John Nix

Quantum safe blockchain for managing certificates, including certificate revocation. When Q-day arrives, revocation of certificates and especially root certificates will create massive systemic risk for IT systems globally. A quantum safe blockchain for handling the registration and revocation of certificates (and raw public keys) can solve many issues across industry for many protocols: TLS, IPSec, eSIM, etc. Certificates can be identified by a human-readable integer that can be easily… Show more

Quantum safe blockchain for managing certificates, including certificate revocation. When Q-day arrives, revocation of certificates and especially root certificates will create massive systemic risk for IT systems globally. A quantum safe blockchain for handling the registration and revocation of certificates (and raw public keys) can solve many issues across industry for many protocols: TLS, IPSec, eSIM, etc. Certificates can be identified by a human-readable integer that can be easily shared "out of band", where the integer is securely assigned upon registration in the quantum safe blockchain. Using the integer, systems connected as clients to the network can securely receive the certificate in a quantum safe manner. Show less

A mobile phone can configure a device for securely connecting to a network, including supporting the issuance of a new certificate for the device to join the network.

Continuation of U.S. patent application Ser. No. 18/111,669, which is now U.S. Patent 11,973,864.

Continuation of U.S. patent application Ser. No. 17/547,990, which is now U.S. Patent 11,916,893.

Continuation of U.S. patent application Ser. No. 17/547,990, which is now U.S. Patent 11,916,893.

Continuation of U.S. patent application Ser. No. 17/547,990, which is now U.S. Patent 11,916,893.

A wireless device with transducers can support remote monitoring and include an 802.11 compatible radio and a set of device default credentials. The device can be installed at a physical location with service from a fixed access point operating with a different set of owner credentials. A mobile phone can (i) scan a tag for the device and download a set of configuration parameters for the device, and (ii) authenticate with a configuration system. The mobile phone can receive the set of device… Show more

A wireless device with transducers can support remote monitoring and include an 802.11 compatible radio and a set of device default credentials. The device can be installed at a physical location with service from a fixed access point operating with a different set of owner credentials. A mobile phone can (i) scan a tag for the device and download a set of configuration parameters for the device, and (ii) authenticate with a configuration system. The mobile phone can receive the set of device default credentials from the configuration system. The mobile phone can activate a mobile access point using the set of device default credentials. The device can connect with the mobile phone's access point and receive a ciphertext with the owner credentials and a configuration package. The device can apply the configuration package and load the owner credentials in order to connect with the fixed access point. Show less

The world’s IT infrastructure will need to upgrade from classical PKI cryptography to post-quantum cryptography over the next several years. For example, the NSA mandates US government classified data no longer be protected by ECC/RSA by 2033. This patent provide an efficient and secure method for a server to implement a first quantum-safe key encapsulation mechanism (KEM) and while simultaneously supporting a device implementing a second quantum-safe KEM. The secure channel negotiated can… Show more

The world’s IT infrastructure will need to upgrade from classical PKI cryptography to post-quantum cryptography over the next several years. For example, the NSA mandates US government classified data no longer be protected by ECC/RSA by 2033. This patent provide an efficient and secure method for a server to implement a first quantum-safe key encapsulation mechanism (KEM) and while simultaneously supporting a device implementing a second quantum-safe KEM. The secure channel negotiated can represent a "hybrid" key exchange for two PQC PKI key pairs that support two different algorithms, such as the first KEM using Kyper and the second KEM using HQC. Show less

Patent from continuation application 17/249,242, which became U.S. Patent 11973863.

EAP-TLS is a leading standard for authentication in private 5G networks. Roaming devices with a carrier SIM card (or active eUICC profile) on a private 5G network will need to authenticate with both (i) the “Subscription Concealed Identifier” (SUCI) for the carrier network and (ii) often a version of EAP-TLS for the private network. The patent supports flexible use of EAP-TLS authentication for a private network, when the user identity is concealed. The patent solves the many technical… Show more

EAP-TLS is a leading standard for authentication in private 5G networks. Roaming devices with a carrier SIM card (or active eUICC profile) on a private 5G network will need to authenticate with both (i) the “Subscription Concealed Identifier” (SUCI) for the carrier network and (ii) often a version of EAP-TLS for the private network. The patent supports flexible use of EAP-TLS authentication for a private network, when the user identity is concealed. The patent solves the many technical challenges for roaming devices on 5G private networks, particularly related to handling server certificates for authentication of the network. Show less

A network can operate a WiFi access point with credentials. An unconfigured device can (i) support a Device Provisioning Protocol (DPP), (ii) record responder bootstrap public and private keys, and (iii) be marked with a tag. The network can record initiator bootstrap public and private keys, as well as derived initiator ephemeral public and private keys. An initiator can (i) operate a DPP application, (ii) read the tag, (iii) establish a secure and mutually authenticated connection with the… Show more

A network can operate a WiFi access point with credentials. An unconfigured device can (i) support a Device Provisioning Protocol (DPP), (ii) record responder bootstrap public and private keys, and (iii) be marked with a tag. The network can record initiator bootstrap public and private keys, as well as derived initiator ephemeral public and private keys. An initiator can (i) operate a DPP application, (ii) read the tag, (iii) establish a secure and mutually authenticated connection with the network, and (iv) send the network data within the tag. The network can record the responder bootstrap public key and derive an encryption key with the (i) recorded responder bootstrap public key and (ii) derived initiator ephemeral private key. The network can encrypt credentials using the derived encryption key and send the encrypted credentials to the initiator, which can forward the encrypted credentials to the device, thereby supporting a device configuration. Show less

A server can receive a device public key and forward the device public key to a key server. The key server can perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using the device public key and a network private key to derive a secret X1. The key server can send the secret X1 to the server. The server can derive an ECC PKI key pair and send to the device the server public key. The server can conduct a second ECDH key exchange using the derived server secret key and the device… Show more

A server can receive a device public key and forward the device public key to a key server. The key server can perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using the device public key and a network private key to derive a secret X1. The key server can send the secret X1 to the server. The server can derive an ECC PKI key pair and send to the device the server public key. The server can conduct a second ECDH key exchange using the derived server secret key and the device public key to derive a secret X2. The server can perform an ECC point addition using the secret X1 and secret X2 to derive a secret X3. The device can derive the secret X3 using (i) the server public key, a network public key, and the device private key and (ii) a third ECDH key exchange. Show less

A module with an embedded universal integrated circuit card (eUICC) can include a profile for the eUICC. The profile can include a first and second shared secret key K for authenticating with a wireless network. The first shared secret key K can be encrypted with a first key, and the second shared secret key K can be encrypted with a second key. The module can (i) receive the first key, (ii) decrypt the first shared secret key K with the first key, and (iii) subsequently authenticate with the… Show more

A module with an embedded universal integrated circuit card (eUICC) can include a profile for the eUICC. The profile can include a first and second shared secret key K for authenticating with a wireless network. The first shared secret key K can be encrypted with a first key, and the second shared secret key K can be encrypted with a second key. The module can (i) receive the first key, (ii) decrypt the first shared secret key K with the first key, and (iii) subsequently authenticate with the wireless network using the plaintext first shared secret key K. The wireless network can authenticate the user of the module using a second factor. The module can then (i) receive the second key, (ii) decrypt the second shared secret key K, and (iii) authenticate with the wireless network using the second shared secret key K. The module can comprise a mobile phone. Show less

A server and a device can support secure sessions with both (i) post-quantum cryptography (PQC) key encapsulation mechanisms (KEM) and (ii) session resumption. In an initial secure session, the device and server can mutually generate a first shared secret key K1 from a first KEM based on a device PKI key pair. The device and server can mutually generate a second shared secret key K2 from a second KEM based on a server PKI key pair. The device and server can mutually generate a symmetric… Show more

A server and a device can support secure sessions with both (i) post-quantum cryptography (PQC) key encapsulation mechanisms (KEM) and (ii) session resumption. In an initial secure session, the device and server can mutually generate a first shared secret key K1 from a first KEM based on a device PKI key pair. The device and server can mutually generate a second shared secret key K2 from a second KEM based on a server PKI key pair. The device and server can mutually generate a symmetric ciphering key S2 from both K1 and K2. The server can encrypt an identity for a “pre-shared” secret key (PSK-ID) with S2. The device and server can (i) mutually generate a PSK from both K1 and K2 and (ii) close the initial secure session. The device can transmit a message to resume the session, where the message includes the PSK-ID and a MAC value. Show less

A module with an embedded universal integrated circuit card (eUICC) can include a received eUICC profile and a set of cryptographic algorithms. The received eUICC profile can include an initial shared secret key for authentication with a wireless network. The module can receive a key K network token and send a key K module token to the wireless network. The module can use the key K network token, a derived module private key, and a key derivation function to derive a secret shared network key K… Show more

A module with an embedded universal integrated circuit card (eUICC) can include a received eUICC profile and a set of cryptographic algorithms. The received eUICC profile can include an initial shared secret key for authentication with a wireless network. The module can receive a key K network token and send a key K module token to the wireless network. The module can use the key K network token, a derived module private key, and a key derivation function to derive a secret shared network key K that supports communication with the wireless network. The wireless network can use the received key K module token, a network private key, and the key derivation function in order to derive the same secret shared network key K derived by the module. The module and the wireless network can subsequently use the mutually derived key K to communicate using traditional wireless network standards. Show less

A server communicating with a device can store and use PKI keys comprising server private key ss, device public key Sd, and device ephemeral public key Ed. The device can store and use the corresponding PKI keys, such as server public key Ss. The key use can support all of (i) mutual authentication, (ii) forward secrecy, and (iii) shared secret key exchange. The server and the device can conduct an ECDHE key exchange with the PKI keys to mutually derive a symmetric ciphering key K1. The device… Show more

A server communicating with a device can store and use PKI keys comprising server private key ss, device public key Sd, and device ephemeral public key Ed. The device can store and use the corresponding PKI keys, such as server public key Ss. The key use can support all of (i) mutual authentication, (ii) forward secrecy, and (iii) shared secret key exchange. The server and the device can conduct an ECDHE key exchange with the PKI keys to mutually derive a symmetric ciphering key K1. The device can encrypt a device public key PK.Device with K1 and send to the server as a first ciphertext. The server can encrypt a server public key PK.Network with at least K1 and send to the device as a second ciphertext. Show less

A device can (i) store public keys Ss and Sn for a network and (ii) record private key sd. A network can record a corresponding private keys ss and sn. The device can (i) generate a device ephemeral PKI key pair (Ed, ed) and (ii) send public key Ed to the network. The device can receive an ephemeral public key Es from the network. The device can calculate values for A: an elliptic curve point addition over Ss, Sn, and Es, and B: (sd+ed)mod n. The device can input values for X and Y into an… Show more

A device can (i) store public keys Ss and Sn for a network and (ii) record private key sd. A network can record a corresponding private keys ss and sn. The device can (i) generate a device ephemeral PKI key pair (Ed, ed) and (ii) send public key Ed to the network. The device can receive an ephemeral public key Es from the network. The device can calculate values for A: an elliptic curve point addition over Ss, Sn, and Es, and B: (sd+ed)mod n. The device can input values for X and Y into an elliptic curve Diffie Hellman key exchange (ECDH) in order to determine a mutually derived shared secret X5, where the network can also derive shared secret X5. The device can (i) use X5 to derive a key K2 and (ii) decrypt a ciphertext from the network using key K2. Show less

NIST published the official/final post-quantum cryptography (PQC) standards in FIPS 203- 205 on August 13, 2024. US Government agencies and industry will begin migration to the PQC standards the next few years, in order to remain secure against quantum computers. Since the PQC algorithms are relatively new compared to RSA and ECC, a higher level of security for secure sessions such as TLS, SSH, IPSec, etc. can be achieved by using a hybrid of two different PQC algorithms. This patent… Show more

NIST published the official/final post-quantum cryptography (PQC) standards in FIPS 203- 205 on August 13, 2024. US Government agencies and industry will begin migration to the PQC standards the next few years, in order to remain secure against quantum computers. Since the PQC algorithms are relatively new compared to RSA and ECC, a higher level of security for secure sessions such as TLS, SSH, IPSec, etc. can be achieved by using a hybrid of two different PQC algorithms. This patent relates to (i) a device securing a session with a first key encapsulation mechanism (KEM) algorithm and a device private key + public key and (ii) a network securing the session with a second KEM algorithm and a network private key + public key. If either KEM algorithm is compromised in the future (such as lattice-based cryptography is broken but not code-based cryptograph), the session remains independently secured by the other algorithm. Show less

Control of radio modules/modems universally implement the AT command set and architecture. The architecture is nearly 40 years and originates with the Hayes modem. For IoT devices, the AT command set can be power inefficient and not very flexible. As one example, a controller or microprocessor (CPU) has to be active at the same time as the modem in order to send and receive data with AT commands. If retries for data transfer are required, then again both the CPU and modem must be awake.… Show more

Control of radio modules/modems universally implement the AT command set and architecture. The architecture is nearly 40 years and originates with the Hayes modem. For IoT devices, the AT command set can be power inefficient and not very flexible. As one example, a controller or microprocessor (CPU) has to be active at the same time as the modem in order to send and receive data with AT commands. If retries for data transfer are required, then again both the CPU and modem must be awake. This patent solves the issue with an entirely new architecture that implements a shared nonvolatile memory interface, such as a file system in flash memory. The CPU can write data and commands for a wireless network to the flash memory and then deep sleep. The modem can subsequently wake from a separate deep sleep and then read the data from the flash memory and transfer it to the wireless network. Show less

Long-term platform keys for secure boot have historically been based on RSA. These keys are expected to remain secure for more than a decade and preferably 20+ years for the lifetime of networking gear and computer hardware. Quantum computers will likely break RSA in less than 10 years, which requires that architecture for secure boot should securely support the updating of both platform keys and boot loader firmware (which verifies the signature for the BIOS). For example, a secure system… Show more

Long-term platform keys for secure boot have historically been based on RSA. These keys are expected to remain secure for more than a decade and preferably 20+ years for the lifetime of networking gear and computer hardware. Quantum computers will likely break RSA in less than 10 years, which requires that architecture for secure boot should securely support the updating of both platform keys and boot loader firmware (which verifies the signature for the BIOS). For example, a secure system for updating would avoid the significant risks and costs from the compromise of BIOS firmware signing keys here: https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/. The same system can be used to support the migration to quantum safe algorithms. Show less

Continuation of parent issued patent 11,582,045. As Q-day approaches and quantum computers can break classical cryptography such as RSA and ECC, enterprises can retain security for authentication using hybrid digital signatures which combine a first RSA/ECC signature with a second PQC signature such as Dilithium. This patent covers steps for that secure combination and also separate use of a key exchange for encryption.

The standard authentication method for private 5G networks is EAP-TLS authentication. 5G networks include a "Subscription Concealed Identifier" (SUCI), typically for a public network associated with the private network. The processing of authentication using both the SUCI and EAP-TLS can be both more secure and more efficient when distributed between the public network and the private network.

The Internet's most important protocols for security such as TLS will need to be entirely re-written in order to support both (i) post-quantum cryptography (PQC) AND (ii) hybrid key encapsulation mechanisms (KEM) such that the TLS session is encrypted with two separate PQC KEM algorithms. In addition, security can be enhanced by separating the server for generating the PQC digital signature from the server encrypting handshake and application data. This patent identifies the steps, keys, and… Show more

The Internet's most important protocols for security such as TLS will need to be entirely re-written in order to support both (i) post-quantum cryptography (PQC) AND (ii) hybrid key encapsulation mechanisms (KEM) such that the TLS session is encrypted with two separate PQC KEM algorithms. In addition, security can be enhanced by separating the server for generating the PQC digital signature from the server encrypting handshake and application data. This patent identifies the steps, keys, and algorithms to securely solve these issues. In this manner, the Internet can remain secure after Q-Day, when ECC and RSA can no longer be trusted. Show less

Secure processing environments (SPE) include "secure enclaves", "tamper resistant elements (TRE)", eSIMs, and "trusted platform modules (TMP)". Although highly secure, they have inherent limitations for keeping time when a device is powered off. PKI systems with certificates for SPE rely on an accurate clock or secure timestamp, since verification is required that a certificate has not expired. Consequently, the trust for a SPE depends on the trust the SPE has an accurate measure for time.… Show more

Secure processing environments (SPE) include "secure enclaves", "tamper resistant elements (TRE)", eSIMs, and "trusted platform modules (TMP)". Although highly secure, they have inherent limitations for keeping time when a device is powered off. PKI systems with certificates for SPE rely on an accurate clock or secure timestamp, since verification is required that a certificate has not expired. Consequently, the trust for a SPE depends on the trust the SPE has an accurate measure for time. This patent provides solutions for an SPE to securely evaluate if a certificate has expired, even when the SPE has no internal ability to keep time when powered off. Show less

Continuation of the application for U.S. Patent 11,283,603.

Granted Hong Kong patent for European counterpart EP3908023.

Continuation of the application for US 11233780. Solves the problems noted in the GSMA consumer eSIM standards from around 2016 for both security and scalability with subscription managers and devices/smartphones.

Continuation of US patent 11,626,979. An authenticated ECDHE key exchange can be conducted with both forward secrecy and current server authentication status, without requiring the use of server certificates, and OSCP stapling or associated certificate revocation lists. Verifying OSCP stapling through a long chain of certificate issuer certificates to obtain current server authentication status can be (i) quite expensive for an IoT device battery life and (ii) involve significant network… Show more

Continuation of US patent 11,626,979. An authenticated ECDHE key exchange can be conducted with both forward secrecy and current server authentication status, without requiring the use of server certificates, and OSCP stapling or associated certificate revocation lists. Verifying OSCP stapling through a long chain of certificate issuer certificates to obtain current server authentication status can be (i) quite expensive for an IoT device battery life and (ii) involve significant network overhead compared to the relatively small encrypted dataset the IoT device needs to send to a server. Show less

Continuation of US 11438176. A device can record at least one network static public key (in addition to the server static public key) to use with the ECDHE key exchange, in order for the network to control the authenticated ECDHE key exchange through a server communicating with the IoT device via the Public Internet. The network can record the corresponding network static private key in a key server that is securely isolated from the server with exposure to the public Internet. Further, the… Show more

Continuation of US 11438176. A device can record at least one network static public key (in addition to the server static public key) to use with the ECDHE key exchange, in order for the network to control the authenticated ECDHE key exchange through a server communicating with the IoT device via the Public Internet. The network can record the corresponding network static private key in a key server that is securely isolated from the server with exposure to the public Internet. Further, the network static public key and/or server static public key can be unique for each device, further enhancing security and flexibility. Network and server static public keys can be recorded within devices during initial device configuration before device deployment. Show less

5G networks introduced the Subscription Concealed Identifier (SUCI), which prevents the IMSI from being ever transmitted in the clear. 4G networks require the IMSI at least for the initial network attachment. 6G core networks starting in the early 2030s will replace the use of ECDH for the SUCI with post-quantum cryptography. The patent solves several issues for that transition, making device authentication both secure and flexible.

Canadian counterpart for consumer eSIM patent family with about 12 patents in U.S., Europe, and Asia.

Several core technologies securing the internet have adopted hybrid encryption algorithms which combine both classical cryptography such as ECC and post-quantum cryptography such as Kyber. Examples include Google Chrome, the Signal protocol, IPSec, and OpenSSH. This patent and related family members describe the secure use of hybrid encryption, including encryption of a long-term, static public keys which can be for the new PQC algorithms with ephemeral ECC keys, thereby increasing security.… Show more

Several core technologies securing the internet have adopted hybrid encryption algorithms which combine both classical cryptography such as ECC and post-quantum cryptography such as Kyber. Examples include Google Chrome, the Signal protocol, IPSec, and OpenSSH. This patent and related family members describe the secure use of hybrid encryption, including encryption of a long-term, static public keys which can be for the new PQC algorithms with ephemeral ECC keys, thereby increasing security. Note that public keys for a key exchange are not normally transmitted in a ciphertext form. Show less

IoT on private 5G networks will use more EAP-TLS authentication, and less AKA. This supports certificate-based authentication and avoids requiring a pre-shared secret key (such as K within SIM cards or eSIMs). Security can be enhanced through the use of 5G subscription concealed identifiers (SUCI), but problems also arise, which are solved with this patent.

The patent is part of comprehensive family of patents that relates to, among other things, the enabling technology for authenticating and using embedded SIM cards (eSIMs) in next generation IoT, Machine-to-Machine, and other mobile devices, including smartphones, tablets, and computers as well as automobiles. eSIMs replace the traditional SIM card with internal circuitry that can be remotely provisioned with one or more profiles to access wireless networks.

The NSA mandates the use of post-quantum cryptography (PQC) for protecting US Government classified data starting in 2030. This patent relates to devices and a network establishing secure communication using post-quantum cryptography (PQC) key encapsulation mechanisms (KEM), and more particularly to using two separate PQC KEM with at least two separate public/private key pairs, in order to efficiently encrypt application data.

A device can (i) operate a primary platform (PP) within a tamper resistant element (TRE) and (ii) receive encrypted firmware images for operating within the primary platform. The primary platform can comprise a smart secure platform (SSP) and the decrypted firmware can comprise a virtualized image for the primary platform.

Security for a system with IoT devices can be increased through the following PKI key pairs: device static, device ephemeral, server static, and network static. One symmetric ciphering key can be securely derived from these keys. Physical separation of the server private key from the network private key increases security. ECC point addition by the network using the device public keys allows secure logical separation of the server private key and the network private key. The device can… Show more

Security for a system with IoT devices can be increased through the following PKI key pairs: device static, device ephemeral, server static, and network static. One symmetric ciphering key can be securely derived from these keys. Physical separation of the server private key from the network private key increases security. ECC point addition by the network using the device public keys allows secure logical separation of the server private key and the network private key. The device can authenticate the server by recording the network public key before the device is installed by users. Show less

Related to Wi-Fi Easy Connect, and acquired by Facebook.

Canadian counterpart of issued US and EU patent for functionality related to the "Smart Secure Platform" and eUICC. Acquired by Huawei.

From divisional patent application of EP parent patent EP3111689. A eUICC Subscription Manager can derive a profile key using ECDH and encrypt a first portion of a profile with the profile key. A second portion of the profile can be encrypted with a symmetric key. The second portion can include key K and IMSI. The eUICC can mutually derive the profile key and receive the symmetric key after a mobile network operator authenticates a user. Acquired by Network-1.

In the future, eSIMs will be embedded into the main "System on a Chip" (SoC) in 4G/5G capable devices. Security of device authentication depends on the secure configuration and/or updates of operating system firmware for these embedded eSIMs. This patent leverages standards such as ECC, Global Platform, and ETSI to provide a secure and efficient system allowing eSIM firmware updates for devices operating remotely.

A device can conduct an ephemeral elliptic curve Diffie Hellman key exchange (ECDHE) with authentication and multiple parties. A network communicating with a device can use two separate server systems to increase security, where each server system supports both (i) mutual authentication with the device, and (ii) forward secrecy. Different businesses may operate each server system, such that confidential information is not shared. Multiple layers of encryption controlled by a device ensure… Show more

A device can conduct an ephemeral elliptic curve Diffie Hellman key exchange (ECDHE) with authentication and multiple parties. A network communicating with a device can use two separate server systems to increase security, where each server system supports both (i) mutual authentication with the device, and (ii) forward secrecy. Different businesses may operate each server system, such that confidential information is not shared. Multiple layers of encryption controlled by a device ensure wireless nodes and network servers cannot read data for application servers. Random, temporary identifiers for devices are utilized in a manner that separate server systems can identify the devices, but third parties observing wireless communication cannot track the devices. Show less

A device can be configured by a smartphone reading a QR code for the device. An encrypted channel can be set up with the smartphone. The device can authenticate using a device certificate and generate a new public key for an operational certificate with a local wireless network. The device can authenticate with the local wireless network using the operational certificate.

Canada counterpart for U.S. patent application 14/055,60

First divisional application of granted patent application 14868381.6

Second divisional patent of granted patent application 14868381.6

A server can record (i) a first digital signature algorithm with a first certificate, and a corresponding first private key, and (ii) a second digital signature algorithm with a second certificate, and a corresponding second private key. The server can select first data to sign for the first algorithm and the first private key in order to generate a first digital signature. The server can select second data to sign, wherein the second data to sign includes at least the first digital signature… Show more

A server can record (i) a first digital signature algorithm with a first certificate, and a corresponding first private key, and (ii) a second digital signature algorithm with a second certificate, and a corresponding second private key. The server can select first data to sign for the first algorithm and the first private key in order to generate a first digital signature. The server can select second data to sign, wherein the second data to sign includes at least the first digital signature. The server can generate a second digital signature for the second data to sign using the second algorithm and the second private key. The server can transmit a message comprising (i) the first and second certificates, and (ii) the first and second digital signatures to a client device. Systems and methods can concurrently support the use of both post-quantum and classical cryptography to enhance security. Show less

An eSIM subscription manager (SM-DP+) can symmetrically encrypt a profile for a smartphone or device using a profile protection key (PPK) and consequently store the profiles in a secure manner before the smartphones/devices connect to the SM-DP+. The SM-DP+ can also conduct an ECDH key exchange to derive a symmetric key for encrypting data for the profile. Data for the profile download can include two portions, with a first portion encrypted with the symmetric key and the second portion… Show more

An eSIM subscription manager (SM-DP+) can symmetrically encrypt a profile for a smartphone or device using a profile protection key (PPK) and consequently store the profiles in a secure manner before the smartphones/devices connect to the SM-DP+. The SM-DP+ can also conduct an ECDH key exchange to derive a symmetric key for encrypting data for the profile. Data for the profile download can include two portions, with a first portion encrypted with the symmetric key and the second portion encrypted with the PPK. The SM-DP+ can also securely send the PPK to the smartphone/device to enable the device to read the second portion. Show less

The IP relates to the configuration and operation of networked transducers, including the use of a smartphone to securely configure new devices for connecting with a network. One example is the Matter Specification for configuring devices to add to a wireless network.

A secure channel is established with a configuring smartphone using both a device QR code and ephemeral Elliptic Curve Diffie-Hellman (ECDHE) key exchange. A network’s authentication of new devices is based upon (i)… Show more

The IP relates to the configuration and operation of networked transducers, including the use of a smartphone to securely configure new devices for connecting with a network. One example is the Matter Specification for configuring devices to add to a wireless network.

A secure channel is established with a configuring smartphone using both a device QR code and ephemeral Elliptic Curve Diffie-Hellman (ECDHE) key exchange. A network’s authentication of new devices is based upon (i) encrypted transfer of a pre-installed device certificate and (ii) generation of a new device X.509 certificate specifically for the network. Use of a 1st wireless network and a smartphone for initial authentication and delivery of configuration data to join a 2nd wireless network (such as Wi-Fi), where devices operate within the 2nd wireless network. Show less

The IP relates to conducting an ephemeral elliptic curve Diffie Hellman key exchange (ECDHE) with authentication and multiple parties, and more particularly to communications between a computing device and multiple servers within a network. A network communicating with a device can use two separate server systems to increase security, where each server system supports both (i) mutual authentication with the device, and (ii) forward secrecy. Different businesses may operate each server system,… Show more

The IP relates to conducting an ephemeral elliptic curve Diffie Hellman key exchange (ECDHE) with authentication and multiple parties, and more particularly to communications between a computing device and multiple servers within a network. A network communicating with a device can use two separate server systems to increase security, where each server system supports both (i) mutual authentication with the device, and (ii) forward secrecy. Different businesses may operate each server system, such that confidential information is not shared. Show less

A storage radio unit (SRU) for a device can include a radio, embedded universal integrated circuit card (eUICC), a processor, an antenna, and nonvolatile memory. The SRU can support standards for removable storage form factors and record a file system for a device. The device can be associated with a service provider and the SRU can be associated with a network provider. The radio can support Narrowband Internet of Things (NB-IoT) standards. The SRU can operate a file system interface (FSI) for… Show more

A storage radio unit (SRU) for a device can include a radio, embedded universal integrated circuit card (eUICC), a processor, an antenna, and nonvolatile memory. The SRU can support standards for removable storage form factors and record a file system for a device. The device can be associated with a service provider and the SRU can be associated with a network provider. The radio can support Narrowband Internet of Things (NB-IoT) standards. The SRU can operate a file system interface (FSI) for the radio, where the device records application data in a file of the FSI. The SRU can attach to a wireless NB-IoT network using credentials recorded in the eUICC. The SRU can read the file of the FSI, and compress, encrypt, and transmit the application data to a network provider via the radio. The network provider can transmit the application data via TLS to the service provider. Show less

Quantum computers with ~2,500 - ~4,000 logical qubits can feasibly break ECC/RSA algorithms in a reasonable time. This is a major problem, because some root certificates such as the main GSMA eUICC root certificate currently expires in 2052 ! Thus, there is a high probability that critical root certificates will be broken long before currently planned certificate expiration.

Since some device and network public keys can be securely stored before device distribution, those selected… Show more

Quantum computers with ~2,500 - ~4,000 logical qubits can feasibly break ECC/RSA algorithms in a reasonable time. This is a major problem, because some root certificates such as the main GSMA eUICC root certificate currently expires in 2052 ! Thus, there is a high probability that critical root certificates will be broken long before currently planned certificate expiration.

Since some device and network public keys can be securely stored before device distribution, those selected public keys can be used to subsequently securely transfer a future public key supporting post-quantum cryptography. In other words, the patent application provides a critical mechanism for deployed devices to securely bridge from current ECC/RSA algorithms to post-quantum cryptography for lattice-based, code-based, or other algorithms. Show less

Hong Kong version of issued GB patent 2588867

Hong Kong version of granted GB patent 2534801.

The IP relates to conducting an ephemeral elliptic curve Diffie Hellman key exchange (ECDHE) with authentication and multiple parties, and more particularly to communications between a computing device and multiple servers within a network. The computing device and the network can derive at least two shared secrets with mutual authentication for a secure session.

One of the largest technical problems facing all computers (e.g. mobile phones, cloud providers, network gear, etc.) over the coming decade is that functional quantum computers will break traditional PKI. Essentially all current digital signature algorithms and key exchanges based on PKI will need to be replaced by new algorithms. The migration will need to be well underway within about 10 years, based on a survey of more than 40 experts by the Global Risk Institute in their Quantum Threat… Show more

One of the largest technical problems facing all computers (e.g. mobile phones, cloud providers, network gear, etc.) over the coming decade is that functional quantum computers will break traditional PKI. Essentially all current digital signature algorithms and key exchanges based on PKI will need to be replaced by new algorithms. The migration will need to be well underway within about 10 years, based on a survey of more than 40 experts by the Global Risk Institute in their Quantum Threat Timeline Report 2020. The technology in this patent supports quantum safe encryption and authentication with both (i) the efficiency of TLS 1.3 while also (ii) simultaneously supporting two separate PQC KEM algorithms. Show less

Granted divisional application.

Patent issued by the European Patent Office covering the embedded SIM (eSIM).

The "Trusted Connectivity Alliance" confirmed there were 309 million eSIMs shipped in 2020, which is an annual growth rate of 89% over the 169 million eSIMs shipped in 2019. Juniper Research predicts there will an installed base of 3.4 billion eSIMs at the end of 2025.

Efficient and secure session resumption will be particularly important for protocols such as TLS, SSH, Wireguard, etc. to support post-quantum cryptographic (PQC) algorithms. The reason is that bandwidth and/or processing requirements for establishing a shared secret are higher for PQC algorithms. The sequential use of KEM allow MAC tags to be inserted on values that were previously not available with traditional protocols such as TLS 1.3.

Functional quantum computers will make existing TLS sessions no longer secure by about 2030 (in addition to SSH, IPSec, etc). Consequently, a new TLS protocol will be required by then (e.g. "PQC TLS") using both (i) post quantum cryptography (PQC) key encapsulation mechanisms (KEM) and (ii) PQC digital signatures. A few different detailed proposals have begun circulation as of Dec. 2020. However, existing needs not addressed by the proposals include secure use of both (i) ephemeral PKI key… Show more

Functional quantum computers will make existing TLS sessions no longer secure by about 2030 (in addition to SSH, IPSec, etc). Consequently, a new TLS protocol will be required by then (e.g. "PQC TLS") using both (i) post quantum cryptography (PQC) key encapsulation mechanisms (KEM) and (ii) PQC digital signatures. A few different detailed proposals have begun circulation as of Dec. 2020. However, existing needs not addressed by the proposals include secure use of both (i) ephemeral PKI key pairs by both a client and a server and (ii) digital signatures generated by a key server securely separated from a web server conducting KEM with the ephemeral PKI keys. The use of ephemeral PKI key pairs increases encryption security but can create challenges for authentication security, which are addressed in this patent application. Show less

ECC/DH algorithms for securing data will likely be broken by functional quantum before ~2030, and RSA algorithms likely a couple of years after that. Although ensuring long-term security for data transmitted across the Internet will require use of new PQC algorithms, the industry has traditionally been very conservative for algorithm changes. As one example, the widespread use of ECC didn't happen until about 20 years after first being proposed. But, most new PQC algorithms will need to… Show more

ECC/DH algorithms for securing data will likely be broken by functional quantum before ~2030, and RSA algorithms likely a couple of years after that. Although ensuring long-term security for data transmitted across the Internet will require use of new PQC algorithms, the industry has traditionally been very conservative for algorithm changes. As one example, the widespread use of ECC didn't happen until about 20 years after first being proposed. But, most new PQC algorithms will need to enter widespread use less than 10 years after being proposed. Since new PQC algorithms are less trusted, devices and servers need secure methods for relying on multiple algorithms, such that encryption remains as strong as the strongest algorithm. Many platforms such as the embedded SIM, the "smart secure platform", GlobalPlatform's "Open Firmware Loader", 5G EAP-TLS authentication, etc. will require use of all of (i) static device PKI keys, (ii) static server PKI keys, (iii) ephemeral device PKI keys, and (iv) ephemeral server PKI keys. This patent application provides both an efficient and highly secure way to implement the above keys using multiple PKQ algorithms. Show less

Security for essentially all devices on the Internet will soon need to change from RSA/ECC/DH algorithms to PQC algorithms. This required change is coming faster than many experts had anticipated. As one example, IBM's roadmap for their quantum computing platform plans 1121 qubits in 2023. ECC can be broken with ~3,000 stable, logical qubits (with many times more required for error correction), which could very likely be before 2030. The industry-wide networking "overhaul" from RSA/ECC to… Show more

Security for essentially all devices on the Internet will soon need to change from RSA/ECC/DH algorithms to PQC algorithms. This required change is coming faster than many experts had anticipated. As one example, IBM's roadmap for their quantum computing platform plans 1121 qubits in 2023. ECC can be broken with ~3,000 stable, logical qubits (with many times more required for error correction), which could very likely be before 2030. The industry-wide networking "overhaul" from RSA/ECC to PQC creates both risks and potential problems. This patent application of ~100 pages solves many issues through secure and efficient use of both (i) static public keys (such as Classic McEliece distributed with IoT devices and mobile phones) and (ii) ephemeral public keys that can be secured by the static public keys. Show less

Classical PKI algorithms based on RSA and ECC will be replaced over the next decade by "quantum-safe" algorithms. This will also require significant updates and changes to protocol for secure sessions such as TLS, SSH, IPSec, etc. The technology in the patent application includes all of (i) ephemeral PKI keys for both the client and server, (ii) use of two distinct post-quantum cryptography (PQC) algorithms by the client and server, and (iii) full use of the above by both parties after only a… Show more

Classical PKI algorithms based on RSA and ECC will be replaced over the next decade by "quantum-safe" algorithms. This will also require significant updates and changes to protocol for secure sessions such as TLS, SSH, IPSec, etc. The technology in the patent application includes all of (i) ephemeral PKI keys for both the client and server, (ii) use of two distinct post-quantum cryptography (PQC) algorithms by the client and server, and (iii) full use of the above by both parties after only a "Client Hello" and "Server Hello". The security level provided is equal to at least the stronger to the two distinct PQC algorithm, such that even if one PQC algorithm is found insecure in the future, the overall security level is maintained. Show less

Continuation of US patent 10187206.

For 5G networks, the subscription permanent identifier (equivalent to IMSI), is transmitted only in an encrypted manner in the form of a SUCI. This increases security by preventing tracking of wireless devices by anyone but the mobile operator. However, security depends on ECC algorithms, which will become insecure with functional quantum computers. So, the generation of a SUCI from a SUPI will require the transition to quantum-safe algorithms. The patent application provides an… Show more

For 5G networks, the subscription permanent identifier (equivalent to IMSI), is transmitted only in an encrypted manner in the form of a SUCI. This increases security by preventing tracking of wireless devices by anyone but the mobile operator. However, security depends on ECC algorithms, which will become insecure with functional quantum computers. So, the generation of a SUCI from a SUPI will require the transition to quantum-safe algorithms. The patent application provides an architecture and procedures to increase security and solve new problems using quantum-safe algorithms. Show less

Quantum Computers will likely break existing RSA and ECC public keys within about a decade. High-value, long-term root certificates will need to transition to different cryptographic algorithms, such as based on lattices. One example is an existing root certificate for the GSMA embedded SIM, which currently expires in 2052, but the 256 bit ECC public key will likely be broken decades before expiration. There will be a transition period where the use of two different signature algorithms will… Show more

Quantum Computers will likely break existing RSA and ECC public keys within about a decade. High-value, long-term root certificates will need to transition to different cryptographic algorithms, such as based on lattices. One example is an existing root certificate for the GSMA embedded SIM, which currently expires in 2052, but the 256 bit ECC public key will likely be broken decades before expiration. There will be a transition period where the use of two different signature algorithms will be preferred for many high-value, long-term applications. This patent application increases both security and flexibility for the concurrent use of two digital signature algorithms and certificates for both signature generation and verification. Show less

Continuation of US 10,652,017, which issued as a U.S. patent in May 2020.

Continuation of U.S. Patent 10,621,352, which will issue on April 14, 2020. Provides a secure and globally scalable solution for the use of "Wi-Fi Easy Connect" with mutual authentication. "Wi-Fi Easy Connect" is the standard from the Wi-Fi Alliance for the replacement of the deprecated WPS ("Wireless Protected Setup"). A more detailed summary is provided in the link below.

Continuation of U.S. Patent number 10,362,012

Continuation of 10,250,386. Power savings and security for wireless networks.

Continuation of 10,057,059. Security for networks.

Continuation of 10,177,911. Security for networks.

The foundation of security for computing devices begins with a secure boot process. PKI keys for verification of boot programs are based on RSA or ECC. Those keys and algorithms can likely be broken by quantum computers over the next several years. Consequently, new technology is required to securely update the PKI keys and associated digital signatures to quantum safe algorithms. A "Primary Platform" or "Trusted Execution Environment" can be used to securely accomplish this essential… Show more

The foundation of security for computing devices begins with a secure boot process. PKI keys for verification of boot programs are based on RSA or ECC. Those keys and algorithms can likely be broken by quantum computers over the next several years. Consequently, new technology is required to securely update the PKI keys and associated digital signatures to quantum safe algorithms. A "Primary Platform" or "Trusted Execution Environment" can be used to securely accomplish this essential required feature for future computing devices. Show less

ETSI standards for the replacement of the SIM card will be published soon as the "Smart Secure Platform". A critical feature for market acceptance is the internal generation by a secondary platform bundle (SPB) operating in a primary platform to internally generate a PKI key pair. Note this is much more secure than generating private keys on a server and including those private keys inside bound firmware transferred to the primary platform. However, the secure and authenticated generation of… Show more

ETSI standards for the replacement of the SIM card will be published soon as the "Smart Secure Platform". A critical feature for market acceptance is the internal generation by a secondary platform bundle (SPB) operating in a primary platform to internally generate a PKI key pair. Note this is much more secure than generating private keys on a server and including those private keys inside bound firmware transferred to the primary platform. However, the secure and authenticated generation of PKI keys by a SPB has numerous challenges, which are solved in this patent application. Show less

The embedded SIM (eUICC) will replace SIM card functionality over the next several years. The patented technology includes consumer devices with a user interface for securely initiating the receipt of an encrypted profile for the eUICC.

The Smart Secure Platform (SSP) will replace SIM card functionality for many devices. ETSI/3GPP has been updating the SIM card standards to support (i) Internet of Things, (ii) flexible applications like banking and electronic identities, (iii) “post-quantum cryptography”, and (iv) remote provisioning. The patent covers important features of the Smart Secure Platform, including key derivation, securely downloading firmware for the SSP, and secure certificate generation for the firmware.

The secure delivery of credentials from a network to an embedded SIM requires several important steps, which are addressed in this patent. As one of many examples, regulations in many countries require a user of a device be authorized in addition to the device authentication from the eSIM functionality, Over 100 million embedded SIMs were shipped in 2018, with multiple market research reports confirming more than a billion embedded SIMs will be shipped annually by 2022.

5G networks supporting EAP-TLS authentication do not require a SIM card or even an embedded SIM. Supporting EAP-TLS with both TLS 1.3 and concealed subscriber identities creates problems that need to be solved for globally scalable solutions. Devices and networks may have no pre-existing relationship and support different certificate issuers and cryptographic parameters. Globally, there could be thousands of device manufacturers, hundreds of networks, and dozens of certificate issuers with… Show more

5G networks supporting EAP-TLS authentication do not require a SIM card or even an embedded SIM. Supporting EAP-TLS with both TLS 1.3 and concealed subscriber identities creates problems that need to be solved for globally scalable solutions. Devices and networks may have no pre-existing relationship and support different certificate issuers and cryptographic parameters. Globally, there could be thousands of device manufacturers, hundreds of networks, and dozens of certificate issuers with different preferences for supported of algorithms. The problem will be compounded significantly during the transition to post-quantum cryptography.

A device often will not have Internet access until after completion of EAP-TLS, and for many use cases the device may not be able verify network certificates until after EAP-TLS authentication is complete. The technology in the patent application solves this and related problems for EAP-TLS authentication with concealed subscriber identities. Show less

Patent covering embedded SIM standard for consumer devices. SIM cards are beginning to be replaced by the embedded SIM, which supports remote provisioning and does not require physically changing a SIM card. More than 100 million embedded SIM cards were shipped in 2018. Since the function of a SIM card or embedded SIM is the foundation of security for mobile networks, new technology was required to support a consumer embedded SIM.

5G networks can use EAP-TLS. This is a very big deal, because the SIM card is no longer required.

But, to take advantage of this, problems can arise when there is no known or existing relationship between the device and the network. EAP-TLS within enterprises is very different, because the enterprise controls both the device and the network. A MNO controls a 5G network and a device manufacturer initially controls a device. The MNO and device manufacturer may use different root… Show more

5G networks can use EAP-TLS. This is a very big deal, because the SIM card is no longer required.

But, to take advantage of this, problems can arise when there is no known or existing relationship between the device and the network. EAP-TLS within enterprises is very different, because the enterprise controls both the device and the network. A MNO controls a 5G network and a device manufacturer initially controls a device. The MNO and device manufacturer may use different root certificate issuers or even different and incompatible parameters or algorithms. The device may have no Internet access needed to verify MNO server certificates in an EAP-TLS handshake. The patent application solves these problems, making EAP-TLS with 5G networks globally scalable. Note that 5G networks also use concealed subscribed identities, adding to the problem complexity. Further, supporting TLS version 1.3 for EAP-TLS in future networks requires important changes to EAP-TLS. Show less

PCT application for issued patent 10,169,587. The patented and globally scalable solution for mutual authentication with “WiFi Easy Connect” and mobile handsets leverages (i) cloud networks and (ii) a pre-shared public key in WiFi endpoints for the cloud networks, in order to solve the underlying problem and complexity for mutual authentication between an initiator and a responder. A mobile phone authenticating with the cloud network can operate as an initiator proxy.

A wireless device with transducers can support remote monitoring and include an 802.11 compatible radio and a set of device default credentials. The device can be installed at a physical location with service from a fixed access point operating with a different set of owner credentials. A mobile phone can (i) scan a tag for the device and download a set of configuration parameters for the device, and (ii) authenticate with a configuration system. The mobile phone can receive the set of… Show more

A wireless device with transducers can support remote monitoring and include an 802.11 compatible radio and a set of device default credentials. The device can be installed at a physical location with service from a fixed access point operating with a different set of owner credentials. A mobile phone can (i) scan a tag for the device and download a set of configuration parameters for the device, and (ii) authenticate with a configuration system. The mobile phone can receive the set of device default credentials from the configuration system. The mobile phone can activate a mobile access point using the set of device default credentials. The device can connect with the mobile phone’s access point and receive a ciphertext with the owner credentials and a configuration package. The device can apply the configuration package and load the owner credentials in order to connect with the fixed access point. Show less

Methods and systems are provided for power management and security for wireless modules in “Machine-to-Machine” communications.

Continuation of U.S. patent number 10,204,223. ETSI/3GPP proposes a long-term roadmap of replacing the SIM card with a "Smart Secure Platform" (SSP), in order to provide needed flexibility. A SSP can support PKI as the core authentication with multiple different applications instead of a single pre-shared key with one mobile operator network. The original patent application was filed ~2.5 years before the start of SSP standardization and anticipated the primary problems and preferred… Show more

Continuation of U.S. patent number 10,204,223. ETSI/3GPP proposes a long-term roadmap of replacing the SIM card with a "Smart Secure Platform" (SSP), in order to provide needed flexibility. A SSP can support PKI as the core authentication with multiple different applications instead of a single pre-shared key with one mobile operator network. The original patent application was filed ~2.5 years before the start of SSP standardization and anticipated the primary problems and preferred solutions for making a functional and flexible "smart secure platform". Show less

Simple IoT device configuration, while maintaining security, is a significant challenge. An endpoint should be configured with the simplicity of a user placing an mobile handset near the IoT device and pushing a "button" on the phone user interface. The mobile handset could be an insecure device. Supporting this simplicity with security can be accomplished by (A) the device deriving a public key and encrypting the public key in a manner that (B) the handset cannot read the public key but can… Show more

Simple IoT device configuration, while maintaining security, is a significant challenge. An endpoint should be configured with the simplicity of a user placing an mobile handset near the IoT device and pushing a "button" on the phone user interface. The mobile handset could be an insecure device. Supporting this simplicity with security can be accomplished by (A) the device deriving a public key and encrypting the public key in a manner that (B) the handset cannot read the public key but can send the encrypted public key to a configuration system. The configuration system can (i) decrypt the encrypted public key and (ii) encrypt configuration data for the IoT device using the public key, and (iii) send the encrypted configuration data to the IoT device through the mobile phone. Show less

Continuation of US Publication US 20180144147 A1

Continuation of US Pat. App. 15/162,292. A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the… Show more

Continuation of US Pat. App. 15/162,292. A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone. Show less

Continuation of U.S. Patent No. 9,742,562

Continuation of U.S. patent application Ser. No. 15/043,293

A network can operate a WiFi access point with credentials. An unconfigured device can (i) support a Device Provisioning Protocol (DPP), (ii) record responder bootstrap public and private keys, and (iii) be marked with a tag. The network can record initiator bootstrap public and private keys, as well as derived initiator ephemeral public and private keys. An initiator can (i) operate a DPP application, (ii) read the tag, (iii) establish a secure and mutually authenticated connection with the… Show more

A network can operate a WiFi access point with credentials. An unconfigured device can (i) support a Device Provisioning Protocol (DPP), (ii) record responder bootstrap public and private keys, and (iii) be marked with a tag. The network can record initiator bootstrap public and private keys, as well as derived initiator ephemeral public and private keys. An initiator can (i) operate a DPP application, (ii) read the tag, (iii) establish a secure and mutually authenticated connection with the network, and (iv) send the network data within the tag. The network can record the responder bootstrap public key and derive an encryption key with the (i) recorded responder bootstrap public key and (ii) derived initiator ephemeral private key. The network can encrypt credentials using the derived encryption key and send the encrypted credentials to the initiator, which can forward the encrypted credentials to the device, thereby supporting a device configuration. Show less

A secure element such as a primary platform has significant challenges related to certificate verification of a received server certificate because (i) the primary platform may not have access to the Internet (such as only after a mutual authentication with a network is complete), (ii) the primary platform likely cannot independently keep time for timestamp verification, and (iii) root or stored certificates can use different parameters and algorithms than those received with a server… Show more

A secure element such as a primary platform has significant challenges related to certificate verification of a received server certificate because (i) the primary platform may not have access to the Internet (such as only after a mutual authentication with a network is complete), (ii) the primary platform likely cannot independently keep time for timestamp verification, and (iii) root or stored certificates can use different parameters and algorithms than those received with a server certificate. The technology disclosed solves these problems in a secure and simple manner. Show less

Continuation of U.S. Pat. No. 9,742,562

Continuation of U.S. Pat. No. 9,998,280

A device can (i) store public keys Ss and Sn for a network and (ii) record private key sd. A network can record a corresponding private keys ss and sn. The device can (i) generate a device ephemeral PKI key pair (Ed, ed) and (ii) send public key Ed to the network. The device can receive an ephemeral public key Es from the network. The device can calculate values for A: an elliptic curve point addition over Ss, Sn, and Es, and B: ( sd + ed ) mod n. The device can input values for A and B… Show more

A device can (i) store public keys Ss and Sn for a network and (ii) record private key sd. A network can record a corresponding private keys ss and sn. The device can (i) generate a device ephemeral PKI key pair (Ed, ed) and (ii) send public key Ed to the network. The device can receive an ephemeral public key Es from the network. The device can calculate values for A: an elliptic curve point addition over Ss, Sn, and Es, and B: ( sd + ed ) mod n. The device can input values for A and B into an elliptic curve Diffie Hellman key exchange (ECDH) in order to determine a mutually derived shared secret X5, where the network can also derive shared secret X5. The device can (i) use X5 to derive a key K2 and (ii) decrypt a ciphertext from the network using key K2. Show less

Continuation of US 10204233 B2

A device can (i) operate a primary platform (PP) within a tamper resistant element (TRE) and (ii) receive encrypted firmware images for operating within the primary platform. The TRE can store in nonvolatile memory of the TRE (i) a PP static private key (SK-static.PP), (ii) a server public key (PK.IDS1), and (iii) a set of cryptographic parameters. The TRE can generate a one-time PKI key pair of SK-OT1.PP and PK-OT1.PP and send the public key PK-OT1.PP to a server. The TRE can receive a… Show more

A device can (i) operate a primary platform (PP) within a tamper resistant element (TRE) and (ii) receive encrypted firmware images for operating within the primary platform. The TRE can store in nonvolatile memory of the TRE (i) a PP static private key (SK-static.PP), (ii) a server public key (PK.IDS1), and (iii) a set of cryptographic parameters. The TRE can generate a one-time PKI key pair of SK-OT1.PP and PK-OT1.PP and send the public key PK-OT1.PP to a server. The TRE can receive a one-time public key from the server comprising PK-OT1.IDS1. The TRE can derive a ciphering key using an elliptic curve Diffie Hellman key exchange and the SK-static.PP, SK-OT1.PP, PK.IDS1, and PK-OT1.IDS1 keys. The TRE can decrypt the encrypted firmware using the derived ciphering key. The primary platform can comprise a smart secure platform (SSP) and the decrypted firmware can comprise a virtualized image for the primary platform. Show less

Continuation of U.S. patent application Ser. No. 14/751,119

Radio modules for IoT devices have standardized on the AT command set for the past ~40 years. The AT command set and related APIs require a processor and a radio module to be awake and communicate via a data bus, which requires both the processor and the radio module to be in active states and consequently consume power. This patent application of ~125 pages and ~20 figures provides a shared nonvolatile memory interface to allow completely independent sleep states for a processor and a radio… Show more

Radio modules for IoT devices have standardized on the AT command set for the past ~40 years. The AT command set and related APIs require a processor and a radio module to be awake and communicate via a data bus, which requires both the processor and the radio module to be in active states and consequently consume power. This patent application of ~125 pages and ~20 figures provides a shared nonvolatile memory interface to allow completely independent sleep states for a processor and a radio module. This architecture supports a common industry goal for IoT applications to support a 5-10 year battery life. An example application is placing an complete NB-IoT radio within a microSD card for tracking purposes. Show less

Continuation of U.S. Pat. No. 9,961,060

Continuation of U.S. Pat. No. 9,641,327

Continuation filed by Microsoft for "Call Server" Patent

Continuation of U.S. patent application Ser. No. 15/583,968

Multiple different technologies have standardized on Elliptic Curve Diffie Hellman (ECDH) key exchanges, including TLS v3, 5G networks, embedded SIMs, and “WiFi Easy Connect”. This patent application includes a valuable enhancement for ECDH key exchanges, where (i) a device can record and use multiple different public keys all input for one ECDH key exchange, and (ii) a network can record at least one of the corresponding private keys on a separate, secure key server. Security can be increased… Show more

Multiple different technologies have standardized on Elliptic Curve Diffie Hellman (ECDH) key exchanges, including TLS v3, 5G networks, embedded SIMs, and “WiFi Easy Connect”. This patent application includes a valuable enhancement for ECDH key exchanges, where (i) a device can record and use multiple different public keys all input for one ECDH key exchange, and (ii) a network can record at least one of the corresponding private keys on a separate, secure key server. Security can be increased for IoT devices and applications through the distribution of private keys for the ECDH key exchange in a network between a key server and a server. Show less

A server can receive a device public key and forward the device public key to a key server. The key server can perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using the device public key and a network private key to derive a secret X1. The key server can send the secret X1 to the server. The server can derive an ECC PKI key pair and send to the device the server public key. The server can conduct a second ECDH key exchange using the derived server secret key and the device… Show more

A server can receive a device public key and forward the device public key to a key server. The key server can perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using the device public key and a network private key to derive a secret X1. The key server can send the secret X1 to the server. The server can derive an ECC PKI key pair and send to the device the server public key. The server can conduct a second ECDH key exchange using the derived server secret key and the device public key to derive a secret X2. The server can perform an ECC point addition using the secret X1 and secret X2 to derive a secret X3. The device can derive the secret X3 using (i) the server public key, a network public key, and the device private key and (ii) a third ECDH key exchange. Show less

Continuation of 9,698,981

Microsoft's continuation of 9,674,001

Continuation of of U.S. patent application Ser. No. 14/789,255

Continuation of U.S. patent application Ser. No. 14/039,401

A wireless access point such as a WiFi router or a gnodeb can operate as a responder. An IoT device for attaching to the wireless network can operate as an initiator. The responder can operate as a responder proxy, where a cloud network can record and operate with the responder boostrap private key. The initiator can record a pre-shared responder bootstrap public key for multiple cloud networks. The wireless access point with the cloud can conduct a device provisioning protocol with the IoT… Show more

A wireless access point such as a WiFi router or a gnodeb can operate as a responder. An IoT device for attaching to the wireless network can operate as an initiator. The responder can operate as a responder proxy, where a cloud network can record and operate with the responder boostrap private key. The initiator can record a pre-shared responder bootstrap public key for multiple cloud networks. The wireless access point with the cloud can conduct a device provisioning protocol with the IoT device to send a set of network access credentials. Show less

Continuation of U.S. patent application Ser. No. 14/099,329.

European counterpart for US patent number 10,204,233.

Continuation of US Pat. 9,319,223

Continuation of 9,350,550

Microsoft's continuation of U.S. application Ser. No. 13/168,578.

Continuation of US Pat. 9,276,740.

Continuation of US Pat. 9,118,464.

Microsoft's continuation of U.S. Pat. No. 7,991,001.

Methods and systems are provided for power management and security for wireless modules in “Machine-to-Machine” communications. A wireless module operating in a wireless network and with access to the Internet can efficiently and securely communicate with a server. The wireless network can be a public land mobile network (PLMN) or a wireless local area network (LAN). The wireless module may include a sensor and may be installed next to a monitored unit. The wireless module may utilize active… Show more

Methods and systems are provided for power management and security for wireless modules in “Machine-to-Machine” communications. A wireless module operating in a wireless network and with access to the Internet can efficiently and securely communicate with a server. The wireless network can be a public land mobile network (PLMN) or a wireless local area network (LAN). The wireless module may include a sensor and may be installed next to a monitored unit. The wireless module may utilize active states for collecting and sending data, and sleep states at other times to conserve a battery and/or energy usage. The wireless module minimize the time spent in a radio resource control (RRC) connected state. Messages between the wireless module and server can be transmitted according to a user datagram protocol (UDP). The wireless module and server can utilize public key infrastructure (PKI) for encryption and digital signatures. Show less

A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module… Show more

A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone. Show less

Continuation of US Pat. 9,351,162.

PCT counterpart for US patent 10,204,233.

Canada counterpart for US patent number 10,204,233.

A module with an embedded universal integrated circuit card (eUICC) can include a first eUICC profile and a set of cryptographic algorithms. The first eUICC profile can include an initial shared secret network key K for authentication with a wireless network. The module can receive a key K network token from, and send a key K module token to, an eUICC subscription manager (eUICC-SM). The module can use the key K network token, a derived module private key, a key derivation function, and a… Show more

A module with an embedded universal integrated circuit card (eUICC) can include a first eUICC profile and a set of cryptographic algorithms. The first eUICC profile can include an initial shared secret network key K for authentication with a wireless network. The module can receive a key K network token from, and send a key K module token to, an eUICC subscription manager (eUICC-SM). The module can use the key K network token, a derived module private key, a key derivation function, and a shared secret algorithm to derive a shared secret key that supports communication with the UICC-SM. eUICC-SM can use the received key K module token, a private key, the key derivation function, and the shared secret algorithm in order to derive the same shared secret key derived by the module. The module can subsequently receive a second eUICC profile encrypted using the derived shared secret key. Show less

Methods and systems are provided for efficient and secure “Machine-to-Machine” (M2M) between modules and servers. The module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The module can internally derive pairs of private/public keys using cryptographic algorithms and a set of cryptographic parameters. The module can… Show more

Methods and systems are provided for efficient and secure “Machine-to-Machine” (M2M) between modules and servers. The module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The module can internally derive pairs of private/public keys using cryptographic algorithms and a set of cryptographic parameters. The module can authenticate the submission of derived public keys. The module and server can mutually derive shared secret keys using the PKI keys. Data can be encrypted and decrypted using a set of cryptographic algorithms, the secret shared keys, and the set of cryptographic parameters. A module can send and receive sets of cryptographic parameters in order to flexibly and securely communicate with a variety of servers over time. Show less

Methods and systems are provided for efficient and secure “Machine-to-Machine” (M2M) between modules and servers. A module can communicate with a server by accessing the Internet, and the module can include a sensor and/or actuator. The module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The module can internally derive… Show more

Methods and systems are provided for efficient and secure “Machine-to-Machine” (M2M) between modules and servers. A module can communicate with a server by accessing the Internet, and the module can include a sensor and/or actuator. The module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The module can internally derive pairs of private/public keys using cryptographic algorithms and a set of parameters. A server can use a shared secret key to authenticate the submission of derived public keys with an associated module identity. For the very first submission of a public key derived the module, the shared secret key can comprise a pre-shared secret key which can be loaded into the module using a pre-shared secret key code. Show less

Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a… Show more

Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module. Show less

A scalable, secure, and efficient architecture for M2M applications can use (I) a module that uses or derives its own public and private keys, (ii) a server for communicating with the M2M modules, and (iii) an application to manage the service. Scaling and supporting the "Internet of Things" can require new technology, such as that outlined in the applications. The ~150 pages in this application address details for implementing the architecture, with a focus on the server.

Sole Inventor. In my view, many M2M modules in the future will use PKI as the core identification and authentication mechanism instead of (or in addition to) SIM cards. The reason is that SIM cards are designed for mobile phones. The use of PKI has benefits, but also challenges, and this patent application addresses many of the key challenges related to modules deriving their own private and public key.

Sole inventor. The patent application describes a set of servers for managing communication for M2M modules using PKI, including supporting key derivation by modules. The M2M modules can use a set of cryptographic parameters and cryptographic algorithms to send sensor data to an application through the server and also receive an instruction from an application through the server. The servers and system supports both NAT firewalls and modules primarily in a sleep or dormant state.

Over the next decade or so the SIM card will start to get replaced, with a primary driver being M2M applications or the "Internet of Things". The transition period from SIMs to eUICCs (based on a file instead of a physical card) will have challenges, as the authentication of mobile phones and M2M modules is currently entirely based on pre-shared secret keys recorded in the SIM. This patent application provides solutions for authentication and encryption to solve technical challenges limiting… Show more

Over the next decade or so the SIM card will start to get replaced, with a primary driver being M2M applications or the "Internet of Things". The transition period from SIMs to eUICCs (based on a file instead of a physical card) will have challenges, as the authentication of mobile phones and M2M modules is currently entirely based on pre-shared secret keys recorded in the SIM. This patent application provides solutions for authentication and encryption to solve technical challenges limiting the current adoption of eUICCs. Show less

Sole inventor. 2nd continuation application of Patent US8165090. This patent combines quality measurements with UDP port management in order to traverse a firewall for vertical handovers.

A second continuation patent of 8,165,090

Second continuation patent for 8228861

Sole inventor. Continuation of US Patent 8,165,090. Make-before-Break handovers at the application level in an all-IP network. Also, describes how to traverse firewalls.

Sole inventor. Continuation of U.S. Patent 8,165,091. Make-before-Break handovers while also using LAN profiles. The LAN profile for a handover at the application level is introduced in the original specification.

Sole inventor. Continuation of U.S. Patent 8,228,861. Describes handovers between WiFi and 4G networks, including the difficult case where the corresponding node is behind a symmetric NAT router or firewall.

Sole inventor. Continuation of U.S. Patent 8,228,861.

Sole Inventor. First Patent issued under this title. Handover when a mobile device changes IP address. Specification is about 250 pages

Sole Inventor. Handover of mobile phone calls at the application level in an all-IP network. Fundamental concepts of (I) using recorded LAN profile and (ii) rules for handover enable rapid handover in an environment with firewalls.

Sole Inventor. First application in family. Handover for a mobile phone in an all IP network. Covers cases where the corresponding node is either at a public IP address or full-cone NAT.

Lead inventor. Describes using a software defined radio to provide GSM mobile phone service. In terms of forward citations, this was in the top 99% of all patents in it's class of about 50,000 patents.

Methods and systems are provided for intelligent call routing through distributed VoIP networks. A host name, representing a proxy, is assigned to and associated with a device. An IP address of a first proxy is acquired via a DNS query for the host name. The quality of the connection between the first proxy and the device is measured at least in part by calculating the round-trip delay for messages between the first proxy and the device. A DNS record for the host name is changed to specify the… Show more

Methods and systems are provided for intelligent call routing through distributed VoIP networks. A host name, representing a proxy, is assigned to and associated with a device. An IP address of a first proxy is acquired via a DNS query for the host name. The quality of the connection between the first proxy and the device is measured at least in part by calculating the round-trip delay for messages between the first proxy and the device. A DNS record for the host name is changed to specify the IP address of a second proxy. The IP address of the second proxy is acquired via a second DNS query for the host name. The quality of the connection between the second proxy and the device is measured at least in part by calculating the round-trip delay for messages between the second proxy and the device. The quality of the first and second connections is compared, and the IP address of the proxy with the higher-quality connection is assigned to the DNS record. Show less

Lead Inventor. Continuation application for 7,145,900

Lead Inventor. Patent covers PC-to-phone using a proprietary protocol from the PC to a server, and then a standard protocol such as SIP from the server to the telephone network. I sold this patent for Go2Call.com, Inc. to Skype in 2009.

Using a web-based interface to select a VoIP service provider.

Lead Inventor. Continuation application of 5,473,161.

Lead Inventor. This patent covers what remains today (about 20 years later) as probably the most accurate technique for measuring the shelf life of plastic bottles for carbonation retention.

The significant advantages for blockchain technology with digital assets is well proven over the past 15 years. Those advantages can be extended to a quantum safe blockchain specifically for the registration of X.509 certificates, where the certificates can use quantum safe algorithms. The upcoming transition from classical digital signatures such as with RSA and ECC will require major internet infrastructure changes, and these changes can leverage an entire new, secure, and efficient system… Show more

The significant advantages for blockchain technology with digital assets is well proven over the past 15 years. Those advantages can be extended to a quantum safe blockchain specifically for the registration of X.509 certificates, where the certificates can use quantum safe algorithms. The upcoming transition from classical digital signatures such as with RSA and ECC will require major internet infrastructure changes, and these changes can leverage an entire new, secure, and efficient system for registering and revoking X.509 certificates globally. Use of blockchain means no individual company or government controls the system. Certificates can be quickly and globally identified by a single registration number, which allows simple and secure access and receipt by end users. Significant other benefits exist as well. Show less

Secure sessions such as TLS that support post-quantum cryptography (PQC) key encapsulation mechanisms (KEM) will require resumption. The importance of resumption is even higher for PQC because the initial handshakes require more bandwidth due to the significantly larger sizes of digital signatures and public keys. This patent application provides secure generation of a "pre-shared" secret key (PSK) from the first session and KEM for use with the resumed session. An identity of the PSK is also… Show more

Secure sessions such as TLS that support post-quantum cryptography (PQC) key encapsulation mechanisms (KEM) will require resumption. The importance of resumption is even higher for PQC because the initial handshakes require more bandwidth due to the significantly larger sizes of digital signatures and public keys. This patent application provides secure generation of a "pre-shared" secret key (PSK) from the first session and KEM for use with the resumed session. An identity of the PSK is also securely shared based on the KEM from the first session, in order for both a device and server to identify and use the mutually derived PSK. Show less

Continuation of US patent 10,250,386. Steps for a wireless module and a server to take to (I) reduce power and bandwidth consumption for the wireless module, while (ii) improving security.

Sole inventor. Continuation of allowed patent application 14/064,618. Modules can either derive private keys or use a key derivation function with an existing private key in order to derive a shared secret key. After a module has been deployed to the field, a set of servers can (i) also derive the same shared secret key using appropriately configured cryptographic parameters and key exchange tokens, and (ii) properly authenticate the module when the module has also internally derived the… Show more

Sole inventor. Continuation of allowed patent application 14/064,618. Modules can either derive private keys or use a key derivation function with an existing private key in order to derive a shared secret key. After a module has been deployed to the field, a set of servers can (i) also derive the same shared secret key using appropriately configured cryptographic parameters and key exchange tokens, and (ii) properly authenticate the module when the module has also internally derived the module's private key. Show less

Sole Inventor. Continuation of allowed patent application 14/099,329. The fundamental access credential key K can be securely derived by a SIM and also used with two-factor authentication. In this manner, (i) a key K for a subscriber never needs to be transmitted to an eUICC subscription manager or recorded in a transmitted electronic profile, and (ii) a user can authenticate with the network before the key K is derived.

A removable data storage unit can include a secure, isolated cryptographic engine similar to a SIM card. Long-term, flexible utilization of the removable storage unit requires secure internal key derivation. But, secure key derivation is a challenge given the limited information entropy in removable storage cards, which are addressed in the application. Additional features are described as well, including important countermeasures to thwart various side-channel attacks.

Sole Inventor. A network of various servers can support the use of virtual SIMs (eUICCs), which is required to support true scaling of "the Internet of Things". Since the distribution of eUICC profiles can be beyond the direct control of a mobile network operator, the network can take a series of steps both before and after the profile distribution in order to authenticate an M2M module or a mobile phone using the profile. Relevant keys can be mutually derived using PKI or transmitted in an… Show more

Sole Inventor. A network of various servers can support the use of virtual SIMs (eUICCs), which is required to support true scaling of "the Internet of Things". Since the distribution of eUICC profiles can be beyond the direct control of a mobile network operator, the network can take a series of steps both before and after the profile distribution in order to authenticate an M2M module or a mobile phone using the profile. Relevant keys can be mutually derived using PKI or transmitted in an encrypted format. Show less

Sole Inventor. The patent application describes the use of cryptographic algorithms, including key derivation functions and PKI, such that an M2M module can securely and efficiently communicate with a set of servers. Modules can derive PKI keys. Problems solved include "bootstrap" issues for authoritatively sending initial keys, using potentially multiple sets of cryptographic parameters for the cryptographic algorithms, and minimizing bandwidth and CPU resources to conserve limited battery… Show more

Sole Inventor. The patent application describes the use of cryptographic algorithms, including key derivation functions and PKI, such that an M2M module can securely and efficiently communicate with a set of servers. Modules can derive PKI keys. Problems solved include "bootstrap" issues for authoritatively sending initial keys, using potentially multiple sets of cryptographic parameters for the cryptographic algorithms, and minimizing bandwidth and CPU resources to conserve limited battery power for M2M modules. Show less

Sole Inventor. The Embedded Universal Integrated Circuit Card (eUICC) will eventually replace a SIM. But, the secure distribution of network access credentials through profiles has many challenges, including the encryption by 3rd parties outside the control of a mobile network operator. Key derivation by a mobile phone or an M2M module using an eUICC can solve these challenges.

Sole inventor. Control of a plurality of devices that move around can be significantly eased by using a domain name that is specific and unique to the device. If the device has a MAC address of 001122EEFF, there are big advantages of specifying an example server as 001122EEFF.vobal.com instead of server01.vobal.com (which would be shared by lots of devices).

Quantum safe blockchain for managing certificates, including certificate revocation. When Q-day arrives, revocation of certificates and especially legacy root certificates will create massive systemic risk for IT systems globally. A quantum safe blockchain for handling the registration and revocation of certificates (and raw public keys) can solve many issues across industry for many protocols: TLS, IPSec, eSIM, etc. Certificates can be identified by a human-readable integer that can be… Show more

Quantum safe blockchain for managing certificates, including certificate revocation. When Q-day arrives, revocation of certificates and especially legacy root certificates will create massive systemic risk for IT systems globally. A quantum safe blockchain for handling the registration and revocation of certificates (and raw public keys) can solve many issues across industry for many protocols: TLS, IPSec, eSIM, etc. Certificates can be identified by a human-readable integer that can be easily shared "out of band", where the integer is securely assigned upon registration in the quantum safe blockchain. Using the integer, systems connected as clients to the network can securely receive the certificate in a quantum safe manner. Show less