Patent application number | Description | Published |
20090106548 | METHOD FOR CONTROLLING SECURED TRANSACTIONS USING A SINGLE PHYSICAL DEVICE, CORRESPONDING PHYSICAL DEVICE, SYSTEM AND COMPUTER PROGRAM - A method is provided for controlling secure transactions using a physical device held by a user and bearing at least one pair of asymmetric keys, including a device public key and a corresponding device private key. The method includes, prior to implementing the physical device, certifying the device public key with a first certification key of a particular certifying authority, delivering a device certificate after verifying that the device private key is housed in a tamper-proof zone of the physical device; verifying the device certificate by a second certification key corresponding to the first certification key; and in case of a positive verification, registering the user with a provider delivering a provider certificate corresponding to the signature by the provider of the device public key and an identifier of the user. | 04-23-2009 |
20090138707 | Method for Fast Pre-Authentication by Distance Recognition - A method of pre-authentication of a first entity ( | 05-28-2009 |
20090154700 | Generation of a pseudorandom data sequence - A method of generating a pseudorandom data sequence, wherein said pseudorandom data sequence is generated by a procedure for searching for a search pattern in an initial data sequence of N bits, said search procedure comprising the following steps: (a) detecting in said initial data sequence a particular search pattern of r bits that is one of a set of search patterns; (b) determining an output pattern of k bits by an operation that depends on the progress of the preceding step; and repeating the preceding steps (a) and (b) successively to form the pseudorandom data sequence from a succession of output patterns. | 06-18-2009 |
20090157779 | Method System and Device for Generation of a Pseudo-Random Data Sequence - A method and a generator for generating a pseudo-random data sequence ( | 06-18-2009 |
20110225409 | Method and Apparatus for Software Boot Revocation - A composite customer ID (CCID) is stored in the OTP memory of integrated circuit chipsets used by a number of different customers. The CCID includes individual customer IDs (CIDs) at defined index positions, each corresponding to a different customer. Each chipset allows or disallows software booting, based reading a certificate index value from a given customer's certificate, reading an OTP CID from OTP, as pointed to the by certificate index value, and evaluating the OTP CID with a certificate CID read from the certificate. Thus, while CCID carries information for a plurality of customers, each customer's certificate points only to that customer's OTP CID, which can be changed to revoke that customer's certificate without revoking the other customers' certificates. The CCID also may include a version number, where the chipsets allow or disallow software booting based on evaluating the certificate version number in view of the CCID version number. | 09-15-2011 |
20120317344 | METHOD OF AND APPARATUS FOR STORING DATA - An electronic device for storing data content by storing at least a portion of the data content in a rewritable memory device by storing an n bit count value associated with the status of the data content in a one time programmable memory. The n bit count value is written to the secure memory device along with the corresponding data content. Then the n bit count value is incremented and stored in the one time programmable memory each time there is a modification of the data content in the rewritable memory device. The number of bits of the one time programmable memory may correspond to the number of potential modifications of the stored data content. | 12-13-2012 |
20130036312 | Method and Device for Protecting Memory Content - A method of protecting digital data stored in a storage medium. The method comprises providing a first and a second addressable storage region in the storage medium, and selector means for selectively indicating one of the first and the second addressable storage regions as active; storing the digital data in the first addressable storage region of the storage medium, wherein the digital data stored in the first addressable storage region is stored encrypted with a first encryption key; and causing the selector means to indicate the first addressable storage region as being active; and, responsive to a trigger event, copying the digital data from the first to the second addressable storage region, wherein the digital data stored in the second addressable storage region is stored encrypted with a second encryption key; and causing the selector means to indicate the second addressable storage region as being active. | 02-07-2013 |
20140095918 | Method and Apparatus for Maintaining Secure Time - An exemplary method of maintaining secure time in a computing device is disclosed in which one or more processors implements a Rich Execution Environment (REE), and a separate Trusted Execution Environment (TEE). The TEE maintains a real-time clock (RTC) that provides a RTC time to the REE. A RTC offset is stored in non-volatile memory, with the RTC offset indicating a difference between the RTC time and a protected reference (PR) time. Responsive to a request from the REE to read the RTC time, a current RTC time is returned to the REE. Responsive to a request from the REE to adjust the RTC time, the RTC time and the corresponding RTC offset are adjusted by a same amount, such that the PR time is not altered by the RTC adjustment. An exemplary computing device operable to implement the method is also disclosed. | 04-03-2014 |
20140310535 | Electronic Device with Flash Memory Component - Electronic device ( | 10-16-2014 |
20140344941 | METHOD FOR MANAGING PUBLIC AND PRIVATE DATA INPUT AT A DEVICE - A method is provided for managing public and private data input by a device such as a mobile handset, a personal digital assistant, a personal computer and an electronic tablet. Method provides for separating public and private data such that public data can be operated on by open operating system and private data is either encrypted while in the open operating environment but can be operated on and used when received by the secure operating environment. | 11-20-2014 |
20150143072 | METHOD IN A MEMORY MANAGEMENT UNIT FOR MANAGING ADDRESS TRANSLATIONS IN TWO STAGES - A memory management unit (MMU) may manage address translations. The MMU may obtain a first intermediate physical address (IPA) based on a first virtual address (VA) relating to a first memory access request. The MMU may identify, based on the first IPA, a first memory page entry in a second address translation table. The MMU may store, in a second cache memory, a first IPA-to-PA translation based on the identified first memory page entry. The MMU may store, in the second cache memory and in response to the identification of the first memory page entry, one or more additional IPA-to-PA translations that are based on corresponding one or more additional memory page entries in the second address translation table. The one or more additional memory page entries may be contiguous to the first memory page entry. | 05-21-2015 |
20150326402 | Authentication Systems - A method of authenticating an agent to a secure environment of a device, in a challenge-response authentication sys tem comprising the device, a remote authentication server and a connection path between the device and the remote authentication server, the method comprising: while the connection path is not established:—obtaining a predictable challenge based on at least a current value of a counter;—obtaining a response for the challenge; and,—authenticating the agent to the secure environment based on at least the response; and, wherein, upon successful authentication, the value of the counter is incremented. A challenge-response authentication system and an apparatus are also claimed. | 11-12-2015 |
Patent application number | Description | Published |
20090157779 | Method System and Device for Generation of a Pseudo-Random Data Sequence - A method and a generator for generating a pseudo-random data sequence ( | 06-18-2009 |
20110208975 | ELECTRONIC DEVICE AND METHOD OF SOFTWARE OR FIRMWARE UPDATING OF AN ELECTRONIC DEVICE - An electronic device is provided having a memory driver unit for reading partition headers including encrypted version numbers from a memory and for writing updated encrypted version numbers to the memory. The electronic device has an update agent unit for controlling a software or firmware update, a one-time programmable memory for storing a first value, and an encrypt-decrypt unit for decrypting the partition headers stored in the memory. The update agent is configured to compare the retrieved version numbers with a version number from a software or firmware update. The first value is incremented and stored in the one-time programmable memory if an update is performed. The encrypt-decrypt unit is configured to encrypt the version numbers of the software or firmware update based on the new first value. The memory driver unit is configured to write a new partition header with the updated encrypted version numbers into the memory. | 08-25-2011 |
20110296200 | Method and Device for Encrypting and Decrypting Digital Data - Method for encrypting an initial digital data set, which comprises a compression of the initial digital data set delivering a compressed set comprising at least one compressed digital data stream and at least one dictionary making it possible to describe the content of the compressed digital data stream or streams, and an encryption of each dictionary only delivering an encrypted digital data set. | 12-01-2011 |
20110311043 | Method of Processing Data Streams Received by a Wireless Communication Apparatus and at Least Partly Requiring Cryptographic Processing Operations and Corresponding Apparatus - Wireless communication apparatus (WAP) which comprises means of receiving data streams ( | 12-22-2011 |
20120020477 | METHOD FOR DECRYPTING AN ENCRYPTED PACKET WITHIN A WIRELESS COMMUNICATION DEVICE, AND CORRESPONDING DEVICE - Method for decrypting, within a wireless communication device, a sequence of encrypted packets received via a wireless communication channel between the communication device and a cell assigned to this device, comprising for each packet the following steps:—the computation of an encrypting sequence corresponding to the packet ( | 01-26-2012 |
Patent application number | Description | Published |
20140143889 | SYSTEMS AND METHODS FOR SECURE TRANSACTION MANAGEMENT AND ELECTRONIC RIGHTS PROTECTION - The present disclosure provides systems and methods for electronic commerce including secure transaction management and electronic rights protection. Electronic appliances such as computers employed in accordance with the present disclosure help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Secure subsystems used with such electronic appliances provide a distributed virtual distribution environment that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Secure distributed and other operating system environments and architectures, employing, for example, secure semiconductor processing arrangements that may establish secure, protected environments at each node. These techniques may be used to support an end-to-end electronic information distribution capability that may be used, for example, utilizing the “electronic highway.” | 05-22-2014 |
20150280922 | SYSTEMS AND METHODS FOR USING CRYPTOGRAPHY TO PROTECT SECURE AND INSECURE COMPUTING ENVIRONMENTS - Computation environments are protected from bogus or rogue load modules, executables, and other data elements through use of digital signatures, seals, and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules and/or other items to verify that their corresponding specifications are accurate and complete, and then digitally signs them based on a tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys), allowing one tamper resistance work factor environment to protect itself against load modules from another tamper resistance work factor environment. The verifying authority can provide an application intended for insecure environments with a credential having multiple elements covering different parts of the application. To verify the application, a trusted element can issue challenges based on different parts of the authenticated credential that the trusted element selects in an unpredictable (e.g., random) way, and deny service (or take other appropriate action) if the responses do not match the authenticated credential. | 10-01-2015 |