IP & Evidence

Patent Pending | GB2610661.7

Independent research into three-factor entropy-fused geo-fenced encryption. Patent application filed covering the full architecture.

Patent Status

Patent Pending

Status: Patent Pending
Application Number: GB2610661.7
Filed: 6 May 2026 — UK IPO
Inventor: Dhruv Saini
IP Ownership: 100% inventor-owned
PCT Filing: October 2026 — EPO & USPTO designated

Coverage Summary

Three-factor entropy-fused geo-fenced encryption: physical location signal context, hardware attestation, time-window constraints, and post-quantum key establishment. Full claim details are available to qualified parties under NDA.

Evidence Record

Conception documented July 2025 (2,930-line prototype). Production codebase of 50 modules committed April 2026 with OpenTimestamps Bitcoin blockchain anchoring on the same date. GPG-signed commits with SHA-256 hashes provide a tamper-evident prior-art and conception timeline.

Important

Patent pending, not granted. This page does not disclose the full claim text. Technical details are available to qualified parties under NDA.

Timeline

Research and Development Timeline

July 2025
Independent Conception
GFAE conceived independently. 2,930-line prototype committed, establishing the earliest evidence record for the invention. Sole inventor: Dhruv Saini.
September 2025
Architecture & Implementation Guides
Full technical architecture formalised. Implementation guides produced covering the three-factor entropy fusion pipeline: ML-KEM-1024, GNSS signal context, TPM 2.0 PCR attestation, and HKDF-SHA-512 key derivation.
April 2026
Production Codebase — Blockchain Anchored
Production codebase of 50 Python modules committed. OpenTimestamps Bitcoin blockchain anchoring applied on the same date (April 2026). GPG-signed commits with SHA-256 hashes provide tamper-evident evidence record.
6 May 2026
UK Patent Filed — GB2610661.7
UK Patent Application GB2610661.7 filed at the UK Intellectual Property Office. Sole inventor. IP 100% inventor-owned — University of Surrey Technology Transfer Office has confirmed in writing that no university claim applies.
June 2026
Form PF9 Filing
UK Patent Office procedural filing. Patent application progressing through standard examination process.
October 2026
PCT Filing Planned — EPO & USPTO
International patent application planned under the Patent Cooperation Treaty, designating the European Patent Office (EPO) and United States Patent and Trademark Office (USPTO).
Ongoing
External Validation & Commercialisation
Seeking independent external validation, DASA innovation funding, and pilot discussions with defence, NHS, and critical infrastructure organisations. Technical briefings available under NDA.

IP Position

How GFAE is Positioned Against Prior Art

Reference / Category	What It Covers	Gap	GFAE Distinction
US9940477B2 — Spychatter (2018) Static GPS Geo-fencing	Location-based message encryption using static GPS coordinate values as key parameters. Access gated by coordinate match against server-side rules.	Uses static GPS coordinate values — reproducible by any adversary who knows the target coordinates. No post-quantum KEM, no hardware attestation, no live signal-quality entropy, no anti-spoofing detection.	GFAE uses live satellite signal entropy (SNR values, HDOP, constellation geometry) that requires physical presence. Coordinate values alone cannot reproduce the key material.
US11962694B2 — Microsoft (2024) Environmental Sensor Entropy	Encryption key derivation incorporating environmental sensor data as an entropy source for device binding and access control.	Does not use ML-KEM-1024 post-quantum key establishment, TPM 2.0 PCR quote entropy, AI-adaptive lifecycle controls, or four-heuristic GNSS anti-spoofing detection.	GFAE combines post-quantum shared secret, live GNSS signal-quality context, and TPM 2.0 PCR attestation through a domain-separated HKDF-SHA-512 pipeline — a distinct three-factor entropy fusion architecture.
NISTIR 7904 — NIST (2015) TPM Access Gating	Trusted platform module usage guidelines covering TPM PCR measurements as access gates and remote attestation for platform integrity verification.	TPM PCRs function as an access gate — a pass/fail check — rather than an entropy input to key derivation. No PQC key establishment, no GNSS signal-quality binding, no AI-adaptive lifecycle.	GFAE uses TPM 2.0 PCR quotes as one entropy contributor in a multi-factor fusion pipeline, not as a standalone gate. The PCR value participates in key derivation material, not merely in an access decision.
US9680827B2 — CyberArk (2017) Geo-fenced Key Validity	Geo-fencing applied to key validity — suspending key availability outside a defined geographic boundary. Keys are managed and revoked based on location check.	Geo-fencing controls key validity suspension only, not entropy-derived key generation. The key exists; geography decides whether it is released. No PQC, no hardware root of trust, no signal-quality entropy.	GFAE does not gate an existing key. It makes the key impossible to re-derive outside the authorised boundary. The cryptographic boundary and the physical boundary are mathematically the same object.
US11082224B2 — Rambus (2021) Coordinate-Derived Keys	Key derivation incorporating geographic location data, using coordinate values as a parameter in the cryptographic pipeline.	Derives keys from coordinate values, not from live signal-quality measurements. An adversary with known coordinates can reproduce the key. No ML-KEM-1024 post-quantum KEM, no TPM PCR entropy input.	GFAE uses per-satellite SNR values, HDOP, and constellation geometry — measurements that require physical presence and cannot be reverse-engineered from coordinate values alone.
EP3720046A1 — Microsoft (2020) TPM Certificate Gating	TPM attestation used as a certificate gate for cloud service access — device presents a TPM-backed attestation certificate to obtain access tokens.	TPM attestation functions as a certificate authority gate only. No GNSS signal-quality binding, no post-quantum key establishment, no AI-controlled lifecycle, no geographic entropy in key derivation.	GFAE integrates TPM 2.0 PCR quotes as entropy material in a three-factor key derivation pipeline, not as a credential presentation mechanism.
US9256742B2 — Intel (2016) Infrastructure Geo-location Assertion	Geographic location assertion by infrastructure operators — a trusted infrastructure layer declares device location for access control decisions.	Relies on operator-asserted location rather than device-measured physical signal context. No PQC key establishment, no AI lifecycle controls, no signal-quality entropy. Trust delegation to operator, not physical measurement.	GFAE derives location context from the device's own live GNSS signal measurements, not from operator assertion. The physical boundary is device-verified, not infrastructure-declared.

Prior art assessment based on current review. GFAE is patent pending (GB2610661.7). This table does not constitute legal advice or a legal conclusion of novelty.

This assessment is based on current review and does not constitute a legal conclusion of novelty or patentability. GFAE appears distinct from identified prior art in the combination of factors described. Patent pending | GB2610661.7.

Disclosure

Disclosure Boundaries

Some information is available publicly on this website. Technical internals, exact derivation parameters, and full patent claims are available only under NDA to qualified parties.

Topic	Disclosure Status
Company name and product name	Public
Patent pending status and number (GB2610661.7)	Public
High-level three-factor architecture	Public
Standards used: ML-KEM-1024, HKDF-SHA-512, AES-256-GCM, TPM 2.0	Public
Sector use cases (Defence, Space, NHS, Infrastructure, Enterprise)	Public
Compliance framework alignment (NIST, FIPS, ISO/IEC 27001, GDPR)	Public
Founder information and academic context	Public
Known limitations (GNSS indoor, hardware dependency)	Public
General prior art positioning (high-level)	Public
Post-quantum positioning and HNDL relevance	Careful Wording
Defence and military application descriptions	Careful Wording
Anti-spoofing approach (general description only)	Careful Wording
NHS / healthcare data governance positioning	Careful Wording
University of Surrey academic context	Careful Wording
Key derivation internals (HKDF info structure, domain tags)	NDA Only
Exact GNSS anti-spoofing thresholds and heuristic parameters	NDA Only
AI threat scoring feature vectors and ensemble weights	NDA Only
Authentication flow mechanics and token format	NDA Only
Full patent claim text beyond high-level summary	NDA Only
Internal source code and test vectors	NDA Only
Security audit findings and known gaps	NDA Only
Environment variables and infrastructure configuration	NDA Only
Exact entropy quantisation methods	NDA Only
Private repo names, paths, and deployment keys	NDA Only

Evidence

Evidence Available on Request

Patent filing receipt — UK IPO GB2610661.7
Surrey TTO written IP confirmation (100% inventor-owned, no university claim)
OpenTimestamps Bitcoin blockchain anchor — April 2026
GPG-signed commit log with SHA-256 hashes (April 2026 production codebase)
July 2025 conception evidence (2,930-line prototype commit)
Technical architecture brief (NDA required above public disclosure boundary)
Architecture walkthrough — video or screen-share briefing
External validation evidence when available

Evidence is provided to qualified parties under NDA or as part of formal review processes (e.g. innovation funding applications, procurement assessments).

Request a Technical Briefing

Technical briefings, NDA disclosure, and patent evidence are available to qualified parties. Please provide context when enquiring.

Request Technical Briefing

Reference / Category

GFAE Distinction

US9940477B2 — Spychatter (2018)

Static GPS Geo-fencing

GFAE uses live satellite signal entropy (SNR values, HDOP, constellation geometry) that requires physical presence. Coordinate values alone cannot reproduce the key material.

US11962694B2 — Microsoft (2024)

Environmental Sensor Entropy

GFAE combines post-quantum shared secret, live GNSS signal-quality context, and TPM 2.0 PCR attestation through a domain-separated HKDF-SHA-512 pipeline — a distinct three-factor entropy fusion architecture.

NISTIR 7904 — NIST (2015)

TPM Access Gating

GFAE uses TPM 2.0 PCR quotes as one entropy contributor in a multi-factor fusion pipeline, not as a standalone gate. The PCR value participates in key derivation material, not merely in an access decision.

US9680827B2 — CyberArk (2017)

Geo-fenced Key Validity

GFAE does not gate an existing key. It makes the key impossible to re-derive outside the authorised boundary. The cryptographic boundary and the physical boundary are mathematically the same object.

US11082224B2 — Rambus (2021)

Coordinate-Derived Keys

GFAE uses per-satellite SNR values, HDOP, and constellation geometry — measurements that require physical presence and cannot be reverse-engineered from coordinate values alone.

EP3720046A1 — Microsoft (2020)

TPM Certificate Gating

GFAE integrates TPM 2.0 PCR quotes as entropy material in a three-factor key derivation pipeline, not as a credential presentation mechanism.

US9256742B2 — Intel (2016)

Infrastructure Geo-location Assertion

GFAE derives location context from the device's own live GNSS signal measurements, not from operator assertion. The physical boundary is device-verified, not infrastructure-declared.

Topic

Disclosure Status

Company name and product name

Public

Patent pending status and number (GB2610661.7)

Public

High-level three-factor architecture

Public

Standards used: ML-KEM-1024, HKDF-SHA-512, AES-256-GCM, TPM 2.0

Public

Sector use cases (Defence, Space, NHS, Infrastructure, Enterprise)

Public

Compliance framework alignment (NIST, FIPS, ISO/IEC 27001, GDPR)

Public

Founder information and academic context

Public

Known limitations (GNSS indoor, hardware dependency)

Public

General prior art positioning (high-level)

Public

Post-quantum positioning and HNDL relevance

Careful Wording

Defence and military application descriptions

Careful Wording

Anti-spoofing approach (general description only)

Careful Wording

NHS / healthcare data governance positioning

Careful Wording

University of Surrey academic context

Careful Wording

Key derivation internals (HKDF info structure, domain tags)

NDA Only

Exact GNSS anti-spoofing thresholds and heuristic parameters

NDA Only

AI threat scoring feature vectors and ensemble weights

NDA Only

Authentication flow mechanics and token format

NDA Only

Full patent claim text beyond high-level summary

NDA Only

Internal source code and test vectors

NDA Only

Security audit findings and known gaps

NDA Only

Environment variables and infrastructure configuration

NDA Only

Exact entropy quantisation methods

NDA Only

Private repo names, paths, and deployment keys

NDA Only