Follow us on Twitter
twitter icon@FreshPatents


Crypto patents

      

This page is updated frequently with new Crypto-related patent applications.




 Method and system of user authentication and end to end encryption using device synchronization patent thumbnailMethod and system of user authentication and end to end encryption using device synchronization
In one aspect, a computerized method for implementing user authentication using, device synchronization to match that includes the step of accessing a web page. The web page includes an agent.

 Relating private data of different entities patent thumbnailRelating private data of different entities
Aspects of the present disclosure relate to cryptography. In particular, example embodiments relate to computing a relationship between private data of a first entity and private data of a second entity, while preserving privacy of the entities and preventing inter-entity data sharing.
Linkedin Corporation


 Method for establishing, securing and transferring computer readable information using peer-to-peer public and private key cryptography patent thumbnailMethod for establishing, securing and transferring computer readable information using peer-to-peer public and private key cryptography
Establishing file space requires that the owner links it to a centralized or decentralized peer-to-peer cryptographic block chain protocol. This secures and locks files for subsequent confirmation and transfer.

 Cryptographic key escrow patent thumbnailCryptographic key escrow
An escrow platform is described that can be used to enable access to devices. The escrow platform can be used to sign cryptographic network protocol challenges on behalf of clients so that the secrets used to sign cryptographic network protocol challenges do not have to be exposed to the clients.
Amazon Technologies, Inc.


 Unified encryption configuration management and setup system patent thumbnailUnified encryption configuration management and setup system
The present technology relates to the field of configuration and setup of encrypted computer network transmission systems. In particular, the present technology relates to setting up and configuring network encryption systems, including macsec, internet protocol security (ipsec), and tls protocols, in heterogeneous networks over wireless area networks (wan), wireless local area network (wlan) or cellular links.
Pacific Star Communications, Inc.


 Method and system for cheon resistant static diffie-hellman security patent thumbnailMethod and system for cheon resistant static diffie-hellman security
A method for providing cheon-resistance security for a static elliptic curve diffie-hellman cryptosystem (ecdh), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ecdh instructions executable on computer processors of the respective correspondents, the ecdh instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q−1=cr and q+1=ds, where r and s are primes and c and d are integer cheon cofactors of the group, such that cd≦48.. .
Certicom Corp.


 Public key cryptosystem based on partitioning of galois field elements patent thumbnailPublic key cryptosystem based on partitioning of galois field elements
A post-quantum, public key cryptosystem is described which is polynomial based and where the private key polynomial has coefficients from a sub-set of galois field elements and plain text message polynomials have coefficients from a second sub-set of galois field elements. The public key polynomial is constructed using the inverse of the private key polynomial and a randomly chosen polynomial having coefficients chosen from a third sub-set of galois field elements.
Pq Solutions Limited


 Secure payment and authentication system having security function enhanced by using quantum cryptography patent thumbnailSecure payment and authentication system having security function enhanced by using quantum cryptography
Disclosed herein are a quantum cryptography-based cryptographic communication system and an authentication, payment and transaction system via a relay device between a communication device and a server. A relay device for quantum cryptography authentication includes an optical receiver unit, an optical transmission unit, and a processor.
University Of Seoul Industry Cooperation Foundation


 Mobile device having quantum cryptographic security function for mobile commerce, and authentication method patent thumbnailMobile device having quantum cryptographic security function for mobile commerce, and authentication method
Disclosed herein are technologies regarding a communication device and server which are capable of cryptographic communication based on quantum cryptography. The communication device includes: a quantum signal generation unit configured to generate a series of first quantum signals by using a first quantum filter; an optical transmission unit configured to send the series of first quantum signals to a server; and a processor configured to select the first quantum filter based on a series of randomly generated first quantum states, and to control the quantum signal generation unit to generate the series of first quantum signals by using the first quantum filter..
University Of Seoul Industry Cooperation Foundation


 Mobile commerce and authentication method having improved security based on quantum cryptography patent thumbnailMobile commerce and authentication method having improved security based on quantum cryptography
Disclosed herein are technologies regarding a communication device and server which are capable of cryptographic communication based on quantum cryptography. A communication device for quantum cryptography authentication includes: an optical communication unit configured to receive a series of first quantum signals generated by passing through a first quantum filter of the communication device; a quantum signal generation unit configured to generate the first quantum signals by setting up the first quantum filter in a reception path for a series of second quantum signals generated and sent by a server; and a processor configured to select the setup of the first quantum filter based on a series of randomly generated first quantum states, and to control the quantum signal generation unit to generate the first quantum signals by using the first quantum filter..
University Of Seoul Industry Cooperation Foundation


Method for testing and hardening software applications

Methods are provided for testing and hardening software applications for the carrying out digital transactions which comprise a white-box implementation of a cryptographic algorithm. The method comprises the following steps: (a) feeding one plaintext of a plurality of plaintexts to the white-box implementation; (b) reading out and storing the contents of the at least one register of the processor stepwise while processing the machine commands of the white-box implementation stepwise; (c) repeating the steps (a) and (b) with a further plaintext of the plurality of plaintexts n-times; and (d) statistically evaluating the contents of the registers and the plaintexts, the intermediate results and/or the ciphertexts generated from the plaintexts by searching for correlations between the contents of the registers and the plaintexts, the intermediate results and/or the ciphertexts generated from the plaintexts to establish the secret key..
Giesecke & Devrient Gmbh

Hardened white box implementation 1

The invention provides a processor device having an executable, white-box-masked implementation of a cryptographic algorithm implemented thereon. The white-box masking comprises an affine mapping a, which is so designed that every bit in the output values w of the affine mapping a depends on at least one bit of the obfuscation values y, thereby attaining that the output values w of the affine mapping a are statistically balanced..
Giesecke & Devrient Gmbh

Hardened white box implementation

A processor device has an executable implementation of a cryptographic algorithm implemented thereon that is white-box-masked by a function f the implementation comprises an implemented computation step s by which input values x are mapped to output values s=s[x], and which is masked to a white-box-masked computation step t′ by means of an invertible function f. As a mapping f there is provided a combination (f=(c1, c2, .
Giesecke & Devrient Gmbh

Securely booting a computer from a user trusted device

A method for allowing a computer to boot from a user trusted device is provided. The computer includes a long-term data storage device storing operating system (os) services.
International Business Machines Corporation

Method for retrieving encrypted graph, system for retrieving encrypted graph, and computer

A system for retrieving an encrypted graph, in which a first computer generates an encrypted graph, and a second computer retrieves the encrypted graph, wherein: the first computer generates a secret key, encrypts a graph that includes a start point, an edge, and an end point to generate an encrypted graph, generates an encryption query, transmits encrypted graph data in which the encrypted graph and the encryption query are correlated for each edge and a searchable encryption matching function to the second computer, generates an encrypted graph retrieval query in which a graph to be retrieved is encrypted by the retrievable cryptogram query function, and transmits the generated retrieval query to the second computer; and the second computer, accepts the received encrypted graph retrieval query and encrypted graph data as inputs, and executes a retrieval process using the searchable encryption matching function.. .
Hitachi, Ltd.

Automatic correction of cryptographic application program interfaces

A computer system may identify a cryptographic application programming interface (api) call for a program. The cryptographic api call may include a first variable.
International Business Machines Corporation

System and computing message digests

A data de-duplication approach leverages acceleration hardware in ssds for performing digest computations used in de-duplication operations and support on behalf of an attached host, thereby relieving the host from the computing burden of the digest computation in de-duplication (de-dupe) processing. De-dupe processing typically involve computation and comparison of message digests (md) and/or hash functions.
Intel Corporation

Method and supporting multiple broadcasters independently using a single conditional access system

A method and apparatus for brokering the enablement of the communication of encrypted media programs from a plurality of independent broadcasters to a plurality of receivers is disclosed. The system makes use of a pairing key for each provided service, which is differently encrypted by a pairing server and by the broadcaster providing the service.

Methods and systems of providing verification of the identity of a digital entity using a centralized or distributed ledger

Methods and systems of providing verification of the identity of a digital entity are provided, including receiving information and a public key of the digital entity, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address, the centralized or distributed ledger providing a record of transactions; deriving an attestation address using the information and the public key of the digital entity; verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger and verifying that the attestation transaction has not been revoked; receiving at the processor associated with the user a cryptographic challenge nonce signed by the digital entity's private key; and verifying the digital entity's identity with the cryptographic challenge nonce signed by the digital entity's key.. .

Methods and systems of providing verification of information using a centralized or distributed ledger

A method and system of providing verification of information of a user relating to an attestation transaction is provided, and includes sending a request for information of the user, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address; receiving at a processor associated with a verifier the information of the user; sending a cryptographic challenge nonce; receiving at the processor associated with the verifier the cryptographic challenge nonce signed by the user's private key; verifying user identity with the cryptographic challenge nonce signed by the user's private key; deriving a public attest key by using the information of the user; deriving an attestation address using the public attest key; and verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger.. .

Cryptographic encryption key escrow and recovery

Various features described herein may include supervision or control of a cryptographic signal necessary for encryption or decryption. Specifically, key management may be performed, wherein the key is deposited or retrieved to or from a third party.

Rate line suppression using chaotic spreading codes

A system, method, and computer program product for chaotically generating a pseudorandom number sequence, such as for use in spread spectrum communications systems and in cryptographic systems. Chaotically generated pseudorandom numbers are not cyclostationary in nature, so output values encoded via such non-cyclostationary bases have no clear correlations.

Methods and systems of executing a business transaction from a commercial website using a centralized or distributed ledger

Methods and systems of executing a business transaction from a commercial website are provided, including sending a request for information of the user, wherein the information has been previously attested to in an attestation transaction; receiving the information of the user; sending a cryptographic challenge nonce; receiving the cryptographic challenge nonce signed by the user's private key; verifying user identity with the cryptographic challenge nonce signed by the user's private key; deriving a public attest key by using the information of the user; deriving an attestation address using the public attest key; verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger; and upon verification of the existence of the attestation transaction, completing the business transaction.. .

Methods and systems of revoking an attestation transaction using a centralized or distributed ledger

A method and system of revoking an attestation transaction regarding information of a user is provided. The method is implemented on a computer system having one or more physical processors configured by machine-readable instructions which, when executed perform the method, including generating a signed revocation transaction to revoke the previously attested information, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address, the centralized or distributed ledger providing a verifiable record of transactions; and sending the signed revocation transaction to the centralized or distributed ledger and revoking the attestation transaction by spending cryptocurrency associated with the attestation transaction..

Method for optimising memory writing in a device

Provided is a method for optimising memory writing in a device implementing a cryptography module and a client module calling functions implemented by the cryptography module. The device includes a random access memory including a first memory zone that is secured and dedicated to the cryptography module and a second memory zone dedicated to the client module.

Key, locking system, and opening or closing the locking system

The invention relates to a closing system having a key (1.1) coded in a quantum-physical manner, which withstands very high mechanical forces, wear, or temperatures. The key consists, for example, of a solid stainless-steel bar having, for example, a diameter of 8 mm and, for example, a length of 120 mm.

Secure labeling of network flows

An enterprise security system is improved by instrumenting endpoints to explicitly label network flows with cryptographically secure labels that identify an application or other source of each network flow. Cryptographic techniques may be used, for example, to protect the encoded information in the label from interception by third parties or to support cryptographic authentication of a source of each label.
Sophos Limited

Key exchange through partially trusted third party

A system may transmit, to a first entity, data to indicate an association between the first entity and a public key, wherein the public key is to be used to establish a cryptographically protected communications session between the first entity and a second entity, receive the data in response to a request to verify the association, and transmit, to the second entity, an indication that the data is valid. The system may be a cryptography service that is partially by the first and second entities.
Amazon Technologies, Inc.

Context-aware network and situation management for crypto-partitioned networks

This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (red) network through a one-way guard. At the red network, the network information from the black network may be combined with network information from one or more red networks.
Architecture Technology Corporation

Cryptographic device comprising a physical unclonable function

An electronic cryptographic device (100) comprising a physically unclonable function (puf) (110) and an enrollment unit (142) arranged to generate a first puf data during the enrollment phase, the first puf data being derived from a first noisy bit string of the puf, the first puf data uniquely identifying the physically unclonable function, the first puf data comprising a first helper data. The first puf data is transmitted to an electronic server during an enrollment phase.
Intrinsic Id B.v.

Api key generation of a security system forming part of a host computer for cryptographic transactions

A key ceremony application creates bundles for custodians encrypted with their passphrases. Each bundle includes master key share.
Coinbase, Inc.

Decryption condition addition device, cryptographic system, and decryption condition addition program

A decryption condition addition device (300) acquires an original ciphertext cts in which a secret distribution matrix m is set as information specifying a decryption condition and acquires an additional access structure s+ which is a restriction condition to restrict the decryption condition of the original ciphertext cts. The decryption condition addition device (300) adds a row and a column which are indicated in the additional access structure s+ to the secret distribution matrix m set in the original ciphertext cts, and thereby generates an updated ciphertext cts, for which the decryption condition of the original ciphertext cts is restricted..
Mitsubishi Electric Corporation

Cryptographic system arranged for key sharing

A cryptographic system is provided comprising multiple configuration servers (200, 201, 202) arranged to configure multiple network devices (300, 350, 360) for key sharing. Each configuration server comprising a computation unit (220) arranged to compute local key material for the network device from root key material specific to the configuration server and the network device identity number of the network device that is being configured.
Koninklijke Philips N.v.

Polymorphic encryption key allocation scheme

Embodiments of the present invention relate to encryption key allocation with additional security elements to lessen vulnerability to certain attacks. In one embodiment, a method and computer program product is provided for broadcast encryption.
International Business Machines Corporation

Speeding up chip transaction at the point of sale

A payment transaction is performed at a pos (point of sale) device. The device includes a terminal component and a reader component.
Mastercard International Incorporated

Method and system for contactless transactions without user credentials

A method for generation of an application cryptogram for use in a payment transaction includes: storing, in a first memory, a single use key associated with a transaction account; electronically transmitting the single use key to a processing server; receiving an encrypted session key and a server encryption key from the processing server; executing a first query to store the encrypted session key in the first memory and a second query to store the server encryption key in a second memory; decrypting the encrypted session key using the server encryption key; generating an application cryptogram based on the decrypted session key; and electronically transmitting the generated application cryptogram for use in a payment transaction.. .
Mastercard International Incorporated

Boot security

In one aspect, a method for securing a device includes receiving a first set of boot information of a device, receiving a first cryptographic proof of the first set of boot information, receiving a second set of boot information of the device, receiving a second cryptographic proof of the second set of boot information, comparing the first set of boot information and the second set of boot information, and, upon determining that the first set of boot information and the second set of boot information are different, determining whether differences between the first set of boot information and the second set of boot information are permitted. The method may also include generating an alert upon determining that differences between the first set of boot information and the second set of boot information are not permitted..
Sophos Limited

Boot security

In one aspect, a method for securing a device includes receiving a first set of boot information from a first device, the first set of boot information including a first list of boot items, receiving from the first device a first proof based on the first set of boot information, verifying the first set of boot information based on the first proof, determining a reputation for one or more of the boot items in the first list of boot items. And reporting the determined reputation.
Sophos Limited

Method for processing an update file of an avionic equipment of an aircraft, a computer program product, related processing electronic device and processing system

This method makes it possible to validate an update file of at least one set of computer data of a piece of avionics equipment of an aircraft. The processing method is implemented within a processing system comprising a mobile terminal independent of the aircraft, an update unit integrated into the aircraft, and a database separate from the aircraft and the mobile terminal, and comprises obtaining a computed message digest, the computed message digest resulting from the application, by the update unit, of a cryptographic hash function to the update file, obtaining a reference message digest, the reference message digest being acquired by the mobile terminal by secure access to a database comprising the reference message digest, and processing the update file based on a comparison of the computed message digest with the reference message digest..
Thales

High throughput sequencing

The invention relates to a high throughput method for determining telomere length of mammalian chromosomal dna; primers for use in said method; a kit comprising said primers; use of said method to diagnose or prognose or to determine the risk of developing a telomere shortening disease such as cancer, ageing, neurological disorders including alzheimer's disease, parkinson's disease and other dementias, brain infarction, heart disease, chronic hiv infection, chronic hepatitis, skin diseases, chronic inflammatory bowel disease including ulcerative colitis, anaemia, atherosclerosis, barrett's oesophagus and cancers including pre-cancerous conditions, infertility, telomere syndromes including dyskeratosis congenita, aplastic anaemia, idiopathic pulmonary fibrosis, familial myelodysplastic syndrome-acute myeloid leukaemia, hoyeraal-hreiderasson syndrome, revesz syndrome, coats plus syndrome, bone marrow failure, and cryptogenic liver cirrhosis. Additionally, the invention also has application in assessing an individual's suitability to be a transplantation donor, for example a bone marrow donor..

One-way key fob and vehicle pairing

Key fob and vehicle control unit identifiers (ids) are used for entity authentication or trust transfer to achieve a secured initial pairing. The key fob is capable of transmitting only (not receiving) and is paired with a control unit in a vehicle or with any other control device.

Providing forward secrecy in a terminating tls connection proxy

An infrastructure delivery platform provides a rsa proxy service as an enhancement to the tls/ssl protocol to off-load, from an edge server to an external cryptographic server, the decryption of an encrypted pre-master secret. The technique provides forward secrecy in the event that the edge server is compromised, preferably through the use of a cryptographically strong hash function that is implemented separately at both the edge server and the cryptographic server.

Cryptographic security functions based on anticipated changes in dynamic minutiae

Dynamic key cryptography validates mobile device users to cloud services by uniquely identifying the user's electronic device using a very wide range of hardware, firmware, and software minutiae, user secrets, and user biometric values found in or collected by the device. Processes for uniquely identifying and validating the device include: selecting a subset of minutia from a plurality of minutia types; computing a challenge from which the user device can form a response based on the selected combination of minutia; computing a set of pre-processed responses that covers a range of all actual responses possible to be received from the device if the combination of the particular device with the device's collected actual values of minutia is valid; receiving an actual response to the challenge from the device; determining whether the actual response matches any of the pre-processed responses; and providing validation, enabling authentication, data protection, and digital signatures..

Device specific cryptographic content protection

Techniques to facilitate protecting control data used in an industrial automation environment are disclosed herein. In at least one implementation, an encryption key pair is generated for an industrial controller, wherein the encryption key pair comprises a public key and a private key.

Synchronizing credential hashes between directory services

The subject disclosure is directed towards securely synchronizing passwords that are changed at a source location (e.g., an on-premises directory service) to a target location (e.g., a cloud directory service), so that the same credentials may be used to log into the source or target location, yet without necessarily having each domain controller handle the synchronization. The plaintext password is not revealed, instead using hash values computed therefrom to represent the password-related data.

Methods and cryptography

Encryption systems for initiating, encrypting, decrypting, storing and transporting undetectable secure electronic data communications over public and private networks, including the internet or the like.. .

Secure hash algorithm in digital hardware for cryptographic applications

Technology, implemented in digital hardware, software, or combination thereof, for completing secure hash algorithm (sha-2) computation with generating one new hash value at each clock cycle is described. The technology includes: using synchronous logic to store the computed values every alternate clock and combinational logic to process multiple rounds of sha in each clock; completing hash calculation in unrolled modes; using efficient adders for most 32-bit adders to improve performance..

High-speed aes with transformed keys

The advanced encryption standard (aes) cipher can be performed in a manner that preserves the secrecy of cryptographic keys, even under the intense scrutiny of a reverse-engineer observing every aspect of the computation. A method can include loading a key in a non-standard representation.

Secure storage on external memory

A cryptography apparatus includes multiple multiplication units and logic circuitry. The multiplication units are arranged in two or more multiplication levels, and are configured to operate in accordance with galois-field (gf) arithmetic over respective galois fields.

Confirmation and rating of user generated activities

A method allows third party authentication of confirmation of an activity performed by a user of a computing device that receives first and second datasets of values for a plurality of attributes respectively obtained from a plurality of sensors associated with the computing device. The first and second datasets reflect a user activity obtained over first and second periods of time, respectively, during which the activity occurs.

User authentication for credentials back-up service to mobile devices

Back-up credentials data is stored for a user. A communication channel is established with a mobile device.

Cryptoconomy solution for administration and governance in a distributed system

A computer-implemented process, system, and computer readable medium are provided for administration and governance of fiat and cryptocurrency funds in a distributed computer system. In one example, a process includes, at an electronic device with one or more processors and memory, accessing a list of a plurality of participant nodes, which may include a fund administrator receiving a list of participants or nodes.

System for and cryptographic provisioning

A system for and method of securely provisioning a module with cryptographic parameters, such as cryptographic keys and key tables, is presented. Such modules may be used to enable encrypted communications between mobile phones to which they are coupled.

System and generation, storage, administration and use of one or more digital secrets in association with a portable electronic device

A system for generation, storage, administration and use of one or more digital secrets in association with a portable electronic device. The system comprises a highly secured memory that stores only one or more master keys; a keystore implemented in the portable electronic device outside of the highly secured memory; one or more cryptography applets implemented in the portable electronic device outside of the highly secured memory; and a highly trusted intermediary module (thim) implemented outside of the highly secured memory, the thim establishes and manages a highly trusted communication conduit between the highly secured memory, the keystore, the one or more cryptography applets, and at least one third party application, wherein the thim polls the portable electronic device, the highly secured memory, the keystore, the one or more cryptography applets to determine a trust score, initialization cost, and transaction cost for each component in the portable electronic device, the thim providing a trusted third party application acceptable interaction parameters based on the trust score, the initialization cost, and the transaction cost, the thim managing highly trusted communications between the trusted third party application and the highly secured memory in accordance with the acceptable interaction parameters..

Electronic car key and communication system

An electronic vehicle key and a communication system wherein the cryptographic material stored in the secure memory of the electronic vehicle key is alterable by a command received from a first communication device or a second communication device to provide multiple vehicles flexibly using personal electronic vehicle key without being dependent, during use, on access to an external database.. .

Determining device locations for emergency service calls

A mobile phone or other mobile device is configured to compute a location code based on wi-fi or other wireless networking configuration parameters. The location code is computed as a cryptographic hash of the configuration parameters and is provided to a telecommunications system that supports wi-fi or other wlan voice services.
T-mobile Usa, Inc.

Network connection automation

A computing resource service provider receives a request from a customer to establish a physical connection between a provider network device and a customer network device in a colocation center. Once the connection has been established, the customer may transmit cryptographic authentication information, through the physical connection, to the provider network device.
Amazon Technologies, Inc.

Utility meter for metering a utility consumption and optimizing upstream communications and managing these communications

A utility meter and method for metering consumption of at least one utility including: a metering unit, a communication unit for sending/receiving messages to/from a management center, a memory to store a unique identifier pertaining to the utility meter and a first key, an encryption unit for encrypting the utility consumption as a first cryptogram, a message generator for generating a utility message containing the first cryptogram, a key generator for generating a payload key to be used by the encryption unit for encrypting the utility consumption, a second cryptogram generated by the encryption unit by encrypting the payload key with the first key, the second cryptogram being intended to be included, by the message generator, at least once into the utility message to be sent to the remote management center.. .
Nagravision S.a.

Method to assure correct data packet traversal through a particular path of a network

The method comprising, in a network based on a chain of individual service functions, sfs, that are composed to implement network services, nss: assigning, at an ingress node of a network architecture, to at least one data packet received by said ingress node from the network, a unique cryptographic tag; processing said assigned unique cryptographic tag using a cryptographic function specific to each service function, sf; and verifying, at a given point of the network architecture, said processed unique cryptographic tag by applying a cryptographic verification function composed by the inverse functions of the cryptographic functions associated to the sfs traversed by the at least one data packet.. .
Telefonica, S.a.

Method for fulfilling a cryptographic request requiring a value of a private key

Fulfilling the cryptographic request using the obtained value of the private key.. .

Cryptographic system based on reproducible random sequences

In order to have a completely secure cryptographic system, it has been looked for a system unconditionally secure as the one time pad, but without its key distribution problem. It is herein disclosed a cryptographic system, which implements a cryptographic process based on a random sequence generating process (1), generating a random key as long as the data to process, for a ciphering process (2) or a deciphering process (3).

Digital value token processing systems and methods having improved security and scalability

Systems and methods that provide improved security and scalability in digital token exchange are disclosed. In one example, a system may receive from a requester one or more old cryptographically signed tokens each including a shared class and denomination.
Digicash Pty Ltd.

Static ctyptographic currency value

Some embodiments enable one or more processors coupled to one or more storage devices to perform the following steps: receive a first request to conduct a financial transaction from a first user; in response to the request, receiving money in the form of a first currency from the first user; create a cryptographically secure coin, wherein the coin comprises a unique string that is associated with the first user; deliver the cryptographically secure coin to the first user.. .

Composite field scaled affine transforms-based hardware accelerator

A processing system includes a memory and a cryptographic accelerator operatively coupled to the memory. The cryptographic accelerator performs a split substitute byte operation within two paths of a cryptographic round by determining a first output from a first path by applying a mapped affine transformation to an input bit sequence represented by an element of a composite field of a finite-prime field, wherein the first output is represented by a first element of the composite field of the finite-prime field, and a second output from a second path by applying a scaled mapped affine transformation to the input bit sequence, wherein the second output is represented by a second element of the composite field and is equal to a multiple of the first output in the composite field..
Intel Corporation

Midrange contactless transactions

Techniques for conducting a transaction in a midrange wireless communication system are described. The techniques may include detecting a beacon transmission from a midrange wireless base station, determining that the beacon transmission includes a transaction service identifier, and invoking a transaction application associated with the transaction service identifier.

Cellular device authentication

When manufacturing, distributing, or selling mobile phones, each phone is associated with an asymmetric cryptographic key pair, comprising a public key and a private key. The private key is stored on the phone, and the public key is stored in a public key repository.
T-mobile Usa, Inc.

Interleaved watermarking

In one embodiment, a system includes a headend apparatus including a watermark processor to generate secondary video streams from sections of a primary video stream, group the secondary video streams in groups of at least two secondary video streams, the secondary video streams including units of data for use in watermarking across cryptoperiods in an end-user device which selects one secondary video stream in each group for rendering as part of a composited video stream in order to embed units of data of an identification in the composited video stream, wherein in each cryptoperiod, the watermark processor is operative to generate different groups of the secondary video streams from different non-overlapping portions of the primary video stream, and an encryption processor to generate control words, encrypt each secondary video stream with a different control word, and change the control word of each secondary video stream every cryptoperiod.. .
Cisco Technology, Inc.

Server authentication using multiple authentication chains

A client seeking to establish a cryptographically-secure channel to a server has an associated public key acceptance policy. The policy specifies a required number of certificates that must be associated with the server's public key, as well as one or more conditions associated with those certificates, that must be met before the client “accepts” the server's public key.
International Business Machines Corporation

Systems and methods for providing data privacy in a private distributed ledger

Systems and methods for providing data privacy in a private distributed ledger are disclosed. According to another embodiment a distributed ledger network may include a first node comprising a first node computer processor and hosting a central ledger comprising a plurality of entries for public transactions and private transactions, wherein the entries for public transactions comprise transaction payloads for the respective public transaction, and the entries for private transactions comprise a cryptographic hash digest of a transaction payload for the respective private transaction; and a plurality of second nodes each comprising a second node computer processor and hosting a public database comprising the public transactions, and a private database comprising transaction payloads for the private transactions to which the node is a party..
Jpmorgan Chase Bank, N.a.

Technologies for secure inter-enclave communications

Technologies for secure inter-enclave communication include a computing device having a processor with secure enclave support. The computing device establishes a first secure enclave and a second secure enclave with the secure enclave support of the processor.

Cryptographic protection for trusted operating systems

This disclosure is directed to cryptographic protection for trusted operating systems. In general, a device may comprise for example, at least processing circuitry and memory circuitry.
Intel Corporation

Secure object access

A method of a security system to provide access by a requester to an encrypted data object stored in an object store, the requester being authenticated by the object store, the method comprising: receiving, from the object store: the encrypted object having associated an object identifier; and an identifier of the requester; deriving a first cryptographic key to decrypt the object; deriving a second cryptographic key; re-encrypting the object based on the second key and communicating the re-encrypted object to the requester; wherein each of the first and second keys are based on the object identifier, the requester identifier and a secret key portion generated by the security system, the secret key portion being different for each of the first and second keys, the method further comprising: in response to a second authentication of the requester by the security system, communicating the secret key portion for the second key to the requester.. .
British Telecommunications Public Limited Company

Authenticating a system to enable access to a diagnostic interface in a storage device

Provided are an apparatus, system, and method authenticating a system to access diagnostic interface in a storage device. The storage device includes a computer readable storage medium implemented to store data and a controller.
Intel Corporation

Secure virtualised data volumes

A method of securing a virtual data volume storing data in a first virtualized computing environment including: deriving a cryptographic key for encrypting the data, the key being derived from first and second parameters; and encrypting the data, wherein the first parameter is generated for association with the virtualized data volume, and the second parameter is generated based on at least one characteristic of a second virtualized computing environment.. .
British Telecommunications Public Limited Company

Power side-channel attack resistant advanced encryption standard accelerator processor

A processing system includes a processing core and a hardware accelerator communicatively coupled to the processing core. The hardware accelerator includes a random number generator to generate a byte order indicator.
Intel Corporation

Analysis system, analysis method, and storage medium

Provided is an analysis system including a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; a communication processing unit that is configured to instruct the memory acquisition unit to acquire data stored in the memory unit when determining that key data including an encryption key for cryptographic communication protocol are stored in the memory unit; and a cryptanalysis unit that is configured to extract one or more key data candidates that are candidates of the key data, from the stored in the memory unit, and extract, from one or more of the key data candidates, correct key data that enables to decrypt correctly the encrypted communication data. The communication processing unit is further configured to execute specific processing according to the decrypted communication data..
Nec Corporation

Entry control system

An integrated security system which seamlessly assimilates with current generation logical security systems. The integrated security system incorporates a security controller having standard network interface capabilities including wee 802.x and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes.
Assa Abloy Ab

Dynamic delivery authorization for cryptographic payments

A dynamic delivery authorization system for cryptographic payments comprising: a merchant cashier system configured to allow a merchant controlling the delivery authorization dynamically in conjunction with cryptographic payment confirmations, an intermediary processing system supporting merchants to accept cryptographic payments from consumers utilizing cryptographic wallets to pay for purchases, a cryptographic payment server configured to receiver purchase request from the cashier system, manage the accrual of cryptocurrency network blockchain confirmations, maintain a merchant configurable, order specific and real-time payment and delivery authorization statuses used by merchant payment and delivery authorization system to authorize the release of tangible and intangible goods and services relative to the risk level set by the merchant for each order placed within the cashier system.. .
Moving Media Gmbh

Method and system for managing personal information within independent computer systems and digital networks

A system and method for reliably and securely recording and storing all attributes of personal identification, for the identification and authorization of individual identity as well as attributes relating to it and personal data including but not limited to individual's physical description, bank details, travel history, etc. (the “personally identifiable information “pii”).
Vchain Technology Limited

System and method employing reduced time device processing

Methods and systems for facilitating a transaction are provided. A transaction involving an integrated circuit user device in contact with an access device is processed in less time, such that the user device can be removed at an earlier time.

Watermarking input and output of a white-box implementation

A method of mapping an input message to an output message by a keyed cryptographic encryption operation, wherein the keyed cryptographic encryption operation includes a first round, including: performing a substitution function on a first portion of the input message to produce an output, wherein the substitution function incorporates a portion of a cryptographic key; and performing a watermarking function on the output, wherein the watermarking function produces a watermark output when the first input portion has a specific predetermined value, wherein the watermark output uniquely identifies the keyed cryptographic encryption operation.. .
Nxp B.v.

Automated medical test data report, tracking, and patient matching system

An automated medical test data report, tracking, and patient matching system devised to enable secure transmittal of medical test results data over network between a hosting computing apparatus and at least one receiving computing apparatus is provided. Triple tiered security is enabled by action of paired cryptographic keys, sequencing of data by generation of a randomized and securely-shared sequencing order, and fragmentation of data from a data stream into sortable data packets routable to separate and remotely connected partitions by appending a sort code into each data packet collectively prevent compromise of data in transmission over network..

Avoiding redundant memory encryption in a cryptographic protection system

This disclosure is directed to avoiding redundant memory encryption in a cryptographic protection system. Data stored in a device may be protected using different encryption systems.
Intel Corporation

Convolutional memory integrity

Apparatus, systems, computer readable storage mediums and/or methods may provide memory integrity by using unused physical address bits (or other metadata passed through cache) to manipulate cryptographic memory integrity values, allowing software memory allocation routines to control the assignment of pointers (e.g., implement one or more access control policies). Unused address bits (e.g., because of insufficient external memory) passed through cache, may encode key domain information in the address so that different key domain addresses alias to the same physical memory location.

Pharmaceutical composition for preventing, treating and curing rosacea, comprising snail slime, chamomile and propolis

The invention relates to a pharmaceutical composition consisting of snail slime helix aspersa muller (cryptomphalus aspersus) (20% to 50%), camomile extract (1-4%), propolis 1l-4%), and pharmaceutically acceptable excipients and/or additives for forming a formulation of low, intermediate or high viscosity (10 to 1000 pa-s). Said composition is in the form of a lotion, soap, cream or gel, which is embedded in a gauze-type fabric in the form of a plaster that can be applied to lesions caused by the different types of rosacea.
Muciderm S.a.

Elementary bitstream cryptographic material transport systems and methods

Systems and methods for providing multimedia content from one process or component to another process or component over an unsecured connection are provided. One embodiment includes obtaining the cryptographic information, extracting the at least partially encrypted video data from the container file to create an elementary bitstream, enciphering the cryptographic information, inserting the cryptographic information in the elementary bitstream, providing the elementary bitstream to a video decoder, extracting the cryptographic information from the elementary bitstream at the video decoder, deciphering the cryptographic information, decrypting the elementary bitstream with the cryptographic information and decoding the elementary bitstream for rendering on a display device using the video decoder..
Sonic Ip, Inc.

Analysis system, analysis method, and storage medium

Provided is an analysis system configured to obtain an encryption key for encryption communication between an information communication apparatus and a communication network, from memory space provided in the information communication apparatus. The analysis system including a processing circuitry configured to function as: a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; and a communication processing unit that is configured to determine whether key data including an encryption key used for encryption processing in a cryptographic communication protocol are stored in the memory unit, based on communication data transmitted and received in accordance with the cryptographic communication protocol between the information communication apparatus and a communication network, and instruct the memory acquisition unit to acquire data stored in the memory unit, based on the determination result..
Nec Corporation

System and internet of things (iot) security and management

System and method for establishing a secure communication between a plurality of internet of things (iot) devices, includes provisioning a first and a second iot devices by providing a unique identification, a digital identity token and a cryptographic key to each of the first and second iot devices; authenticating the second iot device by the first iot device; inviting the second iot device by the first iot device to establish a communication line with the first iot device; establishing a secure communication line between the first iot device and the second iot device by authenticating the communication line between the first iot device and the second iot device and issuing a digital certificate to the communication line between the first iot device and the second iot device; establishing secure communication lines between the first iot device, the second iot device and a plurality of more devices; and grouping the first iot device, the second iot device and the plurality of more devices into different groups based on a predetermined criteria.. .
T-central, Inc.

Cryptographically assured zero-knowledge cloud services for elemental transactions

A trusted network based service running on a server, for example as a cloud server, includes receiving a request from a first user device and a second user device. The request includes one or more inputs to perform a stateless transaction based on combinational logic.
International Business Machines Corporation

System and providing defence to a cryptographic device against side-channel attacks targeting the extended euclidean algorithm during decryption operations

A system, method and computer-readable storage medium for decrypting a code c using a modified extended euclidean algorithm (eea) having an iteration loop independent of the hamming weight of inputs to the eea and performing a fixed number of operations regardless of the inputs to the eea thereby protecting a cryptographic device performing the decryption from side-channel attacks.. .
Gemalto Sa

Secure crypto module including optical glass security layer

An optical electromagnetic radiation (em) emitter and receiver are located upon a printed circuit board (pcb) glass security layer. A predetermined reference flux or interference pattern, respectively, is an expected flux or reflection pattern of em emitted from the em emitter, transmitted by the glass security layer, and received by the em receiver.
International Business Machines Corporation

Distributing work load of high-volume per second transactions recorded to append-only ledgers

Various of the disclosed embodiments concern systems and methods for expediting the settlement of securities traded on an exchange. A settlement system can generate electronic records of financial transactions by bundling a trade report, clearing instructions, etc., into a cryptographic ledger.
Domus Tower, Inc.

System and authentication using payment protocol

Methods, systems, and devices are disclosed for using a payment processing network as an authorization engine to access secure physical areas, such as college dormitories, office buildings. A keycard with a cryptogram generator is presented by a user to an access device, and the access device or associated computer sends an access request message formatted like a payment authentication request message to an aggregator/acquirer and payment processing network.

Cryptographically assured zero-knowledge cloud service for composable atomic transactions

A trusted network based service running on a server, for example as a cloud server, includes receiving a request from a first user device and a second user device. The request includes one or more inputs to perform a transaction.
International Business Machines Corporation

Cryptographic currency for securities settlement

The present disclosure is directed to security settlement in financial markets and cryptographic currencies. Particular portions of the present disclosure are directed to a cryptographic currency protocol and to a cryptographic currency that includes a positional item.
Goldman Sachs & Co. Llc

Secure crypto module including optical security pathway

An optical electromagnetic radiation (em) emitter and receiver are located upon a printed circuit board (pcb) layer and are connected to an optical security pathway. A predetermined reference flux is determined, the reference flux being the expected em transmitted by the optical security pathway and received by the receiver.
International Business Machines Corporation

Method and system for cryptographically enabling and disabling lockouts for critical operations in a smart grid network

A method for locking out a remote terminal unit includes: receiving a lockout request, wherein the lockout request includes at least a public key associated with a user, a user identifier, and a terminal identifier; identifying a user profile associated with the user based on the user identifier included in the received lockout request; verifying the public key included in the received lockout request and permission for the user to lockout a remote terminal unit associated with the terminal identifier included in the received lockout request based on data included in the identified user profile; generating a lockout permit, wherein the lockout permit includes at least the public key included in the received lockout request; and transmitting at least a lockout request and the generated lockout permit, wherein the lockout request includes an instruction to place a lockout on the remote terminal unit.. .
Silver Spring Networks, Inc.

Cryptographically provable zero-knowledge content distribution network

A system, a computer readable storage medium, and methods for delivering content from a zero-knowledge edge server node in a content delivery network to an end user device, ensuring content control by a content provider (i.e. Reduce piracy) while ensuring privacy of an end user device.
International Business Machines Corporation

Data protection using virtual resource views

Embodiments include computing devices, systems, and methods for protecting data using virtual views of resource contents. A virtualization interface monitor may monitor a request to access a computing device resource by a first requesting entity and determine whether the first requesting entity is an owner of the computing device resource.
Qualcomm Incorporated

System and generating, storing and accessing secured medical imagery

A system and method for generating, storing and accessing secure medical images uses public key cryptography, allowing users uses to capture, view and share images, as well as share the images with other authorized users and authorize other devices. The system is geared toward speed, security and portability of medical image processing.

Secure start system for an autonomous vehicle

A secure start system for an autonomous vehicle (av) can detect startup of the av and transmit credentials to a backend system. When the credentials are authenticated, the secure start system can receive a tunnel key from the backend system.
Uber Technologies, Inc.

Systems and methods for automating client-side discovery of public keys of external contacts that are secured by dane using dnssec

Provided is a method of digitally securing a digital object from a first user in a first domain to a second user in a second domain using a dns provider. The method includes accessing, at a client device of the first user, a client-side local policy, wherein the local policy comprises one or more zones managed by one or more dns providers and secured by dane using dnssec; constructing a dns query for a cryptographic credential for the second user based, at least in part, on a zone of the one or more zones in the local policy; providing a request for the cryptographic credential for the second user; obtaining the cryptographic credential for the second user from a dns provider of the one or more dns providers; digitally securing the digital object using the cryptographic credential; and providing the digital object to the second user..
Verisign, Inc.

Privilege distribution through signed permissions grants

A resource owner or administrator submits a request to a permissions management service to create a permissions grant which may include a listing of actions a user may perform on a resource. Accordingly, the permissions management service may create the permissions grant and use a private cryptographic key to digitally sign the created permissions grant.
Amazon Technologies, Inc.

Preventing persistent storage of cryptographic information using signaling

Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key.
Amazon Technologies, Inc.

Enabling comparable data access control for lightweight mobile devices in clouds

A new efficient framework based on a constant-size ciphertext policy comparative attribute-based encryption (ccp-cabe) approach. Ccp-cabe assists lightweight mobile devices and storing privacy-sensitive sensitive data into cloudbased storage by offloading major cryptography-computation overhead into the cloud without exposing data content to the cloud.
Arizona Board Of Regents On Behalf Of Arizona State University

Production of cryptographic signatures

A method and system configured to produce a cryptographic signature on a message, under a key, at a user computer wherein the key is shared between the user computer, which stores a first key-share, and an authentication computer, which stores a second key-share and a first authentication value. The user computer encodes the message to produce a blinded message, produces the first authentication value from a user password and a secret value, and produces a second authentication value by encoding the first authentication value and a nonce.
International Business Machines Corporation

Validation cryptogram for transaction

A method for validating an interaction is disclosed. A first interaction cryptogram can be generated by a first device using information about a first party to the interaction and a second party to the interaction.

Providing low risk exceptional access

A method and system for providing unencrypted access to encrypted data that may be stored on a device, sent as a message, or sent as a real-time communications stream. The method may include using public key cryptography to securely enable accessing the encrypted data stored on a device or communicated by a device.

Encryption setup verification

There is provided mechanisms for verifying setup of encryption of a block of data. The method is performed by a client node.
Telefonaktiebolaget Lm Ericsson (publ)

Method for securing a private key on a mobile device

Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices.
Crater Dog Technologies, Llc

Encryption apparatus, decryption apparatus, cryptography processing system, encryption method, decryption method, encryption program, and decryption program

An acquisition unit (2020) acquires a plaintext block sequence and a first cryptographic key. The plaintext block sequence is constituted by a plurality of plaintext blocks.
Nec Corporation

Process and system for establishing a moving target connection for secure communications in client/server systems

A system and method performs a moving target blind rendezvous by exchanging data through a distributed hash table. The system allows users to securely send small pieces of information over a network while only requiring an exchange of public keys ahead of time.

Encryption method, encryptor, and encryption system for encrypting electronic data by splitting electronic data

An encryption method includes displaying encryption target data on a display screen as an image, performing first acceptance in which designation of an at least partial region of the displayed image is accepted, performing second acceptance in which designation regarding splitting of the designated at least partial region is accepted, and splitting data that is included in the encryption target data and corresponds to the designated at least partial region in accordance with the designation regarding the splitting under a secret sharing scheme.. .
Panasonic Intellectual Property Corporation Of America

Method, system, and device of provisioning cryptographic data to electronic devices

System, device, and method of provisioning cryptographic assets to devices. A method includes: (a) generating a delegation message at a first provisioning server; the delegation message indicating provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device; wherein generating the delegation message comprises at least one of: (a) inserting into the delegation message an association key unknown to the first provisioning server, encrypted using a public key of the electronic device; (b) inserting into the delegation message a public key of the second provisioning server; enabling the electronic device to locally generate the association key unknown to the first provisioning server; (b) delivering the delegation message to the electronic device; (c) at the second provisioning server, based on the delegation message, provisioning cryptographic assets to the electronic device, using the association key..
Arm Technologies Israel Ltd.

Instructions and logic to provide general purpose gf(256) simd cryptographic arithmetic functionality

Instructions and logic provide general purpose gf(28) simd cryptographic arithmetic functionality. Embodiments include a processor to decode an instruction for a simd affine transformation specifying a source data operand, a transformation matrix operand, and a translation vector.
Intel Corporation

In vivo identity and security application implant and method

An implant including a platform that performs computations and that is configured to communicate with an external system, and at least one sensor that is connected to the platform and that communicates with the platform, the at least one sensor is configured to sense a biological environment surrounding the implant. The platform is configured to generate a bio-signature that corresponds to the biological environment sensed by the at least one sensor and to utilize the bio-signature to cryptographically secure data provided in the platform.
Dangerous Things Llc.

Use of generic (browser) encryption api to do key exchange (for media files and player)

Embodiments are directed towards decrypting encrypted content. A key for decrypting the encrypted content may be provided to a web application executing within a browser.
Google Inc.

Methods for recovering secret data of a cryptographic device and for evaluating the security of such a device

A method for recovering secret data of a cryptographic device comprises: a) determining stochastic models of leakages relating respective measurable quantities to internal states or operations of the cryptographic device, the number of greater than the number of masks used by the cryptographic device to conceal the secret data; b) sending command sequences to the device, where each command sequence causes the device to perform a cryptographic operation on at least one respective plaintext using the secret data and the masks; c) during processing of each cryptographic operation, recording a series of measurements of measurable quantities; and d) computing an estimator of secret data by maximizing the conditional joint probability of the recorded measurements given the corresponding plaintexts, averaged over all possible values of the masks. A method for evaluating the security of a cryptographic device is provided..
Institut Mines-telecom

Wwan-wlan aggregation security

One feature pertains to a method for secure wireless communication at an apparatus of a network. The method includes receiving a user equipment identifier identifying a user equipment and a cryptographic key from a wireless wide area network node, and using the cryptographic key as a pairwise master key (pmk).
Qualcomm Incorporated

Cryptographic key generation and distribution

Methods, apparatuses, systems, and program products are disclosed for cryptographic key generation and distribution. A method includes generating a cryptographic key that may be divided into a plurality of key segments such that the key is re-constructed by combining each of the plurality of key segments.
Callware Technologies, Inc.

Network payment tokenization for processing payment transactions

The present disclosure relates to systems, methods, and devices for network payment tokenization for processing payment transactions. In particular, the message system allows a consumer to initiate a payment transaction with a merchant.
Facebook, Inc.

Management of workflows

When a user of an interface system defines a workflow, the interface system transmits a notification to a user that is to perform the first step of the workflow. When the user requests to initiate the step of the workflow, the interface system creates a transaction for the workflow step.
Peernova, Inc.

System, license key permutation

A system and method of dynamically altering the encoding, structure or other attribute of a cryptographic key, typically a license activation key, to render useless keys that have been created by illegal key generation “cracks”. An encoding/decoding engine provides a plurality of key obfuscation algorithms that may alter the structure, encoding or any other attribute of a given key.
Iii Holdings 12, Llc

Method and triggering machine type communications applications

A method and apparatus for machine type communication (mtc) authentication and triggering may be performed by an mtc interworking function (mtc-iwf). On a condition an internet protocol (ip) connection does not exist between a services capability server (scs) and an mtc device, a device trigger message may be received by the mtc device over a tsp interface.
Interdigital Patent Holdings, Inc.

Cryptographic hash generation system

A first module divides a string into a number of blocks. A second module associates the blocks with monoid elements in a list of first monoid elements to produce second monoid elements.
Securerf Corporation

Encryption key lifecycle management

In some embodiments, a method may include: enforcing a key rotation policy associated with a current encryption key being used to encrypt and decrypt data stored in an ihs; monitoring a cryptoperiod associated with the current encryption key; in response to a determination that the current encryption key has reached the end of the cryptoperiod, automatically transmitting a request to a key provider for a new encryption key; and in response to the request, automatically: receiving the new encryption key, marking the current encryption key as old, un-encrypting the data using the old encryption key, re-encrypting the data using the new encryption key, and, in response to a determination that all of the data has been re-encrypted with the new encryption key, transmitting a request to the key provider that the old encryption key be discarded, and deleting a local copy of the old encryption key.. .
Dell Products, L.p.

Cryptographic apparatuses and methods for encrypting and decrypting data using automata

The invention is, firstly, a cryptographic apparatus for encrypting unencrypted data, comprising an input module for inputting the unencrypted data and an output module for outputting encrypted data, and a key automaton (44) adapted for converting the unencrypted data into the encrypted data, and the key automaton (44) is an composition of automata said composition of automata having a set of states and a set of input signals identical to each other and being implemented as a permutation automaton without output signals, said composition of automata comprises at least one factor automaton without output signals, each of the unencrypted data and the encrypted data has a character set identical to each other, and the set of states and the set of input signals, respectively, consist of blocks obtained from all possible combinations of said character set, wherein the blocks are of a predetermined block length. The invention is, furthermore, a cryptographic apparatus for decrypting encrypted data.
Pannon Szoftver Kft.

System and one-time chinese-remainder-theorem exponentiation for cryptographic algorythms

A system, method and computer-readable storage medium with instructions for protecting an electronic device against fault attack. The technology includes operating the electronic device to determine two half-size exponents, dp and dq, from the exponent d; to split the base m into two sub-bases mp and mq determined from the base m; and to iteratively compute a decryption result s by repeatedly multiplying an accumulator a by m, mp, mq or 1 depending on the values of the i-th bit of dp and dq for each iteration i′.
Gemalto Sa

Exponent splitting for cryptographic operations

A first share value and a second share value may be received. A combination of the first share value and the second share value may correspond to an exponent value.
Cryptography Research, Inc.

Systems and methods for providing block chain state proofs for prediction market resolution

An outcome reported by a first prediction market may be determined. A state root hash from a given block in a block chain created during or after a resolution process of the first prediction market may be obtained.
Forecast Foundation Ou

Systems and methods for domain restriction with remote authentication

A process for combining domain restriction and remote authentication may include receiving a token from a plug-in application to conduct a transaction associated with a user of a communicating device. The process may include sending an authentication request to a remote access control sever to authenticate the user, and receiving, from the remote access control server, an authentication tracking value that the remote access control server used in generation of an authentication cryptogram.

Systems and methods for media codecs and containers

Systems and methods for enabling and enforcing cryptocurrency transactions associated with at least a portion of data are provided. Systems and methods may include a cryptocurrency transaction service, the cryptocurrency transaction service including one or more transaction servers and one or more ledger processing devices.
1usf, Inc.

Method for communicating in a network comprising a virtual network , and a communication node comprising a virtual network entity

The invention relates to a method of a communication node communicating in a network comprising a plurality of nodes, said nodes belonging to at least one virtual network, wherein the method comprises the communication node identifying whether a first data packet belongs to said virtual network based on at least one of:—a cryptographic key used for the data packet;—a cryptographic key identifier present in the first data packet;—a personal area network identifier present in the first data packet; or the combination of a cryptographic key and a sender ip address used for the first data packet.. .
Philips Lightings Holding B.v.

Database security model

A system, method and program product for implementing a database security model. A database security model is disclosed that includes: a system for maintaining private data in an encrypted storage area; an encr system for implementing a plurality of encr routines, wherein each of the encr routines is callable from a database application to access and process private data and wherein the encr system operates in a functional space separate from the database application; and a crypto system having a private key and decryption system, wherein the crypto system decrypts private data in response to receiving a decrypt request and public key from an encr routine, and wherein the crypto system operates in a functional space separate from the encr system..
Jjd Software Llc

Instructions and logic to provide simd sm3 cryptographic hashing functionality

Instructions and logic provide simd sm3 cryptographic hashing functionality. Some embodiments include a processor comprising: a decoder to decode instructions for a simd sm3 message expansion, specifying first and second source data operand sets, and an expansion extent.
Lntel Corporation

Communication processing system, processing device, and non-transitory recording medium for computer readable program

The first processing device includes a first communication unit for performing cryptographic communication and plaintext communication, a determination portion for determining whether to set the cryptographic communication, and a communication unit controller. The second processing device includes a second communication unit for performing the cryptographic communication and the plaintext communication with the first communication unit.
Konica Minolta, Inc.

System and shared parameter-level data

A computationally implemented method includes, but is not limited to: configuring a centrally administered data template including one or more data parameters, each of the one or more data parameters configured to be exchanged between one or more remote computing environments; assigning access permissions for each of the one or more data parameters to enable one or more requestors to access or exchange the one or more data parameters; and individually encrypting the one or more data parameters as individual database fields in to enable each of the one or more requestors with a cryptographic key that identifies each of the one or more requestors as qualified to retrieve the one or more data parameters via an api query. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure..

Systems and methods for certification of data units and/or certification verification

In some implementations, a data unit may be hashed to generate a hash. A cryptographic structure, such as a merkle tree or other cryptographic structure, maybe generated based on the hash and published on a block chain or distributed ledger.
Stampery Inc.

Device provisioning service

A computing device is provisioned to be remotely managed by a current owner. The device has an initial cryptographic basis of trust, and an owner identifier that facilitates establishment of communication with the current owner of the device.

Cryptographic key storage in a dispersed storage network

Methods for use in a storage unit of a dispersed storage network (dsn) to securely store cryptographic key information. In various examples, the storage unit receives a slice access request relating to a key slice generated by performing a dispersed storage error encoding function on an encryption key.
International Business Machines Corporation

Methods and resources for generating secure communications

A method of generating wireless communications from a transmit-only device, the method comprising: generating, at the transmit-only device, a first current session key; generating, at the transmit-only device, operational data; generating, at the transmit-only device, crypto-data by performing a cryptographic operation on the operational data using the first current session key; transmitting, from the transmit-only device, a first identifier to enable a resource derive the first current session key; transmitting, from the transmit-only device, the crypto-data.. .
Arm Ip Limited

Reconfigurable free-space quantum cryptography system

A system, and methods, for transmitting encrypted information as a quantum transmission between a first node and a second node, or among more than two nodes. Each node is characterized by an instantaneous spatial position, and the instantaneous spatial position of the second node is repositionable within a frame of reference associated with the first node.
Duke University

Trans vernam cryptography: round one

This invention establishes means and protocols to secure data, using large undisclosed amounts of randomness, replacing the algorithmic complexity paradigm. Its security is credibly appraised through combinatorics calculus, and it transfers the security responsibility to the user who determines how much randomness to use.

Secure data cache

This invention is generally concerned with methods, apparatus and computer program code for securely caching \ data, in particular for caching data stored on smart card systems such as those used in icao-compliant eu electronic passports. A caching system for providing a secure data cache for data stored in an electronic document, the comprising: an input to receive data to be cached; a processor configured to use all or part of said received data to calculate a unique cryptographic key for said data; encrypt all or part of said data with said unique cryptographic key; and discard said unique cryptographic key after encryption and an output to send said encrypted data to a data cache, with decryption of encrypted data requiring said unique cryptographic key to be recalculated from said electronic document whereby said data cache is secure.
Cryptomathic

Secure crypto module including electrical shorting security layers

A security matrix layer between a first and second conductive shorting layers are located within a printed circuit board (pcb) that carries out cryptographic data handling functions. The security matrix layer includes at least two microcapsules each containing one or more reactants.
International Business Machines Corporation

Local verification of code authentication

Embodiments are directed to a computing device having execution hardware including at least one processor core, and non-volatile memory that stores verification module and a private symmetric key unique to the computing device. The verification module, when executed on the execution hardware, causes the execution hardware to perform pre-execution local authenticity verification of externally-supplied code in response to a command to launch that code.

User authentication over networks

Methods are provided for authenticating user authentication data, associated with a user id, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server.
International Business Machines Corporation

Operation method based on white-box cryptography and secure terminal for performing the method

Provided are an operation method and a secure terminal for performing the method. The operation method may include receiving, from a user terminal, a plain text on which an external encoding operation is to be performed, performing the external encoding operation on the plain text, and transmitting the external encoding operated plain text to the user terminal, and the operation method may include receiving, from a user terminal, a cryptogram in which a white-box cryptography operation is performed on an external encoding operated plain text; performing an external decoding operation on the cryptogram; and transmitting the external decoding operated cryptogram to the user terminal..
Hancom Secure Inc.

Component for connecting to a data bus, and methods for implementing a cryptographic functionality in such a component

A component for connecting to a data bus wherein the component implements at least one cryptographic functionality. Also disclosed is a method for implementing a cryptographic functionality in such a component.
Volkswagen Ag

Securely exchanging vehicular sensor information

Technologies for securely exchanging sensor information include an in-vehicle computing system of a vehicle to establish a trusted execution environment and a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server. A private key is bound to the trusted execution environment of the in-vehicle computing system.
Intel Corporation

Generating cryptographic checksums

). .

System for managing cryptographic keys and trust relationships in a secure shell (ssh) environment

A system for managing cryptographic keys and trust relationships in a secure shell (ssh) environment by mapping network servers, clients, and appliances and locating ssh keys and key pairs associated with each device. The system provides for mapping the network topology and all ssh keys and key pairs stored on network connected devices, and the creation of a master database of all devices, keys and key pairs, key types and encryption strength, and user accounts with which each key or key pair is associated.
Venafi, Inc.

Method of testing the resistance of a circuit to a side channel analysis

The present invention relates to a test method of a circuit, comprising: acquiring a plurality of value sets comprising values of a physical quantity linked to the activity of a circuit to be tested when the circuit executes an operation of a set of distinct cryptographic operations applied to a secret data, selecting at least a first subset in each value set, for each value set, counting by a processing unit occurrence numbers of values transformed by a first surjective function applied to the values of the first subset of the value set, to form an occurrence number set for the value set, for each operation of the operation set, and each of the possible values of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets by adding the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value or equivalent value of the possible values of the part of the secret data, provide a partial operation result having a same transformed value resulting from the application of a second surjective function, merging according to a selected merging scheme, cumulative occurrence numbers in the cumulative occurrence number sets, and analyzing the merged cumulative occurrence number sets to determine the part of the secret data.. .
Eshard

Method of testing the resistance of a circuit to a side channel analysis of second order or more

A test method for a circuit can include: acquiring a plurality of value sets including values corresponding to activity of the circuit when the circuit executes an operation of an operation set of distinct cryptographic operations applied to a same secret data, selecting at least two subsets of values in each value set, for each value set and each value subset, counting occurrence numbers of values transformed by a respective first surjective function applied to the values of the subset, for each value set, forming all possible n-tuples associating together one of the occurrence numbers of each value subset of the value set, and computing a combined occurrence number for each n-tuple of the value set by multiplying together the occurrence numbers associated by the n-tuple, to form an occurrence number set for the value set, for each operation of the operation set, and each possible value of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets, obtained by adding together the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value of the possible values of the secret data part, provide a partial operation result having a same transformed value by a second surjective function, and analyzing the cumulative occurrence number sets to determine the part of the secret data.. .
Eshard

Method of testing the resistance of a circuit to a side channel analysis of second order or more

A test method can include: acquiring a plurality of value sets including measurements or signals corresponding with activity of a circuit when executing a set of cryptographic operations on secret data, for each value set, selecting at least two subsets of values, computing combined values and counting occurrence numbers of values transformed by a first surjective function applied to the combined values, for each operation and each possible value of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets by adding the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value of the possible values of the part of the secret data, provide a partial operation result having a same transformed value by a second surjective function, and determine the part of the secret data from the cumulative occurrence number sets.. .
Eshard

Method of testing the resistance of a circuit to a side channel analysis

In a general aspect, a test method can include acquiring a plurality of value sets, each including values of a physical quantity or of logic signals, linked to the activity of a circuit to be tested when executing distinct cryptographic operations applied to a same secret data, for each value set, counting occurrence numbers of the values of the set, for each operation and each of the possible values of a part of the secret data, computing a partial result of operation, computing sums of occurrence numbers, each sum being obtained by adding the occurrence numbers corresponding to the operations which when applied to a same possible value of the part of the secret data, provide a partial operation result having a same value, and analyzing the sums of occurrence numbers to determine the part of the secret data.. .
Eshard

Clock period randomization for defense against cryptographic attacks

Methods, systems, and apparatuses for defending against cryptographic attacks using clock period randomization. The methods, systems, and apparatuses are designed to make side channel attacks and fault injection attacks more difficult by using a clock with a variable period during a cryptographic operation.
Google Inc.

Hybrid trading platform integrating fiat and crypto investments

A hybrid trading platform integrating fiat and crypto investments through multiple secure exchanges is provided. The hybrid trading platform manages the flow of information, in part, through market maker and technician modules adapted to provide greater liquidity and quell volatility..

System and embedding a two dimensional code with concealed secure message

The present invention embodies a technique to embed a graphic representation and/or a concealed message such as but not limited to two dimensional codes such as quick response (qr) code matrices, fingerprints, coded fingerprint representations, iris imagery, iris coded representation, biometric hashes, palm print or portraits into a qr matrix code. In the case where biometric data such as finger print representation, iris coded representation or biometric hashes are encoded into the embedding, suitable binary representation of those patterns are generated before encoding.
Graphiclead Llc

Secure persistent communication between related domains using cookies

A 1st domain makes a request to a 2nd domain using a uri including the name of the 2nd domain, a public path for the domains, and a cryptographically secure path generated by the 1st domain. The 2nd domain makes a request to the 1st domain using a uri including the name of the 1st domain, the pre-defined public path, and the cryptographically secure path.
Salesforce.com, Inc.

Homogenous atomic pattern for double, add, and subtract operations for digital authentication using elliptic curve cryptography

A method of performing finite field addition and doubling operations in an elliptic curve cryptography (ecc) authentication scheme as a countermeasure to side-channel attack. The addition and doubling operations are executed using atomic patterns that involve the same sequence and number of operation types, so that the noise consumption and electromagnetic emanation profile of circuitry performing the operations is identical regardless of operation.
Texas Instruments Incorporated

Evaluating installers and installer payloads

A reputation of an installer may be determined based on contextual information including its source (e.g., its publisher), a cryptographic signature or certificate, a process that carried out its download, a user that initiated its download, whether the installer has been previously vetted by a security policy, and so forth. A corresponding reputation may then be inferred for each of the computer objects contained within the installer, such that the reputation remains with the computer objects if/when they are unpacked on an endpoint.
Sophos Limited

Identity binding systems and methods in a personal data store in an online trust system

A computer-implemented method for managing a personal data store is described for binding one or more identities of different types associated with a user. The computer-implemented method is implemented in a trust system including one or more processing devices communicatively coupled to a network.
Evident Id, Inc.

Secure session capability using public-key cryptography without access to the private key

A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with.
Cloudflare, Inc.

Method and logging into medical devices

The invention relates to a method for logging a service technician into an electrical device (20), comprising the following steps: production (3, 4) of a secret key (sky) as an encrypted login password (lpw) by the electrical device (20), displaying (5) of the secret key (sky) on a display unit (23) of the electrical device (20) as a qr code (qrc), optical sensing (6) of the qr code (qrc) by means of a mobile device (22), decryption (9) of the login password (lpw) from the secret key (sky) of the sensed qr code (qrc) by the mobile device (22), displaying of the login password (lpw) on a screen unit (24) of the mobile device (22), entering of the login password (lpw) into the electrical device (20) by the service technician, comparison (10) of the entered login password (lpw) with the produced login password (lpw) by the electrical device (20), release of the login by the electrical device (20) if the two login passwords (lpw) match. The invention further relates to an associated apparatus.
Siemens Healthcare Gmbh

Systems and methods for "machine-to-machine" (m2m) communications between modules, servers, and an application using public key infrastructure (pki)

Methods and systems are provided for supporting efficient and secure “machine-to-machine” (m2m) communications using a module, a server, and an application. A module can communicate with the server by accessing the internet, and the module can include a sensor and/or an actuator.
M2m And Lot Technologies, Llc

Method and providing a universal deterministically reproducible cryptographic key-pair representation for all skus, shipping cartons, and items

A cryptographic representation of value is adapted to goods in production and products at various stages through a supply chain as represented by their stock keeping units or sku's that refer to a unique identifier or code for the particular stock keeping unit. Embodiments of the invention disclose the generation of a universal unique, yet deterministic, key-pair for all skus, shipping cartons, and items, i.e.
Skuchain, Inc.

Regulating vehicle access using cryptographic methods

A system and method of regulating access to a vehicle from a wireless device communicating using short-range wireless communications includes: transmitting a vehicle access certificate signing request from the wireless device to a central facility; receiving an authenticated vehicle access certificate from the central facility in response to the vehicle access certificate signing request, wherein the authenticated vehicle access certificate is signed using a central facility private key and includes the wireless device public key; transmitting the authenticated vehicle access certificate containing the wireless device public key from the wireless device to the vehicle via a short-range wireless communications protocol; receiving from the vehicle a shared secret that is encrypted by the wireless device public key; decrypting the received shared secret using a wireless device private key; generating a command controlling vehicle functions; and transmitting the command from the wireless device to the vehicle.. .
Gm Global Technology Operations Llc

Trusted computing host

A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management.
Amazon Technologies, Inc.

Exclusive preshared key authentication

Preshared keys are assigned to client devices, users, or user groups. The set of valid preshared keys or keys derived therefrom is distributed to network devices such as wireless access points.
Aerohive Networks, Inc.

Granting access through app instance-specific cryptography

In one example embodiment, a system for registering an application installable on a client device is provided. The system comprises processors and a memory storing instructions that, when executed by at least one processor among the processors, cause the system to perform operations comprising, at least, registering the application at a consumer registry service; receiving, in association with a client device id, a public key of a public-private key pair generated by the consumer registry service, the private key of the public-private key pair stored at a device management service; publishing the application, having the public key and associated client device id, to an application store; and based on a user installation of the published application onto the client device, communicating with the installed application..
Ebay Inc.

Technologies for remote attestation

Technologies for remote attestation include a group member device to generate a signature of a message using a cryptographic key assigned to the group member device by a group manager and determine an authentication path that indicates a plurality of cryptographic hashes necessary to compute a group public key of a group associated with a plurality of group member devices. The cryptographic key is assigned to the group member device based on a permutation of a set of cryptographic keys generated by the plurality of group member devices.
Intel Corporation

Blockchain technology to settle transactions

Expediting settlement of securities traded on an exchange is described. A clearing instruction representing an order for equities can be received.
Domus Tower, Inc.

Computationally efficient transfer processing and auditing apparatuses, methods and systems

The computationally efficient transfer processing and auditing apparatuses, methods and systems (“cetpa”) transforms transaction record inputs via cetpa components into matrix and list tuple outputs for computationally efficient auditing. A blockchain transaction data auditing apparatus comprises a blockchain recordation component, a matrix conversion component, and a bloom filter component.
Fmr Llc

Encrypted code execution

Embodiments of an invention for encrypted code execution are disclosed. In one embodiment, a processor includes a private key, a code decryptor, and an encryption unit.
Intel Corporation

Methods and systems for transmission of arbitrary data via bluetooth hfp audio connections with low latency

A wireless-communication device includes a user interface configured to receive audio signals; a cryptographic module configured to encrypt the audio signals into a binary data sequence; a generator module configured to: receive a bit pattern representative of the binary data sequence; and generate a byte sequence representative of the bit pattern by generating a byte that is greater than the preceding byte when the current bit is of a first value and that is lesser than the preceding byte when the current bit is of a second value; an audio codec configured to generate transmission bits by generating a transmission bit having the first value when the current byte is greater than the preceding byte and having the second value when the current byte is lesser than the preceding byte; and a transceiver configured to convey the transmission bits to a receiver.. .
Nagravision S.a.

System and generating a server-assisted strong password from a weak secret

Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.. .
International Business Machines Corporation

Managing authenticators in a computer system

Certain embodiments provide means for managing automated access to computers, e.g., using ssh user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, kerberos credentials, and cryptographic keys.
Ssh Communications Security Oyj

Method for securing user data with drm keys

Some embodiments provide convenient auto-authentication for user data on a primary device, while still providing a significant level of security, by taking advantage of existing security and cryptographic measures used to communicate with a secondary device. The primary device of some embodiments encrypts the user data on the primary device using a cryptographic key based on a set of keys received from the secondary device.
Apple Inc.

Device, system, and processor-based data protection

A device, system, and method for providing processor-based data protection on a mobile computing device includes accessing data stored in memory with a central processing unit of the mobile computing device and determining that the accessed data is encrypted data based on a data included in one or more control registers of the central processing unit. If the data is determined to be encrypted data, the central processing unit is to decrypt the encrypted data using a cryptographic key stored in the central processing unit.
Intel Corporation

Key distribution in a distributed network environment

A system including a controller and a pool of computing resources to run virtual machines are configured to automatically provision each virtual machine with unique cryptographic constructs. The controller receives a request to instantiate a virtual machine based on an image/template.
Cisco Technology, Inc.

Secure crypto module including conductor on glass security layer

A conductor on glass security layer may be located within a printed circuit board (pcb) of a crypto adapter card or within a daughter card upon the crypto adapter card. The conductor on glass security layer includes a glass dielectric layer that remains intact in the absence of point force loading and shatters when a point load punctures or otherwise contacts the glass dielectric layer.
International Business Machines Corporation

Systems and methods for managing digital identities

Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: using a plurality of measurements taken from a user to generate an identifier for the user, the identifier comprising a cryptographic proof of the plurality of measurements; instantiating a digital identity representation associated with the identifier for the user, the digital identity representation comprising program code that implements rules for attestation; generating an electronic signature over the digital identity representation; and publishing the digital identity representation and the electronic signature to a distributed ledger system..
Cambridge Blockchain, Llc

Reconstructable content objects

One embodiment of the present invention provides a system for delivering a content piece over a network using a set of reconstructable objects. During operation, the system obtains a metadata file that includes a set of rules; generates the set of reconstructable objects for the content piece based on the set of rules included in the metadata file; cryptographically signs the set of reconstructable objects to obtain a set of signed reconstructable objects; and delivers, over the network, the set of signed reconstructable objects along with the metadata file to a recipient, thereby enabling the recipient to extract and store a copy of the content piece and then to reconstruct the set of signed reconstructable objects from the stored copy of the content piece and the metadata file..
Cisco Technology, Inc.

Sequential biometric cryptosystem and sequential biometric cryptographic processing method

A sequential biometric cryptosystem includes: a registration terminal that extracts a set of feature data from each of multiple pieces of biological information acquired from each user, sequentially selects, out of these, a group of multiple sets of feature data, incrementing the number of combined sets, creates a protection template for each selected group of feature data, and stores the protection template into a storage apparatus. The sequential biometric cryptosystem also includes an authentication terminal that extracts feature data from a combination including one or more pieces of biological information of a specified user, acquired through a sensor on the user, verifies a combination of the extracted feature data against the protection template derived from the biological information having the same specified attribute, and performs, if the verification is successful, specified processing on the user..
Hitachi, Ltd.

Communication device, cryptographic communication system, cryptographic communication method, and computer program product

A communication device according to an embodiment is a communication device that communicates with another communication device using an encryption key shared through a quantum key distribution and includes a communication unit, an encrypting unit, a first checking unit, and a communication control unit. The communication unit performs communication of data with the another communication device.
Kabushiki Kaisha Toshiba

Cryptographic key distribution

An hsm management hub coordinates the distribution and synchronization of cryptographic material across a fleet of connected hardware security modules (“hsms”). Cryptographic material is exchanged between hsms in the fleet in a cryptographically protected format.
Amazon Technologies, Inc.

Method for executing a cryptographic calculation and application to the classification by support vector machines

Using the results t and r in a cryptographic application.. .

Computationally efficient transfer processing and auditing apparatuses, methods and systems

The computationally efficient transfer processing, auditing, and search apparatuses, methods and systems (“socoact”) transforms smart contract request, crypto currency deposit request, crypto collateral deposit request, crypto currency transfer request, crypto collateral transfer request inputs via socoact components into transaction confirmation outputs. Also, socoact transforms transaction record inputs via socoact components into matrix and list tuple outputs for computationally efficient auditing.
Fmr Llc

Information transaction infrastructure

A method of transferring information with verification from a first party to a second party using suitably programmed computing apparatus is described. Information from a first party private address to a first party public address.
Mastercard International Incorporated

Method and system for digital currency creation and marketing

A method and system which allow an actor/user to create new cryptocurrency, designed to motivate people to an active lifestyle in various fields by making certain activities or actions, which can be measured and verified using smartphones or other telecommunication devices. The method creates two kinds of universal cryptocurrency, namely: cryptocurrency/time, based on a time during which the activities or actions were performed and cryptocurrency/quantity, based on the amount/quantity of performed activities or actions.

Access control for encrypted data in machine-readable identifiers

Disclosed are various embodiments for providing access control to the underlying data of a single machine-readable identifier when read by various reader devices. A client device may receive a first cryptographic key associated with a first device profile and a second cryptographic key associated with a second device profile.
Wonderhealth, Llc

Group based complete and incremental computer file backup system, process and apparatus

The present invention is capable of determining the rights to a file based on providing a descriptor. The descriptor can be calculated using an algorithm, which may be cryptographic and/or non-cryptographic.
Hybir Inc.

Secure object having protected region, integrity tree, and unprotected region

A method and structure for a secure object, as tangibly embodied in a computer-readable storage medium. The secure object includes a cryptographically protected region containing at least one of code and data, an initial integrity tree that protects an integrity of contents of the cryptographically protected region; and an unprotected region that includes a loader, an esm (enter secure mode) instruction, and one or more communication buffers..
International Business Machines Corporation

Inline cryptographic engine (ice) for peripheral component interconnect express (pcie) systems

Aspects disclosed in the detailed description include inline cryptographic engine (ice) for peripheral component interconnect express (pcie). In this regard, in one aspect, an ice is provided in a pcie root complex (rc) in a host system.
Qualcomm Incorporated

Pharmaceutical composition for preventing, treating, and curing psoriasis including snail slime, chamomile, and honey

The invention relates to a pharmaceutical composition consisting of snail slime of helix aspersa muller (cryptophalus aspersus) (5% to 50%), chamomile extract (5% to 10%), honey (5% to 10%), and additives and/or pharmaceutically accepted excipients to form a formulation having low, intermediate or high viscosity (1 to 1000 pa·s). By dipping a patch or bandage of gauzy fabric into the composition in the form of a lotion, shampoo, soap, cream or gel, the composition is applied on lesions caused by psoriasis.
Muciderm S.a.

Systems and methods for playing back alternative streams of protected content protected using common cryptographic information

Systems and methods for performing adaptive bitrate streaming using alternative streams of protected content in accordance with embodiments of the invention are described. One embodiment of the invention includes a processor, and memory containing a client application.
Sonic Ip, Inc.

System and providing key-encrypted storage in a cloud computing environment

System and method for providing cloud computing services are described. In one embodiment, the system comprises a cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external address to the internal cloud addresses of the cloud workloads.
Micro Focus Software Inc.

Secure connections for low power devices

The disclosed embodiments include computerized methods, systems, and devices, including computer programs encoded on a computer storage medium, for establishing secure wireless communications sessions involving low-power devices. A client device may discover a low-power resource device operating within a wireless network.
Google Inc.

Methods and systems for using deep-strings in computation and communication

Computer and communications systems and methods are provided in which a first computing system sends a second computing system a message and an associated deep-string and the second computing system applies a key of a cryptographic system or a one-way function to the deep-string to determine the deep-string's deep-string-depth. The second computing device then uses the determined deep-string-depth in determining subsequent behavior regarding the message.
Elementum, Llc

System and authentication of things

An authentication of things (aot) system includes a cloud server configured to control a cloud domain connected with a plurality of devices, a home server configured to control a home server connected with a plurality of devices, a first device corresponding to a new device, and a second device of a root user connected with the home domain while authentication is completed in the home server. In this case, the first device loads cryptographic material of the cloud server from the cloud server in a pre-deployment stage, the cryptographic material includes at least one selected from the group consisting of an identifier of the first device in the cloud server, a first private key of an id-based cryptography system of the first device in the cloud server, a first pairwise key of the first device in the cloud server, and a counter of the first device, and if the first device is shipped to a trader, the cloud server deletes the first private key from the cloud server..
Universidade Federal De Minas Gerais

Cryptography on a simplified elliptical curve

A cryptographic calculation includes obtaining a point p(x,y) from a parameter t on an elliptical curve y2=f(x) and from polynomials satisfying: −f(x1(t))·f(x2(t))=u(t)2 in the finite body fq, irrespective of the parameter t, q=3 mod 4. A value of the parameter t is obtained and the point p is determined by: (i) calculating x1=x1(t), x2=x2(t) and u=u(t); (ii) testing whether the term f(x−1) is a squared term in the finite body fq and, if so, calculating the square root of the term f(x1), the point p having x1 as abscissa and y1, the square root of the term f(x1), as ordinate; (iii) otherwise, calculating the square root of the term f(x2), the point p having x2, as abscissa and y2, the square root of the term f(x2), as ordinate.
Morpho

Format preserving encryption

Encrypting data without losing their format is important in computing systems, because many parties using confidential data rely on systems that require specific formatting for data. Information security depends on the systems and methods used to store and transmit data as well as the keys used to encrypt and decrypt those data.
Passport Health Communications, Inc.



Crypto topics:
  • Digital Signature
  • Hash Function
  • Private Key
  • Public Key
  • Computer Program
  • Certificate
  • Coordinates
  • Camera Module
  • Executable
  • Network Device
  • Access Rights
  • Cell Phone
  • Network Server
  • Hypertext Transfer Protocol
  • Virtual Private Network


  • Follow us on Twitter
    twitter icon@FreshPatents

    ###

    This listing is a sample listing of patent applications related to Crypto for is only meant as a recent sample of applications filed, not a comprehensive history. There may be associated servicemarks and trademarks related to these patents. Please check with patent attorney if you need further assistance or plan to use for business purposes. This patent data is also published to the public by the USPTO and available for free on their website. Note that there may be alternative spellings for Crypto with additional patents listed. Browse our RSS directory or Search for other possible listings.


    1.1805

    file did exist - 11195

    0 - 1 - 255