Search

Zulfikar Amin Ramzan

from Saratoga, CA
Age ~49
Get Report
Also known as:
Zulfikar A Ramzan, Zulfikar Dr Ramzan, Zulfikar U Ramzan, Zulfidar Ramzan, Alzan R Zulsikar
Connected to:
Asif Ramzan, 46Naila Ramzan, 48Rahman A Ramzanali, 73Salma N Ramzan, 41Shabana Ramzan, 52Newman C Ramzel, 49Awni A Ramzi, 71Jamel A Ramzi, 29Afif A Ramzy, 57Fady S Ramzy, 44

Zulfikar Ramzan Phones & Addresses

  • Saratoga, CA
  • 10470 Glenview Ave, Cupertino, CA 95014 (408) 725-0441
  • 250 Baldwin Ave, San Mateo, CA 94401 (650) 401-7752
  • Malden, MA
  • East Moline, IL
  • Rego Park, NY
  • Boston, MA
  • Ithaca, NY

Work

Company: Rsa security Sep 2020 Position: Chief digital officer

Education

Degree: Doctorates, Doctor of Philosophy School / High School: Massachusetts Institute of Technology 1997 to 2001 Specialities: Electrical Engineering, Electrical Engineering and Computer Science, Computer Science

Skills

Computer Security • Security • Cloud Computing • Information Security • Network Security • Malware Analysis • Cryptography • Distributed Systems • Enterprise Software • Application Security • Machine Learning • Vulnerability Assessment • Penetration Testing • Reverse Engineering • Software Engineering • Web Application Security • Security Architecture Design • Encryption • Cloud Security • Pki • Intrusion Detection • Cissp • Ips • Ids • Programming Languages • Public Speaking • Media Relations • Phishing

Languages

English

Interests

Mathematics • Crowdsourcing • Data Startups • Data Analysis • Computer Security • Computer Viruses • Python (Programming Language) • Machine Learning • Apache Hadoop • Database Systems • Data Science • Linux • Healthy Eating • The Future • Data • Khan Academy • Malware • Software Engineering

Industries

Computer & Network Security

Resumes

Resumes

Zulfikar Ramzan Photo 1

Chief Digital Officer

View page
Location:
20234 Edinburgh Dr, Saratoga, CA 95070
Industry:
Computer & Network Security
Work:
Rsa Security
Chief Digital Officer
Rsa
Chief Technology Officer
Elastica Feb 2014 - Mar 2015
Chief Technology Officer
Sourcefire Jan 2011 - Feb 2014
Chief Scientist, Cloud Technology Group
Immunet 2010 - 2011
Chief Scientist
Education:
Massachusetts Institute of Technology 1997 - 2001
Doctorates, Doctor of Philosophy, Electrical Engineering, Electrical Engineering and Computer Science, Computer Science Cornell University 1994 - 1997
Bachelors, Bachelor of Arts, Computer Science and Mathematics, Computer Science, Mathematics Bronx High School of Science 1989 - 1993
Skills:
Computer Security
Security
Cloud Computing
Information Security
Network Security
Malware Analysis
Cryptography
Distributed Systems
Enterprise Software
Application Security
Machine Learning
Vulnerability Assessment
Penetration Testing
Reverse Engineering
Software Engineering
Web Application Security
Security Architecture Design
Encryption
Cloud Security
Pki
Intrusion Detection
Cissp
Ips
Ids
Programming Languages
Public Speaking
Media Relations
Phishing
Interests:
Mathematics
Crowdsourcing
Data Startups
Data Analysis
Computer Security
Computer Viruses
Python (Programming Language)
Machine Learning
Apache Hadoop
Database Systems
Data Science
Linux
Healthy Eating
The Future
Data
Khan Academy
Malware
Software Engineering
Languages:
English

Publications

Us Patents

Constructions Of Variable Input Length Cryptographic Primitives For High Efficiency And High Security

View page
US Patent:
7221756, May 22, 2007
Filed:
Mar 28, 2002
Appl. No.:
10/113666
Inventors:
Sarvar Patel - Montville NJ, US
Zulfikar Amin Ramzan - Malden MA, US
Ganapathy Subramanian Sundaram - Edison NJ, US
Assignee:
Lucent Technologies Inc. - Murray Hill NJ
International Classification:
H04L 9/00
US Classification:
380 37
Abstract:
A hash function is applied to a prefix of a VIL input. The output is added to a suffix of the input. A block cipher is applied to results of the addition. An encryption function is performed on the prefix. The final output is the output of the block cipher and the encryption function. In a second encryption technique, a hash function is applied to an input, and the output of the hash function has first and second portions. A block cipher is applied to the second portion. The output of the block cipher is added to the first portion, and a second function is applied to the result of this first addition. The output of the second function is added to the second portion. An inverse hash function is then applied to the output of the first and second additions, creating an encrypted output.

Use Of Modular Roots To Perform Authentication Including, But Not Limited To, Authentication Of Validity Of Digital Certificates

View page
US Patent:
7266692, Sep 4, 2007
Filed:
Dec 15, 2005
Appl. No.:
11/304200
Inventors:
Zulfikar Amin Ramzan - San Mateo CA, US
Craig B. Gentry - Mountain View CA, US
Bernhard Bruhn - Stuttgart, DE
Assignee:
NTT DoCoMo, Inc. - Tokyo
International Classification:
H04L 9/32
US Classification:
713168, 726 2, 726 21
Abstract:
Authentication of elements (e. g. digital certificates ) as possessing a pre-specified property (e. g. being valid) or not possessing the property is performed by (1) assigning a distinct integer pto each element, and (2) accumulating the elements possessing the property or the elements not possessing the property using a P-th root u(mod n) of an integer u modulo a predefined composite integer n, where P is the product of the integers associated with the accumulated elements. Alternatively, authentication is performed without such accumulators but using witnesses associated with such accumulators. The witnesses are used to derive encryption and/or decryption keys for encrypting the data evidencing possession of the property for multiple periods of time. The encrypted data are distributed in advance. For each period of time, decryption keys are released which are associated with that period and with the elements to be authenticated in that period of time.

Multi-Certificate Revocation Using Encrypted Proof Data For Proving Certificate's Validity Or Invalidity

View page
US Patent:
7315941, Jan 1, 2008
Filed:
Dec 14, 2005
Appl. No.:
11/304201
Inventors:
Zulfikar Amin Ramzan - San Mateo CA, US
Craig B. Gentry - Mountain View CA, US
Bernhard Bruhn - Stuttgart, DE
Assignee:
NTT DoCoMo Inc. - Tokyo
International Classification:
H04L 9/00
US Classification:
713156, 713157, 713158, 380278
Abstract:
A certification authority (CA, ) generates decryption key data (K′) for each set (F) in the complement cover () for a plurality of digital certificates. The CA encrypts all or a portion of the validity proof data (c()) for each digital certificate () for each time period j for which the validity proof is to be provided. For each certificate, the decryption can be performed with decryption keys (K) that can be obtained from the decryption key data (K′) for any set containing the certificate. The CA distributes the encrypted portions of the validity proof data to prover systems that will provide validity proofs in the periods j. To perform certificate re-validation in a period j, the CA constructs the complement cover for the set of the revoked certificates, and distributes the decryption key data (K′) for the sets in the complement cover. In some embodiments, for each period j, the decryption keys (K) are also a function of the decryption key data provided for the preceding periods of time. Therefore, to perform the re-validation, the CA constructs the complement cover not for the set of all the revoked certificates but only for the set of the certificates revoked in the previous period j−.

Generation Of Set Coverings With Free Riders, And Generation Of Ordered Sets Of Meeting Points, In Systems Which Include, But Are Not Limited To, Systems For Broadcast Encryption And Systems For Certificate Revocation

View page
US Patent:
7523304, Apr 21, 2009
Filed:
Nov 17, 2006
Appl. No.:
11/561096
Inventors:
Craig B. Gentry - Mountain View CA, US
Zulfikar Amin Ramzan - San Mateo CA, US
David P. Woodruff - Cambridge MA, US
Assignee:
NTT DoCoMo, Inc. - Tokyo
International Classification:
H04L 9/00
US Classification:
713158, 713156, 713157, 380278
Abstract:
In a broadcast encryption scheme, an optimal or near-optimal set covering CV(f,P) is computed for a set P of privileged users and at most a predefined number f of revoked users (“free riders”). The covering consists of elements of a predefined set cover CC(U) for the set of all users U. The covering is computed by finding optimal or near-optimal coverings for privileged users for CC(U) elements that are proper subsets of U. More particularly, possible assignments of free riders to the subsets are examined, and an assignment is selected to fit an optimality criterion for the total set covering. In some embodiments, only “meeting point” elements of CC(U) are fully examined. A meeting point is an element containing at least two “immediate child” elements each of which contains a revoked user. An immediate child of a “parent” element is a proper subset of the parent with no intermediate elements (no elements containing the child as a proper subset and itself being a proper subset of the parent). An ordered list MP of meeting points is computed efficiently.

Method And Apparatus For Secure And Small Credits For Verifiable Service Provider Metering

View page
US Patent:
7620606, Nov 17, 2009
Filed:
Feb 6, 2004
Appl. No.:
10/534943
Inventors:
Craig B. Gentry - Mountain View CA, US
Zulfikar Amin Ramzan - San Mateo CA, US
Assignee:
NTT Docomo, Inc. - Tokyo
International Classification:
G06Q 99/00
US Classification:
705 76, 705 50, 705 64, 705 65, 713150, 380277
Abstract:
A method and apparatus for obtaining access to services of service providers. In one embodiment, the method comprises requesting a desired service through a foreign service provider. (), generating a hash tree and generating a digital signature on a root value of the hash tree (), sending the digital signature and the root value to the foreign service provider (), providing one or more tokens to the foreign service provider with the next packet if the foreign service provider accepts the signature () and continuing to use the service while the foreign service provider accepts token ().

Method And Apparatus For Communication Efficient Private Information Retrieval And Oblivious Transfer

View page
US Patent:
7620625, Nov 17, 2009
Filed:
May 19, 2005
Appl. No.:
11/133836
Inventors:
Zulfikar Amin Ramzan - San Mateo CA, US
Craig B. Gentry - Mountain View CA, US
Assignee:
NTT DoCoMo, Inc. - Tokyo
International Classification:
G06F 17/30
US Classification:
707 3, 707 2, 707 7, 707 8, 707 9, 707 10, 707101, 707102, 707103 R
Abstract:
A method, article of manufacture and apparatus for performing private retrieval of information from a database is disclosed. In one embodiment, the method comprising obtaining an index corresponding to information to be retrieved from the database and generating a query that does not reveal the index to the database. The query is an arithmetic function of the index and a secret value, wherein the arithmetic function includes a multiplication group specified by a modulus of a random value whose order is divisible by a prime power, such that the prime power is an order of the random value. The secret value is an arithmetic function of the index that comprises a factorization into prime numbers of the modulus. The method further comprises communicating the query to the database for execution of the arithmetic function against the entirety of the database.

Digital Signatures Including Identity-Based Aggregate Signatures

View page
US Patent:
7664957, Feb 16, 2010
Filed:
May 19, 2005
Appl. No.:
11/134723
Inventors:
Craig B. Gentry - Mountain View CA, US
Zulfikar Amin Ramzan - San Mateo CA, US
Assignee:
NTT DOCOMO, Inc. - Tokyo
International Classification:
H04L 9/32
H04L 9/00
H04L 9/28
H04K 1/00
B41K 3/38
US Classification:
713176, 380 28, 380 59, 380277
Abstract:
Methods and systems are provided that allow multiple identity-based digital signatures to be merged into a single identity-based “aggregate” digital signature. This identity-based aggregate signature has a shorter bit-length than the concatenation of the original unaggregated identity-based signatures. The identity-based aggregate signature can be verified by anyone who obtains the public keys of one or more Private Key Generators (PKGs), along with a description of which signer signed which message. The verifier does not need to obtain a different public key for each signer, since the signature scheme is “identity-based”; the number of PKGs may be fewer than the number of signers. Consequently, the total information needed to verify the identity-based aggregate signature—namely, a description of who signed what, the PKGs' public keys, and the identity-based aggregate signature itself—may be less than the information needed to verify separate digital signatures—namely, a description of who signed what, the public verification keys for all of the signers, and the concatenation of the signers' signatures. In some embodiments, the identity-based aggregate signature scheme has essentially the minimum-possible Kolmogorov complexity.

Broadcast Encryption Using Rsa

View page
US Patent:
7721089, May 18, 2010
Filed:
May 21, 2004
Appl. No.:
10/544060
Inventors:
Craig B. Gentry - Mountain View CA, US
Zulfikar Amin Ramzan - San Mateo CA, US
Assignee:
NTT DoCoMo, Inc. - Tokyo
International Classification:
H04L 29/00
US Classification:
713163, 713158, 713168, 726 17, 726 28, 380277, 380278, 380279
Abstract:
Methods, components and systems for implementing secure and efficient broadcast encryption schemes with configurable and practical tradeoffs among a pre-broadcast transmission bandwidth t, a key storage cost k, and a key derivation cost c, in which the schemes use subtree difference and key decomposition to generate secondary keys, use the secondary keys to encrypt the broadcast and generate ciphertexts, and use the RSA encryption scheme to implement derivability between the primary keys and the secondary keys. To decrypt the broadcast, a privileged user uses one of its primary keys to derive a secondary key, which is used to decrypt the broadcast. The product of key derivation costc and the key storage cost k is at most (2a−log a−2)logn, when n is the number of users, 1≦b≦log n, a=2, and revoked users r
Control profile
Zulfikar Amin Ramzan from Saratoga, CA, age ~49 Get Report