes an operation of an operation set of distinct cryptographic operations applied to a same secret data, selecting at least two subsets of values in each value set, for each value set and each value subset, counting occurrence numbers of values transformed by a respective first surjective function applied to the values of the subset, for each value set, forming all possible n-tuples associating together one of the occurrence numbers of each value subset of the value set, and computing a combined occurrence number for each n-tuple of the value set by multiplying together the occurrence numbers associated by the n-tuple, to form an occurrence number set for the value set, for each operation of the operation set, and each possible value of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets, obtained by adding together the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value of the possible values of the secret data part, provide a partial operation result having a same transformed value by a second surjective function, and analyzing the cumulative occurrence number sets to determine the part of the secret data.. .
Eshard

Method of testing the resistance of a circuit to a side channel analysis of second order or more

A test method can include: acquiring a plurality of value sets including measurements or signals corresponding with activity of a circuit when executing a set of cryptographic operations on secret data, for each value set, selecting at least two subsets of values, computing combined values and counting occurrence numbers of values transformed by a first surjective function applied to the combined values, for each operation and each possible value of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets by adding the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value of the possible values of the part of the secret data, provide a partial operation result having a same transformed value by a second surjective function, and determine the part of the secret data from the cumulative occurrence number sets.. .
Eshard

Method of testing the resistance of a circuit to a side channel analysis

In a general aspect, a test method can include acquiring a plurality of value sets, each including values of a physical quantity or of logic signals, linked to the activity of a circuit to be tested when executing distinct cryptographic operations applied to a same secret data, for each value set, counting occurrence numbers of the values of the set, for each operation and each of the possible values of a part of the secret data, computing a partial result of operation, computing sums of occurrence numbers, each sum being obtained by adding the occurrence numbers corresponding to the operations which when applied to a same possible value of the part of the secret data, provide a partial operation result having a same value, and analyzing the sums of occurrence numbers to determine the part of the secret data.. .
Eshard

Clock period randomization for defense against cryptographic attacks

Methods, systems, and apparatuses for defending against cryptographic attacks using clock period randomization. The methods, systems, and apparatuses are designed to make side channel attacks and fault injection attacks more difficult by using a clock with a variable period during a cryptographic operation.
Google Inc.

Hybrid trading platform integrating fiat and crypto investments

A hybrid trading platform integrating fiat and crypto investments through multiple secure exchanges is provided. The hybrid trading platform manages the flow of information, in part, through market maker and technician modules adapted to provide greater liquidity and quell volatility..

System and embedding a two dimensional code with concealed secure message

The present invention embodies a technique to embed a graphic representation and/or a concealed message such as but not limited to two dimensional codes such as quick response (qr) code matrices, fingerprints, coded fingerprint representations, iris imagery, iris coded representation, biometric hashes, palm print or portraits into a qr matrix code. In the case where biometric data such as finger print representation, iris coded representation or biometric hashes are encoded into the embedding, suitable binary representation of those patterns are generated before encoding.
Graphiclead Llc

Secure persistent communication between related domains using cookies

A 1st domain makes a request to a 2nd domain using a uri including the name of the 2nd domain, a public path for the domains, and a cryptographically secure path generated by the 1st domain. The 2nd domain makes a request to the 1st domain using a uri including the name of the 1st domain, the pre-defined public path, and the cryptographically secure path.
Salesforce.com, Inc.

Homogenous atomic pattern for double, add, and subtract operations for digital authentication using elliptic curve cryptography

A method of performing finite field addition and doubling operations in an elliptic curve cryptography (ecc) authentication scheme as a countermeasure to side-channel attack. The addition and doubling operations are executed using atomic patterns that involve the same sequence and number of operation types, so that the noise consumption and electromagnetic emanation profile of circuitry performing the operations is identical regardless of operation.
Texas Instruments Incorporated

Evaluating installers and installer payloads

A reputation of an installer may be determined based on contextual information including its source (e.g., its publisher), a cryptographic signature or certificate, a process that carried out its download, a user that initiated its download, whether the installer has been previously vetted by a security policy, and so forth. A corresponding reputation may then be inferred for each of the computer objects contained within the installer, such that the reputation remains with the computer objects if/when they are unpacked on an endpoint.
Sophos Limited

Identity binding systems and methods in a personal data store in an online trust system

A computer-implemented method for managing a personal data store is described for binding one or more identities of different types associated with a user. The computer-implemented method is implemented in a trust system including one or more processing devices communicatively coupled to a network.
Evident Id, Inc.

Secure session capability using public-key cryptography without access to the private key

A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with.
Cloudflare, Inc.

Method and logging into medical devices

The invention relates to a method for logging a service technician into an electrical device (20), comprising the following steps: production (3, 4) of a secret key (sky) as an encrypted login password (lpw) by the electrical device (20), displaying (5) of the secret key (sky) on a display unit (23) of the electrical device (20) as a qr code (qrc), optical sensing (6) of the qr code (qrc) by means of a mobile device (22), decryption (9) of the login password (lpw) from the secret key (sky) of the sensed qr code (qrc) by the mobile device (22), displaying of the login password (lpw) on a screen unit (24) of the mobile device (22), entering of the login password (lpw) into the electrical device (20) by the service technician, comparison (10) of the entered login password (lpw) with the produced login password (lpw) by the electrical device (20), release of the login by the electrical device (20) if the two login passwords (lpw) match. The invention further relates to an associated apparatus.
Siemens Healthcare Gmbh

Systems and methods for "machine-to-machine" (m2m) communications between modules, servers, and an application using public key infrastructure (pki)

Methods and systems are provided for supporting efficient and secure “machine-to-machine” (m2m) communications using a module, a server, and an application. A module can communicate with the server by accessing the internet, and the module can include a sensor and/or an actuator.
M2m And Lot Technologies, Llc

Method and providing a universal deterministically reproducible cryptographic key-pair representation for all skus, shipping cartons, and items

A cryptographic representation of value is adapted to goods in production and products at various stages through a supply chain as represented by their stock keeping units or sku's that refer to a unique identifier or code for the particular stock keeping unit. Embodiments of the invention disclose the generation of a universal unique, yet deterministic, key-pair for all skus, shipping cartons, and items, i.e.
Skuchain, Inc.

Regulating vehicle access using cryptographic methods

A system and method of regulating access to a vehicle from a wireless device communicating using short-range wireless communications includes: transmitting a vehicle access certificate signing request from the wireless device to a central facility; receiving an authenticated vehicle access certificate from the central facility in response to the vehicle access certificate signing request, wherein the authenticated vehicle access certificate is signed using a central facility private key and includes the wireless device public key; transmitting the authenticated vehicle access certificate containing the wireless device public key from the wireless device to the vehicle via a short-range wireless communications protocol; receiving from the vehicle a shared secret that is encrypted by the wireless device public key; decrypting the received shared secret using a wireless device private key; generating a command controlling vehicle functions; and transmitting the command from the wireless device to the vehicle.. .
Gm Global Technology Operations Llc

Trusted computing host

A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management.
Amazon Technologies, Inc.

Exclusive preshared key authentication

Preshared keys are assigned to client devices, users, or user groups. The set of valid preshared keys or keys derived therefrom is distributed to network devices such as wireless access points.
Aerohive Networks, Inc.

Granting access through app instance-specific cryptography

In one example embodiment, a system for registering an application installable on a client device is provided. The system comprises processors and a memory storing instructions that, when executed by at least one processor among the processors, cause the system to perform operations comprising, at least, registering the application at a consumer registry service; receiving, in association with a client device id, a public key of a public-private key pair generated by the consumer registry service, the private key of the public-private key pair stored at a device management service; publishing the application, having the public key and associated client device id, to an application store; and based on a user installation of the published application onto the client device, communicating with the installed application..
Ebay Inc.

Technologies for remote attestation

Technologies for remote attestation include a group member device to generate a signature of a message using a cryptographic key assigned to the group member device by a group manager and determine an authentication path that indicates a plurality of cryptographic hashes necessary to compute a group public key of a group associated with a plurality of group member devices. The cryptographic key is assigned to the group member device based on a permutation of a set of cryptographic keys generated by the plurality of group member devices.
Intel Corporation

Blockchain technology to settle transactions

Expediting settlement of securities traded on an exchange is described. A clearing instruction representing an order for equities can be received.
Domus Tower, Inc.

Computationally efficient transfer processing and auditing apparatuses, methods and systems

The computationally efficient transfer processing and auditing apparatuses, methods and systems (“cetpa”) transforms transaction record inputs via cetpa components into matrix and list tuple outputs for computationally efficient auditing. A blockchain transaction data auditing apparatus comprises a blockchain recordation component, a matrix conversion component, and a bloom filter component.
Fmr Llc

Encrypted code execution

Embodiments of an invention for encrypted code execution are disclosed. In one embodiment, a processor includes a private key, a code decryptor, and an encryption unit.
Intel Corporation

Methods and systems for transmission of arbitrary data via bluetooth hfp audio connections with low latency

A wireless-communication device includes a user interface configured to receive audio signals; a cryptographic module configured to encrypt the audio signals into a binary data sequence; a generator module configured to: receive a bit pattern representative of the binary data sequence; and generate a byte sequence representative of the bit pattern by generating a byte that is greater than the preceding byte when the current bit is of a first value and that is lesser than the preceding byte when the current bit is of a second value; an audio codec configured to generate transmission bits by generating a transmission bit having the first value when the current byte is greater than the preceding byte and having the second value when the current byte is lesser than the preceding byte; and a transceiver configured to convey the transmission bits to a receiver.. .
Nagravision S.a.

System and generating a server-assisted strong password from a weak secret

Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.. .
International Business Machines Corporation

Managing authenticators in a computer system

Certain embodiments provide means for managing automated access to computers, e.g., using ssh user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, kerberos credentials, and cryptographic keys.
Ssh Communications Security Oyj

Method for securing user data with drm keys

Some embodiments provide convenient auto-authentication for user data on a primary device, while still providing a significant level of security, by taking advantage of existing security and cryptographic measures used to communicate with a secondary device. The primary device of some embodiments encrypts the user data on the primary device using a cryptographic key based on a set of keys received from the secondary device.
Apple Inc.

Device, system, and processor-based data protection

A device, system, and method for providing processor-based data protection on a mobile computing device includes accessing data stored in memory with a central processing unit of the mobile computing device and determining that the accessed data is encrypted data based on a data included in one or more control registers of the central processing unit. If the data is determined to be encrypted data, the central processing unit is to decrypt the encrypted data using a cryptographic key stored in the central processing unit.
Intel Corporation

Key distribution in a distributed network environment

A system including a controller and a pool of computing resources to run virtual machines are configured to automatically provision each virtual machine with unique cryptographic constructs. The controller receives a request to instantiate a virtual machine based on an image/template.
Cisco Technology, Inc.

Secure crypto module including conductor on glass security layer

A conductor on glass security layer may be located within a printed circuit board (pcb) of a crypto adapter card or within a daughter card upon the crypto adapter card. The conductor on glass security layer includes a glass dielectric layer that remains intact in the absence of point force loading and shatters when a point load punctures or otherwise contacts the glass dielectric layer.
International Business Machines Corporation

Systems and methods for managing digital identities

Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: using a plurality of measurements taken from a user to generate an identifier for the user, the identifier comprising a cryptographic proof of the plurality of measurements; instantiating a digital identity representation associated with the identifier for the user, the digital identity representation comprising program code that implements rules for attestation; generating an electronic signature over the digital identity representation; and publishing the digital identity representation and the electronic signature to a distributed ledger system..
Cambridge Blockchain, Llc

Reconstructable content objects

One embodiment of the present invention provides a system for delivering a content piece over a network using a set of reconstructable objects. During operation, the system obtains a metadata file that includes a set of rules; generates the set of reconstructable objects for the content piece based on the set of rules included in the metadata file; cryptographically signs the set of reconstructable objects to obtain a set of signed reconstructable objects; and delivers, over the network, the set of signed reconstructable objects along with the metadata file to a recipient, thereby enabling the recipient to extract and store a copy of the content piece and then to reconstruct the set of signed reconstructable objects from the stored copy of the content piece and the metadata file..
Cisco Technology, Inc.

Sequential biometric cryptosystem and sequential biometric cryptographic processing method

A sequential biometric cryptosystem includes: a registration terminal that extracts a set of feature data from each of multiple pieces of biological information acquired from each user, sequentially selects, out of these, a group of multiple sets of feature data, incrementing the number of combined sets, creates a protection template for each selected group of feature data, and stores the protection template into a storage apparatus. The sequential biometric cryptosystem also includes an authentication terminal that extracts feature data from a combination including one or more pieces of biological information of a specified user, acquired through a sensor on the user, verifies a combination of the extracted feature data against the protection template derived from the biological information having the same specified attribute, and performs, if the verification is successful, specified processing on the user..
Hitachi, Ltd.

Communication device, cryptographic communication system, cryptographic communication method, and computer program product

A communication device according to an embodiment is a communication device that communicates with another communication device using an encryption key shared through a quantum key distribution and includes a communication unit, an encrypting unit, a first checking unit, and a communication control unit. The communication unit performs communication of data with the another communication device.
Kabushiki Kaisha Toshiba

Cryptographic key distribution

An hsm management hub coordinates the distribution and synchronization of cryptographic material across a fleet of connected hardware security modules (“hsms”). Cryptographic material is exchanged between hsms in the fleet in a cryptographically protected format.
Amazon Technologies, Inc.

Method for executing a cryptographic calculation and application to the classification by support vector machines

Using the results t and r in a cryptographic application.. .

Computationally efficient transfer processing and auditing apparatuses, methods and systems

The computationally efficient transfer processing, auditing, and search apparatuses, methods and systems (“socoact”) transforms smart contract request, crypto currency deposit request, crypto collateral deposit request, crypto currency transfer request, crypto collateral transfer request inputs via socoact components into transaction confirmation outputs. Also, socoact transforms transaction record inputs via socoact components into matrix and list tuple outputs for computationally efficient auditing.
Fmr Llc

Information transaction infrastructure

A method of transferring information with verification from a first party to a second party using suitably programmed computing apparatus is described. Information from a first party private address to a first party public address.
Mastercard International Incorporated

Method and system for digital currency creation and marketing

A method and system which allow an actor/user to create new cryptocurrency, designed to motivate people to an active lifestyle in various fields by making certain activities or actions, which can be measured and verified using smartphones or other telecommunication devices. The method creates two kinds of universal cryptocurrency, namely: cryptocurrency/time, based on a time during which the activities or actions were performed and cryptocurrency/quantity, based on the amount/quantity of performed activities or actions.

Access control for encrypted data in machine-readable identifiers

Disclosed are various embodiments for providing access control to the underlying data of a single machine-readable identifier when read by various reader devices. A client device may receive a first cryptographic key associated with a first device profile and a second cryptographic key associated with a second device profile.
Wonderhealth, Llc

Group based complete and incremental computer file backup system, process and apparatus

The present invention is capable of determining the rights to a file based on providing a descriptor. The descriptor can be calculated using an algorithm, which may be cryptographic and/or non-cryptographic.
Hybir Inc.

Secure object having protected region, integrity tree, and unprotected region

A method and structure for a secure object, as tangibly embodied in a computer-readable storage medium. The secure object includes a cryptographically protected region containing at least one of code and data, an initial integrity tree that protects an integrity of contents of the cryptographically protected region; and an unprotected region that includes a loader, an esm (enter secure mode) instruction, and one or more communication buffers..
International Business Machines Corporation

Inline cryptographic engine (ice) for peripheral component interconnect express (pcie) systems

Aspects disclosed in the detailed description include inline cryptographic engine (ice) for peripheral component interconnect express (pcie). In this regard, in one aspect, an ice is provided in a pcie root complex (rc) in a host system.
Qualcomm Incorporated

Pharmaceutical composition for preventing, treating, and curing psoriasis including snail slime, chamomile, and honey

The invention relates to a pharmaceutical composition consisting of snail slime of helix aspersa muller (cryptophalus aspersus) (5% to 50%), chamomile extract (5% to 10%), honey (5% to 10%), and additives and/or pharmaceutically accepted excipients to form a formulation having low, intermediate or high viscosity (1 to 1000 pa·s). By dipping a patch or bandage of gauzy fabric into the composition in the form of a lotion, shampoo, soap, cream or gel, the composition is applied on lesions caused by psoriasis.
Muciderm S.a.

Systems and methods for playing back alternative streams of protected content protected using common cryptographic information

Systems and methods for performing adaptive bitrate streaming using alternative streams of protected content in accordance with embodiments of the invention are described. One embodiment of the invention includes a processor, and memory containing a client application.
Sonic Ip, Inc.

System and providing key-encrypted storage in a cloud computing environment

System and method for providing cloud computing services are described. In one embodiment, the system comprises a cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external address to the internal cloud addresses of the cloud workloads.
Micro Focus Software Inc.

Secure connections for low power devices

The disclosed embodiments include computerized methods, systems, and devices, including computer programs encoded on a computer storage medium, for establishing secure wireless communications sessions involving low-power devices. A client device may discover a low-power resource device operating within a wireless network.
Google Inc.

Methods and systems for using deep-strings in computation and communication

Computer and communications systems and methods are provided in which a first computing system sends a second computing system a message and an associated deep-string and the second computing system applies a key of a cryptographic system or a one-way function to the deep-string to determine the deep-string's deep-string-depth. The second computing device then uses the determined deep-string-depth in determining subsequent behavior regarding the message.
Elementum, Llc

System and authentication of things

An authentication of things (aot) system includes a cloud server configured to control a cloud domain connected with a plurality of devices, a home server configured to control a home server connected with a plurality of devices, a first device corresponding to a new device, and a second device of a root user connected with the home domain while authentication is completed in the home server. In this case, the first device loads cryptographic material of the cloud server from the cloud server in a pre-deployment stage, the cryptographic material includes at least one selected from the group consisting of an identifier of the first device in the cloud server, a first private key of an id-based cryptography system of the first device in the cloud server, a first pairwise key of the first device in the cloud server, and a counter of the first device, and if the first device is shipped to a trader, the cloud server deletes the first private key from the cloud server..
Universidade Federal De Minas Gerais

Cryptography on a simplified elliptical curve

A cryptographic calculation includes obtaining a point p(x,y) from a parameter t on an elliptical curve y2=f(x) and from polynomials satisfying: −f(x1(t))·f(x2(t))=u(t)2 in the finite body fq, irrespective of the parameter t, q=3 mod 4. A value of the parameter t is obtained and the point p is determined by: (i) calculating x1=x1(t), x2=x2(t) and u=u(t); (ii) testing whether the term f(x−1) is a squared term in the finite body fq and, if so, calculating the square root of the term f(x1), the point p having x1 as abscissa and y1, the square root of the term f(x1), as ordinate; (iii) otherwise, calculating the square root of the term f(x2), the point p having x2, as abscissa and y2, the square root of the term f(x2), as ordinate.
Morpho

Format preserving encryption

Encrypting data without losing their format is important in computing systems, because many parties using confidential data rely on systems that require specific formatting for data. Information security depends on the systems and methods used to store and transmit data as well as the keys used to encrypt and decrypt those data.
Passport Health Communications, Inc.

Dividend yielding digital currency through elastic securitization, high frequency cross exchange trading, and smart contracts

An apparatus, computer-readable medium, and computer-implemented method for creating collateralized portfolios. A portfolio is a collection of income-producing assets.

System and providing a cryptographic platform for exchanging debt securities denominated in virtual currencies

A system for providing debt securities and other securities and commodity trading instruments. In particular, the system may allow for the decentralized issue and purchase of debt securities, reducing or eliminating many of the problems inherent in the centralized issue and purchase of debt securities.

Method and system for conditional access via license of proprietary functionality

A method and system for securely and traceably enabling playing back of content on a playback device of a plurality of playback devices, in which each of the plurality of playback devices comprises a cryptographic function module (cfm). In one embodiment, the method comprises accepting a first input in the playback device from a content licensing agency; generating, in the device, a first output from the first input according to a proprietary cryptographic function using the cfm, the first output necessary to enable playback of the content by the playback device, the proprietary cryptographic function being one of a family of proprietary cryptographic functions executable by the cfm of each of the plurality of playback devices; and enabling the playback of the content by the device at least in part according to the first output..
Twentieth Century Fox Film Corporation

Optical cryptography systems and methods

Systems and methods for sharing data between a first node and second node are disclosed. The methods may include sharing a first initialization vector between a first node and a second node using a multi-stage cryptography protocol.
The Board Of Regents Of The University Of Oklahoma

Access to a node

According to an example aspect of the present invention, there is provided an apparatus comprising at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to offer a network-based service, determine whether the apparatus is reachable from a public network, responsive to determining the apparatus is not reachable from the public network, establish a tunnel connection with a relay server, and participate in a cryptographic handshake with a network node, wherein packets comprised in the handshake are communicated via the tunnel connection. .
Nokia Technologies Oy

Production of cryptographic signatures

A method and system configured to produce a cryptographic signature on a message, under a key, at a user computer wherein the key is shared between the user computer, which stores a first key-share, and an authentication computer, which stores a second key-share and a first authentication value. The user computer encodes the message to produce a blinded message, produces the first authentication value from a user password and a secret value, and produces a second authentication value by encoding the first authentication value and a nonce.
International Business Machines Corporation

Cryptography on an elliptical curve

A cryptographic calculation includes obtaining a point p(x,y) from a parameter t on an elliptical curve y2=f(x); and from polynomials x1(t), x2(t), x3(t) and u(t) satisfying: f(x1(t))·f(x2(t))·f(x3(t))=u(t)2 in fq, with q=3 mod 4. Firstly a value of the parameter t is obtained.
Morpho

Method and system for distributed cryptographic key provisioning and storage via elliptic curve cryptography

A method for distributing multiple cryptographic keys used to access data includes: receiving a data signal superimposed with an access key request, wherein the access key request includes at least a number, n, greater than 1, of requested keys; generating n key pairs using a key pair generation algorithm, wherein each key pair includes a private key and a public key; deriving an access private key by applying the private key included in each of the n key pairs to a key derivation algorithm; generating an access public key corresponding to the derived access private key using the key pair generation algorithm; and electronically transmitting a data signal superimposed with a private key included in one of the n key pairs for each of the n key pairs.. .
Mastercard International Incorporated

Computer-readable recording medium, shared key generation method, and information processing terminal

An information processing terminal generates a shared key by a public key cryptosystem using an identifier. The information processing terminal calculates a first calculation value by using an algorithm that outputs an element on an extension field of a prime field from two points on an additive cyclic group on an elliptic curve that is defined by the prime field.
Fujitsu Limited

Distributed single sign-on

Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1≦n of the password data shares determine if the user password matches a password attempt.
International Business Machines Corporation

Methods for cryptographic delegation and enforcement of dynamic access to stored data

Methods for cryptographic delegation and enforcement of dynamic access to stored data are disclosed. An example method includes generating for a first modified data block, a new per-block hash value using as a hash function input data contained in the first modified data block or a new per-block hash message authentication code (hmac) using as hash function inputs a new per-block hash key and data contained in the first modified data block, writing the new per-block hash value or the new per-block hmac to data block metadata associated with the modified data block in the protected data object, and writing the first modified data block to one of the data blocks of the protected data object..
Trustwave Holdings, Inc.

Systems and methods for digital asset security ecosystems

A digital asset security device, includes an asset capture unit configured to electronically capture a digital asset, a processor configured to digitally sign the captured asset, a memory configured to store a digitally signed asset from the processor, and a hashing module in communication the asset capture unit, the processor, and the memory, and configured to provide a cryptographic hash to one or more of the captured asset and the digitally signed asset.. .
Cable Television Laboratories, Inc

Cryptographic asic including circuitry-encoded transformation function

A transform-enabled integrated circuit for use in cryptographic proof-of-work systems is provided. The transform-enabled integrated circuit includes a transformation block embedded among other circuitry components within the cryptographic datapath of the transform-enabled integrated circuit.
Blockchain Asics Llc

Data management system, data management method, and recording medium

Provided is a data management system that is configured to divide a table in a database into one or more partitions based on data included in a particular column included in the table, associate an encryption key with each partition of the partitions and store the encryption key in the memory, and execute cryptographic processing for data included in the partition by the encryption key being associated with the partition.. .
Nec Corporation

Network telemetry with byte distribution and cryptographic protocol data elements

In one embodiment, a method includes receiving a flow including a plurality of bytes, each byte having one of a plurality of byte values, determining a byte value distribution metric based on a number of instances of each of the plurality of byte values in the flow, and transmitting telemetry data regarding the flow, the telemetry data including the byte value distribution metric.. .
Cisco Technology, Inc.

User information management system; user information management method; program, and recording medium on which it is recorded, for management server; program, and recording medium on which it is recorded, for user terminal; and program, and recording medium on which it is recorded, for service server

A management server, a service server, and a plurality of user terminals are connected to each other via a network so as to be capable of transmitting and receiving data. The management server includes a user information storage unit that stores user identification information for identifying users belonging to a group, and an identification information notification processor that, each time a service to be provided to the users of the group is newly added, transmits the user identification information of the plurality of users belonging to the group to the service server by cryptographic communication, corresponding to the newly added service.
Encryptier Co., Ltd.

System and implementing secure communications for internet of things (iot) devices

Novel tools and techniques might provide for implementing secure communications for iot devices. In various embodiments, a gateway or computing device might provide connectivity between or amongst two or more internet of things (“iot”) capable devices, by establishing an iot protocol-based, autonomous machine-to-machine communication channel amongst the two or more iot capable devices.
Centurylink Intellectual Property Llc

Memory operation encryption

A processing system includes a processing module having a first interface coupleable to an interconnect. The first interface includes a first cryptologic engine to encrypt a representation of store data of a store operation and a memory address using a first key and a first feedback-based cryptologic process to generate first encrypted data and an encrypted memory address.
Advanced Micro Devices Inc.

Secure wireless communication between controllers and accessories

A controller and an accessory controllable by the controller can communicate using secure read and write procedures. The procedures can include encrypting identifiers of accessory characteristics targeted by a read or write operation as well as any data being read or written.
Apple Inc.

System and internet of things (iot) security and management

System and method for establishing a secure communication between a plurality of internet of things (iot) devices, includes issuing a first digital certificate to the second iot device, inviting the second iot device by the first iot device to establish a communication line with the first iot device by receiving a digital token from the second iot device, authenticating the second iot device using the unique identification and cryptographic key of the second iot device; establishing a secure communication line between the first iot device and the second iot device by authenticating the established communication line and issuing a second digital certificate to the communication line between the first iot device and the second iot device; and preventing a third iot device for which a secure communication line to the first or second iot device has not been established from communicating with the first or second iot device.. .
T-central, Inc.

Multiple factor authentication in an identity certificate service

Multiple factor authentication in an identity certificate service is disclosed. A certificate including a cryptographically-obscured identifier associated with the end entity is sent from an end entity to a service node.
Mobile Iron, Inc.

Systems and methods for management controller management of key encryption key

In accordance with embodiments of the present disclosure, a management controller configured to provide management-domain management of an information handling system may include a processor and a key management utility embodied in non-transitory computer-readable media. The key management utility may be configured to issue one or more commands to a cryptoprocessor for storing and sealing a key encryption key on the cryptoprocessor, wherein the key encryption key is for decrypting a media encryption key for encrypting and decrypting data stored to a storage resource of a host domain of the information handling system.
Dell Products L.p.

Puf value generation using an anti-fuse memory array

A method and system are used to generate random values for physical unclonable function (puf) for use in cryptographic applications. A puf value generation apparatus comprises two dielectric breakdown based anti-fuses and at least one current limiting circuit connected between anti-fuses and power rails.
Sidense Corp.

Secure customer key injection for build-to-stock systems

Techniques for manufacturing cryptographically-enabled network endpoints are described herein. In an example, an endpoint is provisioned with keys, which may include a revocation key, a command key, a recovery key and other cryptographic information.
Itron, Inc.

Authenticating payment credentials in closed loop transaction processing

Presentation of an open-loop smart chip-based payment device is obtained at a terminal-reader assembly in a closed-loop transit environment. Verification of cryptographic credentials associated with the open-loop smart chip-based payment device is carried out at a transit payment network interface processor within the closed-loop transit environment.
Mastercard International Incorporated

System and the computer methods of issuing, transferring and manipulating value or gift cards using blockchain technology

The described invention consists of system and the computer methods of generating and manipulating value or gift cards which are cryptographically assigned to a person's identity and stored on double entry ledger called block chain. A functional module of the system allows the transfer of such value or gift cards to other persons.

Fungal-specific metalloproteases and uses thereof

The present invention relates to methods of reducing, delaying, preventing and/or inhibiting the progression of a cryptococcus infection into the central nervous system (cns) of a subject by inhibiting the activity of a m36 fungalysin metalloprotease (e.g., mpr1) secreted by the cryptococcus. The invention further provides methods of increasing, promoting and/or enhancing delivery of a therapeutic agent across the blood-brain-barrier, comprising systemically administering the therapeutic agent in conjunction with a m36 fungalysin metalloprotease (e.g., mpr1), or an enzymatically active fragment thereof..
The Regents Of The University Of California

Systems and methods for preventing transmitted cryptographic parameters from compromising privacy

A method for secure cryptographic communication comprises transmitting information that identifies a group key from a first device to a second device. The method further comprises, in the first device, using the group key to encrypt an input vector, transmitting the encrypted input vector, encrypting privacy-sensitive information using a device key, an encryption algorithm, and the input vector, and transmitting the encrypted privacy-sensitive information to the second device..
Neology, Inc.

Method, system and apparatus using forward-secure cryptography for passcode verification

Methods, apparatus, and systems using a passcode for securing interaction between a user and a computer based application are disclosed.. .
Vasco Data Security, Inc.

Anti-counterfeiting label preserving functionality after use

A near field magnetically coupled anti-counterfeiting tag comprises a control microcircuit configured to implement a basic function and a cryptographic function; a sacrificial conductive track located across a sacrificial area of the tag; and a circuit for detecting continuity of the sacrificial track, cooperating with the microcircuit to implement the basic function without implementing the cryptographic function when the sacrificial track is broken.. .
Wisekey Semiconductors

Countermeasures against an attack by analysis of electrical consumption for a cryptographic device

In a general aspect, a countermeasure method implemented in a microcircuit can include selecting, at each cycle of a clock signal, a supply mode of a component internal to the microcircuit, the supply mode can be selected from among a first supply mode in which the component is fully supplied by a first supply circuit connected to a supply input of the microcircuit, and at least one second supply mode in which the component is at least partially supplied by a second supply circuit internal to the microcircuit. The second supply circuit can be isolated from the exterior of the microcircuit while it is supplying the component..
Inside Secure

Secure electronic mail system

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage..
Cirius Messaging Inc.

Rotor movement control and rotor wiring for rotor-based encryption machines and electronic equivalents

A cryptographic system having a plurality of rotors or electronic equivalents using displacement tables. A rotor movement controller, in accordance with a rotor selection value, selectively moves one or more of the rotors or the electronic equivalent of the rotors for each data input value.

Testing a non-core mmu

Embodiments herein provide a testing apparatus (whether physical or simulated) for testing a non-core mmu in a processor chip. Unlike core mmus, non-core mmus may be located in a part of the processor chip outside of the processing cores in the chip.
International Business Machines Corporation

Testing a non-core mmu

Embodiments herein provide a testing apparatus (whether physical or simulated) for testing a non-core mmu in a processor chip. Unlike core mmus, non-core mmus may be located in a part of the processor chip outside of the processing cores in the chip.
International Business Machines Corporation

Set of servers for "machine-to-machine" communications using public key infrastructure

A set of servers can support secure and efficient “machine to machine” communications using an application interface and a module controller. The set of servers can record data for a plurality of modules in a shared module database.
M2m And Iot Technologies, Llc

Methods, systems and devices for packet watermarking and efficient provisioning of bandwidth

Disclosed herein are methods and systems for transmitting streams of data. The present invention also relates to generating packet watermarks and packet watermark keys.
Wistaria Trading Ltd

Chaining of use case-specific entity identifiers

Disclosed are various embodiments for correlating a first use case-specific entity identifier with a second use case-specific entity identifier. A chained entity identifier corresponds to the first use case-specific entity identifier.
Amazon Technologies, Inc.

Hardware cryptographic authentication

An example method of establishing an authenticated session between two communicating devices includes establishing, by a first processor of a first device, a secure connection with a second device over the network using a communications protocol; receiving, by the first processor, an identity authentication request from the second device; passing, by the first processor, the identity authentication request to a second processor located on an authentication chip of the first device; generating, by the second processor using one or more authentication code functions stored on the authentication chip, one or more authentication codes using a unique serial number of the first device and an authentication key, both stored on the authentication chip; providing, by the second processor, the one or more generated authentication codes to the first processor; and sending, by the first processor, a response to the second device that includes the one or more generated authentication codes.. .
Itron, Inc.

Method for transmitting data, receiving data, corresponding devices and programs

The disclosure relates to a method for transmitting data and to a corresponding method for receiving data. According to the disclosure, in the method for transmitting data, a cryptographic processing operation is performed on the data to be transmitted, after this data has been pre-subdivided into blocks of data, and a tag representing each block of encrypted data is computed.
Ingenico Group

Secure hardware for cross-device trusted applications

Various technologies described herein pertain to a computing device that includes secure hardware (e.g., a tpm, a secure processor of a processing platform, protected memory that includes a software-based tpm, etc.). The secure hardware includes a shared secret, which is shared by the secure hardware and a server computing system.
Microsoft Technology Licensing, Llc

Elliptic curve hardware integrated circuit

Embodiments of a system for, and method for using, an elliptic curve cryptography integrated circuit are generally described herein. An elliptic curve cryptography (ecc) operation request may be received.
Intel Corporation

Keying infrastructure

A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys.
Microsoft Technology Licensing, Llc

Mobile device management delegate for managing isolated devices

A device manager establishes a mobile device and a gateway as managed devices. The device manager generates management metadata and a split cryptographic key.
Dell Products L.p.

Method and system for protecting a cryptographic operation

The device is further configured to determine the result of the operation from at least one of the reference values and/or of the extension values depending on the verification of a condition between the reference value obtained for each reference ring and the extension values obtained for the extended rings corresponding to the reference ring.. .

Method and device for protecting access to wallets in which crypto currencies are stored

A method is provided for securing access to wallets in which crypto currencies and/or their secrets are stored. The method uses a transaction server on which transaction logic runs to perform a transaction with a client device controlled by a user.
Draglet Gmbh

Methods for online media collaboration and licensing

Systems and methods for granting media licensing are disclosed. A multiplicity of cryptocurrency nodes in a distributed cryptocurrency network are tailored for media licensing.

Secure routing of trusted software transactions in unsecure fabric

Various configurations and methods for securing and validating trusted input output (io) data communications within fabric interconnects of processing circuitry are disclosed herein. As an example, a technique for secure routing of trusted software transactions includes operations of a crypto engine and an io hub to validate trusted transactions such as dma read and write transactions received from a trusted io controller, and configuring the fabrics of the circuitry to prevent re-routing or tampering of data from the trusted transactions.
Intel Corporation

Aryl isonitrile compounds as a new class of potent, broad-spectrum antifungal compounds

Invasive fungal infections present a formidable global public health challenge due to the limited number of approved antifungal agents and the emergence of resistance to the frontline treatment options, such as fluconazole. Three fungal pathogens of significant concern are candida, cryptococcus, and aspergillus given their propensity to cause opportunistic infections in immunocompromised individuals.
Purdue Research Foundation

Methods and naming video content chunks

A method for generating a filename for a chunk of streamed video content is disclosed. The method comprises performing a cryptographic hash function on data associated with the chunk of video content (100a) and setting the output hash value of the cryptographic hash function as the chunk filename (100b).
Telefonaktiebolaget Lm Ericsson (publ)

Enhanced data security through uniqueness checking

A system records use of values used in cryptographic algorithms where the values are subject to uniqueness constraints. As new values are received, the system checks whether violations of a unique constraint has occurred.
Amazon Technologies, Inc.

Method and device for transmitting software

A method for transmitting software in which a checker generates two random numbers. The checker calculates a cryptographic key based on the second random number based on a measured hardware function of the device.
Robert Bosch Gmbh

Secure unlock to access debug hardware

System and techniques for secure unlock to access debug hardware are described herein. A cryptographic key may be received at a hardware debug access port of a device.
Intel Corporation

Cryptographic protocol for portable devices

Embodiments are directed towards communicating using a mobile device that performs actions including. A mobile device may be provisioned with an access point such that a provisioning key and a provisioning token for each of the provisioned access points may be stored on the mobile device.
Nymi Inc.

Method for implementing encrypted client-server communication

A method for implementing an encrypted client-server communication, wherein the server includes an entry point, service systems behind the entry point, and a secure system. The method includes incorporating common cryptographic material into the client and into the secure system, deriving key material from the common cryptographic material in the client for an encrypted communication between the client and a service system, deriving key material from the common cryptographic material in the secure system for an encrypted communication between the client and a service system, and transferring the key material into the service system or retaining the key material in the secure system..
Volkswagen Ag

Device and the personalized provision of a key

A device and a method is disclosed for the personalized provision of a key for processing target information. The device comprises an information receiving means to receive biometric information about the user, a storage device for storing biometric reference information, an authentication means to compare the user's biometric information, which was received by the biometric information acquisition means, to the stored biometric reference information, and an output means to output information.
Deutsche Post Ag

Discovery of secure network enclaves

A hierarchical key generation and distribution mechanism for a computer system in which devices are organized into secure enclaves. The mechanism enables network access to be tailored to approximate minimum needed privileges for each device.
Microsoft Technology Licensing, Llc

Wide encoding of intermediate values within a white-box implementation

A method for a method for mapping an input message to an output message by a keyed cryptographic operation in a cryptographic system, the keyed cryptographic operation including a plurality of substitution layers and state data, including: mapping the input message to first state data in a first substitution layer of the keyed cryptographic operation, wherein the first substitution layer includes n basic blocks that implement the first substitution layer and wherein a non-linear encoding having a first size is placed on the inputs and outputs of the n basic blocks of the first substitution layer, where n is an integer; mapping the first state data to second state data in a plurality of intermediate substitution layers of the keyed cryptographic operation, wherein the intermediate substitution layers include m blocks that implement the intermediate substitution layers and wherein a plurality of non-linear encodings having a second size are placed on the inputs and outputs of the m basic blocks of the intermediate substitution layers, where m is an integer; and mapping the second state data to an output message in a final substitution layer of the keyed cryptographic operation, wherein the final substitution layer includes k basic blocks that implement the final substitution layer and wherein a non-linear encoding having a third size is placed on the inputs and outputs of the k basic blocks of the final substitution layer, where k is an integer, wherein the first and second size is greater than the second size, wherein n>m, and wherein k>m.. .
Nxp B.v.

One-time pad communications network

A system and method for providing secure and anonymous communication between a plurality of individuals relying on the cryptographic method of the one-time pad (otp) is described. Unique, randomly generated blocks of data are generated to serve as one-time pads, and each is given a unique identification that serves as a system address.

Countermeasure an electronic component implementing an elliptic curve cryptography algorithm

The subject of the invention is a countermeasure method for an electronic component implementing a public-key cryptography algorithm on an elliptic curve e defined over a field and comprising an iterative scalar multiplication operation making it possible to obtain a point [k]p on the basis of a point p of the curve e and of an integer k that must remain secret, the electrical consumption of the electronic component being dependent on the value taken by at least one so-called critical point used during said operation to iteratively determine the point [k]p. The method comprises: a step (500) of providing at least one power of a predefined non-zero constant element c of different from one; a step (501) of initializing the coordinates of the at least one critical point to a predefined value; a step (502) implementing the scalar multiplication operation, the coordinates associated with at least one critical point being modified at each iteration by multiplying at least one of the coordinates of this point by the at least one power of the element c obtained in the providing step (500)..
Secure-is Sas

Apparatus and embedding searchable information, encryption, transmission, storage and retrieval

A cell phone is disclosed for acquiring information to be transmitted to a receiving facility and for transmitting such thereto. A capture device captures information from an external source.
Myport Technologies, Inc.

Computer implemented frameworks and methods configured to create and manage a virtual currency

Described herein are computer implemented frameworks and methods configured to create and manage a virtual currency bearing characteristics of both a cryptocurrency and fiat money at the same time. The virtual currency bridges the gap between fiat currency of the real world commerce, trade, and finance and cryptocurrency by way of a self-adjusting extrinsic value that is influenced by cross currency exchange rates of fiat currencies.
Dragonfly Fintech Pte Ltd

Biometric cryptography using micromachined ultrasound transducers

An embodiment includes an ultrasonic sensor system comprising: a backend material stack including a first metal layer between a substrate and a second metal layer with each of the first and second metal layers including a dielectric material; a ultrasonic sensor including a chamber, having a negative air pressure, that is sealed by first and second electrodes coupled to each other with first and second sidewalls; an interconnect, not included in the sensor, in the second metal layer; wherein (a) a first vertical axis intersects the substrate, the chamber, and the first and second electrodes, (b) a second vertical axis intersects the interconnect and the substrate, (c) a first horizontal axis intersects the chamber, the interconnect, and the first and second sidewalls, and (d) the first and second electrodes and the first and second sidewalls each include copper and each are included in the second metal layer.. .
Intel Corporation

Personal ledger blockchain

A system, method, and computer readable storage medium configured for storing encrypted data in a blockchain. To write additional data in a blockchain, a request is received at a computing node.
International Business Machines Corporation

Techniques to enable scalable cryptographically protected memory using on-chip memory

Techniques to enable scalable cryptographically protected memory using on-chip memory are described. In one embodiment, an apparatus may comprise a processor component implemented on a first integrated circuit, an on-chip memory component implemented on the first integrated circuit, the on-chip memory component to include a memory page handler to manage memory pages stored on the on-chip memory component, and a cryptographic engine to encrypt and decrypt memory pages for the memory page handler, and an off-chip memory component implemented on a second integrated circuit coupled to the first integrated circuit, the off-chip memory component to store encrypted memory pages evicted from the on-chip memory component.

Techniques to compress cryptographic metadata for memory encryption

Examples include techniques for compressing counter values included in cryptographic metadata. In some examples, a cache line to fill a cache included in on-die processor memory may be received.
Intel Corporation

Method for verifying the functionalities of a software intended to be integrated into a cryptographic component, system

The method for validating the status of a memory of a simulator of a cryptographic component able to save data generated by a cryptographic function, includes a step carried out in the simulator including a first execution of a first cryptographic function generating: a first status of the first memory, and a first result of the first command; a step carried out in a test bench including a second execution of a second simplified cryptographic function, with the first and the second functions carrying out the same operations generating: a second status of the memory, and a second result of the second command; a step of validating including comparisons: of the first status and of the second status and of the first result and of the second result.. .
Airbus Ds Slc

Technologies for protecting audio data with trusted i/o

Technologies for cryptographic protection of i/o audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec.

Medical systems, devices and methods

There is disclosed a medical system comprising one or more sensors associated with one or more actuators. Various embodiments describe sensors and/or actuators, logic circuits, user interfaces, association schemes, communication schemes, security schemes, cryptographic schemes, medical management rules, social mechanisms, energy management schemes, time and/or space schemes, body analytes and/or biomarkers, blood glucose and/or interstitial glucose sensors, drug delivery devices, continuous glucose monitoring devices, as well as flash glucose monitoring devices.

Tumor cell-inhibited composition

A composition utilizing natural materials is selected from a group of plant extract comprising: taiwan cypress, stout camphor tree, taiwan incense cedar, cinnamomum camphora, cymbopogon nardus, litsea cubeba, cinnamomum zeylanicum, taiwan cunninghamia lanceolatavar, melaleuca alternifolia, eucalyptus robusta smith, cryptomeria japonica and acacia confuse. The tumor cell-inhibited composition having the efficiency of inhibiting the growth of tumor cells is formed by mixing these extracts based on a specific ratio..

Signed envelope encryption

Clients within a computing environment may establish a secure communication session. Sometimes, a client may trust another client to read, but not modify, a message.
Amazon Technologies, Inc.

Allowing varied device access based on different levels of unlocking mechanisms

Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy.
Intel Corporation

Bidirectional cryptographic io for data streams

Various configurations and techniques for enabling bidirectional cryptographic input output (io) operations with an io device of a computing system are disclosed herein. In an example, electronic operations of a computing system to enable a secure direct memory access (dma) transaction including writing information to enable the secure dma transaction to memory, reading and verifying the information from memory, performing encryption of data from the io device using the information from memory, and writing encrypted secure data for the secure dma transaction to the memory.
Intel Corporation

Managing credentials in a computer system

Certain embodiments provide means for managing automated access to computers, e.g., using ssh user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, kerberos credentials, and cryptographic keys.
Ssh Communications Security Oyj

Key exchange through partially trusted third party

Clients within a computing environment may establish a secure communication session. Sometimes, a client may trust a cryptography service to perform some cryptographic operations and access some cryptographic resources while simultaneously not trusting the cryptography service to perform other operations and access other resources.
Amazon Technologies, Inc.

Methods, systems, and computer readable media for reducing the size of a cryptographic key in a test simulation environment

Methods, systems, and computer readable media for reducing the size of a cryptographic key in a test simulation environment are disclosed. In one example, a method includes determining a minimum key size value and maximum key size value for a private cryptographic key for each of a plurality of key exchange value pairs and deriving, for each of the plurality of key exchange value pairs, a key sizing constant based on the minimum key size value and the maximum key size value.
Ixia

Decoy bits direct encryption and key generation

A new cryptographic technique is disclosed, called decoy bits method, which can be used to obtain near ideal information theoretic security in both quantum and classical key generation and data encryption, not only for raw security but also under known-plaintext attacks. The technique relates to a method of data encryption by insertion of random bits, called decoy bits, into a data sequence whereby the decoy bits are discarded upon decryption.
Quantum Advance Technology, Inc.

Cryptographic machines with n-state lab-transformed switching devices

N-state switching tables are transformed by a lab-transform into a lab-transformed n-state switching table. Memory devices, processors and combinational circuits with inputs and an output are characterized by the lab-transformed n-state switching table and perform switching operations between physical states in accordance with a lab-transformed n-state switching table.

Interception of touch pad events for handling in a secure environment

Some examples include sending, to a secure environment, coordinates for certain touch events made to a touchscreen of an electronic device. As one example, an import address table that is accessed by an event loop of the electronic device may be modified.
Square, Inc.

Methods and systems for providing and controlling cryptographic secure communications terminal providing a remote desktop accessible in secured and unsecured environments

Methods and systems for operating a remote desktop client from a computing system hosting a secure boot device. In some embodiments, a method comprises initiating execution of an operating system from the computing system hosting the secure boot device, the computing system communicatively connected within a secure enterprise network, the computing system being untrusted within the secure enterprise network and based on verification of received authentication credentials, booting an operating system from the secure boot device and establishing a secure communication tunnel with a service appliance.
Unisys Corporation

Methods and systems for providing and controlling cryptographic secure communications terminal operable to provide a plurality of desktop environments

Methods and systems for switching between multiple languages of a remote desktop client operating on a secure boot device are disclosed. A method includes initiating an operating system from the secure boot device and receiving credentials including a user identification and a password.
Unisys Corporation

Methods and systems for providing and controlling cryptographic secure communications terminal operable in a plurality of languages

Methods and systems for switching between multiple languages of a remote desktop client operating on a secure boot device are disclosed. A method includes initiating an operating system from the secure boot device and receiving credentials including a user identification and a password.
Unisys Corporation

System and data management structure using auditable delta records in a distributed environment

A system and method of recording data from a number of devices in a distributed network system in a manner adaptable for auditing the device output. The devices may include one or more control, sensor, edge, or peripheral computing devices physically separate in the distributed network system and in communication with a control server.
Olea Networks, Inc.

Managing relationships in a computer system

Certain embodiments provide means for managing automated access to computers, e.g., using ssh user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, kerberos credentials, and cryptographic keys.
Ssh Communications Security Oyj

Cryptographic proxy service

A cryptographic proxy service may be provided. Upon determining that data associated with a network destination comprises at least some sensitive data, a cryptographic service may provide a security certificate associated with the network destination.
Vmware, Inc.

Method and device for cryptographic key generation

A method and a device for generation of a cryptographic key pair for use in a (generalized) goldwasser-micali cryptosystem. The device generates a first prime p≡1 (mod 2k), where k≧1 is an integer, and a second prime q≡3 (mod 4) or q≡1 (mod 4); computes a modulus n=pq; picks an integer y∈n\n, where n is a set of integers whose jacobi symbol is 1 and n is a set of quadratic residues; and outputs a public key pk={n,y,k} and a private key sk={p,k}..
Thomson Licesing

Hardware assisted fast pseudorandom number generation

A system and method for generating pseudorandom numbers by initializing a counter value for a call-counter, sending a bit-wise form of the counter value from the counter to a mixing function, and mixing the counter value to generate the pseudorandom number. The mixing function may be a xor tree, substitution-permutation, or double-mix feistel.
The Boeing Company

Masking and unmasking methods and devices

Devices and methods for masking and unmasking sensitive data, based on a standard cryptographic algorithm defining a ciphering algorithm, and a deciphering algorithm using more resources than the ciphering algorithm are described. The masking of sensitive data is done by applying the deciphering algorithm to the sensitive data to obtain masked sensitive data.
Oberthur Technologies

Method and cryptographically secure peer-to-peer trading platform

A secure electronic peer-to-peer bond-trading network for executing trades at mid-market prices and a process for performing the trades in a secure cryptographic manner, where users can submit pricing or show trade orders in a manner such that confidence in the protection of confidential information is enhanced.. .

Methods and systems of using a cryptocurrency system to manage payments and payment alternatives

Embodiments of the present invention are directed to methods and systems for the efficient management of a digital currency system using a cryptocurrency scheme. Embodiments utilize a payment processor computer to manage entities in the digital currency system, which have the rights to generate, distribute, transact with, and redeem units of a digital currency.

Organizing key-value information sets into hierarchical representations for efficient signature computation given change information

One embodiment provides a method for enabling computation of a signature of an information set given change information by storing information in a hierarchical data structure, the method including: utilizing at least one processor to execute computer code that performs the steps of: receiving change information relating to a first node within the hierarchical data structure; accessing a database comprising at least one key, wherein the at least one key comprises a crypto-hash and is assigned to a node within the hierarchical data structure; identifying a node key within the database that is assigned to the first node; computing a node crypto-hash for the first node after modifying the first node using the received change information; modifying the node key based upon the computed node crypto-hash; and updating the database with the modified node key. Other aspects are described and claimed..
International Business Machines Corporation

Customer load of field programmable gate arrays

Customer content is securely loaded on a field programmable gate array (fpga) located on a secure cryptography card. The customer content is loaded such that it may not be extracted.
International Business Machines Corporation

Chained security systems

A tiered credentialing approach provides assurance to customers having virtual machines running in a remote environment that the virtual images for these machines are in a pristine state and running in a trusted execution environment. The environment can be divided into multiple subsystems, each having its own cryptographic boundary, secure storage, and trusted computing capabilities.
Amazon Technologies, Inc.

Method for setting up a secure end-to-end communication between a user terminal and a connected object

A method for setting up a secure end-to-end communication between a user terminal or a context broker server, and an object connected to the ip infrastructure through a gateway. The method uses an access authorisation server and a production server.
Commissariat A L'energie Atomique Et Aux Energies Alternatives

Cellular network authentication

A method, apparatus and computer program in which a cellular terminal: transmits a request that requires authentication procedure triggering to a cellular network and responsively receiving from the cellular network an authentication request message with an indication of a selected cryptographic algorithm from a group of a plurality of cryptographic algorithms; decodes the authentication request message to a decoded authentication request according to the selected cryptographic algorithm and based on a shared secret known by the cellular terminal and a network operator of the cellular terminal; based on the decoded authentication request, the shared secret and the selected cryptographic algorithm, produces and encrypts an authentication response message; and transmits the authentication response message to the cellular network.. .
Nokia Technologies Oy

Device for determining a shared key

A first device (300) configured to determine a shared key with a second device (350). In cryptography, a key-agreement protocol is a protocol whereby two or more parties that may not yet share a common key can agree on such a key.
Koninklijke Philips N.v.

Cryptographic communication system and cryptographic communication method

Provided is a cryptographic communication system including a first semiconductor device and a second semiconductor device. The first semiconductor device includes a common key generation unit that generates a common key ck(a) by using a unique code uc(a) and correction data cd(a), and an encryption unit that encrypts the common key ck(a) generated in the common key generation unit by using a public key pk(b) of the second semiconductor device.
Renesas Electronics Corporation

Method for enhanced security of computational device with multiple cores

A method to protect computational, in particular cryptographic, devices having multi-core processors from dpa and dfa attacks is disclosed herein. The method implies: defining a library of execution units functionally grouped into business function related units, security function related units and scheduler function related units; designating at random one among the plurality of processing cores on the computational device to as a master core for execution of the scheduler function related execution units; and causing, under control of the scheduler, execution of the library of execution units, so as to result in a randomized execution flow capable of resisting security threats initiated on the computational device..
Giesecke & Devrient Gmbh

Systems and methods for improving security in blockchain-asset exchange

The embodiments described herein comprise hardware and software improvements in blockchain-asset exchange technology, whereby one or more servers automatically, based on a set of predetermined rules, executes a mechanism allowing blockchain-asset exchange customers to place standing-limit or market orders for blockchain-based digital assets (e.g., cryptocurrencies) with a counter-party, but without counter-party risk. The counter-party will not receive the payment until the customer's exchange order has executed, and the customer has taken possession and ownership of the desired asset.
Shapeshift

Mobile checkout systems and methods

A mobile checkout system and method for completing a purchase transaction to purchase items from an internet merchant. A user browses and selects items for purchase from the merchant through a shopping application or browser (mobile or pc).
Samsung Pay, Inc.

Gate-level masking

A method of and system for gate-level masking of secret data during a cryptographic process is described. A mask share is determined, wherein a first portion of the mask share includes a first number of zero-values and a second number of one-values, and a second portion of the mask share includes the first number of one-values and the second number of zero-values.
Cryptography Research, Inc.

Secure communication between infusion pump and server

An infusion pump and server computer have improved network access security. The infusion pump has a network interface circuit to provide communications over a network and a processing circuit that generates infusion pump data for transmission to a remote server computer.

Communication system and key information sharing method

A communication system and key information sharing method which allows first and second communication devices to share key information and perform cryptograph processing. The monitoring device calculates hash value based on copy data of storage content of an ecu, and transmits a part to the ecu as confirmation information.

Method and system for identifying manipulation of data records

A method for identifying manipulation of data records in a system including a computation apparatus and an external security apparatus, wherein the data records are stored in the computation apparatus, having the method steps of: allocation of a secret to a computation apparatus, generation of a first cryptographic key by a one-way function on the basis of the secret, storage of the secret on a security apparatus that is different from the computation apparatus, use of the first cryptographic key for the purpose of protecting a first data record, and generation of a respective next cryptographic key by the same one-way function on the basis of the respectively preceding cryptographic key for the purpose of protecting a next data record on the computation apparatus and simultaneous erasure or overwriting of the respectively preceding cryptographic key.. .

Protecting white-box feistel network implementation against fault attack

A method of implementing a method of mapping an input message to an output message by a keyed cryptographic operation, wherein the keyed cryptographic operation includes a plurality of rounds using a feistel network, including: receiving an input having a first half and a second half; performing, by a basic block, a portion of a round function on the second half to produce a portion of an encoded output, and wherein the basic block provides a portion of the second half as a portion of an encoded first input to a next round; and xoring the portion of the encoded output and a portion the first half to produce a portion of an encoded second input to the next round.. .

Authentication mechanisms for wireless networks

Security techniques and security mechanisms for wireless networks that transmit content such as advertisements. According to exemplary techniques, control messages comprising unrequested content (e.g., advertisement data) may be transmitted in response to a request from a client device, while in other exemplary techniques the control messages may be transmitted without any request from a client device.
Microsoft Technology Licensing, Llc

Method, network element, mobile terminal, system and computer program product for cryptographic algorithm negotiation

Method, network element, mobile terminal, system and computer program product are disclosed for negotiating cryptographic algorithm. The method comprises: receiving a first candidate list from the mobile terminal by the network element, wherein the first candidate list includes at least one candidate cryptographic algorithm supported by the mobile terminal and excludes at least one undesirable cryptographic algorithm even though it is supported by the mobile terminal; and selecting, from the first candidate list, a cryptographic algorithm supported by both the network element and the mobile terminal.
Nokia Technologies Oy

Perfect forward secrecy distributed denial of service attack defense

Provided are methods and systems for mitigating a dos attack. A method for mitigating a dos attack may commence with receiving, from a client, a request to initiate a secure session between the client and a server.
A10 Networks, Inc.

Systems and methods for employing rsa cryptography

A system that includes a client front end, a client server, and an authentication server, wherein the authentication server is configured to contains a public key to be employed for encryption of a license key, and the client server is configured to contain a private key to be employed for decryption of the license key.. .

Secure software updates

Improved techniques to update software in electronic devices that are already in use are disclosed. In one embodiment, software can be updated in a secure and controlled manner using cryptography.
Apple Inc.

Multi-state unclonable functions and related systems

The present disclosure relates to implementations of physically unclonable functions (pufs) for cryptographic and authentication purposes. Specifically, the disclosure describes implementations of machine learning engines (mles) in conjunction with pufs generating outputs having multiple states..
Arizona Board Of Regents On Behalf Of Northern Arizona University

Methods and systems for pki-based authentication

Methods, systems, and devices are provided for authenticating api messages using pki-based authentication techniques. A client system can generate a private/public key pair associated with the client system and sign an api message using the private key of the private/public key pair and a pki-based cryptographic algorithm, before sending the signed api message to a server system.

Privacy friendly location based services

The present disclosure relates to a cryptographic method for enabling access by a user device to services provided by a server in a set of reference areas. The method comprises at the user device: obtaining a set of reference credentials of the server certifying data indicating the reference areas; obtaining a location credential certifying location data indicating the current location of the user device; generating an authentication token comprising a cryptographic proof for proving that the current location of the user device certified by the location credential matches at least one reference area certified by the set of reference credentials; sending the authentication token to the server for accessing the services by the user device in the at least one reference area..
International Business Machines Corporation

Public/private key biometric authentication system

A device, method, and computer readable storage medium generate a biometric public key for an individual based on both the individual's biometric data and a secret, in a manner that verifiably characterizes both while tending to prevent recovery of either by anyone other than the individual. The biometric public key may be later used to authenticate a subject purporting to be the individual, using a computing facility that need not rely on a hardware root of trust.

Generating cryptographic checksums

A method (500) of generating a cryptographic checksum for a message m(x) is provided. The method comprises pseudo-randomly selecting (502) a generator polynomial p(x) from the set of polynomials of degree n over a galois field and calculating (504) the cryptographic checksum as a first function g of a division of a second function of m(x), ƒ(m(x)), modulo p(x), g(ƒ(m(x))mod p(x)).
Telefonaktiebolaget Lm Ericsson (publ)

Split-and-merge approach to protect against dfa attacks

A device for performing a mapping an input message to an output message by a keyed cryptographic operation, wherein the keyed cryptographic operation includes a plurality of rounds, including: a memory; and a processor in communication with the memory, the processor being configured to: split data processed in a first round to produce a first output and a second output, wherein the first output equals the second output; process a first input by a second round to produce a third output, wherein the first input is based upon the first output; process a second input by the second round to produce a fourth output, wherein the second input is based upon the second output; process a third input by a third round to produce a first share using a first weight, wherein the third input is based upon the third output; process a fourth input by the third round to produce a second share using a second weight, wherein the first and second weights are complementary, wherein the fourth input is based upon the fourth output; combine the first share and the second share to produce a combined output; and process the combined output by a fourth round.. .
Nxp B.v.

Multiple payment rail gateway and router

A payment processor receives a first fiat-currency amount and information comprising a payee deposit destination. The payment processor receives a first plurality of criteria and evaluates a first plurality of exchanges against the first plurality of criteria to select a first transaction exchange from the first plurality of exchanges to initiate a first conversion between a first fiat-currency amount and a crypto-currency amount.
Align Commerce Corporation

Shape actuation encapsulant of a cryptographic module

To provide for a physical security mechanism that forms a complete envelope of protection around the cryptographic module to detect and respond to an unauthorized attempt at physical access, a tamper sensing encapsulant generally encapsulates the cryptographic module. The tamper sensing encapsulant includes a first shape actuation layer associated with an electrically conductive first trace element and a second shape actuation layer associated with an electrically conductive second trace element.
International Business Machines Corporation

Rna vaccines

A rna vaccine containing a rna molecule encoding an allergen or derivative thereof, in which the allergen is an allergen of alnus glutinosa, alternaria alternata, ambrosia artemisiifolia, apium graveolens, arachis hypogaea, betula verrucosa, carpinus betulus, castanea sativa, cladosporium herbarum, corylus avellana, cryptomeria japonica, cyprinus carpio, daucus carota, dermatophagoides pteronyssinus, fagus sylvatica, felis domesticus, hevea brasiliensis, juniperus ashei, malus domestica, quercus alba or phleum pratense.. .
Biontech Rna Pharmaceuticals Gmbh

Pharmaceutical composition containing fk506 derivative for treating fungal infection caused by genus cryptococcus and genus candida and use thereof

The present invention relates to a pharmaceutical composition containing fk506 derivative for treating a fungal infection caused by the genus cryptococcus or the genus candida, and a use thereof. In addition, the present invention relates to a therapeutic agent for fungal infection caused by the genus cryptococcus or the genus candida, the therapeutic agent containing fk506 derivative.
Intron Biotechnology Co., Ltd.

Data security service

A distributed computing environment utilizes a cryptography service. The cryptography service manages keys securely on behalf of one or more entities.
Amazon Technologies, Inc.

Secure session capability using public-key cryptography without access to the private key

A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with.
Cloudflare, Inc.

Nanomaterial physically unclonable function systems and related methods

Implementations of light filters for use in cryptographic operations may include: a substrate having at least a first side and a second side, the first side opposing the second side, the substrate including one of a translucent, a transparent, and a semi-transparent material, and any combination thereof; and one or more layers of microscopic structures coupled to one of the first side, the second side, and both the first side and the second side of the substrate, the microscopic structures each containing one or more structural elements configured to interact with light. The microscopic structures may be configured to collectively form a unique light pattern on a detector optically coupled with the light filter.
Arizona Board Of Regents For Northern Arizona Univ

Determining trustworthiness of a cryptographic certificate

Embodiments of the present invention include determining whether a cryptographic certificate can be trusted. A cryptographic certificate is received at a client device.
International Business Machines Corporation

Systems and methods for qr code validation

Embodiments described herein combine both glyph technologies and cryptography technologies by encrypting data with a private key of an entity tasked with issuing controlled documents, and then converting the resulting encryption as a visual glyph, such as a qr code. This permits validation of the printed document by scanning the qr code using a smartphone and decrypting using the issuing entity's public key.
Unisys Corporation

Hardware accelerator for cryptographic hash operations

In an embodiment, a processor includes a hardware accelerator to receive a message to be processed using the cryptographic hash algorithm; store a plurality of digest words in a plurality of digest registers; perform a plurality of rounds of the cryptographic hash algorithm, where the plurality of rounds is divided into first and second sets of rounds; in each cycle of each round in the first set, use w bits from the first digest register for a first function and use n bits from the second digest register for a second function; in each cycle of each round in the second set, use w bits from the second digest register for the first function and use n bits from the first digest register for the second function. Other embodiments are described and claimed..
Intel Corporation



Crypto topics:
  • Digital Signature
  • Hash Function
  • Private Key
  • Public Key
  • Computer Program
  • Certificate
  • Coordinates
  • Camera Module
  • Executable
  • Network Device
  • Access Rights
  • Cell Phone
  • Network Server
  • Hypertext Transfer Protocol
  • Virtual Private Network


  • Follow us on Twitter
    twitter icon@FreshPatents

    ###

    This listing is a sample listing of patent applications related to Crypto for is only meant as a recent sample of applications filed, not a comprehensive history. There may be associated servicemarks and trademarks related to these patents. Please check with patent attorney if you need further assistance or plan to use for business purposes. This patent data is also published to the public by the USPTO and available for free on their website. Note that there may be alternative spellings for Crypto with additional patents listed. Browse our RSS directory or Search for other possible listings.


    3.3259

    file did exist - 11090

    0 - 1 - 254