公开(公告)号：US20180101669A1

公开(公告)日：2018-04-12

申请号：US15401890

申请日：2017-01-09

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  David Tamagno

IPC: G06F21/32 ,  G06F17/30

CPC classification number: G06F21/32 ,  G06F16/907 ,  G06F21/606 ,  G06F21/71 ,  G06K9/00067 ,  G06K9/0061 ,  G06K9/00986 ,  G06K2009/00953

Abstract: Aspect may relate to a device that comprises a sensor and a first secure processor. The sensor may receive an input and generate raw data from the input. The first secure processor may control a first execution environment to perform operations including receiving the raw data from the sensor. Further, the device may include a second processor to control a second execution environment to perform operations including: receiving the raw data; performing data processing to determine normalized data from the raw data and additional data; performing feature extraction to the normalized data to determine features; and sending the features to the first execution environment. The first execution environment may use the features to match the features with stored reference features to authenticate a user.

公开(公告)号：US20180048632A1

公开(公告)日：2018-02-15

申请号：US15235505

申请日：2016-08-12

Applicant: QUALCOMM Incorporated

Inventor： Rosario Cammarota ,  Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/061 ,  H04L9/083 ,  H04L9/321 ,  H04L9/3247 ,  H04L63/029 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/06 ,  H04L63/08 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/06

Abstract: Methods, systems, and devices for wireless communication are described for precursory client configuration for network access. A configurator station (STA) may receive, from a key management device, an identity key of a client STA and may receive, from the client STA, a network configuration probe that includes a first cryptographic value based at least in part on the identity key and a request for network access. The configurator STA may apply a cryptographic function to the identity key to generate a second cryptographic value. The configurator STA may configure the client STA to access a network based at least in part on a match between the first cryptographic value and the second cryptographic value.

公开(公告)号：US09779401B2

公开(公告)日：2017-10-03

申请号：US14463276

申请日：2014-08-19

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04L29/06 ,  G06Q20/40 ,  H04W12/04 ,  H04W12/06 ,  G06Q20/20 ,  G06Q20/32

CPC classification number: G06Q20/401 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q2220/12 ,  H04L63/045 ,  H04L63/061 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06

Abstract: A user device can be configured for network access, such as for guest network access. In one example, a first device receives an indication of a transaction that uses the first device. The first device communicates a request for network access to an access point of the network in response to receiving the indication of the transaction. The first device then receives a first key from the access point. The first device provides the first key to the user device. The user device is to use the first key to obtain the network access to the network.

公开(公告)号：US09760737B2

公开(公告)日：2017-09-12

申请号：US14738251

申请日：2015-06-12

Applicant: QUALCOMM Incorporated

Inventor： Rosario Cammarota ,  Olivier Jean Benoit

IPC: G06F21/00 ,  G06F21/72 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  G09C1/00 ,  H04L29/06 ,  G06F11/30 ,  G06F12/14

CPC classification number: G06F21/72 ,  G09C1/00 ,  H04L9/002 ,  H04L9/008 ,  H04L9/0866 ,  H04L9/0894 ,  H04L9/3278 ,  H04L2209/12

Abstract: Techniques for protecting data in a processor are provided. An example method according to these techniques includes performing one or more operations on encrypted data using one or more functional units of a data path of the processor to generate an encrypted result. Performing the one or more operations includes: receiving at least one encrypted parameter pair at a functional unit, each encrypted parameter pair comprising an encrypted parameter value and a challenge value associated with the encrypted parameter value, the encrypted parameter being encrypted using a homomorphic encryption technique, the challenge value being used to recover a key used to encrypt the encrypted parameter value, and performing a mathematical computation on the at least one encrypted parameter. The method also includes outputting the encrypted result.

公开(公告)号：US09749134B2

公开(公告)日：2017-08-29

申请号：US14308382

申请日：2014-06-18

Applicant: QUALCOMM Incorporated

Inventor： Aram Perez ,  Olivier Jean Benoit

IPC: H04L9/30 ,  H04W4/00 ,  H04W12/04 ,  H04W12/06 ,  H04L9/32 ,  H04L9/08

CPC classification number: H04L9/30 ,  H04L9/0838 ,  H04L9/3226 ,  H04L2209/24 ,  H04L2209/80 ,  H04L2209/805 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06

Abstract: A system comprises an access point and a client device. The access point receives, using near field communication (NFC) technology, a public key associated with the client device and sends, using NFC technology, a public key associated with the access point. The access point further encrypts configuration data associated with a network and sends the encrypted configuration data to the client device. The client device receives, using NFC technology, a command indicating that a public key associated with the client device is to be sent to the access point and sends, using NFC technology, the public key to the access point. The client device further receives, using NFC technology, a public key associated with the access point and configures the client device to wirelessly connect to a network associated with the access point.

公开(公告)号：US09621549B2

公开(公告)日：2017-04-11

申请号：US14341703

申请日：2014-07-25

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Laurence Geoffrey Lundblade ,  Asaf Ashkenazi

IPC: H04L29/06 ,  G06F21/64 ,  G06F21/79 ,  G06F17/30

CPC classification number: H04L63/0869 ,  G06F17/30371 ,  G06F21/64 ,  G06F21/645 ,  G06F21/79 ,  H04L63/1466

Abstract: An integrated circuit may comprise a secure volatile memory configured to store first data-validity information associated with first data stored in an external nonvolatile memory; and a secure processor configured to: retrieve the first data-validity information from a secure remote server over a secure communication channel, wherein the secure processor uses mutual authentication with the secure remote server to secure the secure communication channel; store the first data-validity information in the secure volatile memory; retrieve the first data from the external nonvolatile memory; obtain second data-validity information associated with the first data; compare the first data-validity information stored in the secure volatile memory with the second data-validity information to generate a comparison value; and determine, based on the comparison value, whether the first data is valid.

公开(公告)号：US20160366124A1

公开(公告)日：2016-12-15

申请号：US15060281

申请日：2016-03-03

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  H04L9/006 ,  H04L9/321 ,  H04L9/3265 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/0876 ,  H04W12/003 ,  H04W12/00522 ,  H04W12/06 ,  H04W84/12

Abstract: An apparatus and method for registering and configuring a wireless device for use within a wireless local area network (WLAN) are disclosed. In at least one exemplary embodiment, a registration authority may obtain a public key and connection attributes of the wireless device. The registration authority may be distinct from the wireless device and an access point of the WLAN. The registration authority may provide the public key and the connection attributes to a certification authority. The certification authority, distinct from the registration authority, may certify the public key and generate a certificate for the wireless device. The certificate may authenticate the wireless device with access points or other wireless devices. In some embodiments, a certification revocation list may be generated to identify the certificates that may have expired or are otherwise invalid. The certification revocation list may permit or deny access of a wireless device to the WLAN.

Abstract translation: 公开了一种用于注册和配置无线局域网（WLAN）内的无线设备的装置和方法。 在至少一个示例性实施例中，注册机构可以获得无线设备的公共密钥和连接属性。 注册机构可以与无线设备和WLAN的接入点不同。 注册机构可以向认证机构提供公钥和连接属性。 与注册机构不同的认证机构可以认证公钥，并为无线设备生成证书。 证书可以使用接入点或其他无线设备认证无线设备。 在一些实施例中，可以生成认证撤销列表以识别可能已经过期或者否则无效的证书。 认证撤销列表可以允许或拒绝无线设备到WLAN的接入。

公开(公告)号：US20160360404A1

公开(公告)日：2016-12-08

申请号：US15065608

申请日：2016-03-09

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04W12/04 ,  H04L29/06 ,  H04W12/06

CPC classification number: H04W12/04 ,  H04L9/006 ,  H04L9/0841 ,  H04L9/3265 ,  H04L63/062 ,  H04W4/80 ,  H04W12/02 ,  H04W12/06

Abstract: An apparatus and method for configuring a wireless station for use within a wireless local area network are disclosed. In at least one exemplary embodiment, a pairwise master key is generated by the wireless station and an access point within the wireless local area network. The pairwise master key may be based, at least in part, on a transient identity key pair of the wireless station. The transient identity key pair may be generated by the wireless station in response to receiving a message from the access point. In some embodiments, a public transient identity key of the transient identity key pair may be provided to additional access points to enable the wireless station to authenticate with the additional access points.

Abstract translation: 公开了一种用于配置无线站在无线局域网内使用的装置和方法。 在至少一个示例性实施例中，成对主密钥由无线站和无线局域网内的接入点产生。 成对主密钥可以至少部分地基于无线站的瞬时身份密钥对。 瞬态身份密钥对可以由无线站响应于从接入点接收到消息而生成。 在一些实施例中，瞬态身份密钥对的公共瞬态身份密钥可以被提供给附加接入点，以使无线站能够与附加接入点进行认证。

公开(公告)号：US20150052231A1

公开(公告)日：2015-02-19

申请号：US13970298

申请日：2013-08-19

Applicant: QUALCOMM Incorporated

Inventor： Yanjun Sun ,  Olivier Jean Benoit ,  Brian Michael Buesker ,  Peerapol Tinnakornsrisuphap

IPC: H04L12/24 ,  H04L29/12

CPC classification number: H04L41/0803 ,  H04L41/12 ,  H04L61/103 ,  H04L61/1511 ,  H04L61/2015

Abstract: A headless device does not have a user interface that conveniently allows the user to enter a custom name for the headless device. In this disclosure, a custom name may be determined (either automatically or via user input) at a user device, such as a user device that has a user interface. The custom name may be based on the type of device, location, services, and/or other information about the headless device. The custom name is introduced to the communications network in association with a network address of the headless device. In some embodiments, forged messages based on conventional network protocols may be used to associate the custom name with the network address of the headless device.

Abstract translation: 无头设备没有用户界面，方便用户输入无头设备的自定义名称。 在本公开中，可以在用户设备（例如具有用户界面的用户设备）上确定自定义名称（自动地或经由用户输入）。 自定义名称可以基于有关无头设备的设备类型，位置，服务和/或其他信息。 自定义名称与无头设备的网络地址相关联地引入通信网络。 在一些实施例中，可以使用基于常规网络协议的伪造消息来将自定义名称与无头设备的网络地址相关联。