-
公开(公告)号:US11914737B2
公开(公告)日:2024-02-27
申请号:US17242105
申请日:2021-04-27
Applicant: Apple Inc.
Inventor: Frederic Jacobs , Eric Bainville , Yannick L. Sierra
CPC classification number: G06F21/6227 , H04L9/0861 , H04L9/0894 , H04L9/3247 , G06F2221/2107
Abstract: Embodiments described herein provide a compressed container format that enables the container to be decrypted and decompressed in a streaming manner. One embodiment provides a container format for encrypted archives in which data is compressed and encrypted in a segmented manner. A segment of the archive can be decompressed, decrypted, and checked for integrity before the entire archive is received. Metadata for the encrypted archive is also encrypted to secure details of data stored within the archive.
-
公开(公告)号:US20240037274A1
公开(公告)日:2024-02-01
申请号:US18377478
申请日:2023-10-06
Applicant: Apple Inc.
Inventor: Pablo Antonio Gonzalez Cervantes , Mohan Singh Randhava , Jorge F. Pozas Trevino , Samuel A. Mussell , Isaac Pinol Catadau , Steven A. Myers , Dongsheng Zhang , Suhail Ahmad , Zhengjun Jiang , Yannick L. Sierra , Amir H. Jadidi
CPC classification number: G06F21/6245 , G16H10/60 , H04L9/0825 , H04L9/0866 , H04L9/14
Abstract: Techniques for storing health data can include a multi-node data structure. A data node, a category node, and an institution node of a multi-node data structure can be generated in accordance with a configuration file. The data node can include health data and can be identified by a first unique data identifier and encrypted using a first cryptographic key. The category node can include the first unique data identifier and the first cryptographic key. The category node can be identified by a second unique data identifier and encrypted using a second cryptographic key. The institution node can include the second unique data identifier and the second cryptographic key. The institution node can be identified by a third unique data identifier and encrypted using a third cryptographic key. The data node, the category node, and the institution node can be shared with a service provider.
-
公开(公告)号:US20230396439A1
公开(公告)日:2023-12-07
申请号:US18131801
申请日:2023-04-06
Applicant: APPLE INC.
Inventor: Cristina L. Formaini , Bailey E. Basile , Per Love Hornquist Astrand , Yannick L. Sierra , Erik D. Strahm , Benton C. Case
CPC classification number: H04L9/3226 , H04L9/14 , H04L9/30 , H04L9/0869 , H04L9/088
Abstract: A device may include accessing first public key associated with a first user identifier for the first electronic device and a second public key associated with a second user identifier for a second electronic device. The device can generate a first random number and a first commitment using a hash function and the first random number; transmit a first message to the second electronic device via a channel between the first and second electronic devices. The device can receive a message from the second electronic device via the channel including include a second random number generated by the second electronic device. The device can extract a code via the hash function using the first public key, the second public key, the first random number, and the second random number. The device can present the code on a user interface for verification. The user interface can receive confirmation of the verification.
-
公开(公告)号:US20230010948A1
公开(公告)日:2023-01-12
申请号:US17932883
申请日:2022-09-16
Applicant: Apple Inc.
Inventor: Jeffry E. Gonion , Ian D. Kountanis , Conrado Blasco , Steven Andrew Myers , Yannick L. Sierra
Abstract: A system and method for efficiently protecting branch prediction information. In various embodiments, a computing system includes at least one processor with a branch predictor storing branch target addresses and security tags in a table. The security tag includes one or more components of machine context. When the branch predictor receives a portion of a first program counter of a first branch instruction, and hits on a first table entry during an access, the branch predictor reads out a first security tag. The branch predictor compares one or more components of machine context of the first security tag to one or more components of machine context of the first branch instruction. When there is at least one mismatch, the branch prediction information of the first table entry is not used. Additionally, there is no updating of any branch prediction training information of the first table entry.
-
公开(公告)号:US20220399994A1
公开(公告)日:2022-12-15
申请号:US17848922
申请日:2022-06-24
Applicant: APPLE INC.
Inventor: Yannick L. Sierra , Zhimin Chen , Thomas Icart
IPC: H04L9/08 , G01S13/76 , H04L9/40 , H04W12/03 , H04W12/041
Abstract: Embodiments described herein enable the generation of cryptographic material for ranging operations in a manner that reduces and obfuscates potential correlations between leaked and secret information. One embodiment provides for an apparatus including a ranging module having one or more ranging sensors. The ranging module is coupled to a secure processing system through a hardware interface to receive at least one encrypted ranging session key, the ranging module to decrypt the at least one encrypted ranging session key to generate a ranging session key, generate a sparse ranging input, derive a message session key based on the ranging session key, and derive a derived ranging key via a key derivation cascade applied to the message session key and the sparse ranging input, the derived ranging key to encrypt data transmitted during a ranging session.
-
Patent Agency Ranking
公开(公告)号:US11522695B2
公开(公告)日:2022-12-06
申请号:US16982513
申请日:2019-03-19
Applicant: Apple Inc.
Inventor: Sriram Hariharan , Yannick L. Sierra , Frederic Jacobs
Abstract: Techniques are disclosed relating to using a device to gain access to another system. In some embodiments, a first mobile device performs a pairing operation with a control unit that controls access to a system, the pairing operation including the first mobile device establishing a first cryptographic key with the control unit. The first mobile device receives a request to enable a second mobile device to communicate with the control unit, and in response to receiving the request, the first mobile device generates a second cryptographic key from the first cryptographic key. The first mobile device provides the second cryptographic key to the second mobile device. The second mobile device is configured to send a beacon including a payload encrypted with the second cryptographic key, and the encrypted payload is usable to authenticate the second mobile device to the control unit.
-
公开(公告)号:US20210359842A1
公开(公告)日:2021-11-18
申请号:US15930838
申请日:2020-05-13
Applicant: Apple Inc.
Inventor: Vishnu Pillai Janardhanan Pillai , Rantao Chen , Gianpaolo Fasoli , Frederic Jacobs , Rupamay Saha , Yannick L. Sierra , Dian Wen , Ka Yang
Abstract: Embodiments described herein provide cryptographic techniques to enable a recipient of a signed message containing encrypted data to verify that the signer of the message and the encryptor of the encrypted data are the same party, or at the least, have joint possession of a common set of secret cryptographic material. These techniques can be used to harden an online payment system against interception and resigning of encrypted payment information.
-
公开(公告)号:US11178127B2
公开(公告)日:2021-11-16
申请号:US15497203
申请日:2017-04-26
Applicant: Apple Inc.
Inventor: Wade Benson , Marc J. Krochmal , Alexander R. Ledwith , John Iarocci , Jerrold V. Hauck , Michael Brouwer , Mitchell D. Adler , Yannick L. Sierra
IPC: H04W12/08 , H04L29/06 , H04W12/041 , H04W12/086 , H04W12/0431 , G06F9/445 , H04W12/06 , H04L9/08 , H04L9/14 , H04L9/32
Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.
-
公开(公告)号:US10944562B2
公开(公告)日:2021-03-09
申请号:US16221043
申请日:2018-12-14
Applicant: Apple Inc.
Inventor: Mayur P. Mahajan , Gokul P. Thirumalai , Scott Lopatin , Tommy Rochette , Robert Y. Loh , Yannick L. Sierra
Abstract: Techniques disclosed herein relate to the authentication of a first user in a communication session between the first user using a user device and a second user using a remote computer system. The computer system sends an authentication request in the session, and the user device receives the authentication request in the session via a messaging program. The user device then causes a different program to access an authentication token received from an authentication computer system. The user device sends an indication of the authentication token to the remote computer system which the remote computer system verifies to authenticate the first user within the session.
-
公开(公告)号:US20200336897A1
公开(公告)日:2020-10-22
申请号:US16835057
申请日:2020-03-30
Applicant: Apple Inc.
Inventor: Brent M. Ledvina , Yannick L. Sierra , Kyle C. Brogle , Steven Andrew Myers
Abstract: Techniques disclosed herein relate to the pairing of a pairing initiator device and a pairing responder device for communication. The pairing initiator device and the pairing responder device range with each other to determine the distance between the pairing initiator device and the pairing responder device. Based on the distance being below a threshold distance, the pairing initiator device and the pairing responder device wirelessly pair with each other without further input from the user.
-
-
-
-
-
-
-
-
-
Search Results
108
records
(took 0.027 seconds)
