Patent application number | Description | Published |
20110167272 | Secure Multi-UIM aka key exchange - An apparatus in one example, where the apparatus comprises a communication device component that performs an authentication key agreement protocol by receiving a first random nonce (RAND) and an authentication token, wherein the communication device component is configured with a shared secret key. The communication device component generates a derivation key by applying a pseudo random function to the RAND and the shared secret key. The communication device component generates a first set of session keys based on a second random nonce (RANDC) and the derivation key where the first set of session keys are used in encrypting communications. | 07-07-2011 |
20110216902 | Computation of garbled tables in garbled circuit - An efficient encryption system for improving the computation speed of a garbled circuit is set forth. The garbled circuit includes a number of garbled Boolean gates having first and second garbled Boolean gate input wires. The system includes a first key ki on a first garbled gate input wire. A second key kj is also provided on a second garbled gate input wire. A programmable function is provided for combining the first key ki and the second key kj to obtain an encrypted output key. A method for expediting encryption and decryption of a garbled circuit having a number of encryptions for a garbled table of a garbled gate is also set forth. The method includes the steps of: forming the garbled table with a number of secret keys by applying a function to the secret keys to produce less than twice the number of secret keys as the number of encryptions for the garbled table, and evaluating the garbled table to decrypt an output key of the garbled table. | 09-08-2011 |
20110320803 | Light-weight security solution for host-based mobility & multihoming protocols - A transport connection system is set forth. The system includes a first device adapted to send and receive messages. A second device, adapted to send and receive message, is also provided. A message i generated by the first device includes a secret Ri- | 12-29-2011 |
20120070000 | Securing Two-Party Computation Against Malicious Adversaries - Methods and apparatus are provided for securing two-party computations against malicious adversaries. A method is provided for secure function evaluation. The disclosed method is performed by a garbled circuit evaluator for the transfer of private information, and comprises receiving from a constructor (i) s garbled circuits (GCs), wherein each of the GCs having a plurality of input wires; and (ii) commitments for each of the input wires, wherein the commitments comprise s | 03-22-2012 |
20120246743 | SYSTEM AND METHOD FOR ACCESSING PRIVATE DIGITAL CONTENT - Method for providing access to private digital content installed on a content server C(s), wherein a content manager server C(a) has a number of clients potentially interested in the private content; the method comprising the following steps performed at the content management server C(a):
| 09-27-2012 |
20120284523 | MAC Aggregation Resilient To Denial-Of-Service Attacks For Use In A Multi-Node Data Network - An improved MAC aggregation technique is disclosed that yields an aggregate MAC much shorter than the concatenation of constituent MACs while achieving improved resilience to denial-of-service (DoS) attacks. The aggregate MAC is constructed in a manner wherein upon instance of channel impairments or malicious attack (e.g., from a rogue node or man-in-the-middle attacker), only a portion of the aggregate MAC will include corrupted data, at least a portion of the aggregate MAC thereby including valid verifiable data. A source of corruption of the aggregate MAC may be ascertained based on indicia of which constituent MACs are included in the valid portion; and constituent MACs that are wholly included in the valid portion may be declared valid. | 11-08-2012 |
20140040614 | SECURE FUNCTION EVALUATION FOR A COVERT CLIENT AND A SEMI-HONEST SERVER USING STRING SELECTION OBLIVIOUS TRANSFER - Methods and apparatus are provided for secure function evaluation for a covert client and a semi-honest server using string selection oblivious transfer. An information-theoretic version of a garbled circuit C is sliced into a sequence of shallow circuits C | 02-06-2014 |
20140040620 | Secure Function Evaluation Between Semi-Honest Parties - Methods and apparatus are provided for secure function evaluation between a semi-honest client and a semi-honest server using an information-theoretic version of garbled circuits (GC). An information-theoretic version of a garbled circuit C is sliced into a sequence of shallow circuits C | 02-06-2014 |
20140056306 | MAC Aggregation With Message Multiplicity For Use In A Multi-Node Data Network - A MAC aggregation technique utilizing a large field addition operation is disclosed. The large field addition operation defines the addition of two or more MACs mod p, where the two or MACs may comprise constituent MACs or aggregate MACs, and where p is a prime number that is large relative to the size of the MACs. The disclosed MAC aggregation technique yields an aggregate MAC much shorter than the concatenation of constituent MACs while achieving security even in the case where constituent MACs may be aggregated in duplicate. | 02-27-2014 |
20140095861 | Input Consistency Verification for Server Assisted Secure Function Evaluation - Server-assisted secure function evaluation (SFE) is performed with input consistency verification for two parties that want to evaluate a function. The server computes a garbled circuit corresponding to the function. A predefined bit of the 0-secret of wire i in the garbled circuit is set to a random bit b | 04-03-2014 |
20140105393 | Input Consistency Verification for Two-Party Secure Function Evaluation - Secure function evaluation SFE) with input consistency verification is performed by two parties to evaluate a function. For each execution, the first party computes a garbled circuit corresponding to the function and uses an Oblivious Transfer protocol to provide wire secrets that are an encrypted version k | 04-17-2014 |
20140108435 | SECURE PRIVATE DATABASE QUERYING SYSTEM WITH CONTENT HIDING BLOOM FITERS - Secure private database querying on a database for a query having a formula evaluation on at least two keywords A and B comprises: a server receiving a Bloom filter tree comprised of encrypted Bloom filters of encrypted keywords from the database, wherein each Bloom filter in the Bloom filter tree is separately masked by a random mask pad P; receiving an encrypted version of the keywords A and B from the client; and obtaining masked Bloom filter indices for the keywords A and B. The client and server participate in secure function evaluation (SFE) with the client. The server has an input comprising the masked Bloom filter indices for the keywords A and B and the client has an input comprising the random mask pad P. The secure function evaluation comprises: removing the random mask pad P from the masked Bloom filter indices input by the server; determining if there is a matching Bloom filter for each of the keywords A and B; and applying the formula evaluation to determine if the formula is satisfied. | 04-17-2014 |
20140129838 | METHOD AND APPARATUS FOR RESILIENT END-TO-END MESSAGE PROTECTION FOR LARGE-SCALE CYBER-PHYSICAL SYSTEM COMMUNICATIONS - To address the security requirements for cyber-physical systems, embodiments of the present invention include a resilient end-to-end message protection framework, termed Resilient End-to End Message Protection or REMP, exploiting the notion of the long-term key that is given on per node basis. This long term key is assigned during the node authentication phase and is subsequently used to derive encryption keys from a random number per-message sent. Compared with conventional schemes, REMP improves privacy, message authentication, and key exposure, and without compromising scalability and end-to-end security. The tradeoff is a slight increase in computation time for message decryption and message authentication. | 05-08-2014 |
20140189364 | Privacy-Preserving Database System - A database system includes a server, index server and client. In one embodiment the server randomly permutes the order of database records. The server provides to the index server an array of encryption keys by generating a random encryption key corresponding to each permuted database record. The server encrypts each permuted database record with its corresponding encryption key. The index server computes and encrypts a sum of each encryption key and a corresponding random mask and sends a permuted array of masked keys to the server. The index server provides to the client an encrypted database record, and the mask and key corresponding to the encrypted record. The client sends the encrypted sum of the mask and key to the server. The server decrypts the masked key with a public key and sends the decrypted key to the client. The client then recovers the record key and decrypts the record. | 07-03-2014 |