公开(公告)号：US20230093749A1

公开(公告)日：2023-03-23

申请号：US17932979

申请日：2022-09-16

Applicant: Apple Inc.

Inventor： Steven A. Myers ,  Sean P. Devlin

IPC: H04L9/40

Abstract: Techniques are disclosed relating to resuming a communication session. In some embodiments, a first computing device stores a session resumption token that includes metadata usable to resume a communication session. The first computing device provides a request to resume the communication session with a second computing device and receives, from the second computing device, an output of a verifiable random function (VRF) associated with the request. In response to the request, the first computing device performs a verification of the output and determines, based on the verification, whether to provide the session resumption token to the second computing device.

公开(公告)号：US12206799B2

公开(公告)日：2025-01-21

申请号：US17805335

申请日：2022-06-03

Applicant: Apple Inc.

Inventor： Steven A. Myers ,  Kyle C. Brogle ,  Sean P. Devlin ,  Edwin W. Foo ,  John T. Perry

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/40

Abstract: Techniques are disclosed relating to securely authenticating communicating devices. In various embodiments, a computing device receives, via a network connection with a network, a first certificate for a first public key pair of the computing device. The computing device provides the first certificate to an offline accessory device and receives a second certificate for a second public key pair maintained by the offline accessory device. The computing device performs a verification of the second certificate and, responsive to the verification being successful, interacts with the offline accessory device. In some embodiments, prior to providing the first certificate, the computing device determines an ordering in which the first and second certificates are to be exchanged by the first computing device and the offline accessory device, and the first certificate is provided to the offline accessory device in accordance with the determined ordering.

公开(公告)号：US20240037274A1

公开(公告)日：2024-02-01

申请号：US18377478

申请日：2023-10-06

Applicant: Apple Inc.

Inventor： Pablo Antonio Gonzalez Cervantes ,  Mohan Singh Randhava ,  Jorge F. Pozas Trevino ,  Samuel A. Mussell ,  Isaac Pinol Catadau ,  Steven A. Myers ,  Dongsheng Zhang ,  Suhail Ahmad ,  Zhengjun Jiang ,  Yannick L. Sierra ,  Amir H. Jadidi

IPC: G06F21/62 ,  G16H10/60 ,  H04L9/08 ,  H04L9/14

CPC classification number: G06F21/6245 ,  G16H10/60 ,  H04L9/0825 ,  H04L9/0866 ,  H04L9/14

Abstract: Techniques for storing health data can include a multi-node data structure. A data node, a category node, and an institution node of a multi-node data structure can be generated in accordance with a configuration file. The data node can include health data and can be identified by a first unique data identifier and encrypted using a first cryptographic key. The category node can include the first unique data identifier and the first cryptographic key. The category node can be identified by a second unique data identifier and encrypted using a second cryptographic key. The institution node can include the second unique data identifier and the second cryptographic key. The institution node can be identified by a third unique data identifier and encrypted using a third cryptographic key. The data node, the category node, and the institution node can be shared with a service provider.

公开(公告)号：US12079370B2

公开(公告)日：2024-09-03

申请号：US18377478

申请日：2023-10-06

Applicant: Apple Inc.

Inventor： Pablo Antonio Gonzalez Cervantes ,  Mohan Singh Randhava ,  Jorge F. Pozas Trevino ,  Samuel A. Mussell ,  Isaac Pinol Catadau ,  Steven A. Myers ,  Dongsheng Zhang ,  Suhail Ahmad ,  Zhengjun Jiang ,  Yannick L. Sierra ,  Amir H. Jadidi

IPC: G06F21/62 ,  G16H10/60 ,  H04L9/08 ,  H04L9/14

CPC classification number: G06F21/6245 ,  G16H10/60 ,  H04L9/0825 ,  H04L9/0866 ,  H04L9/14

Abstract: Techniques for storing health data can include a multi-node data structure. A data node, a category node, and an institution node of a multi-node data structure can be generated in accordance with a configuration file. The data node can include health data and can be identified by a first unique data identifier and encrypted using a first cryptographic key. The category node can include the first unique data identifier and the first cryptographic key. The category node can be identified by a second unique data identifier and encrypted using a second cryptographic key. The institution node can include the second unique data identifier and the second cryptographic key. The institution node can be identified by a third unique data identifier and encrypted using a third cryptographic key. The data node, the category node, and the institution node can be shared with a service provider.

公开(公告)号：US20230396416A1

公开(公告)日：2023-12-07

申请号：US18328691

申请日：2023-06-02

Applicant: Apple Inc.

Inventor： Steven A. Myers ,  Mariappan Rengarajan ,  Benjamin W. Brown ,  Meenakshi Arasu ,  Aniwat Arromratana ,  Nithin Koram ,  Ramarathnam Santhanagopal

IPC: H04L9/08 ,  H04L9/30

CPC classification number: H04L9/0833 ,  H04L9/30

Abstract: Techniques are provided to create and manage groups of users. A group can be treated as a single entity. For privacy of a user, user keys can be translated to group keys, which are then used to access resources. The user can prove membership in the group via their keys (e.g., using a diversified public key), and then get the group keys in response, e.g., after verification to a group server using a diversified user key.

公开(公告)号：US20220391534A1

公开(公告)日：2022-12-08

申请号：US17659079

申请日：2022-04-13

Applicant: Apple Inc.

Inventor： Mohan S. Randhava ,  Steven A. Myers ,  Jorge F. Pozas Trevino ,  Pablo Antonio Gonzalez Cervantes ,  Yannick L. Sierra

IPC: G06F21/62 ,  G16H10/60

Abstract: A server system implemented by a service provider may store health data of a user according to a multi-node data structure. The server system may generate transaction records based on requests to access the health data. Responsive to requests for the transaction records, the server system may query a database that includes the health data and generate a data package based on the querying. The data package may be sent to a requesting system. The data package may be usable by the requesting system to identify which patient profiles were accessed by which physicians.

公开(公告)号：US11321095B2

公开(公告)日：2022-05-03

申请号：US16663621

申请日：2019-10-25

Applicant: Apple Inc.

Inventor： Steven A. Myers ,  Jeffry E. Gonion ,  Yannick L. Sierra ,  Thomas Icart

IPC: G06F9/32 ,  G06F9/34 ,  G06F21/52 ,  G06F21/60 ,  G06F9/38 ,  G06F9/455 ,  G06F9/30 ,  G06F21/62

Abstract: Techniques are disclosed relating to protecting branch prediction information. In various embodiments, an integrated circuit includes branch prediction logic having a table that maintains a plurality of entries storing encrypted target address information for branch instructions. The branch prediction logic is configured to receive machine context information for a branch instruction having a target address being predicted by the branch prediction logic, the machine context information including a program counter associated with the branch instruction. The branch prediction logic is configured to use the machine context information to decrypt encrypted target address information stored in one of the plurality of entries identified based on the program counter. In some embodiments, the branch prediction logic decrypts the encrypted target address information by performing a cipher to encrypt the machine context information and performing a Boolean exclusive-OR operation of the encrypted machine context information and the encrypted target address information.

公开(公告)号：US20220393885A1

公开(公告)日：2022-12-08

申请号：US17805335

申请日：2022-06-03

Applicant: Apple Inc.

Inventor： Steven A. Myers ,  Kyle C. Brogle ,  Sean P. Devlin ,  Edwin W. Foo ,  John T. Perry

IPC: H04L9/32 ,  H04L9/08

Abstract: Techniques are disclosed relating to securely authenticating communicating devices. In various embodiments, a computing device receives, via a network connection with a network, a first certificate for a first public key pair of the computing device. The computing device provides the first certificate to an offline accessory device and receives a second certificate for a second public key pair maintained by the offline accessory device. The computing device performs a verification of the second certificate and, responsive to the verification being successful, interacts with the offline accessory device. In some embodiments, prior to providing the first certificate, the computing device determines an ordering in which the first and second certificates are to be exchanged by the first computing device and the offline accessory device, and the first certificate is provided to the offline accessory device in accordance with the determined ordering.

公开(公告)号：US11182349B2

公开(公告)日：2021-11-23

申请号：US16428914

申请日：2019-05-31

Applicant: Apple Inc.

Inventor： Per Love Hornquist Astrand ,  Van Hong ,  Nihar Sharma ,  Xixi Lu ,  Steven A. Myers ,  Michelle D. Linington ,  Yannick L. Sierra

IPC: H04L29/06 ,  G06F16/178 ,  G06F16/182 ,  H04L9/30 ,  H04L9/08 ,  H04L9/12 ,  H04L9/32

Abstract: The subject technology may be implemented by a device that includes at least one processor configured to encrypt a data object based at least in part on an encryption key. The at least one processor may be further configured to sign the encrypted data object with a private key and transmit the signed encrypted data object to a server for retrieval by another device. The at least one processor may be further configured to generate a sharing object corresponding to the data object, wherein the sharing object includes an encryption key and a public key that corresponds to the private key. The at least one processor may be further configured to encrypt the sharing object using a key of the other device and transmit, over a secure channel, the encrypted sharing object to the other device for subsequent retrieval and verification of the signed data object from the server.

公开(公告)号：US20240419842A1

公开(公告)日：2024-12-19

申请号：US18818115

申请日：2024-08-28

Applicant: Apple Inc.

Inventor： Pablo Antonio Gonzalez Cervantes ,  Mohan Singh Randhava ,  Jorge F. Pozas Trevino ,  Samuel A. Mussell ,  Isaac Pinol Catadau ,  Steven A. Myers ,  Dongsheng Zhang ,  Suhail Ahmad ,  Zhengjun Jiang ,  Yannick L. Sierra ,  Amir H. Jadidi

IPC: G06F21/62 ,  G16H10/60 ,  H04L9/08 ,  H04L9/14

Abstract: Techniques for storing health data can include a multi-node data structure. A data node, a category node, and an institution node of a multi-node data structure can be generated in accordance with a configuration file. The data node can include health data and can be identified by a first unique data identifier and encrypted using a first cryptographic key. The category node can include the first unique data identifier and the first cryptographic key. The category node can be identified by a second unique data identifier and encrypted using a second cryptographic key. The institution node can include the second unique data identifier and the second cryptographic key. The institution node can be identified by a third unique data identifier and encrypted using a third cryptographic key. The data node, the category node, and the institution node can be shared with a service provider.