公开(公告)号：US10686767B2

公开(公告)日：2020-06-16

申请号：US15274999

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Mitchell D. Adler ,  Andrew Roger Whalley

IPC: H04L29/06 ,  G06F21/10 ,  H04L9/08 ,  G06F21/31 ,  G06F21/78 ,  G06F21/35 ,  G06F21/62

Abstract: Some embodiments provide convenient auto-authentication for user data on a primary device, while still providing a significant level of security, by taking advantage of existing security and cryptographic measures used to communicate with a secondary device. The primary device of some embodiments encrypts the user data on the primary device using a cryptographic key based on a set of keys received from the secondary device. In some embodiments, the primary device encrypts authentication data, or a local key generated from the authentication data, using a remote key received from the secondary device, and encrypts the user data with the local key. In some embodiments, the keys received from the secondary device are an existing set of keys for establishing an encrypted channel of communication for transmitting digital rights management (DRM) protected content according to a DRM protection scheme.

公开(公告)号：US10652736B2

公开(公告)日：2020-05-12

申请号：US16279961

申请日：2019-02-19

Applicant: Apple Inc.

Inventor： Mitchell D. Adler ,  Yannick L. Sierra ,  Ganesha A. G. Batta ,  Michael Giles ,  Akshay M Srivatsa ,  Craig P. Dooley ,  Sriram Hariharan ,  Robert D. Watson

IPC: H04L29/06 ,  H04W12/04 ,  H04L9/08 ,  H04L9/14 ,  H04W12/02

Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.

公开(公告)号：US10423804B2

公开(公告)日：2019-09-24

申请号：US15275273

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Wade Benson ,  Conrad Sauerwald ,  Mitchell D. Adler ,  Michael Brouwer ,  Timothee Geoghegan ,  Andrew R. Whalley ,  David P. Finkelstein ,  Yannick L. Sierra

IPC: G06F21/72 ,  H04L9/08 ,  H04L9/14 ,  G06F21/32

Abstract: Techniques are disclosed relating to securely storing data in a computing device. In one embodiment, a computing device includes a secure circuit configured to maintain key bags for a plurality of users, each associated with a respective one of the plurality of users and including a first set of keys usable to decrypt a second set of encrypted keys for decrypting data associated with the respective user. The secure circuit is configured to receive an indication that an encrypted file of a first of the plurality of users is to be accessed and use a key in a key bag associated with the first user to decrypt an encrypted key of the second set of encrypted keys. The secure circuit is further configured to convey the decrypted key to a memory controller configured to decrypt the encrypted file upon retrieval from a memory.

公开(公告)号：US10271209B2

公开(公告)日：2019-04-23

申请号：US15275231

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Mitchell D. Adler ,  Yannick L. Sierra ,  Ganesha A. G. Batta ,  Michael Giles ,  Akshay M. Srivatsa ,  Craig P. Dooley ,  Sriram Hariharan ,  Robert D. Watson

IPC: H04L29/06 ,  H04W12/04 ,  H04L9/08 ,  H04L9/14 ,  H04W12/02

Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.

公开(公告)号：US10270597B2

公开(公告)日：2019-04-23

申请号：US15273622

申请日：2016-09-22

Applicant: Apple Inc.

Inventor： Yannick L. Sierra ,  Mitchell D. Adler

IPC: H04L9/30 ,  H04L9/32 ,  H04L9/08 ,  H04L9/14 ,  H04L29/06 ,  H04W12/08

Abstract: Some embodiments provide a method for a first device to join a group of related devices. The method receives input of a password for an account with a centralized entity and a code generated by a second device in the group. When the second device determines that the code input on the first device matches the generated code, the method receives an authentication code from the second device for authorizing the first device with the entity as a valid device for the account. The method uses the password and information regarding the first device to generate an application to the group. After sending the application to the second device, the method receives information from the second device that enables the first device to add itself to the group. The second device verifies the generated application, and the method uses the information received from the second device to join the group.

公开(公告)号：US10218685B2

公开(公告)日：2019-02-26

申请号：US14937830

申请日：2015-11-10

Applicant: Apple Inc.

Inventor： Michael Brouwer ,  Dallas B. De Atley ,  Mitchell D. Adler

IPC: H04L29/06 ,  G06F17/30 ,  H04L29/08 ,  H04L12/44 ,  H04W84/18

Abstract: Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.

公开(公告)号：US10049206B2

公开(公告)日：2018-08-14

申请号：US15671012

申请日：2017-08-07

Applicant: Apple Inc.

Inventor： Jonathan J. Rubinstein ,  Anthony M. Fadell ,  Jesse Lee Dorogusker ,  Mitchell D. Adler ,  John Wesley Archibald

IPC: G06F21/44 ,  G06F21/60

Abstract: Improved techniques to control utilization of accessory devices with electronic devices are disclosed. The improved techniques can use cryptographic approaches to authenticate electronic devices, namely, electronic devices that interconnect and communicate with one another. One aspect pertains to techniques for authenticating an electronic device, such as an accessory device. Another aspect pertains to provisioning software features (e.g., functions) by or for an electronic device (e.g., a host device). Different electronic devices can, for example, be provisioned differently depending on different degrees or levels of authentication, or depending on manufacturer or product basis. Still another aspect pertains to using an accessory (or adapter) to convert a peripheral device (e.g., USB device) into a host device (e.g., USB host). The improved techniques are particularly well suited for electronic devices, such as media devices, that can receive accessory devices. One example of a media device is a media player, such as a hand-held media player (e.g., music player), that can present (e.g., play) media items (or media assets).

公开(公告)号：US09904629B2

公开(公告)日：2018-02-27

申请号：US14871498

申请日：2015-09-30

Applicant: Apple Inc.

Inventor： Michael D. Ford ,  Jerrold V. Hauck ,  Matthew G. Watson ,  Mitchell D. Adler ,  Dallas B. De Atley ,  James Wilson

IPC: H04L9/08 ,  G06F12/14 ,  G06F11/14 ,  G06F21/62 ,  H04L9/00

CPC classification number: G06F12/1408 ,  G06F11/1448 ,  G06F21/6218 ,  G06F2201/80 ,  G06F2212/1052 ,  H04L9/006 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/0897

Abstract: Some embodiments provide, for a particular device in a set of related devices, a method for backing up data synchronized between the set of related devices. The method stores the backup data encrypted with a set of data encryption keys. The method also stores the set of data encryption keys encrypted with a master recovery key. The method also stores several copies of master recovery key data, each copy of the master recovery key data encrypted with a public key of a different one of the related devices. The backup data is only recoverable by accessing a private key of any one of the related devices.

公开(公告)号：US20170318137A1

公开(公告)日：2017-11-02

申请号：US15646440

申请日：2017-07-11

Applicant: Apple Inc.

Inventor： Paul-Phillip Holden ,  Lawrence G. Bolton ,  Nitin Ganatra ,  Mitchell D. Adler ,  Emily Clark Schubert ,  Jesse Lee Dorogusker

IPC: H04M1/02 ,  G06F13/38 ,  H04M1/725

CPC classification number: H04M1/0254 ,  G06F13/385 ,  H04M1/72527 ,  H04M1/7253

Abstract: Embodiments of the present invention provide various communication techniques for communication between a mobile computing device and an accessory. An accessory protocol that is generic to the mobile computing device can be used for some communication. An application executing at the mobile computing device can communicate with the accessory using an application communication protocol. In some embodiments, the application communication protocol can be different from the accessory communication protocol. In other embodiments the application protocol may only be recognized by the application and the accessory. In some embodiments, messages conforming to an application protocol can be communicated between the application and the accessory by packaging the messages inside a message conforming to the accessory communication protocol.

公开(公告)号：US09736281B2

公开(公告)日：2017-08-15

申请号：US14742501

申请日：2015-06-17

Applicant: Apple Inc.

Inventor： Paul-Phillip Holden ,  Lawrence G. Bolton ,  Nitin Ganatra ,  Mitchell D. Adler ,  Emily Clark Schubert ,  Jesse Lee Dorogusker

IPC: H04B7/00 ,  H04M1/02 ,  G06F13/38 ,  H04M1/725

CPC classification number: H04M1/0254 ,  G06F13/385 ,  H04M1/72527 ,  H04M1/7253

Abstract: Embodiments of the present invention provide various communication techniques for communication between a mobile computing device and an accessory. An accessory protocol that is generic to the mobile computing device can be used for some communication. An application executing at the mobile computing device can communicate with the accessory using an application communication protocol. In some embodiments, the application communication protocol can be different from the accessory communication protocol. In other embodiments the application protocol may only be recognized by the application and the accessory. In some embodiments, messages conforming to an application protocol can be communicated between the application and the accessory by packaging the messages inside a message conforming to the accessory communication protocol.