Michael G Reiter

US Patent:

6405313, Jun 11, 2002

Filed:

Apr 23, 1998

Appl. No.:

09/064769

Inventors:

Michael Kendrick Reiter - Raritan NJ
Stuart Gerald Stubblebine - Lebanon NJ

Assignee:

ATT Corp. - New York NY

International Classification:

H04L 1222

US Classification:

713156, 713201, 713157, 709238

Abstract:

A name-to-target binding system generates certificates for use in authenticating a target key. In the system the certificate includes a first key. At least one attribute is assigned to the first key. A liability value is assigned to the combination of the first key and the at least one attribute. The system includes a second key used to sign a combination of the first key, the at least one attribute and the liability value wherein the second key is associated with the insurer agreeing to be liable for the liability value.

US Patent:

6901145, May 31, 2005

Filed:

Feb 10, 2000

Appl. No.:

09/501902

Inventors:

Philip L. Bohannon - Piscataway NJ, US
Bjorn Markus Jakobsson - Hoboken NJ, US
Fabian Monrose - New York NY, US
Michael Kendrick Reiter - Raritan NJ, US
Susanne Gudrun Wetzel - New Providence NJ, US

Assignee:

Lucent Technologies Inc. - Murray Hill NJ

International Classification:

H04L009/00

US Classification:

380 44, 380 45, 380 47, 380277, 380286, 713165, 713168, 713171, 713202

Abstract:

A repeatable cryptographic key is generated based on varying parameters which represent physical measurements. Locations within a share table, which locations store valid and invalid cryptographic shares, are identified as a function of received varying parameters. The share table is configured such that locations which are expected to be identified by legitimate access attempts contain valid cryptographic shares, and locations which are not expected to be identified by legitimate access attempts contain invalid cryptographic shares. The share table configuration may be modified based on prior history of legitimate access attempts. In various embodiments, the stored shares may be encrypted or compressed. A keystroke feature authentication embodiment uses the inventive techniques to implement an authentication system which authenticates based on an entered password and the manner in which (e. g. keystroke dynamics) the keystroke is entered.

US Patent:

7003110, Feb 21, 2006

Filed:

Nov 14, 2000

Appl. No.:

09/712335

Inventors:

Bjorn Markus Jakobsson - Hoboken NJ, US
Michael Kendrick Reiter - Raritan NJ, US

Assignee:

Lucent Technologies Inc. - Murray Hill NJ

International Classification:

H04L 9/00
H04L 9/32
G06F 11/30
G06F 12/14

US Classification:

380 45, 726 26

Abstract:

A software program is configured in accordance with a software aging process such that one or more files generated by the program are at least partially encrypted using a cryptographic key associated with a current time interval for which the files are generated. The cryptographic key may be a symmetric key used for both encryption and decryption operations, such that cryptographic key used for encryption in a given interval is also required to decrypt files encrypted during that interval. Periodic updates of the software program are provided to a legitimate user of the software program, with a given one of the updates including a different cryptographic key associated with a subsequent time interval. The cryptographic key associated with a particular one of the time intervals may be common to each of a set of legitimate copies of the software program that have received the corresponding version of the periodic update. The variation of the cryptographic keys from one interval to another discourages unauthorized use of the software program by deliberately requiring both legitimate and illegitimate users to request unusually frequent updates, thereby substantially increasing the tracing and prosecution risks borne by software pirates.

US Patent:

7107269, Sep 12, 2006

Filed:

Jun 12, 2001

Appl. No.:

10/031773

Inventors:

Robert M. Arlein - Maplewood NJ, US
Ben Jai - Scotch Plains NJ, US
Bjorn Markus Jakobsson - Hoboken NJ, US
Fabian Monrose - New York NY, US
Michael Kendrick Reiter - Raritan NJ, US

Assignee:

Lucent Technologies Inc. - Murray Hill NJ

International Classification:

G06F 17/30

US Classification:

707 9, 707 10, 709203, 709219, 705 26

Abstract:

Techniques and infrastructure are provided for supporting global customization. The invention enables persona profiles of user information to be maintained, and such persona profiles to be accessed by merchants. Via the persona abstraction, users control what information is grouped into a persona profile, and can selectively enable a merchant to read one of these profiles. The infrastructure of the invention employs a persona server that assists users in managing their personae. The infrastructure of the invention separates this from the profile databases at which persona profile information is stored, to eliminate any single point at which different persona profiles can be tied to the same user. Since merchants also have privacy concerns, the infrastructure of the invention provides a data protection model based on tainting, by which merchants can limit how the information they contribute can be exposed.

US Patent:

7149311, Dec 12, 2006

Filed:

Feb 7, 2002

Appl. No.:

10/072331

Inventors:

Philip D. MacKenzie - Maplewood NJ, US
Michael Kendrick Reiter - Raritan NJ, US

Assignee:

Lucent Technologies Inc. - Murray Hill NJ

International Classification:

H04L 9/00

US Classification:

380286, 380277, 713168, 713171, 713180, 726 18, 726 19, 726 26, 726 30

Abstract:

Techniques are provided by which a device that performs private key operations (e. g. , signatures or decryptions) in networked applications, and whose local private key is activated with, for example, a password or PIN, can be immunized to offline dictionary attacks in case the device is captured. The techniques do not assume tamper resistance of the device, but rather exploit the networked nature of the device, in that the device's private key operations are performed using a simple interaction with a remote server. This server, however, is untrusted, i. e. , its compromise does not reduce the security of the device's private key unless the device is also captured, and need not have a prior relationship with the device. Techniques are also provided for supporting key disabling, by which the rightful owner of a stolen device can disable the device's private key even if the attacker already knows the user's password.

US Patent:

7155524, Dec 26, 2006

Filed:

Dec 4, 2001

Appl. No.:

10/005508

Inventors:

Michael Kendrick Reiter - Raritan NJ, US
Gregory Chockler - Zur Hadassa, IL
Dahlia Malkhi - Jerusalem, IL

Assignee:

Lucent Technologies Inc. - Murray Hill NJ
Hebrew University - Jerusalem

International Classification:

G06F 15/16
G06F 15/173
G06F 15/167

US Classification:

709229, 709226

Abstract:

A system for and method of implementing a backoff protocol and a computer network incorporating the system or the method. In one embodiment, the system includes: (1) a client subsystem that generates a request for access to a shared resource and (2) a server subsystem that receives the request, returns a LOCKED indicator upon an expectation that the shared resource is unavailable and otherwise returns a FREE indicator, the client subsystem responding to the LOCKED indicator by waiting before regenerating the request for the access.

US Patent:

7373499, May 13, 2008

Filed:

Jun 26, 2002

Appl. No.:

10/183901

Inventors:

Philip D. MacKenzie - Maplewood NJ, US
Michael Kendrick Reiter - Pittsburgh PA, US

Assignee:

Lucent Technologies Inc. - Murray Hill NJ

International Classification:

H04L 9/00

US Classification:

713150

Abstract:

Improved cryptographic techniques are provided by which a device that performs private key operations (e. g. , signatures and/or decryptions), and whose private key operations are protected by a password, is immunized against offline dictionary attacks in case of capture by forcing the device to confirm a password guess with a designated entity or party in order to perform a private key operation, and by which the initiating device may dynamically delegate the password-checking function (i. e. , confirmation of the password guess) from the originally designated entity or party to another designated entity or party.

US Patent:

20020156747, Oct 24, 2002

Filed:

Apr 25, 2002

Appl. No.:

10/131035

Inventors:

Michael Reiter - Raritan NJ, US
Stuart Stubblebine - Lebanon NJ, US

International Classification:

G06F017/60

US Classification:

705/076000

Abstract:

A name-to-target binding system generates certificates for use in authenticating a target key. In the system the certificate includes a first key. At least one attribute is assigned to the first key. A liability value is assigned to the combination of the first key and the at least one attribute. The system includes a second key used to sign a combination of the first key, the at least one attribute and the liability value wherein the second key is associated with the insurer agreeing to be liable for the liability value.