Daniel N Heer, 6829 Thornell Rd, Newton, NH 03858

6341328, Jan 22, 2002

Apr 20, 1999

09/295010

Daniel Nelson Heer - Newton NH

Lucent Technologies, Inc. - Murray Hill NJ

G06F 1200

711112, 711154, 714 11, 712247, 710101

A microcomputer incorporates a pair of DMA controllers that are co-dependently operated to read and write common data blocks to two peripheral devices. In an exemplary embodiment of the invention, one of the DMA controllers is designated to read a data block from memory, store the data, and then write the data in a single write cycle to each of the two peripheral devices. This DMA controller provides the address and control signals necessary for writing the data to a first of the two peripheral devices, while the other DMA controller provides the address and control signals necessary for writing the data block to a second of the two peripheral devices. As a result, only one read and one write command are required for the data to be written to the two peripheral devices.

6377687, Apr 23, 2002

Jul 29, 1998

09/124300

Mark H. Etzel - Harvard MA
Robert John Frank - Silver Spring MD
Daniel Nelson Heer - Newton NH
Robert Joseph McNelis - Columbia MD
Semyon B. Mizikovsky - Morganville NJ
Robert John Rance - Andover MA
R. Dale Shipp - Columbia MD

Lucent Technologies Inc. - Murray Hill NJ

H04L 928

380 28, 380 42

Methods and apparatus for enhanced CMEA, or ECMEA, processing. A forward ECMEA and a reverse ECMEA process are provided. The forward ECMEA process decrypts text encrypted by the reverse ECMEA process and the reverse ECMEA process decrypts text encrypted by the forward ECMEA process. The forward ECMEA process employs a transformation, an iteration of the CMEA process, and an inverse transformation. The reverse ECMEA process employs a reverse transformation, an iteration of the CMEA process, and a reverse inverse transformation. The transformations and inverse transformations, and the iteration of the CMEA process, employ secret offsets to improve security. The transformations and the iteration of the CMEA process also employ an enhanced tbox function using an involutary lookup table.

6418224, Jul 9, 2002

May 5, 1998

09/073131

Mark H. Etzel - Harvard MA
Robert John Frank - Silver Spring MD
Daniel Nelson Heer - Newton NH
Robert Joseph McNelis - Columbia MD
Semyon B. Mizikovsky - Morganville NJ
Robert John Rance - Andover MA
R. Dale Shipp - Columbia MD

Lucent Technologies Inc. - Murray Hill NJ

H04M 166

380247, 380255, 380270, 380274, 380284, 380281, 455410

A self-inverting enhanced CMEA encryption system suitable for use in wireless telephony. An unprocessed text message is introduced into the system and subjected to a first iteration of a CMEA process, using a first CMEA key to produce a first intermediate message, a first intermediate processed text message, a first intermediate ciphertext message or the like. The first intermediate processed text message is subjected to a further iteration of the CMEA process, using a second CMEA key, to produce a second intermediate processed text message. The second intermediate processed text message is subjected to a final iteration of the CMEA process, using the first CMEA key, to produce the final processed text message. Security may be additionally enhanced by subjecting each message to an input/output transformation before and after each iteration of the CMEA process. In a three-iteration process, a total of four input/output transformations are used with the first and fourth input/output transformations being identical, and with the second and third input/output transformations being identical.

6577734, Jun 10, 2003

Oct 31, 1995

08/550909

Mark H. Etzel - Harvard MA
David W. Faucher - Guthrie Center IA
Daniel Nelson Heer - Newton NH
David P. Maher - Largo FL
Robert John Rance - Andover MA

Lucent Technologies Inc. - Murray Hill NJ

H04L 900

380277, 380273, 713194

The secure management of encryption keys is obtained by preventing external access thereto and ensuring that the keys do not leave an encryption unit in their original form. This result is obtained via a facility which (a) generates a unique device encryption key and at least one program encryption key, (b) encrypts the program encryption key using the device encryption key, and (c) stores the result in local memory. Thereafter, responsive to receipt of an indication to encrypt data, the program encryption key is retrieved from memory and is decrypted using the unique device encryption key. The data is then encrypted using the decrypted program encryption key and the encrypted data is stored in a server for distribution to a user who enters a request for the data. When there is a need to transport the latter key to another element, then the program key is encrypted using a symmetrical encryption key that the facility shares with the other element and the result is supplied to that element. The element then decrypts the encrypted program key using its own version of the symmetrical key.

6876744, Apr 5, 2005

Jul 22, 1998

09/120763

Mark H. Etzel - Harvard MA, US
Robert John Frank - Silver Spring MD, US
Daniel Nelson Heer - Newton NH, US
Robert Joseph McNelis - Columbia MD, US
Semyon B. Mizikovsky - Morganville NJ, US
Robert John Rance - Andover MA, US
R. Dale Shipp - Columbia MD, US

Lucent Technologies Inc. - Murray Hill NJ

H04L009/32

380 28, 380247, 380281

Methods and apparatus for enhanced CMEA, or ECMEA, processing. A forward ECMEA and a reverse ECMEA process are provided. The forward ECMEA process decrypts text encrypted by the reverse ECMEA process and the reverse ECMEA process decrypts text encrypted by the forward ECMEA process. The forward ECMEA process employs a first transformation, an iteration of the CMEA process, and a second transformation. The reverse ECMEA process employs a first inverse transformation, an iteration of the CMEA process, and a second inverse transformation. The transformations and inverse transformations, and the iterations of the CMEA process, employ secret offsets to improve security. The transformations and the iteration of the CMEA process also employ an enhanced tbox function using an involutary lookup table.

6005943, Dec 21, 1999

Oct 29, 1996

8/739371

Joshua L. Cohen - Highland Park NJ
Cecil A. Dean - Andover MA
Thomas L. du Breuil - Georgetown MA
Daniel Nelson Heer - Newton NH
David P. Maher - Largo FL
Vance Eugene Poteat - Windham NH
Robert John Rance - Andover MA

Lucent Technologies Inc. - Murray Hill NJ

H04L 900

380 30

The generation of electronic identifiers for network interface units connected to a data network for use in detecting unauthorized decryption of encrypted data transmitted over the data network. A random number is generated for use as a private key decryption code and is stored in memory in each network interface unit. A public key is calculated from the stored private key using a non-invertible mathematical formula. If the calculated public key is unique, then a portion of the public key (e. g. a subset of its bits) is stored in a data provider database as an electronic identifier for use in detecting unauthorized decryption of data by the interface unit.

5455861, Oct 3, 1995

Aug 27, 1993

8/113155

David W. Faucher - Salem NH
Daniel N. Heer - Salem NH
Michael M. Kaplan - Rockport MA
David P. Maher - Windham NH

AT&T Corp. - Murray Hill NJ

H04L 900
H04M 119
H04N 144

380 9

A security node disposed in the telecommunications network connecting calling and called parties transforms information (which can be voice, data, facsimile, video and other types of calls or messages) encrypted in a first format to (a) encrypted information in a different format or to (b) non-encrypted information, and vice-versa. The node is accessible from any location connected to the network. By routing calls or messages originated by the calling party and destined for the called party via the security node, and providing appropriate control signals to the node, the information may be encrypted only over a portion of the transmission path between the parties, and clear over the remainder of the transmission path. Alternatively, the information may be encrypted in different portions of the path using different encryption algorithms. This arrangement enables the parties to obtain relatively secure communications even if only one party has a security device at the originating or terminating end, or if the parties have security devices using different handshaking protocols and encryption algorithms.

6028933, Feb 22, 2000

Apr 17, 1997

8/837423

Daniel N. Heer - Newton NH
Robert J. Rance - Andover MA

Lucent Technologies Inc. - Murray Hill NJ

H04L 900

380 9

The specification relates to the encryption of data transmitted over a broadband multiple access bi-directional hybrid fiber/coax (HFC) network. The method supports downstream broadcast encryption from headend to cable modem, and also provides for encryption of transmissions from cable modems back to the headend. Although the present invention is described in relation to an HFC network, it is also equally applicable to a cellular wireless communications environment or any other digital broadcast medium. The invention is implemented in two subdivisions, a slow but secure software encrypting algorithm, and a fast but less secure hardware encrypting algorithm. The combination produces the security of the software subdivision, with the encrypting speed of the hardware subdivision. The encryption method and apparatus supports the various access and transmission modes, such as STM, ATM, and VL. The present invention utilizes a virtual random number generator at the individual cable modems to reduce cable modem hardware.