公开(公告)号：US10423804B2

公开(公告)日：2019-09-24

申请号：US15275273

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Wade Benson ,  Conrad Sauerwald ,  Mitchell D. Adler ,  Michael Brouwer ,  Timothee Geoghegan ,  Andrew R. Whalley ,  David P. Finkelstein ,  Yannick L. Sierra

IPC: G06F21/72 ,  H04L9/08 ,  H04L9/14 ,  G06F21/32

Abstract: Techniques are disclosed relating to securely storing data in a computing device. In one embodiment, a computing device includes a secure circuit configured to maintain key bags for a plurality of users, each associated with a respective one of the plurality of users and including a first set of keys usable to decrypt a second set of encrypted keys for decrypting data associated with the respective user. The secure circuit is configured to receive an indication that an encrypted file of a first of the plurality of users is to be accessed and use a key in a key bag associated with the first user to decrypt an encrypted key of the second set of encrypted keys. The secure circuit is further configured to convey the decrypted key to a memory controller configured to decrypt the encrypted file upon retrieval from a memory.

公开(公告)号：US10271209B2

公开(公告)日：2019-04-23

申请号：US15275231

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Mitchell D. Adler ,  Yannick L. Sierra ,  Ganesha A. G. Batta ,  Michael Giles ,  Akshay M. Srivatsa ,  Craig P. Dooley ,  Sriram Hariharan ,  Robert D. Watson

IPC: H04L29/06 ,  H04W12/04 ,  H04L9/08 ,  H04L9/14 ,  H04W12/02

Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.

公开(公告)号：US10270597B2

公开(公告)日：2019-04-23

申请号：US15273622

申请日：2016-09-22

Applicant: Apple Inc.

Inventor： Yannick L. Sierra ,  Mitchell D. Adler

IPC: H04L9/30 ,  H04L9/32 ,  H04L9/08 ,  H04L9/14 ,  H04L29/06 ,  H04W12/08

Abstract: Some embodiments provide a method for a first device to join a group of related devices. The method receives input of a password for an account with a centralized entity and a code generated by a second device in the group. When the second device determines that the code input on the first device matches the generated code, the method receives an authentication code from the second device for authorizing the first device with the entity as a valid device for the account. The method uses the password and information regarding the first device to generate an application to the group. After sending the application to the second device, the method receives information from the second device that enables the first device to add itself to the group. The second device verifies the generated application, and the method uses the information received from the second device to join the group.

公开(公告)号：US10218685B2

公开(公告)日：2019-02-26

申请号：US14937830

申请日：2015-11-10

Applicant: Apple Inc.

Inventor： Michael Brouwer ,  Dallas B. De Atley ,  Mitchell D. Adler

IPC: H04L29/06 ,  G06F17/30 ,  H04L29/08 ,  H04L12/44 ,  H04W84/18

Abstract: Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.

公开(公告)号：US10049206B2

公开(公告)日：2018-08-14

申请号：US15671012

申请日：2017-08-07

Applicant: Apple Inc.

Inventor： Jonathan J. Rubinstein ,  Anthony M. Fadell ,  Jesse Lee Dorogusker ,  Mitchell D. Adler ,  John Wesley Archibald

IPC: G06F21/44 ,  G06F21/60

Abstract: Improved techniques to control utilization of accessory devices with electronic devices are disclosed. The improved techniques can use cryptographic approaches to authenticate electronic devices, namely, electronic devices that interconnect and communicate with one another. One aspect pertains to techniques for authenticating an electronic device, such as an accessory device. Another aspect pertains to provisioning software features (e.g., functions) by or for an electronic device (e.g., a host device). Different electronic devices can, for example, be provisioned differently depending on different degrees or levels of authentication, or depending on manufacturer or product basis. Still another aspect pertains to using an accessory (or adapter) to convert a peripheral device (e.g., USB device) into a host device (e.g., USB host). The improved techniques are particularly well suited for electronic devices, such as media devices, that can receive accessory devices. One example of a media device is a media player, such as a hand-held media player (e.g., music player), that can present (e.g., play) media items (or media assets).

公开(公告)号：US09904629B2

公开(公告)日：2018-02-27

申请号：US14871498

申请日：2015-09-30

Applicant: Apple Inc.

Inventor： Michael D. Ford ,  Jerrold V. Hauck ,  Matthew G. Watson ,  Mitchell D. Adler ,  Dallas B. De Atley ,  James Wilson

IPC: H04L9/08 ,  G06F12/14 ,  G06F11/14 ,  G06F21/62 ,  H04L9/00

CPC classification number: G06F12/1408 ,  G06F11/1448 ,  G06F21/6218 ,  G06F2201/80 ,  G06F2212/1052 ,  H04L9/006 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/0897

Abstract: Some embodiments provide, for a particular device in a set of related devices, a method for backing up data synchronized between the set of related devices. The method stores the backup data encrypted with a set of data encryption keys. The method also stores the set of data encryption keys encrypted with a master recovery key. The method also stores several copies of master recovery key data, each copy of the master recovery key data encrypted with a public key of a different one of the related devices. The backup data is only recoverable by accessing a private key of any one of the related devices.

公开(公告)号：US20170318137A1

公开(公告)日：2017-11-02

申请号：US15646440

申请日：2017-07-11

Applicant: Apple Inc.

Inventor： Paul-Phillip Holden ,  Lawrence G. Bolton ,  Nitin Ganatra ,  Mitchell D. Adler ,  Emily Clark Schubert ,  Jesse Lee Dorogusker

IPC: H04M1/02 ,  G06F13/38 ,  H04M1/725

CPC classification number: H04M1/0254 ,  G06F13/385 ,  H04M1/72527 ,  H04M1/7253

Abstract: Embodiments of the present invention provide various communication techniques for communication between a mobile computing device and an accessory. An accessory protocol that is generic to the mobile computing device can be used for some communication. An application executing at the mobile computing device can communicate with the accessory using an application communication protocol. In some embodiments, the application communication protocol can be different from the accessory communication protocol. In other embodiments the application protocol may only be recognized by the application and the accessory. In some embodiments, messages conforming to an application protocol can be communicated between the application and the accessory by packaging the messages inside a message conforming to the accessory communication protocol.

公开(公告)号：US09736281B2

公开(公告)日：2017-08-15

申请号：US14742501

申请日：2015-06-17

Applicant: Apple Inc.

Inventor： Paul-Phillip Holden ,  Lawrence G. Bolton ,  Nitin Ganatra ,  Mitchell D. Adler ,  Emily Clark Schubert ,  Jesse Lee Dorogusker

IPC: H04B7/00 ,  H04M1/02 ,  G06F13/38 ,  H04M1/725

CPC classification number: H04M1/0254 ,  G06F13/385 ,  H04M1/72527 ,  H04M1/7253

Abstract: Embodiments of the present invention provide various communication techniques for communication between a mobile computing device and an accessory. An accessory protocol that is generic to the mobile computing device can be used for some communication. An application executing at the mobile computing device can communicate with the accessory using an application communication protocol. In some embodiments, the application communication protocol can be different from the accessory communication protocol. In other embodiments the application protocol may only be recognized by the application and the accessory. In some embodiments, messages conforming to an application protocol can be communicated between the application and the accessory by packaging the messages inside a message conforming to the accessory communication protocol.

公开(公告)号：US09460313B2

公开(公告)日：2016-10-04

申请号：US14792572

申请日：2015-07-06

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Jerrold V. Hauck ,  Mitchell D. Adler

IPC: G06F21/62 ,  H04L9/08 ,  G06F21/64 ,  G06F21/00 ,  H04L29/06 ,  G06F21/33 ,  G06F21/44 ,  G06F21/60

CPC classification number: H04L9/0894 ,  G06F21/00 ,  G06F21/33 ,  G06F21/445 ,  G06F21/606 ,  G06F21/6245 ,  G06F21/64 ,  H04L9/0861 ,  H04L63/0428 ,  H04L63/0442 ,  H04L63/06 ,  H04L63/062 ,  H04L63/08 ,  H04L63/101

Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.

公开(公告)号：US20160044101A1

公开(公告)日：2016-02-11

申请号：US14746793

申请日：2015-06-22

Applicant: Apple Inc.

Inventor： Michael Brouwer ,  Dallas B. De Atley ,  Mitchell D. Adler

IPC: H04L29/08

CPC classification number: G06F21/6263 ,  G06F17/30581 ,  G06F21/606 ,  G06F21/62 ,  H04L9/0816 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/10 ,  H04L63/166 ,  H04L63/20 ,  H04L67/104 ,  H04L67/1095 ,  H04L67/1097 ,  H04L2209/24

Abstract: Some embodiments provide a program that synchronizes a keychain stored on a device with a set of other devices. The keychain includes a set of keychain items. The program receives (1) a list of keychain items for updating the keychain stored on the device and (2) data representing the keychain items specified in the list of keychain items. For each keychain item in the list of keychain items, the program updates the keychain stored on the device with the data that represents the keychain item.

Abstract translation: 一些实施例提供了将存储在设备上的钥匙串与一组其他设备同步的程序。 钥匙扣包括一套钥匙扣项目。 程序接收（1）用于更新存储在设备上的钥匙串的钥匙串项的列表，以及（2）表示钥匙串项目列表中指定的钥匙串项的数据。 对于钥匙串项列表中的每个钥匙串项，程序使用代表钥匙串项的数据来更新存储在设备上的钥匙串。