Follow us on Twitter
twitter icon@FreshPatents


Crypto patents

      

This page is updated frequently with new Crypto-related patent applications.




new patent Cryptographic key exchange over an electrostatic channel
Various embodiments relating to exchanging a cryptographic key between a display device and an input device via electrostatic communication are disclosed. In one embodiment, an interactive communication device includes one or more electrodes and a radio transceiver.
Microsoft Technology Licensing, Llc


new patent Information processing apparatus, controlling the same, and storage medium
The information processing apparatus stores a cryptographic module and a key that the cryptographic module generated. The information processing apparatus determines whether or not the stored key is a key that a cryptographic module for which integrity is not verified generated.
Canon Kabushiki Kaisha


new patent Password manipulation for secure account creation and verification through third-party servers
A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers.
Airbnb, Inc.


new patent Method for secure communication using asymmetric & symmetric encryption over insecure communications
Data may be protected using a combination of symmetric and asymmetric cryptography. A symmetric key may be generated and the data may be encrypted with the symmetric key.
Sony Interactive Entertainment Inc.


new patent Multiple cryptographic key generation for two-way communication
The embodiments provide a cryptography key for two communicating devices that is based on information known only to the devices. Each of the communicating devices determines the information without communicating key information related to the encryption key with the other.
Microsoft Technology Licensing, Llc


new patent Cryptography method
The embodiments provide cryptography that is performed in each of two communicating devices and is based on information known only to the devices. The information is determined in each of the devices at the time of communications.
Microsoft Technology Licensing, Llc


new patent Cryptography using rf power measurement
The embodiments provide a cryptography key for two communicating devices that is based on information known only to the devices. The information may only be determined by the devices.
Microsoft Technology Licensing, Llc


new patent Optimizing use of hardware security modules
Use of cryptographic key-store hardware security modules is optimized in a system having a first scarce high-security key storage device and a second more plentiful low-security key storage device comprising securing a cryptographic key to the higher security level by initially storing the key in the first storage device, then responsive to an event, evaluating the stored key against one or more rules, and subsequent to the evaluation, reclassifying the stored key for relocation, encrypting the reclassified key using a key-encryption key; relocating the reclassified key into the second, lower-security storage device, and storing the key-encryption key in the first storage device.. .
International Business Machines Corporation


new patent Computation of historical data
Secure computation of enterprise data in a cloud is provided, by a third party, such that values and data manipulation processes are encrypted through use cryptographic processes that are secure. A method can comprise performing operations including receiving security data representing an attribute included in a log file, generating encoded attribute data as a function of the attribute, a hash function, or salt data representing an alphanumeric string, and sending the encoded attribute data to a second device..
At&t Intellectual Property I, L.p.


new patent System and processing an online transaction request
A computer server includes a transaction processor that is configured to receive from a pos terminal an incoming authorization request that includes an original numeric value, a token cryptogram and an identification number identifying an identity token; confirm that the token cryptogram was generated from the original numeric value and a cryptographic key associated with the token; determine primary and secondary numeric values from the original numeric value and a user profile associated with the identification number; confirm that the secondary numeric value is not greater than the balance in a loyalty points account associated with the identification number; transmit to an authorization server a revised authorization request that includes the identification number and the primary numeric value; and receive from the authorization server a confirmation message confirming that the primary numeric value is not greater than the balance in a payment account associated with the identification number.. .
The Toronto-dominion Bank


new patent

Automated schedule systems and methods

Automated matching, notification, and acceptance/rejection of appointment or opening in a calendar/schedule via network-based systems and methods, including application over social networks and website based connection between users and service providers. Notifications include offers of rewards and/or incentives, which are in the form of discounts, promotions, and/or a currency such as a cryptocurrency..

new patent

Secure operation apparatuses and methods therefor

As may be implemented in accordance with one or more embodiments, and apparatus and/or method may involve a first circuit that initiates secure operations by interfacing with a user and providing operation trigger data that is signed cryptographically and secured from alteration, based on the interfacing. A second circuit, including a secure element, stores data secured from access by the first circuit, and executes secure operations separately from operations executed by the first circuit based on one or more commands provided by the first circuit.
Nxp B.v.

new patent

Application code hiding apparatus by modifying code in memory and hiding application code using the same

An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a disposed code importer generating part, a code loader generating part, a memory inner code modifier generating part and a decrypted code caller generating part.. .
Soongsil University Research Consortium Techno-park

new patent

Application-driven storage systems for a computing system

Systems and methods that allow secure application-driven arbitrary compute in storage devices in a cloud-based computing system are provided. A computing system including a compute controller configured to: (1) provide access to host compute resources, and (2) operate in at least one of a first mode or a second mode is provided.
Microsoft Technology Licensing, Llc

Method for key rotation

A method for key rotation includes initiating key rotation for a user account of a multi-factor authentication platform enabling one-time password authentication using a first symmetric cryptographic key; generating, at an authenticating device, a second symmetric cryptographic key; transmitting, at the authenticating device, the second symmetric cryptographic key to the multi-factor authentication platform; configuring the multi-factor authentication platform and the authenticating device to disable authentication that uses the first symmetric cryptographic key; and configuring the multi-factor authentication platform and the authenticating device to enable authentication that uses the second symmetric cryptographic key.. .
Duo Security, Inc.

Secure transfer and use of secret material in a shared environment

Aspects related to the secure transfer and use of secret material are described. In one embodiment, an encrypted secret key and encrypted revocation data are imported into a trusted execution environment and decrypted with private provider and vendor keys.
Amazon Technologies, Inc.

Perimeter encryption

Encryption keys for an enterprise are stored at a perimeter device such as a gateway, and rules are applied at the network perimeter to control whether and how these keys are used for cryptographic processing of communications passing through the perimeter device. The encrypted status of communications, e.g.
Sophos Limited

Pufs from sensors and their calibration

Several methods may be used to exploit the natural physical variations of sensors, to generate cryptographic physically unclonable functions (puf) that may strengthen the cybersecurity of microelectronic systems. One method comprises extracting a stream of bits from the calibration table of each sensor to generate reference patterns, called puf challenges, which can be stored in secure servers.
Arizona Board Of Regents Acting For And On Behalf Of Northern Arizona University

Secure communication of iot devices for vehicles

Method for establishing secure communication between a plurality of iot devices in one or more vehicles include: provisioning the plurality of iot devices by providing a unique identification, a digital identity token and a cryptographic key to each of the plurality of iot devices; establishing a secure communication line between the plurality of iot devices by authenticating respective communication lines between respective iot devices and issuing a digital certificate to the respective communication lines; grouping the plurality of iot devices into different groups based on a predetermined criteria; and including a group membership for a group of the different groups in an attribute certificate indicating group characterization.. .
T-central, Inc.

Numeric pattern normalization for cryptographic signatures

A system for numeric pattern normalization for cryptographic signatures is provided. The system includes a resolving client, and an at least one signature server.
Centurylink Intellectual Property Llc

Multi-hop secure content routing based on cryptographic partial blind signatures and embedded terms

At a transmitter node, a commitment value c is obtained as a function of a message m. The commitment value c and transmitter terms of use ta for the message m are then sent to a receiver node without disclosing the message m.
Qualcomm Incorporated

Token and cryptogram using transaction specific information

Systems and methods for token processing are disclosed. An access device can provide access device data to a mobile communication device.
Visa International Service Association

Controlling verification of key-value stores

Deferred verification of the integrity of data operations over a set of data that is hosted at an untrusted module (um) is controlled. The controlling includes generating a request for a data operation on the set of data.
Microsoft Technology Licensing, Llc

Cryptographic key production from a physical unclonable function

Some embodiments are directed to an electronic cryptographic device configured to determine a cryptographic key. The cryptographic device has a physically unclonable function, a debiasing unit, and a key reconstruction unit.
Intrinsic Id B.v.

System and methods for opportunistic cryptographic key management on an electronic device

A system and method for opportunistic cryptographic key management includes generating a security capability assessment on a first electronic device based on security capabilities of the device, selecting a key management mode based on the security capability assessment, generating a cryptographic key based on the key management mode, and storing the cryptographic key based on the key management mode.. .
Duo Security, Inc.

Method and system for group-oriented encryption and decryption with selection and exclusion functions

A method and system for group-oriented encryption and decryption that supports the implementation of the designation and revocation functions of decryption users in a large-scale group. During the encryption, the system acquires a corresponding aggregate function according to an encryption mode; acquires any selected subset s and public parameters, and outputs an aggregate value of the subset s; generates a ciphertext of to-be-transmitted information according to the public parameters, a to-be-transmitted message and the aggregate value; acquires the encryption mode and the subset s comprised in the received ciphertext, operates the subset s and an identity of a current decryptor according to the encryption mode, and outputs a new subset s′; acquires an aggregate function corresponding to the encryption mode during the decryption; outputs an aggregate value of the new subset s′; and decrypts the received ciphertext according to the public parameters and the aggregate value, so as to obtain the to-be-transmitted information..
University Of Science And Technology Beijing

Dual-mode processing of cryptographic operations

Systems and methods for dual mode hardware acceleration for cryptographic operations are provided. According to one embodiment, data upon which a cryptographic operation is to be performed is receive by a computer system that includes a host cpu and a cryptographic hardware accelerator.
Fortinet, Inc.

Clock computing machines

A new computational machine is invented, called a clock machine, that is a novel alternative to computing machines (digital computers) based on logic gates. In an embodiment, computation is performed with one or more clock machines that use time.

Electronic voting system

A method is described that involves creating a private key and a public key cryptographic key pair, generating a unique and random identifier for a voter's vote and accepting an election vote from said voter. The vote and identifier are electronically signed with the private key to create a digital signature.

Provisioning account numbers and cryptographic tokens

Disclosed herein are systems and methods for real-time provisioning of new card numbers to users of a consumer computing system. A consumer computing system (“ccs”) may have servers and databases situated within a banking infrastructure in order to provide various features to users via a software application executed by a client device.
Square, Inc.

Method for encrypting transactions at a dynamic transaction card

One variation of a method for controlling a dynamic transaction card includes: at a first time, accessing a first cryptogram; at a second time, establishing a wireless connection with a mobile computing device; in response to establishing the wireless connection with the mobile computing device, accessing a first token associated with the first cryptogram from the mobile computing device via the wireless connection; generating a first magnetic stripe sequence command representing the first cryptogram and the first token; and in response to detecting a magnetic stripe card reader proximal a magnetic stripe emulator integrated into the dynamic transaction card at a third time succeeding the second time, driving the magnetic stripe emulator according to the first magnetic stripe sequence command.. .
Cardlab Aps.

System and forming, storing, managing, and executing contracts

A system and method for computable contracts that includes a contract management system accessible by involved parties, managing a formation stage of a contract document by obtaining object components, assembling a contract object graph from the object components, and committing the contract object graph to post formation execution; and in an execution environment during a post-formation stage, executing the contract object graph where instances of execution include receiving a contract state update, and appending at least one update object component to the contract object graph in accordance with the contract state update. Variations of the system and method may apply peer-to-peer negotiation and execution, use a cryptographic directed acyclic contract object graph, and/or interface with distributed ledgers..
Clause, Inc.

Secure crypto module including security layers

An electromagnetic radiation (emr) receiver is located upon a printed circuit board (pcb) glass security layer. Emr flux is transmitted by the glass security layer and received by the emr receiver.
International Business Machines Corporation

Parallel and hierarchical password protection on specific document sections

The present disclosure involves systems and computer implemented methods for protecting portions of electronic documents. An example method includes receiving a request for access to an electronic file having sections, at least one section encrypted using a first key based on a first password.
Sap Se

Method and system of using a local hosted cache and cryptographic hash functions to reduce network traffic

The described method and system enables a client at a branch office to retrieve data from a local hosted cache instead of an application server over a wan to improve latency and reduce overall wan traffic. A server at the data center may be adapted to provide either a list of hashes or the requested data based on whether a hosted cache system is enabled.
Microsoft Technology Licensing, Llc

Systems and methods for tracking controlled items

According to the present disclosure, a method for tracking a controlled item can include transforming a genetic code with a cryptographic hash function into a core code. The core code can be associated with a label code and a weight.

Heating device utilizing computational or processing components

A heating unit and a heating system are provided that utilize computational and/or processing components to generate and deliver varying levels of heat. The disclosed heating unit/system beneficially captures heat that is a byproduct of other activities, e.g., computing activities, for heating purposes.

Cryptographic signature system and related systems and methods

The disclosed devices, systems, and methods relate to a validation system which can be used to authenticate photos and videos. The system can have various steps including; a user taking a photo or video, sensor data being collected by a processing system, the sensor data being hashed to create a cryptographic signature, and the cryptographic signature being stored.
Praxik, Llc

Cryptographic primitive for user authentication

A method of biometric authentication includes receiving a biometric input from a user for authentication of the user to access a system. The method includes receiving a set of elements of a field and a random number from an authentication server via a network.
Fujitsu Limited

Unique token authentication cryptogram

Embodiments of the invention are directed to systems and methods for validating transactions using a cryptogram. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a communication device provisioned with a token.

Method and cryptographic conversion in a data storage system

When data is encrypted and stored for a long time, encryption key(s) and/or algorithm(s) should be updated so as not to be compromised due to malicious attack. To that end, stored encrypted data is converted in the storage system with new set of cryptographic criteria.
Hitachi, Ltd.

Password-based generation and management of secret cryptographic keys

A user computer generates a secret cryptographic key through communication with a server. A secret user value is provided at the user computer.
International Business Machines Corporation

Key derivation for a module using an embedded universal integrated circuit card

A module with an embedded universal integrated circuit card (euicc) can include a received euicc profile and a set of cryptographic algorithms. The received euicc profile can include an initial shared secret key for authentication with a wireless network.
M2m And Lot Technologies, Llc

Secure circuit for encryption key generation

Techniques are disclosed relating to relating to a public key infrastructure (pki). In one embodiment, an integrated circuit is disclosed that includes at least one processor and a secure circuit isolated from access by the processor except through a mailbox mechanism.
Apple Inc.

Secure circuit for encryption key generation

Techniques are disclosed relating to relating to a public key infrastructure (pki). In one embodiment, an integrated circuit is disclosed that includes at least one processor and a secure circuit isolated from access by the processor except through a mailbox mechanism.
Apple Inc.

Establishing entropy on a system

Servers in datacenters, mobile devices and virtualized servers without human interaction may experience difficulties in establishing entropy in a virtualized computing environment. Entropy is an important foundation for cryptography and a lack of entropy has led to weaknesses that can be used to break cryptographic systems in the past..
Amazon Technologies, Inc.

Digital asset account management

Systems and methods related to a cryptocurrency system that enables transactions to be performed by transferring digital assets corresponding to amounts between appropriate entities are described. The cryptocurrency system includes a digital assets service provider computer that can host digital asset accounts associated with consumers and resource providers at which digital assets can be received.

System and cryptographically verified data driven contracts

A system and method are disclosed that methodologies concerning cryptographically verified blockchain-based contract data inputs and off-chain side-effects. The system and method provide a deterministic and cryptographically verifiable chain of transactions, recorded on a blockchain (distributed ledger) system.
Pokitdok, Inc.

Encrypted memory access using page table attributes

Encrypted memory access using page table attributes is disclosed. One example is a memory system including a memory controller at a memory interface.
Hewlett Packard Enterprise Development Lp

Notifications in a computer system

Certain embodiments provide means for managing automated access to computers, e.g., using ssh user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, kerberos credentials, and cryptographic keys.
Ssh Communications Security Oyj

Extracting information in a computer system

Certain embodiments provide means for managing automated access to computers, e.g., using ssii user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, kerberos credentials, and cryptographic keys.
Ssh Communications Security Oyj

Validation for requests

A customer can demonstrate control over an element, such as a domain, by receiving a certificate from a certificate authority. After receiving a request for a certificate for a certain domain name, the certificate authority uses a public key cryptography protocol to generate a request for information regarding the domain name.
Amazon Technologies, Inc.

Method and system for an efficient shared-derived secret provisioning mechanism

Embodiments of systems and methods disclosed herein include an embedded secret provisioning system that is based on a shared-derivative mechanism. Embodiments of this mechanism use a trusted third-party topology, but only a single instance of a public-private key exchange is required for initialization.
Rubicon Labs, Inc.

Secured data transmission using identity-based cryptography

A system is provided for secure data transmission. The system stores a public master key, private decryption key and secure messaging module for securely transmitting and receiving a digital model data file for transmission via a work order message.
The Boeing Company

System and accelerating cryptography operations on a portable computing device

Systems, methods, and computer programs are disclosed for accelerating cryptography operations on a portable computing device. One such method comprises receiving a request for a processor on a portable computing device to execute a cryptography algorithm.
Qualcomm Incorporated

Managing verifiable, cryptographically strong transactions

A central service provider manages verifiable and cryptographically strong transactions in a block chain network. For each transaction, the central service provider maintains and updates one or more directed graphs that describe the traceable positions of an asset held by parties of the block chain network.
The Bank Of New York Mellon

Authentication via group signatures

Methods and systems are provided for authenticating a message μ, at a user computer of a group signature scheme, to a verifier computer. The method includes, at the user computer, storing a user id m for the user computer and a user signing key which comprises a signature on the user id m under a secret key of a selectively-secure signature scheme.
International Business Machines Corporation

Distributed, centrally authored block chain network

A central service provider manages and writes transaction details to a private block chain network. Blocks of transaction records written onto the block chain by the central service provider are distributed to members of the block chain, thereby enabling data resiliency and self-verifiability.
The Bank Of New York Mellon

Generation of hash values within a blockchain

Provided is a process including: obtaining a plurality of records to be protected; forming a tamper-evident log configured to prevent an attacker from undetectably modifying any of the plurality of records stored in the tamper-evident log, wherein the cryptographic hash value of a given entry in the tamper-evident log is sequence agnostic to the sequence of entries in virtue of being based on values that do not specify a position in the sequence of entries; and storing the tamper-evident log in memory.. .
Altr Solutions, Inc.

Replaceable item authentication

A replaceable item for a host device includes a non-volatile memory and logic. The non-volatile memory stores passwords or authentication values, and/or a cryptographic key.
Hewlett-packard Development Company, L.p.

Proofs of plaintext knowledge and group signatures incorporating same

Systems and methods are provided for proving plaintext knowledge of a message m, encrypted in a ciphertext, to a verifier computer. The method includes, at a user computer, encrypting the message m via a predetermined encryption scheme to produce a ciphertext u, and generating a plurality l of challenges ci, i=1 to l, dependent on the ciphertext u.
International Business Machines Corporation

Block cryptographic encrypting/decrypting messages and cryptographic devices for implementing this method

A block cipher method and apparatus using round repetition for providing, from a plaintext message, a ciphertext message and a global tag is disclosed; the plaintext message is converted into a plurality of ordered plaintext blocks which are successively processed during a round for computing: a cryptogram by encrypting input data using a single cryptographic key, said cryptogram comprising a first segment and a second segment; a ciphertext block by performing a first operation using, as operands: said first segment said current plaintext block and said second segment; at each next round said input data is newly determined based on the current ciphertext block and an updated reproducible data; the ciphertext message is determined by concatenating the ciphertext blocks and the global tag by a second operation using computed authentication local tags as operands.. .
Nagravision S.a.

Mutable secure communication

Secure communication provides data confidentiality, data integrity, and authentication. In one embodiment, encryption and signatures are used to construct a signcryption, which provides confidentiality and integrity.

Iterative encryption and random generation and serialization of cryptographic functions

Cryptography provides a wide variety of functions. For example, encryption provides data confidentiality and signatures provide data integrity.

Virtual currency exchange management

According to an example for virtual currency exchange management, a list of virtual currencies that can be exchanged between a first application and a second application is determined, and a virtual currency exchange rate between a first virtual currency in the first application and a second virtual currency in the second application is calculated. The user is authenticated to the first and second application, and in the event that authentication is successful, the first virtual currency associated with the user is decremented based on the exchange rate and the second virtual currency associated with the user is incremented based on the exchange rate.
White Shoe Media, Inc.

Systems and enabling secure transaction

Embodiments of the present invention provide systems and methods of generating a secure transaction, particularly when the transaction is made using a mobile computing device. This is achieved by eliminating the need for cryptographic keys to be stored on the mobile computing device, by firstly creating a strong link between users and their devices, and storing this pre-defined link with a trusted authentication service (i.e.
Cryptomathic Ltd

Embedding cloud-based functionalities in a communication device

Techniques for enhancing the security of a communication device may include providing an application agent and a transaction application that executes on a communication device. The application agent may receive, from the application, a cryptogram key generated by a remote computer, and store the cryptogram key on the communication device.

Reliability enhancement methods for physically unclonable function bitstring generation

A hardware-embedded delay physical unclonable function (“help puf”) leverages entropy by monitoring path stability and measuring path delays from core logic macros. Reliability and security enhancing techniques for the help puf reduce bit flip errors during regeneration of the bitstring across environmental variations and improve cryptographic strength along with the corresponding difficulty of carrying out model building attacks.
Stc.unm

Technologies for trusted i/o with a channel identifier filter and processor-based cryptographic engine

Technologies for trusted i/o include a computing device having a processor, a channel identifier filter, and an i/o controller. The i/o controller may generate an i/o transaction that includes a channel identifier and a memory address.
Intel Corporation

Technologies for trusted i/o protection of i/o data with header information

Technologies for trusted i/o include a computing device having a hardware cryptographic agent, a cryptographic engine, and an i/o controller. The hardware cryptographic agent intercepts a message from the i/o controller and identifies boundaries of the message.
Intel Corporation

Authentication and control of encryption keys

An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword.
Apple Inc.

Method for processing data

Method for processing data, in which a petri net is encoded, written into a memory and read and executed by at least one instance, wherein transitions of the petri net read from at least one tape and/or write on at least one tape symbols or symbol strings, with the aid of at least one head. [fig.
Whitecryption Corporation

Ensuring data integrity of executed transactions

A central service provider manages a blockchain network that writes the cryptographic hash of each executed transaction in a block to the blockchain network. For each executed transaction, the central service provider generates and transmits a transaction receipt such that a party can verify that the transaction was appropriately executed.
The Bank Of New York Mellon

Method and causing a delay in processing requests for internet resources received from client devices

A method and apparatus for causing a delay in processing requests for internet resources received from client devices is described. A server receives from a client device a request for a resource.
Cloudflare, Inc.

Malicious client detection based on usage of negotiable protocols

A destination server communicates with a computer system using cryptographically protected communications utilizing a first negotiable feature. The destination server detects a triggering event and, in response to the triggering event, causes the cryptographic protected communications with the computer system to change from the first negotiable feature to a second negotiable feature.
Amazon Technologies, Inc.

Method and system for facilitating secure communication

According to a first aspect of the present disclosure, a method for facilitating secure communication in a network is conceived, comprising: encrypting, by a source node in the network, a cryptographic key using a device key as an encryption key, wherein said device key is based on a device identifier that identifies a destination node in the network; transmitting, by said source node, the encrypted cryptographic key to the destination node. According to a second aspect of the present disclosure, a corresponding non-transitory, tangible computer program product is provided.
Nxp B.v.

System for cryptographic key sharing among networked key servers

A technique for key sharing among multiple key servers connected to one another over a communication network is provided herein. Each key sever of the multiple key servers stores respective cryptographic keys, and provides the keys to a local device group connected with the key server, to enable the device group to encrypt messages with the keys.
Cisco Technology, Inc.

Authenticated device-based storage operations

Data storage operation commands are digitally signed to enhance data security in a distributed system. A data storage client and a compute-enabled data storage device may share access to a cryptographic key.
Amazon Technologies, Inc.

Method and system for cryptographic decision-making of set membership

A cryptographic decision-making of set membership is a method or system which make a secure decision-making for positive membership e∈s or negative membership e∉s in an unforgeable and non-repudiation way for any element e and a set s. The proposed method of the present invention comprises: acquire a set u={e1, .
University Of Science And Technology Beijing

Cryptography on an elliptical curve

A cryptographic calculation includes obtaining a point p(x,y) from a parameter t on an elliptical curve y2=f(x); and from polynomials x1(t), x2(t), x3(t) and u(t) satisfying: f(x1(t))·f(x2(t))·f(x3(t))=u(t)2 in fq, with q=3 mod 4. Firstly a value of the parameter t is obtained.
Morpho

Secure in-band upgrade using key revocation lists and certificate-less asymmetric tertiary key pairs

A method includes securely booting a device using a bootloader, where the bootloader is digitally signed using a first cryptographic key associated with the bootloader. The method also includes executing one or more kernel or user applications using the device, where the one or more kernel or user applications are digitally signed using one or more second cryptographic keys associated with the one or more kernel or user applications.
Honeywell International Inc.

Fuel dispenser utilizing tokenized user guidance and prompting for secure payment

A fuel dispenser comprises fuel flow piping defining a flow path from a source of fuel toward a fueling nozzle. A plurality of fuel handling components are disposed along the fuel flow piping.
Gilbarco Inc.

Cryptographic separation of users

Techniques are disclosed relating to securely storing data in a computing device. In one embodiment, a computing device includes a secure circuit configured to maintain key bags for a plurality of users, each associated with a respective one of the plurality of users and including a first set of keys usable to decrypt a second set of encrypted keys for decrypting data associated with the respective user.
Apple Inc.

Efficient implementation for differential privacy using cryptographic functions

The system described may implement a 1-bit protocol for differential privacy for a set of client devices that transmit information to a server. Implementations of the system may leverage specialized instruction sets or engines built into the hardware or firmware of a client device to improve the efficiency of the protocol.
Apple Inc.

Accessory authentication for electronic devices

Improved techniques to control utilization of accessory devices with electronic devices are disclosed. The improved techniques can use cryptographic approaches to authenticate electronic devices, namely, electronic devices that interconnect and communicate with one another.
Apple Inc.

Application code hiding apparatus using dummy code and hiding application code using the same

An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a loader generating part, a decrypted code caller generating part and an unloader generating part. The secret code dividing part divides an application code into a secret code and a normal code.
Soongsil University Research Consortium Techno-par K

Proving digital photograph authorship using ecg biometrics

Techniques for proving digital photograph authorship using ecg biometrics are described. Electrodes are located on the exterior of a digital camera and are electrically coupled to an ecg circuit.
Intel Corporation

Method and management server for revoking group server identifiers of compromised group servers

Method and management server for revoking group server identifiers of compromised group servers. One method includes determining, with a management server, an identity-based cryptographic signing key based on a group server identifier.
Motorola Solutions, Inc.

Method and server for issuing cryptographic keys to communication devices

Method and server for issuing a cryptographic key. One method includes distributing a first group key to a first communication device and a second communication device.
Motorola Solutions, Inc.

Root of trust of geolocation

A root-of-trust of geolocation is provided for an apparatus that includes a trust anchor module with a cryptographic processor and a secure memory. The apparatus further includes a main processor coupled to the trust anchor module and configured to receive a digital geolocation certificate, the geolocation certificate including information identifying the apparatus, information regarding a physical location of the apparatus, information identifying an authorized entity that has verified the physical location of the apparatus, and a digital signature of the authorized entity.
Cisco Technology, Inc.

A the verification of the correct content of an encoded message

The method comprising: a) receiving, by an encoding module computer device (103), from a user (100), a message (101) including a content to be encoded; b) generating, by the encoding module (103), a generated encoding (104) of the content of the provided message (101) using encoding information (112); c) sending, by the encoding module computer device (103), the generated encoding (104) to a reception module computer device (106) and verifying, by the reception module computer device (106), that the generated encoding (104) corresponds to the encoding of the content of the message (101) by using a generated verification information (105) and public information (107), wherein the at least one code (102) having a cryptographic relationship with the public information (107) and the message (101), and the public information (107) and the message (101) having a cryptographic or a public relationship.. .
Scytl Secure Eletronic Voting, Sa

Cryptographic applications for a blockchain system

A method is provided for delegating behavior of a smart contract associated with a blockchain to code that is not part of the blockchain. A system directs execution by a virtual machine of the smart contract.
Microsoft Technology Licensing, Llc

Method, server, and communication device for updating identity-based cryptographic private keys of compromised communication devices

Method, server, and communication device for updating identity-based cryptographic private keys of compromised communication devices. One method includes receiving, at a server, a security status indicating that the security of a first communication device has been compromised.
Motorola Solutions, Inc.

Using everyday objects as cryptographic keys

This disclosure involves the notion of using physical objects to generate public key-based authenticators and, in particular, to use “everyday” physical objects to create a generator seed for a key generator that will use that seed to generate a key pair comprising a public key, and its associated private key. In a preferred approach, the physical object is used to create a digital representation (of the physical object) that, together with some uniqueness associated to the user, gives rise to a key generator seed value.
International Business Machines Corporation

Caravan

A method for tracking relationships between binaries and their associated characteristics using a universal identifier applicable to innumerable verticals (eg. Health care, manufacturing, it, multimedia, genomics, etc.) and storing said universal identifier in a cryptographic currency block chain..

Single clock cycle cryptographic engine

One embodiment provides an apparatus. The apparatus includes a cryptographic engine to encrypt or decrypt a 64-bit input data block based, at least in part, on a 128-bit input key.
Intel Corporation

Hardened white box implementation 2

A processor device has an executable implementation of a cryptographic algorithm implemented being white-box-masked by a function f. The implementation comprises an implemented computation step s by which input values x are mapped to output values s=s[x], and which is masked to a white-box-masked computation step t′ by means of an invertible function f.
Giesecke & Devrient Gmbh

Modular security control device

A modular security control device for controlling an apparatus or an installation includes a basic control apparatus which is configured such that an apparatus or an installation which is at least connectable to the basic control apparatus is at least controllable via a sequence of a control program in the basic control apparatus, and includes a security module which is configured to provide or perform a cryptographic functionality for the basic control apparatus, where the security module is connected to the basic control apparatus by a data connection via a data interface, the basic control apparatus is configured to interact with the security module to achieve a security function of the security control device, and where the basic control apparatus is configured to query an identity and/or authenticity of the security module.. .
Siemens Aktiengesellschaft

Data owner controlled data storage privacy protection technique

This patent describes methods which allow the primary owners of sensitive data to retain more access control over the data they share with secondary service providers, even when the secondary service provider electronically stores some form of this information in a service provider maintained database. When these methods are applied by both data owner and service provider the data can only be accessed and used by the service provider during data owner controlled access sessions.

Cluster federation and trust in a cloud environment

An improved scalable object storage system allows multiple clusters to work together. In one embodiment, a trust and federation relationship is established between a first cluster and a second cluster.
Rackspace Us, Inc.

Public key infrastructure based on the public certificates ledger

Systems and methods for managing public key certificates and supporting the users thereof. The certificates are cryptographically encapsulated objects that bind the identities of their owners to public keys and provide digital signature mechanisms for other users to verify the binding and correctness of other attributes of the certificate.
Business Information Exchange System Corp.

Signing key log management

Cryptographic keys can include logging properties that enable those keys to be used only if the properties can be enforced by the cryptographic system requested to perform one or more actions using the keys. The logging property can specify how to log use of a respective key.
Amazon Technologies, Inc.

Communications security systems and methods

Various examples are directed to systems and methods for communications security. For example, a computing device may generate a connection between the computing device and a client device.
Intel Corporation

Computing system having an on-the-fly encryptor and an operating method thereof

A path for transmitting encrypted data is completely separated from a path for transmitting unencrypted data. To this end, a virtual secure memory is created on an address space.
Samsung Electronics Co., Ltd.

Apparatus and data encryption, data decryption

Disclosed are an apparatus and method for data encryption and an apparatus and method for data decryption. The data encryption apparatus includes a key exchanger configured to generate a session key using a key exchange protocol, a cipher key generator configured to generate at least one of a cipher key and a key table from the session key, and an encryptor configured to encrypt data with the at least one of the cipher key and the key table generated from the session key..
Samsung Sds Co., Ltd.

Cryptographic system and method

A system for cryptographic processing comprises message unit (1, 7, 12) for providing a first message representation (3, 6, 11), wherein the first message representation is a representation of a message. The system comprises key unit (2) for providing a key representation (4, 9, 14), wherein the key representation is an encrypted representation of a first key of a first cryptographic algorithm and a second key of a second cryptographic algorithm, wherein the first cryptographic algorithm is different from the second cryptographic algorithm.
Koninklijke Philips N.v.

Card payment using body information

A card payment system using body information and its method. A card reader, a user terminal unit and a server are connected via a communication network, cryptogram search keys and password keys are received from the user terminal unit to the server, a card information cryptogram table and a cryptogram search key table are generated.
Jini Co., Ltd

Bixcoin: a secure peer-to-peer payment system based on the public payments ledger

This invention describes a secure peer-to-peer payment system based on the use of a virtual currency, virtual accounts, and a public payments ledger. The virtual currency used in the system is stable, as it is pegged to real-world currencies with unit values equivalent to the national currency of the country of deployment.
Business Information Exchange System Corp.

Relating data while preventing inter-entity data sharing

Aspects of the present disclosure relate to cryptography. In particular, example embodiments relate to computing a relationship between private data of a first entity and private data of a second entity, while preserving privacy of the entities and preventing inter-entity data sharing.
Linkedin Corporation

Cryptographic multi-shadowing with integrity verification

A virtual-machine-based system that may protect the privacy and integrity of application data, even in the event of a total operating system compromise. An application is presented with a normal view of its resources, but the operating system is presented with an encrypted view.
Vmware, Inc.

Water treatment using a cryptocrystalline magnesite - bentonite clay composite

A process for the treatment of contaminated water includes contacting the contaminated water with a cryptocrystalline magnesite-bentonite clay composite thereby to remove one or more contaminants from the water. The invention extends to a method for the manufacture of a cryptocrystalline magnesite-bentonite clay composite wherein an admixture of cryptocrystalline magnesite and bentonite clay is milled to a desired particle size with amorphization of the magnesite and bentonite clay in the resultant cryptocrystalline magnesite-bentonite clay composite, and to a cryptocrystalline magnesite-bentonite clay composite..
Csir

Euicc secure timing and certificate revocation

Secure reception of a certificate revocation list (crl) is determined. In some embodiments, a device initiates a crl update by sending a message with a timestamp to an embedded universal integrated circuit card (euicc).
Apple Inc.

Energy harvesting cryptosystem

A system and method of low-power cryptography is disclosed involving a computing device with an audio jack that communicates with a token plugged into the audio jack. Data is passed between the computing device and token over audio channels; power for all functions necessary for the token to operate as disclosed is also supplied by the computing device to the token over an audio channel.
Clutch Authentication Systems, Llc

Apparatus for quantum key distribution on a quantum network and method using the same

A device and method for quantum key distribution (qkd). The qkd center includes an authentication key sharing unit for sharing authentication keys with qkd client devices; a quantum key generation unit for generating a sifted key for each of the qkd client devices using a quantum slate; an error correction unit for generating output bit strings by correcting errors of the sifted keys; and a bit string operation unit for calculating an encryption bit string by performing a cryptographic operation on the authentication keys, the distribution output bit strings and output bit strings received from the qkd client devices.
Electronics And Telecommunications Research Institute

Cryptocurrency-based event participation verification

A method of participation verification includes generating sets of cryptocurrency coins (coin sets). The coin sets have cryptocurrency coins and correlate to events for which participation is verified.
Fujitsu Limited

Methods and efficient computation of one-way chains in cryptographic applications

Techniques are disclosed for efficient computation of consecutive values of one-way chains and other one-way graphs in cryptographic applications. The one-way chain or graph may be a chain of length s having positions i=1, 2, .
Crypto Research, Llc

Secure asset management system

In a general aspect, a system can include a processor having a secure mode and a non-secure mode, and a secure module configured to respond to tokens posted by the processor in the secure mode. Each token can identify a secure asset, and source and destination addresses within secure and public address spaces.
Inside Secure

Privacy enabled runtime

Technical solutions are described for securing data by a communication apparatus. An example computer-implemented method includes receiving, by an encryption engine, a request to apply cryptography to input data.
International Business Machines Corporation

Self-contained cryptographic boot policy validation

A device-local key derivation scheme generates, during a first boot session for an electronic device, a sealing key that is derived at least in part from a device-generated random seed and an internal secret that is unique to the electronic device. After generating the sealing key, access to the internal secret is disabled for a remainder of the first boot session and until a second boot session is initiated.
Microsoft Technology Licensing, Llc

Energy harvesting cryptosystem

A system and method of low-power cryptography is disclosed involving a computing device with an audio jack that communicates using a flexible communication protocol with a token plugged into the audio jack. Data is passed between the computing device and token over audio channels; power for all functions necessary for the token to operate as disclosed is also supplied by the computing device to the token over an audio channel.
Clutch Authentication Systems, Llc

Method for registering devices, in particular conditional access devices or payment or vending machines, on a server of a system which comprises a number of such devices

A method of registering devices (2), in particular access control devices or payment or vending machines, on a server (3) of a system where the device (2) which is to be registered generates a public and a private key with asymmetrical cryptology. The device (2) subsequently transmits a registration request, signed with the device's private key, containing at least one device id, the device's public key and the login details of a technician.
Skidata Ag

Beta-cryptoxanthin from plant source and a process for its preparation

The present invention provides beta-cryptoxanthin crystals from plant source and a process for its preparation. The present invention particularly relates to a process for the preparation of high purity beta-cryptoxanthin crystals comprising at least about 10% by weight total xanthophylls, of which at least about 75% by weight is trans-beta-cryptoxanthin and the remaining including beta-carotene, and trace amounts of trans-capsanthin and other carotenoids derived from the plant source, including capsicum fruits.
Omniactive Health Technologies Limited

Systems and methods for controlling email access

Embodiments of the disclosure relate to proxying one or more email resources in transit to the client devices from the email services, removing one or more email attachments from the email resources, and encoding the stripped email attachments based at least in part on one or more cryptographic keys.. .
Airwatch, Llc

System and programmable network based encryption in software defined networks

Sensitive data is sent through insecure network regions across different software defined networks (sdns) over an encrypted path without requiring encryption applications at the source or destination hosts. One or more special-purpose encryptors are strategically placed within each sdn, which can act as an encryptor or decryptor, of both the data packet content and the header.
Argela Yazilim Ve Bilisim Teknolojileri San. Ve Ti C. A.s.

Cryptographic system, master key update apparatus, and non-transitory computer-readable recording medium storing master key update program

A master key update apparatus (400) acquires a master public key mpk including a basis b and a master secret key msk including a basis b* which is different from the basis b included in the master public key mpk. The master key update apparatus (400) updates the basis b included in the master public key mpk with updating information upk so as to generate a new master public key mpk′, and updates the basis b* included in the master secret key msk with the updating information upk so as to generate a new master secret key msk′..
Mitsubishi Electric Corporation

Unified option trading system

A unified option trading system allows a user non-spreadsheet based access to an extended set of data relating to options trading, including allowing positions to be displayed in a calculator format which allows easy comparison of multiple positions and easy manipulation of variables relating to a given position to test different related scenarios, as well as trading in cryptocurrency. The unified option trading system also keeps track of relevant numbers as they apply in real time to a multitude of strategies to serve a traders specific strategies.

Application framework using blockchain-based asset ownership

Systems and methods are provided for recording ownership information in a distributed ledger (such as a blockchain), and for performing application processing utilizing the distributed ledger. An example server computer system is configured to: record on a blockchain ownership information of an asset; to configure, for each owner of the asset, a digital wallet associated with a private cryptographic key and at least one blockchain address; using a blockchain address from a digital wallet to access ownership information in the blockchain; perform application processing using the accessed ownership information; and record in the blockchain, updated ownership information or other information associated with the ownership information in accordance with the performed application processing..
Nasdaq, Inc.

Authenticating printed paper documents and websites against a blockchain record

A system and method are disclosed for rendering published documents tamper evident. Embodiments render classes of documents tamper evident with cryptographic level security or detect tampering events, where such security was previously unavailable, for example, in documents printed using common printers without special paper or ink.

Cybersecurity systems and techniques

Cybersecurity systems and techniques are described. A cybersecurity method may include generating a process fingerprint of a process, wherein the process fingerprint identifies the process based, at least in part, on dynamic features of the process.
Carbon Black, Inc.

Method and system of user authentication and end to end encryption using device synchronization

In one aspect, a computerized method for implementing user authentication using, device synchronization to match that includes the step of accessing a web page. The web page includes an agent.

Relating private data of different entities

Aspects of the present disclosure relate to cryptography. In particular, example embodiments relate to computing a relationship between private data of a first entity and private data of a second entity, while preserving privacy of the entities and preventing inter-entity data sharing.
Linkedin Corporation

Method for establishing, securing and transferring computer readable information using peer-to-peer public and private key cryptography

Establishing file space requires that the owner links it to a centralized or decentralized peer-to-peer cryptographic block chain protocol. This secures and locks files for subsequent confirmation and transfer.

Cryptographic key escrow

An escrow platform is described that can be used to enable access to devices. The escrow platform can be used to sign cryptographic network protocol challenges on behalf of clients so that the secrets used to sign cryptographic network protocol challenges do not have to be exposed to the clients.
Amazon Technologies, Inc.

Unified encryption configuration management and setup system

The present technology relates to the field of configuration and setup of encrypted computer network transmission systems. In particular, the present technology relates to setting up and configuring network encryption systems, including macsec, internet protocol security (ipsec), and tls protocols, in heterogeneous networks over wireless area networks (wan), wireless local area network (wlan) or cellular links.
Pacific Star Communications, Inc.

Method and system for cheon resistant static diffie-hellman security

A method for providing cheon-resistance security for a static elliptic curve diffie-hellman cryptosystem (ecdh), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ecdh instructions executable on computer processors of the respective correspondents, the ecdh instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q−1=cr and q+1=ds, where r and s are primes and c and d are integer cheon cofactors of the group, such that cd≦48.. .
Certicom Corp.

Public key cryptosystem based on partitioning of galois field elements

A post-quantum, public key cryptosystem is described which is polynomial based and where the private key polynomial has coefficients from a sub-set of galois field elements and plain text message polynomials have coefficients from a second sub-set of galois field elements. The public key polynomial is constructed using the inverse of the private key polynomial and a randomly chosen polynomial having coefficients chosen from a third sub-set of galois field elements.
Pq Solutions Limited

Secure payment and authentication system having security function enhanced by using quantum cryptography

Disclosed herein are a quantum cryptography-based cryptographic communication system and an authentication, payment and transaction system via a relay device between a communication device and a server. A relay device for quantum cryptography authentication includes an optical receiver unit, an optical transmission unit, and a processor.
University Of Seoul Industry Cooperation Foundation

Mobile device having quantum cryptographic security function for mobile commerce, and authentication method

Disclosed herein are technologies regarding a communication device and server which are capable of cryptographic communication based on quantum cryptography. The communication device includes: a quantum signal generation unit configured to generate a series of first quantum signals by using a first quantum filter; an optical transmission unit configured to send the series of first quantum signals to a server; and a processor configured to select the first quantum filter based on a series of randomly generated first quantum states, and to control the quantum signal generation unit to generate the series of first quantum signals by using the first quantum filter..
University Of Seoul Industry Cooperation Foundation

Mobile commerce and authentication method having improved security based on quantum cryptography

Disclosed herein are technologies regarding a communication device and server which are capable of cryptographic communication based on quantum cryptography. A communication device for quantum cryptography authentication includes: an optical communication unit configured to receive a series of first quantum signals generated by passing through a first quantum filter of the communication device; a quantum signal generation unit configured to generate the first quantum signals by setting up the first quantum filter in a reception path for a series of second quantum signals generated and sent by a server; and a processor configured to select the setup of the first quantum filter based on a series of randomly generated first quantum states, and to control the quantum signal generation unit to generate the first quantum signals by using the first quantum filter..
University Of Seoul Industry Cooperation Foundation

Method for testing and hardening software applications

Methods are provided for testing and hardening software applications for the carrying out digital transactions which comprise a white-box implementation of a cryptographic algorithm. The method comprises the following steps: (a) feeding one plaintext of a plurality of plaintexts to the white-box implementation; (b) reading out and storing the contents of the at least one register of the processor stepwise while processing the machine commands of the white-box implementation stepwise; (c) repeating the steps (a) and (b) with a further plaintext of the plurality of plaintexts n-times; and (d) statistically evaluating the contents of the registers and the plaintexts, the intermediate results and/or the ciphertexts generated from the plaintexts by searching for correlations between the contents of the registers and the plaintexts, the intermediate results and/or the ciphertexts generated from the plaintexts to establish the secret key..
Giesecke & Devrient Gmbh

Hardened white box implementation 1

The invention provides a processor device having an executable, white-box-masked implementation of a cryptographic algorithm implemented thereon. The white-box masking comprises an affine mapping a, which is so designed that every bit in the output values w of the affine mapping a depends on at least one bit of the obfuscation values y, thereby attaining that the output values w of the affine mapping a are statistically balanced..
Giesecke & Devrient Gmbh

Hardened white box implementation

A processor device has an executable implementation of a cryptographic algorithm implemented thereon that is white-box-masked by a function f the implementation comprises an implemented computation step s by which input values x are mapped to output values s=s[x], and which is masked to a white-box-masked computation step t′ by means of an invertible function f. As a mapping f there is provided a combination (f=(c1, c2, .
Giesecke & Devrient Gmbh

Securely booting a computer from a user trusted device

A method for allowing a computer to boot from a user trusted device is provided. The computer includes a long-term data storage device storing operating system (os) services.
International Business Machines Corporation

Method for retrieving encrypted graph, system for retrieving encrypted graph, and computer

A system for retrieving an encrypted graph, in which a first computer generates an encrypted graph, and a second computer retrieves the encrypted graph, wherein: the first computer generates a secret key, encrypts a graph that includes a start point, an edge, and an end point to generate an encrypted graph, generates an encryption query, transmits encrypted graph data in which the encrypted graph and the encryption query are correlated for each edge and a searchable encryption matching function to the second computer, generates an encrypted graph retrieval query in which a graph to be retrieved is encrypted by the retrievable cryptogram query function, and transmits the generated retrieval query to the second computer; and the second computer, accepts the received encrypted graph retrieval query and encrypted graph data as inputs, and executes a retrieval process using the searchable encryption matching function.. .
Hitachi, Ltd.

Automatic correction of cryptographic application program interfaces

A computer system may identify a cryptographic application programming interface (api) call for a program. The cryptographic api call may include a first variable.
International Business Machines Corporation

System and computing message digests

A data de-duplication approach leverages acceleration hardware in ssds for performing digest computations used in de-duplication operations and support on behalf of an attached host, thereby relieving the host from the computing burden of the digest computation in de-duplication (de-dupe) processing. De-dupe processing typically involve computation and comparison of message digests (md) and/or hash functions.
Intel Corporation

Method and supporting multiple broadcasters independently using a single conditional access system

A method and apparatus for brokering the enablement of the communication of encrypted media programs from a plurality of independent broadcasters to a plurality of receivers is disclosed. The system makes use of a pairing key for each provided service, which is differently encrypted by a pairing server and by the broadcaster providing the service.

Methods and systems of providing verification of the identity of a digital entity using a centralized or distributed ledger

Methods and systems of providing verification of the identity of a digital entity are provided, including receiving information and a public key of the digital entity, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address, the centralized or distributed ledger providing a record of transactions; deriving an attestation address using the information and the public key of the digital entity; verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger and verifying that the attestation transaction has not been revoked; receiving at the processor associated with the user a cryptographic challenge nonce signed by the digital entity's private key; and verifying the digital entity's identity with the cryptographic challenge nonce signed by the digital entity's key.. .

Methods and systems of providing verification of information using a centralized or distributed ledger

A method and system of providing verification of information of a user relating to an attestation transaction is provided, and includes sending a request for information of the user, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address; receiving at a processor associated with a verifier the information of the user; sending a cryptographic challenge nonce; receiving at the processor associated with the verifier the cryptographic challenge nonce signed by the user's private key; verifying user identity with the cryptographic challenge nonce signed by the user's private key; deriving a public attest key by using the information of the user; deriving an attestation address using the public attest key; and verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger.. .

Cryptographic encryption key escrow and recovery

Various features described herein may include supervision or control of a cryptographic signal necessary for encryption or decryption. Specifically, key management may be performed, wherein the key is deposited or retrieved to or from a third party.

Rate line suppression using chaotic spreading codes

A system, method, and computer program product for chaotically generating a pseudorandom number sequence, such as for use in spread spectrum communications systems and in cryptographic systems. Chaotically generated pseudorandom numbers are not cyclostationary in nature, so output values encoded via such non-cyclostationary bases have no clear correlations.

Methods and systems of executing a business transaction from a commercial website using a centralized or distributed ledger

Methods and systems of executing a business transaction from a commercial website are provided, including sending a request for information of the user, wherein the information has been previously attested to in an attestation transaction; receiving the information of the user; sending a cryptographic challenge nonce; receiving the cryptographic challenge nonce signed by the user's private key; verifying user identity with the cryptographic challenge nonce signed by the user's private key; deriving a public attest key by using the information of the user; deriving an attestation address using the public attest key; verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger; and upon verification of the existence of the attestation transaction, completing the business transaction.. .

Methods and systems of revoking an attestation transaction using a centralized or distributed ledger

A method and system of revoking an attestation transaction regarding information of a user is provided. The method is implemented on a computer system having one or more physical processors configured by machine-readable instructions which, when executed perform the method, including generating a signed revocation transaction to revoke the previously attested information, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address, the centralized or distributed ledger providing a verifiable record of transactions; and sending the signed revocation transaction to the centralized or distributed ledger and revoking the attestation transaction by spending cryptocurrency associated with the attestation transaction..

Method for optimising memory writing in a device

Provided is a method for optimising memory writing in a device implementing a cryptography module and a client module calling functions implemented by the cryptography module. The device includes a random access memory including a first memory zone that is secured and dedicated to the cryptography module and a second memory zone dedicated to the client module.

Key, locking system, and opening or closing the locking system

The invention relates to a closing system having a key (1.1) coded in a quantum-physical manner, which withstands very high mechanical forces, wear, or temperatures. The key consists, for example, of a solid stainless-steel bar having, for example, a diameter of 8 mm and, for example, a length of 120 mm.

Secure labeling of network flows

An enterprise security system is improved by instrumenting endpoints to explicitly label network flows with cryptographically secure labels that identify an application or other source of each network flow. Cryptographic techniques may be used, for example, to protect the encoded information in the label from interception by third parties or to support cryptographic authentication of a source of each label.
Sophos Limited

Key exchange through partially trusted third party

A system may transmit, to a first entity, data to indicate an association between the first entity and a public key, wherein the public key is to be used to establish a cryptographically protected communications session between the first entity and a second entity, receive the data in response to a request to verify the association, and transmit, to the second entity, an indication that the data is valid. The system may be a cryptography service that is partially by the first and second entities.
Amazon Technologies, Inc.

Context-aware network and situation management for crypto-partitioned networks

This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (red) network through a one-way guard. At the red network, the network information from the black network may be combined with network information from one or more red networks.
Architecture Technology Corporation

Cryptographic device comprising a physical unclonable function

An electronic cryptographic device (100) comprising a physically unclonable function (puf) (110) and an enrollment unit (142) arranged to generate a first puf data during the enrollment phase, the first puf data being derived from a first noisy bit string of the puf, the first puf data uniquely identifying the physically unclonable function, the first puf data comprising a first helper data. The first puf data is transmitted to an electronic server during an enrollment phase.
Intrinsic Id B.v.

Api key generation of a security system forming part of a host computer for cryptographic transactions

A key ceremony application creates bundles for custodians encrypted with their passphrases. Each bundle includes master key share.
Coinbase, Inc.

Decryption condition addition device, cryptographic system, and decryption condition addition program

A decryption condition addition device (300) acquires an original ciphertext cts in which a secret distribution matrix m is set as information specifying a decryption condition and acquires an additional access structure s+ which is a restriction condition to restrict the decryption condition of the original ciphertext cts. The decryption condition addition device (300) adds a row and a column which are indicated in the additional access structure s+ to the secret distribution matrix m set in the original ciphertext cts, and thereby generates an updated ciphertext cts, for which the decryption condition of the original ciphertext cts is restricted..
Mitsubishi Electric Corporation

Cryptographic system arranged for key sharing

A cryptographic system is provided comprising multiple configuration servers (200, 201, 202) arranged to configure multiple network devices (300, 350, 360) for key sharing. Each configuration server comprising a computation unit (220) arranged to compute local key material for the network device from root key material specific to the configuration server and the network device identity number of the network device that is being configured.
Koninklijke Philips N.v.

Polymorphic encryption key allocation scheme

Embodiments of the present invention relate to encryption key allocation with additional security elements to lessen vulnerability to certain attacks. In one embodiment, a method and computer program product is provided for broadcast encryption.
International Business Machines Corporation

Speeding up chip transaction at the point of sale

A payment transaction is performed at a pos (point of sale) device. The device includes a terminal component and a reader component.
Mastercard International Incorporated

Method and system for contactless transactions without user credentials

A method for generation of an application cryptogram for use in a payment transaction includes: storing, in a first memory, a single use key associated with a transaction account; electronically transmitting the single use key to a processing server; receiving an encrypted session key and a server encryption key from the processing server; executing a first query to store the encrypted session key in the first memory and a second query to store the server encryption key in a second memory; decrypting the encrypted session key using the server encryption key; generating an application cryptogram based on the decrypted session key; and electronically transmitting the generated application cryptogram for use in a payment transaction.. .
Mastercard International Incorporated

Boot security

In one aspect, a method for securing a device includes receiving a first set of boot information of a device, receiving a first cryptographic proof of the first set of boot information, receiving a second set of boot information of the device, receiving a second cryptographic proof of the second set of boot information, comparing the first set of boot information and the second set of boot information, and, upon determining that the first set of boot information and the second set of boot information are different, determining whether differences between the first set of boot information and the second set of boot information are permitted. The method may also include generating an alert upon determining that differences between the first set of boot information and the second set of boot information are not permitted..
Sophos Limited

Boot security

In one aspect, a method for securing a device includes receiving a first set of boot information from a first device, the first set of boot information including a first list of boot items, receiving from the first device a first proof based on the first set of boot information, verifying the first set of boot information based on the first proof, determining a reputation for one or more of the boot items in the first list of boot items. And reporting the determined reputation.
Sophos Limited

Method for processing an update file of an avionic equipment of an aircraft, a computer program product, related processing electronic device and processing system

This method makes it possible to validate an update file of at least one set of computer data of a piece of avionics equipment of an aircraft. The processing method is implemented within a processing system comprising a mobile terminal independent of the aircraft, an update unit integrated into the aircraft, and a database separate from the aircraft and the mobile terminal, and comprises obtaining a computed message digest, the computed message digest resulting from the application, by the update unit, of a cryptographic hash function to the update file, obtaining a reference message digest, the reference message digest being acquired by the mobile terminal by secure access to a database comprising the reference message digest, and processing the update file based on a comparison of the computed message digest with the reference message digest..
Thales

High throughput sequencing

The invention relates to a high throughput method for determining telomere length of mammalian chromosomal dna; primers for use in said method; a kit comprising said primers; use of said method to diagnose or prognose or to determine the risk of developing a telomere shortening disease such as cancer, ageing, neurological disorders including alzheimer's disease, parkinson's disease and other dementias, brain infarction, heart disease, chronic hiv infection, chronic hepatitis, skin diseases, chronic inflammatory bowel disease including ulcerative colitis, anaemia, atherosclerosis, barrett's oesophagus and cancers including pre-cancerous conditions, infertility, telomere syndromes including dyskeratosis congenita, aplastic anaemia, idiopathic pulmonary fibrosis, familial myelodysplastic syndrome-acute myeloid leukaemia, hoyeraal-hreiderasson syndrome, revesz syndrome, coats plus syndrome, bone marrow failure, and cryptogenic liver cirrhosis. Additionally, the invention also has application in assessing an individual's suitability to be a transplantation donor, for example a bone marrow donor..

One-way key fob and vehicle pairing

Key fob and vehicle control unit identifiers (ids) are used for entity authentication or trust transfer to achieve a secured initial pairing. The key fob is capable of transmitting only (not receiving) and is paired with a control unit in a vehicle or with any other control device.

Providing forward secrecy in a terminating tls connection proxy

An infrastructure delivery platform provides a rsa proxy service as an enhancement to the tls/ssl protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server.

Cryptographic security functions based on anticipated changes in dynamic minutiae

Dynamic key cryptography validates mobile device users to cloud services by uniquely identifying the user's electronic device using a very wide range of hardware, firmware, and software minutiae, user secrets, and user biometric values found in or collected by the device. Processes for uniquely identifying and validating the device include: selecting a subset of minutia from a plurality of minutia types; computing a challenge from which the user device can form a response based on the selected combination of minutia; computing a set of pre-processed responses that covers a range of all actual responses possible to be received from the device if the combination of the particular device with the device's collected actual values of minutia is valid; receiving an actual response to the challenge from the device; determining whether the actual response matches any of the pre-processed responses; and providing validation, enabling authentication, data protection, and digital signatures..

Device specific cryptographic content protection

Techniques to facilitate protecting control data used in an industrial automation environment are disclosed herein. In at least one implementation, an encryption key pair is generated for an industrial controller, wherein the encryption key pair comprises a public key and a private key.

Synchronizing credential hashes between directory services

The subject disclosure is directed towards securely synchronizing passwords that are changed at a source location (e.g., an on-premises directory service) to a target location (e.g., a cloud directory service), so that the same credentials may be used to log into the source or target location, yet without necessarily having each domain controller handle the synchronization. The plaintext password is not revealed, instead using hash values computed therefrom to represent the password-related data.

Methods and cryptography

Encryption systems for initiating, encrypting, decrypting, storing and transporting undetectable secure electronic data communications over public and private networks, including the internet or the like.. .

Secure hash algorithm in digital hardware for cryptographic applications

Technology, implemented in digital hardware, software, or combination thereof, for completing secure hash algorithm (sha-2) computation with generating one new hash value at each clock cycle is described. The technology includes: using synchronous logic to store the computed values every alternate clock and combinational logic to process multiple rounds of sha in each clock; completing hash calculation in unrolled modes; using efficient adders for most 32-bit adders to improve performance..

High-speed aes with transformed keys

The advanced encryption standard (aes) cipher can be performed in a manner that preserves the secrecy of cryptographic keys, even under the intense scrutiny of a reverse-engineer observing every aspect of the computation. A method can include loading a key in a non-standard representation.

Secure storage on external memory

A cryptography apparatus includes multiple multiplication units and logic circuitry. The multiplication units are arranged in two or more multiplication levels, and are configured to operate in accordance with galois-field (gf) arithmetic over respective galois fields.

Confirmation and rating of user generated activities

A method allows third party authentication of confirmation of an activity performed by a user of a computing device that receives first and second datasets of values for a plurality of attributes respectively obtained from a plurality of sensors associated with the computing device. The first and second datasets reflect a user activity obtained over first and second periods of time, respectively, during which the activity occurs.

User authentication for credentials back-up service to mobile devices

Back-up credentials data is stored for a user. A communication channel is established with a mobile device.

Cryptoconomy solution for administration and governance in a distributed system

A computer-implemented process, system, and computer readable medium are provided for administration and governance of fiat and cryptocurrency funds in a distributed computer system. In one example, a process includes, at an electronic device with one or more processors and memory, accessing a list of a plurality of participant nodes, which may include a fund administrator receiving a list of participants or nodes.

System for and cryptographic provisioning

A system for and method of securely provisioning a module with cryptographic parameters, such as cryptographic keys and key tables, is presented. Such modules may be used to enable encrypted communications between mobile phones to which they are coupled.

System and generation, storage, administration and use of one or more digital secrets in association with a portable electronic device

A system for generation, storage, administration and use of one or more digital secrets in association with a portable electronic device. The system comprises a highly secured memory that stores only one or more master keys; a keystore implemented in the portable electronic device outside of the highly secured memory; one or more cryptography applets implemented in the portable electronic device outside of the highly secured memory; and a highly trusted intermediary module (thim) implemented outside of the highly secured memory, the thim establishes and manages a highly trusted communication conduit between the highly secured memory, the keystore, the one or more cryptography applets, and at least one third party application, wherein the thim polls the portable electronic device, the highly secured memory, the keystore, the one or more cryptography applets to determine a trust score, initialization cost, and transaction cost for each component in the portable electronic device, the thim providing a trusted third party application acceptable interaction parameters based on the trust score, the initialization cost, and the transaction cost, the thim managing highly trusted communications between the trusted third party application and the highly secured memory in accordance with the acceptable interaction parameters..

Electronic car key and communication system

An electronic vehicle key and a communication system wherein the cryptographic material stored in the secure memory of the electronic vehicle key is alterable by a command received from a first communication device or a second communication device to provide multiple vehicles flexibly using personal electronic vehicle key without being dependent, during use, on access to an external database.. .

Determining device locations for emergency service calls

A mobile phone or other mobile device is configured to compute a location code based on wi-fi or other wireless networking configuration parameters. The location code is computed as a cryptographic hash of the configuration parameters and is provided to a telecommunications system that supports wi-fi or other wlan voice services.
T-mobile Usa, Inc.

Network connection automation

A computing resource service provider receives a request from a customer to establish a physical connection between a provider network device and a customer network device in a colocation center. Once the connection has been established, the customer may transmit cryptographic authentication information, through the physical connection, to the provider network device.
Amazon Technologies, Inc.

Utility meter for metering a utility consumption and optimizing upstream communications and managing these communications

A utility meter and method for metering consumption of at least one utility including: a metering unit, a communication unit for sending/receiving messages to/from a management center, a memory to store a unique identifier pertaining to the utility meter and a first key, an encryption unit for encrypting the utility consumption as a first cryptogram, a message generator for generating a utility message containing the first cryptogram, a key generator for generating a payload key to be used by the encryption unit for encrypting the utility consumption, a second cryptogram generated by the encryption unit by encrypting the payload key with the first key, the second cryptogram being intended to be included, by the message generator, at least once into the utility message to be sent to the remote management center.. .
Nagravision S.a.

Method to assure correct data packet traversal through a particular path of a network

The method comprising, in a network based on a chain of individual service functions, sfs, that are composed to implement network services, nss: assigning, at an ingress node of a network architecture, to at least one data packet received by said ingress node from the network, a unique cryptographic tag; processing said assigned unique cryptographic tag using a cryptographic function specific to each service function, sf; and verifying, at a given point of the network architecture, said processed unique cryptographic tag by applying a cryptographic verification function composed by the inverse functions of the cryptographic functions associated to the sfs traversed by the at least one data packet.. .
Telefonica, S.a.

Method for fulfilling a cryptographic request requiring a value of a private key

Fulfilling the cryptographic request using the obtained value of the private key.. .

Cryptographic system based on reproducible random sequences

In order to have a completely secure cryptographic system, it has been looked for a system unconditionally secure as the one time pad, but without its key distribution problem. It is herein disclosed a cryptographic system, which implements a cryptographic process based on a random sequence generating process (1), generating a random key as long as the data to process, for a ciphering process (2) or a deciphering process (3).

Digital value token processing systems and methods having improved security and scalability

Systems and methods that provide improved security and scalability in digital token exchange are disclosed. In one example, a system may receive from a requester one or more old cryptographically signed tokens each including a shared class and denomination.
Digicash Pty Ltd.

Static ctyptographic currency value

Some embodiments enable one or more processors coupled to one or more storage devices to perform the following steps: receive a first request to conduct a financial transaction from a first user; in response to the request, receiving money in the form of a first currency from the first user; create a cryptographically secure coin, wherein the coin comprises a unique string that is associated with the first user; deliver the cryptographically secure coin to the first user.. .

Composite field scaled affine transforms-based hardware accelerator

A processing system includes a memory and a cryptographic accelerator operatively coupled to the memory. The cryptographic accelerator performs a split substitute byte operation within two paths of a cryptographic round by determining a first output from a first path by applying a mapped affine transformation to an input bit sequence represented by an element of a composite field of a finite-prime field, wherein the first output is represented by a first element of the composite field of the finite-prime field, and a second output from a second path by applying a scaled mapped affine transformation to the input bit sequence, wherein the second output is represented by a second element of the composite field and is equal to a multiple of the first output in the composite field..
Intel Corporation



Crypto topics:
  • Digital Signature
  • Hash Function
  • Private Key
  • Public Key
  • Computer Program
  • Certificate
  • Coordinates
  • Camera Module
  • Executable
  • Network Device
  • Access Rights
  • Cell Phone
  • Network Server
  • Hypertext Transfer Protocol
  • Virtual Private Network


  • Follow us on Twitter
    twitter icon@FreshPatents

    ###

    This listing is a sample listing of patent applications related to Crypto for is only meant as a recent sample of applications filed, not a comprehensive history. There may be associated servicemarks and trademarks related to these patents. Please check with patent attorney if you need further assistance or plan to use for business purposes. This patent data is also published to the public by the USPTO and available for free on their website. Note that there may be alternative spellings for Crypto with additional patents listed. Browse our RSS directory or Search for other possible listings.


    1.2583

    file did exist - 11103

    2 - 1 - 252