EP3935782A1 - A system and method for selective transparency for public ledgers - Google Patents

A system and method for selective transparency for public ledgers

Info

Publication number
EP3935782A1
EP3935782A1 EP20712741.6A EP20712741A EP3935782A1 EP 3935782 A1 EP3935782 A1 EP 3935782A1 EP 20712741 A EP20712741 A EP 20712741A EP 3935782 A1 EP3935782 A1 EP 3935782A1
Authority
EP
European Patent Office
Prior art keywords
linkage
entity
submission
commitment
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP20712741.6A
Other languages
German (de)
French (fr)
Inventor
Joshua D. LAMPKINS
Hyun Kim (Tiffany) J.
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HRL Laboratories LLC
Original Assignee
HRL Laboratories LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US16/444,582 external-priority patent/US20200034550A1/en
Priority claimed from US16/444,903 external-priority patent/US10721073B2/en
Application filed by HRL Laboratories LLC filed Critical HRL Laboratories LLC
Publication of EP3935782A1 publication Critical patent/EP3935782A1/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Definitions

  • the present invention relates to a public ledger protocol and, more specifically, to a system implementing a protocol that provides for selective transparency for public ledgers.
  • Blockchain protocols are generally used in transaction processes to reach consensus among parties and validate transactions within a blockchain network. There are numerous blockchain protocols in existence. Such protocols generally allow for highly distributed and auditable record keeping, but do not always provide a high level of privacy for the users. Such protocols are often
  • the present disclosure provides a system for selective transparency in a public ledger.
  • the system includes one or more processors and an associated one or more memories (associated being the memory from which a particular one or more processors executes instructions).
  • Each of the one or more memories is a non-transitory computer-readable medium having executable instructions encoded thereon, such that upon execution of the instructions, the one or more processors perform several operations, such as logging a first submission by a first entity to the public ledger, the submission being a data entry with a message M and an identification number (ID); and recording a linkage by a second entity, the linkage being an encryption and commitment linking the submission by the first entity to a second submission by the second entity.
  • ID identification number
  • the one or more processors perform an operation of
  • the one or more processors perform an operation of verifying the linkage.
  • the operation of logging the first submission further comprises operations of constructing the message M; constructing the commitment to an identification number (ID) corresponding to message M, the commitment being constructed based on randomness r; encrypting the ID and the randomness r; concatenating the message M, commitment, and encryption data into a data payload D; and logging the payload D into the public ledger as the first submission and providing the first entity with a block number of payload D along with values of message M, ID, and r.
  • ID identification number
  • verifying the linkage further comprises operations of determining a value of linkage verification information; transmitting the value of the linkage verification information and corresponding block number to a third entity; and reading, by the third entity, the commitments from block N i and verifying that the commitments are commitments to the same ID using the linkage verification information.
  • the present invention also includes a computer program product and a computer implemented method.
  • the computer program product includes computer-readable instructions stored on a non-transitory computer-readable medium that are executable by a computer having one or more processors, such that upon execution of the instructions, the one or more processors perform the operations listed herein.
  • the computer implemented method includes an act of causing a computer to execute such instructions and perform the resulting operations.
  • FIG. 1 is a block diagram depicting the components of a system according to various embodiments of the present invention.
  • FIG. 2 is an illustration of a computer program product embodying an aspect of the present invention
  • FIG. 3 is a block diagram depicting a public ledger and protocols according to various embodiments of the present invention.
  • FIG. 4 is a block diagram depicting a data submission protocol according to various embodiments of the present invention.
  • FIG. 5 is a block diagram depicting a linkage creation protocol according to various embodiments of the present invention.
  • FIG. 6 is a block diagram depicting a linkage verification protocol according to various embodiments of the present invention.
  • the present invention relates to a public ledger protocol and, more
  • FIPS PUB 180-4 Federal Information Processing Standards Publication, Secure Hash Standard (SHS), found at https: //nvlpubs.nist .gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf, (March 2015).
  • the first is a system for selective transparency of public ledgers.
  • the system is typically in the form of a computer system operating software or in the form of a “hard-coded” instruction set. This system may be incorporated into a wide variety of devices that provide different functionalities.
  • the second principal aspect is a method, typically in the form of software, operated using a data processing system (computer).
  • the third principal aspect is a computer program product.
  • the computer program product generally represents computer-readable instructions stored on a non-transitory computer-readable medium such as an optical storage device, e.g., a compact disc (CD) or digital versatile disc (DVD), or a magnetic storage device such as a floppy disk or magnetic tape.
  • Other, non- limiting examples of computer-readable media include hard disks, read-only memory (ROM), and flash-type memories.
  • FIG. 1 A block diagram depicting an example of a system (i.e., computer system
  • the computer system 100 is configured to perform calculations, processes, operations, and/or functions associated with a program or algorithm.
  • certain processes and steps discussed herein are realized as a series of instructions (e.g., software program) that reside within computer readable memory units (associated one or more memories) and are executed by one or more processors of the computer system 100.
  • the one or more processors can be on a single computing device or networked or otherwise spread out across multiple computing devices. When executed, the instructions cause the computer system 100 to perform specific actions and exhibit specific behavior, such as described herein.
  • the computer system 100 may include an address/data bus 102 that is
  • processors configured to communicate information.
  • one or more data processing units such as a processor 104 (or processors) are coupled with the address/data bus 102.
  • the processor 104 is configured to process information and instructions.
  • the processor 104 is a microprocessor.
  • the processor 104 may be a different type of processor such as a parallel processor, application-specific integrated circuit (ASIC), programmable logic array (PLA), complex programmable logic device (CPLD), or a field
  • FPGA programmable gate array
  • the computer system 100 is configured to utilize one or more data storage units.
  • the computer system 100 may include a volatile memory unit 106 (e.g., random access memory (“RAM”), static RAM, dynamic RAM, etc.) coupled with the address/data bus 102, wherein a volatile memory unit 106 is configured to store information and instructions for the processor 104.
  • the computer system 100 further may include a non-volatile memory unit 108 (e.g., read-only memory (“ROM”), programmable ROM (“PROM”), erasable programmable ROM
  • the computer system 100 may execute instructions retrieved from an online data storage unit such as in“Cloud” computing.
  • the computer system 100 also may include one or more interfaces, such as an interface 110, coupled with the address/data bus 102. The one or more interfaces are configured to enable the computer system 100 to interface with other electronic devices and computer systems.
  • the communication interfaces implemented by the one or more interfaces may include wireline (e.g., serial cables, modems, network adaptors, etc.) and/or wireless (e.g., wireless modems, wireless network adaptors, etc.) communication technology.
  • wireline e.g., serial cables, modems, network adaptors, etc.
  • wireless e.g., wireless modems, wireless network adaptors, etc.
  • the computer system 100 may include an input device 112
  • the input device 112 is coupled with the address/data bus 102, wherein the input device 112 is configured to communicate information and command selections to the processor 100.
  • the input device 112 is an alphanumeric input device, such as a keyboard, that may include alphanumeric and/or function keys.
  • the input device 112 may be an input device other than an alphanumeric input device.
  • the computer system 100 may include a cursor control device 114 coupled with the address/data bus 102, wherein the cursor control device 114 is configured to communicate user input information and/or command selections to the processor 100.
  • the cursor control device 114 is implemented using a device such as a mouse, a track-ball, a track- pad, an optical tracking device, or a touch screen.
  • the cursor control device 114 is directed and/or activated via input from the input device 112, such as in response to the use of special keys and key sequence commands associated with the input device 112.
  • the cursor control device 114 is configured to be directed or guided by voice commands.
  • the computer system 100 further may include one or more
  • a storage device 116 coupled with the address/data bus 102.
  • the storage device 116 is configured to store information and/or computer executable instructions.
  • the storage device 116 is a storage device such as a magnetic or optical disk drive (e.g., hard disk drive (“HDD”), floppy diskette, compact disk read only memory (“CD-ROM”), digital versatile disk (“DVD”)).
  • a display device 118 is coupled with the address/data bus 102, wherein the display device 118 is configured to display video and/or graphics.
  • the display device 118 may include a cathode ray tube (“CRT”), liquid crystal display (“LCD”), field emission display (“FED”), plasma display, or any other display device suitable for displaying video and/or graphic images and alphanumeric characters recognizable to a user.
  • CTR cathode ray tube
  • LCD liquid crystal display
  • FED field emission display
  • plasma display or any other display device suitable for displaying video and/or graphic images and alphanumeric characters recognizable to a user.
  • the computer system 100 presented herein is an example computing
  • the non-limiting example of the computer system 100 is not strictly limited to being a computer system.
  • the computer system 100 represents a type of data processing analysis that may be used in accordance with various aspects described herein.
  • other computing systems may also be implemented.
  • the spirit and scope of the present technology is not limited to any single data processing environment.
  • one or more operations of various aspects of the present technology are controlled or implemented using computer-executable instructions, such as program modules, being executed by a computer.
  • program modules include routines, programs, objects, components and/or data structures that are configured to perform particular tasks or implement particular abstract data types.
  • an aspect provides that one or more aspects of the present technology are implemented by utilizing one or more distributed computing environments, such as where tasks are performed by remote processing devices that are linked through a communications network, or such as where various program modules are located in both local and remote computer-storage media including memory- storage devices.
  • FIG. 2 An illustrative diagram of a computer program product (i.e., storage device) embodying the present invention is depicted in FIG. 2.
  • the computer program product is depicted as a floppy disk 200 or an optical disk 202 such as a CD or DVD.
  • the computer program product generally represents computer-readable instructions stored on any compatible non-transitory computer-readable medium (each of with is a memory for use with an associated processor).
  • the term“instructions” as used with respect to this invention generally indicates a set of operations to be performed on a computer, and may represent pieces of a whole program or individual, separable, software modules.
  • Non-limiting examples of“instruction” include computer program code (source or object code) and“hard-coded” electronics (i.e. computer operations coded into a computer chip).
  • The“instruction” is stored on any non-transitory computer-readable medium, such as in the memory of a computer or on a floppy disk, a CD-ROM, or a flash drive. In either event, the instructions are encoded on a non-transitory computer-readable medium.
  • This disclosure is directed to a system and method for selective transparency for public ledgers.
  • This implements a collection of protocols for creating linked data entries in a public ledger, such that an entity viewing the ledger cannot determine that the entries are linked unless it is given auxiliary information, or unless it has authorization to do so.
  • One example implementation is the submission of supply chain data to a public blockchain, in which entities along the blockchain can upload messages to the blockchain that link products they have produced with parts and/or materials used in creating that part, allowing supply chain traceability while preserving the privacy of the individual suppliers.
  • the protocol of the present disclosure provides a combination of auditability and privacy that is well suited for the supply chain use case, allowing an authorized entity or entities to view all data on the blockchain, and allowing entities in the supply chain to prove provenance of their parts and materials to those to whom they give auxiliary information.
  • the present disclosure is directed to a system implementing a protocol that provides for selective transparency for public ledgers.
  • the system may be a public ledger implementing the process and protocols as described herein.
  • a blockchain such as Ethereum may be used as a public ledger (see Literature Reference No. 4).
  • Each entity in the supply chain has the ability to upload data to the public ledger using a function pub(-).
  • the system allows for at least a data submission protocol 302, a linkage creation protocol 304, an auditing process protocol 306, and a linkage verification protocol 308.
  • Message Construction 400 P k constructs a descriptive message M. In the supply chain use case, the message may be of the form,“ P k has produced a part of type X.” 2.
  • Commitment Construction 402 P k constructs a Pedersen commitment to an ID number corresponding to the message. In the supply chain use case, this may be the ID number of the part, or a batch number of some raw material. The commitment is constructed by generating a random number r and then computing g H(ID) h r . The value g H(ID) h r is the specific Pedersen commitment used in this protocol (although other commitments may be used depending on the specific implementation).
  • Encryption 404 P k constructs an encryption of the ID and the
  • an entity producing a product would want to provide linkage data to the IDs for parts used in the creation of that product, or the batch numbers of raw materials used in the creation of the product. If the entity is mining/collecting a raw material, then they might not include linkage data, as there would be no other entity further up in the supply chain.
  • Indexing the linkage entries by t the following is done for each linkage entry: P k retrieves the stored values N i and ID i which are the block number and identification number for that linkage entry, respectively. ( P k will have received these values in the linkage creation protocol below.) P k then generates a random r i ' and constructs the linkage entry .
  • Payload Created 408 P k concatenates the data constructed in the previous steps into a data payload D (i.e., the part of transmitted data that is the actual intended message). If there are n data linkage entries, this will be of the form and if there are no data linkage entries, this will be of the form
  • P k constructs a signature on the payload, d k (D).
  • entity A gives entity B sufficient information to create a data linkage entry to an initial entry created by A.
  • the linkage entry would be created in future instances of the data submission protocol.
  • A has played the role of P k in some previous instance of the data submission protocol, and B may play the role of P k in some future instance of the data submission protocol.
  • this information transfer would occur in tandem with the transfer of a part or material from A to B, allowing B to link his part ID number back to A’s part ID number.
  • the linkage creation protocol 304 proceeds as follows:
  • Entity A passes the information N, ID, and r to entity B, where N, ID, and r were used by A in a previous instance of the data submission protocol.
  • Entity B looks up block N, computes g H(ID) h r and confirms that this matches with the entry in block N .
  • the regulator can decrypt Enc pk (ID, r) by computing Dec sk (Enc pk (ID, r )) to obtain the decrypted linkage entry.
  • the regulator is any party authorized to verify data in the ledger.
  • the regulator can also decrypt the encrypted portion of any data linkage entries by computing Dec sk (Enc pk (N i , ID i , r i '). The regulator may then decrypt the entries in block N i to continue the auditing process.
  • this process may take place when a regulator wants to determine the origin of parts and materials used in constructing a product.
  • the regulator can look up the ID number of the part in the public ledger by decrypting values, and then determine the ID numbers of parts and materials used in constructing that part, continuing the investigation to see the origin of those parts and materials.
  • P k computes and sends this value, along with N i to V. For example, since P k knows r i — r i ' and h , it can compute using basic arithmetic over group G.
  • V reads u from block N i and
  • the process described herein can be used for data verification between parties or ledgers. Further, the process can be used in a variety of other applications. As a non-limiting example, some of the processes could be automated. For instance, for the data submission protocol, a factory worker could scan barcodes of component pieces and the barcode of the final product created using those pieces (which could be done using a portable device or cell phone), and the device could then automatically send the relevant data to a factory server, which could then publish the relevant information to the blockchain.

Abstract

Described is a system for selective transparency in a public ledger. In operation, a first submission by a first entity is logged to the public ledger. The submission is a data entry with a message M and an identification number (ID). Separately, a linkage by a second entity is recorded. The linkage is an encryption and commitment linking the submission by the first entity to a second submission by the second entity. The linkage can be verified through a series of processes, such as by determining a value of linkage verification information. The value of the linkage verification information and corresponding block number is then transmitted to a third entity. The third entity reads the commitments from block Nt and verifies that the commitments are commitments to the same ID using the linkage verification information.

Description

[0001] A SYSTEM AND METHOD FOR SELECTIVE TRANSPARENCY FOR
PUBLIC LEDGERS
[0002] CROSS-REFERENCE TO RELATED APPLICATIONS
[0003] The present application is a Continuation-in-Part application of U.S. Application No. 16/444,582, filed on June 18, 2019, which is a non-provisional application of U.S.Provisional Application Nos. 62/801,581, filed on February 05, 2019, AND 62/711,304, filed on July 27, 2018, the entirety of which are incorporated herein by reference.
[0004] The present application is ALSO a Continuation-in-Part application of U.S.
Application No. 16/444,903, filed on June 18, 2019, which is a non-provisional application of U.S. Provisional Application No. 62/711,355, filed on July 27, 2018, the entirety of which are incorporated herein by reference.
[0005] The present application is ALSO a non-provisional patent application of U.S.Provisional Application No. 62/814,167, filed on March 05, 2019, the entirety of which is hereby incorporated by reference.
[0006] BACKGROUND OF INVENTION
[0007] (1) Field of Invention
[0008] The present invention relates to a public ledger protocol and, more specifically, to a system implementing a protocol that provides for selective transparency for public ledgers.
[0009] (2) Description of Related Art
[00010] Blockchain protocols are generally used in transaction processes to reach consensus among parties and validate transactions within a blockchain network. There are numerous blockchain protocols in existence. Such protocols generally allow for highly distributed and auditable record keeping, but do not always provide a high level of privacy for the users. Such protocols are often
implemented in supply chain management to allow the various parties to maintain a distributed supply chain record. For example, there are numerous previous publications on the application of blockchain to supply chain (see the List of Incorporated Literature References, Literature Reference Nos. 1-3).
[00011] In the supply chain example it is desirable to allow companies to be able to track the flow of parts in a supply chain in case a product recall is needed at some point in the future. However, suppliers to a manufacturer or other company will likely not want to publicize who their suppliers are, as this is sensitive information that could give their competitors an advantage. None of the existing protocols provide privacy guarantees as may be desired.
[00012] Thus, a continuing need exists for a system for selective transparency for public ledgers that implements a collection of protocols for creating linked data entries in a public ledger, such that an entity viewing the ledger cannot determine that the entries are linked unless it is given auxiliary information, or unless it has authorization to do so.
[00013] SUMMARY OF INVENTION
[00014] The present disclosure provides a system for selective transparency in a public ledger. In various embodiments, the system includes one or more processors and an associated one or more memories (associated being the memory from which a particular one or more processors executes instructions). Each of the one or more memories is a non-transitory computer-readable medium having executable instructions encoded thereon, such that upon execution of the instructions, the one or more processors perform several operations, such as logging a first submission by a first entity to the public ledger, the submission being a data entry with a message M and an identification number (ID); and recording a linkage by a second entity, the linkage being an encryption and commitment linking the submission by the first entity to a second submission by the second entity.
[00015] In another aspect, the one or more processors perform an operation of
decrypting the linkage to provide a regulator a decrypted linkage entry.
[00016] In yet another aspect, the one or more processors perform an operation of verifying the linkage.
[00017] Additionally, the operation of logging the first submission further comprises operations of constructing the message M; constructing the commitment to an identification number (ID) corresponding to message M, the commitment being constructed based on randomness r; encrypting the ID and the randomness r; concatenating the message M, commitment, and encryption data into a data payload D; and logging the payload D into the public ledger as the first submission and providing the first entity with a block number of payload D along with values of message M, ID, and r.
[00018] Further, verifying the linkage further comprises operations of determining a value of linkage verification information; transmitting the value of the linkage verification information and corresponding block number to a third entity; and reading, by the third entity, the commitments from block Ni and verifying that the commitments are commitments to the same ID using the linkage verification information.
[00019] Finally, the present invention also includes a computer program product and a computer implemented method. The computer program product includes computer-readable instructions stored on a non-transitory computer-readable medium that are executable by a computer having one or more processors, such that upon execution of the instructions, the one or more processors perform the operations listed herein. Alternatively, the computer implemented method includes an act of causing a computer to execute such instructions and perform the resulting operations.
[00020] BRIEF DESCRIPTION OF THE DRAWINGS
[00021] The objects, features and advantages of the present invention will be apparent from the following detailed descriptions of the various aspects of the invention in conjunction with reference to the following drawings, where:
[00022] FIG. 1 is a block diagram depicting the components of a system according to various embodiments of the present invention;
[00023] FIG. 2 is an illustration of a computer program product embodying an aspect of the present invention;
[00024] FIG. 3 is a block diagram depicting a public ledger and protocols according to various embodiments of the present invention;
[00025] FIG. 4 is a block diagram depicting a data submission protocol according to various embodiments of the present invention;
[00026] FIG. 5 is a block diagram depicting a linkage creation protocol according to various embodiments of the present invention; and
[00027] FIG. 6 is a block diagram depicting a linkage verification protocol according to various embodiments of the present invention.
[00028] DETAILED DESCRIPTION
[00029] The present invention relates to a public ledger protocol and, more
specifically, to a system implementing a protocol that provides for selective transparency for public ledgers. The following description is presented to enable one of ordinary skill in the art to make and use the invention and to incorporate it in the context of particular applications. Various modifications, as well as a variety of uses in different applications will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to a wide range of aspects. Thus, the present invention is not intended to be limited to the aspects presented, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
[00030] In the following detailed description, numerous specific details are set forth in order to provide a more thorough understanding of the present invention.
However, it will be apparent to one skilled in the art that the present invention may be practiced without necessarily being limited to these specific details. In other instances, well-known structures and devices are shown in block diagram form, rather than in detail, in order to avoid obscuring the present invention.
[00031] The reader's attention is directed to all papers and documents which are filed concurrently with this specification and which are open to public inspection with this specification, and the contents of all such papers and documents are incorporated herein by reference. All the features disclosed in this specification, (including any accompanying claims, abstract, and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise. Thus, unless expressly stated otherwise, each feature disclosed is one example only of a generic series of equivalent or similar features.
[00032] Furthermore, any element in a claim that does not explicitly state "means for" performing a specified function, or "ssssst feopr" performing a specific function, is not to be interpreted as a "means" or "step” clause as specified in 35 U.S.C.
Section 112, Paragraph 6. In particular, the use of“step of" or "act of" in the claims herein is not intended to invoke the provisions of 35 U.S.C. 112, Paragraph 6. [00033] Before describing the invention in detail, first a list of cited references is provided. Next, a description of the various principal aspects of the present invention is provided. Subsequently, an introduction provides the reader with a general understanding of the present invention. Finally, specific details of various embodiments of the present invention are provided to give an understanding of the specific aspects.
[00034] (1) List of Incorporated Literature References
[00035] The following references are cited throughout this application. For clarity and convenience, the references are listed herein as a central resource for the reader. The following references are hereby incorporated by reference as though fully set forth herein. The references are cited in the application by referring to the corresponding literature reference number, as follows:
1. Michele Ruta, Floriano Scioscia, Saverio leva, Giovanna Capurso, and Eugenio Di Sciascio, 2017 "Supply Chain Object Discovery with
Semantic-enhanced Blockchain." In Proceedings of the 15th ACM
Conference on Embedded Network Sensor Systems (SenSys '17), Rasit Eskicioglu (Ed.). ACM, New York, NY, USA, Article 60, 2 pages. DO : https ://doi . org/10.1145/3131672.3136974.
2. T. Bocek, B. B. Rodrigues, T. Strasser and B. Stiller, "Blockchains
everywhere - a use-case of blockchains in the pharma supply-chain," 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, 2017, pp. 772-777. doi: 10.23919/INM.2017.7987376
3. S. Chen, R. Shi, Z. Ren, J. Yan, Y. Shi and J. Zhang, "A Blockchain- Based Supply Chain Quality Management Framework," 2017 IEEE 14th International Conference on e-Business Engineering (ICEBE), Shanghai, 2017, pp. 172-176. doi: 10.1109/ICEBE.2017.34 4. Ethereum, open source platform for decentralized applications, found at www . ethereum. org, retrieved on December 19, 2018.
5. Pedersen T.P. (1992) Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum J. (eds) Advances in
Cryptology - CRYPTO '91. CRYPTO 1991. Lecture Notes in Computer Science, vol 576. Springer, Berlin, Heidelberg
6. FIPS PUB 180-4, Federal Information Processing Standards Publication, Secure Hash Standard (SHS), found at https: //nvlpubs.nist .gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf, (August 2015).
[00036] (2) Principal Aspects
[00037] Various embodiments of the invention include three“principal” aspects. The first is a system for selective transparency of public ledgers. The system is typically in the form of a computer system operating software or in the form of a “hard-coded” instruction set. This system may be incorporated into a wide variety of devices that provide different functionalities. The second principal aspect is a method, typically in the form of software, operated using a data processing system (computer). The third principal aspect is a computer program product. The computer program product generally represents computer-readable instructions stored on a non-transitory computer-readable medium such as an optical storage device, e.g., a compact disc (CD) or digital versatile disc (DVD), or a magnetic storage device such as a floppy disk or magnetic tape. Other, non- limiting examples of computer-readable media include hard disks, read-only memory (ROM), and flash-type memories. These aspects will be described in more detail below.
[00038] A block diagram depicting an example of a system (i.e., computer system
100) of the present invention is provided in FIG. 1. The computer system 100 is configured to perform calculations, processes, operations, and/or functions associated with a program or algorithm. In one aspect, certain processes and steps discussed herein are realized as a series of instructions (e.g., software program) that reside within computer readable memory units (associated one or more memories) and are executed by one or more processors of the computer system 100. The one or more processors can be on a single computing device or networked or otherwise spread out across multiple computing devices. When executed, the instructions cause the computer system 100 to perform specific actions and exhibit specific behavior, such as described herein.
[00039] The computer system 100 may include an address/data bus 102 that is
configured to communicate information. Additionally, one or more data processing units, such as a processor 104 (or processors), are coupled with the address/data bus 102. The processor 104 is configured to process information and instructions. In an aspect, the processor 104 is a microprocessor. Alternatively, the processor 104 may be a different type of processor such as a parallel processor, application-specific integrated circuit (ASIC), programmable logic array (PLA), complex programmable logic device (CPLD), or a field
programmable gate array (FPGA).
[00040] The computer system 100 is configured to utilize one or more data storage units. The computer system 100 may include a volatile memory unit 106 (e.g., random access memory ("RAM"), static RAM, dynamic RAM, etc.) coupled with the address/data bus 102, wherein a volatile memory unit 106 is configured to store information and instructions for the processor 104. The computer system 100 further may include a non-volatile memory unit 108 (e.g., read-only memory ("ROM"), programmable ROM ("PROM"), erasable programmable ROM
("EPROM"), electrically erasable programmable ROM "EEPROM"), flash memory, etc.) coupled with the address/data bus 102, wherein the non-volatile memory unit 108 is configured to store static information and instructions for the processor 104. Alternatively, the computer system 100 may execute instructions retrieved from an online data storage unit such as in“Cloud” computing. In an aspect, the computer system 100 also may include one or more interfaces, such as an interface 110, coupled with the address/data bus 102. The one or more interfaces are configured to enable the computer system 100 to interface with other electronic devices and computer systems. The communication interfaces implemented by the one or more interfaces may include wireline (e.g., serial cables, modems, network adaptors, etc.) and/or wireless (e.g., wireless modems, wireless network adaptors, etc.) communication technology.
[00041] In one aspect, the computer system 100 may include an input device 112
coupled with the address/data bus 102, wherein the input device 112 is configured to communicate information and command selections to the processor 100. In accordance with one aspect, the input device 112 is an alphanumeric input device, such as a keyboard, that may include alphanumeric and/or function keys.
Alternatively, the input device 112 may be an input device other than an alphanumeric input device. In an aspect, the computer system 100 may include a cursor control device 114 coupled with the address/data bus 102, wherein the cursor control device 114 is configured to communicate user input information and/or command selections to the processor 100. In an aspect, the cursor control device 114 is implemented using a device such as a mouse, a track-ball, a track- pad, an optical tracking device, or a touch screen. The foregoing notwithstanding, in an aspect, the cursor control device 114 is directed and/or activated via input from the input device 112, such as in response to the use of special keys and key sequence commands associated with the input device 112. In an alternative aspect, the cursor control device 114 is configured to be directed or guided by voice commands.
[00042] In an aspect, the computer system 100 further may include one or more
optional computer usable data storage devices, such as a storage device 116, coupled with the address/data bus 102. The storage device 116 is configured to store information and/or computer executable instructions. In one aspect, the storage device 116 is a storage device such as a magnetic or optical disk drive (e.g., hard disk drive ("HDD"), floppy diskette, compact disk read only memory ("CD-ROM"), digital versatile disk ("DVD")). Pursuant to one aspect, a display device 118 is coupled with the address/data bus 102, wherein the display device 118 is configured to display video and/or graphics. In an aspect, the display device 118 may include a cathode ray tube ("CRT"), liquid crystal display ("LCD"), field emission display ("FED"), plasma display, or any other display device suitable for displaying video and/or graphic images and alphanumeric characters recognizable to a user.
[00043] The computer system 100 presented herein is an example computing
environment in accordance with an aspect. However, the non-limiting example of the computer system 100 is not strictly limited to being a computer system. For example, an aspect provides that the computer system 100 represents a type of data processing analysis that may be used in accordance with various aspects described herein. Moreover, other computing systems may also be implemented. Indeed, the spirit and scope of the present technology is not limited to any single data processing environment. Thus, in an aspect, one or more operations of various aspects of the present technology are controlled or implemented using computer-executable instructions, such as program modules, being executed by a computer. In one implementation, such program modules include routines, programs, objects, components and/or data structures that are configured to perform particular tasks or implement particular abstract data types. In addition, an aspect provides that one or more aspects of the present technology are implemented by utilizing one or more distributed computing environments, such as where tasks are performed by remote processing devices that are linked through a communications network, or such as where various program modules are located in both local and remote computer-storage media including memory- storage devices.
[00044] An illustrative diagram of a computer program product (i.e., storage device) embodying the present invention is depicted in FIG. 2. The computer program product is depicted as a floppy disk 200 or an optical disk 202 such as a CD or DVD. However, as mentioned previously, the computer program product generally represents computer-readable instructions stored on any compatible non-transitory computer-readable medium (each of with is a memory for use with an associated processor). The term“instructions” as used with respect to this invention generally indicates a set of operations to be performed on a computer, and may represent pieces of a whole program or individual, separable, software modules. Non-limiting examples of“instruction” include computer program code (source or object code) and“hard-coded” electronics (i.e. computer operations coded into a computer chip). The“instruction” is stored on any non-transitory computer-readable medium, such as in the memory of a computer or on a floppy disk, a CD-ROM, or a flash drive. In either event, the instructions are encoded on a non-transitory computer-readable medium.
[00045] (3) Introduction
[00046] This disclosure is directed to a system and method for selective transparency for public ledgers. This implements a collection of protocols for creating linked data entries in a public ledger, such that an entity viewing the ledger cannot determine that the entries are linked unless it is given auxiliary information, or unless it has authorization to do so. One example implementation is the submission of supply chain data to a public blockchain, in which entities along the blockchain can upload messages to the blockchain that link products they have produced with parts and/or materials used in creating that part, allowing supply chain traceability while preserving the privacy of the individual suppliers. [00047] There are numerous blockchain protocols in existence. Such protocols generally allow for highly distributed and auditable record keeping, but do not always provide a high level of privacy for the users. The protocol of the present disclosure provides a combination of auditability and privacy that is well suited for the supply chain use case, allowing an authorized entity or entities to view all data on the blockchain, and allowing entities in the supply chain to prove provenance of their parts and materials to those to whom they give auxiliary information.
[00048] In the supply chain example it is desirable to allow companies to be able to track the flow of parts in a supply chain in case a product recall is needed at some point in the future. However, suppliers to a manufacturer or other company will likely not want to publicize who their suppliers are, as this is sensitive information that could give their competitors an advantage. The invention of this disclosure could be used to allow such suppliers to upload their provenance information in a highly private manner, allowing a regulator or relevant company to act as auditors with full access to all supply chain data.
[00049] (4) Specific Details of Various Embodiments
[00050] As noted above, the present disclosure is directed to a system implementing a protocol that provides for selective transparency for public ledgers. Thus, in one aspect, the system may be a public ledger implementing the process and protocols as described herein. As a non-limiting example, a blockchain such as Ethereum may be used as a public ledger (see Literature Reference No. 4). Each entity in the supply chain has the ability to upload data to the public ledger using a function pub(-). When an entity invokes pub(D), it receives a block number N as a return value, which is the number of the data block in which the data D was published, and we write N = pub(D). Note that although the system does not require the protocol to use a blockchain, it is still assumed that the data entries are published into discrete blocks. [00051] Let Pk denote an entity in the supply chain, and assume that Pk has a publicly known public key. Let dk(D) denote Pk s signature on D. The regulator(s) have a private/public key pair ( sk , pk). The public key pk is publicly known to all entities in the supply chain, but the private key sk is only known to the regulator(s). Let Decsk(·) denote decryption with the private key, and let Encpk(· ) denote encryption with the public key. Assume the existence of a publicly known group G over which the discrete logarithm assumption holds. Let g be a generator of G and let h = ga be an element of G for some random integer a. Assume that g and h are publicly known, but that a is not known to any entity. Assume the existence of a publicly known hash function H whose output is an integer not greater than |G|. As a non-limiting example, SHA-256 may be used as a hash function (see Literature Reference No. 6). The elements g and h , along with the hash function H , will be used to form Pedersen commitments (see Literature Reference No. 5).
[00052] Assuming the existence of a public ledger 300 (examples of which are
provided above) and as shown in FIG. 3, the system allows for at least a data submission protocol 302, a linkage creation protocol 304, an auditing process protocol 306, and a linkage verification protocol 308.
[00053] (4.1) Data Submission Protocol 302
[00054] In this protocol with the above listed assumptions as implemented in a public ledger, an entity Pk submits a data entry with a message M and an identification number (ID) to the public ledger. As shown in FIG. 4, the data submission protocol 302 proceeds follows:
1. Message Construction 400: Pk constructs a descriptive message M. In the supply chain use case, the message may be of the form,“ Pk has produced a part of type X.” 2. Commitment Construction 402: Pk constructs a Pedersen commitment to an ID number corresponding to the message. In the supply chain use case, this may be the ID number of the part, or a batch number of some raw material. The commitment is constructed by generating a random number r and then computing gH(ID)hr . The value gH(ID)hr is the specific Pedersen commitment used in this protocol (although other commitments may be used depending on the specific implementation).
3. Encryption 404: Pk constructs an encryption of the ID and the
randomness used to construct the commitment using the public key pk, which is Encpk(ID, r ).
4. Linkages Created 406: Pk may optionally construct linkage entries,
thereby linking the created entry in the public ledger to previous entries.
In the supply chain use case, an entity producing a product would want to provide linkage data to the IDs for parts used in the creation of that product, or the batch numbers of raw materials used in the creation of the product. If the entity is mining/collecting a raw material, then they might not include linkage data, as there would be no other entity further up in the supply chain. Indexing the linkage entries by t, the following is done for each linkage entry: Pk retrieves the stored values Ni and IDi which are the block number and identification number for that linkage entry, respectively. ( Pk will have received these values in the linkage creation protocol below.) Pk then generates a random ri' and constructs the linkage entry .
5. Payload Created 408: Pk concatenates the data constructed in the previous steps into a data payload D (i.e., the part of transmitted data that is the actual intended message). If there are n data linkage entries, this will be of the form and if there are no data linkage entries, this will be of the form
.
Pk constructs a signature on the payload, d k(D).
6. Logging Payload 410: Pk invokes pub(D, dk(D )), and records the
returned block number, along with the values M, ID, and r.
[00055] (4.2) Linkage Creation Protocol 304
[00056] In this protocol, entity A gives entity B sufficient information to create a data linkage entry to an initial entry created by A. The linkage entry would be created in future instances of the data submission protocol. In the context of this protocol, A has played the role of Pk in some previous instance of the data submission protocol, and B may play the role of Pk in some future instance of the data submission protocol. In the supply chain use case, this information transfer would occur in tandem with the transfer of a part or material from A to B, allowing B to link his part ID number back to A’s part ID number. As shown in FIG. 5, the linkage creation protocol 304 proceeds as follows:
1. Transfer from A to B 500: Entity A passes the information N, ID, and r to entity B, where N, ID, and r were used by A in a previous instance of the data submission protocol.
2. B Confirms and Creates Link 502: Entity B looks up block N, computes gH(ID)hr and confirms that this matches with the entry in block N .
[00057] (4.3) Auditing Process Protocol 306
[00058] If a regulator wants to determine the ID number for a particular data
submission in the public ledger, the regulator can decrypt Encpk(ID, r) by computing Decsk(Encpk(ID, r )) to obtain the decrypted linkage entry. The regulator is any party authorized to verify data in the ledger. The regulator can also decrypt the encrypted portion of any data linkage entries by computing Decsk(Encpk(Ni, IDi, ri'). The regulator may then decrypt the entries in block Ni to continue the auditing process.
[00059] In the supply chain use case, this process may take place when a regulator wants to determine the origin of parts and materials used in constructing a product. The regulator can look up the ID number of the part in the public ledger by decrypting values, and then determine the ID numbers of parts and materials used in constructing that part, continuing the investigation to see the origin of those parts and materials.
[00060] (4.4) Linkage Verification Protocol 308
[00061] Suppose that an entity Pk wants to prove to some other entity V that a data linkage entry posted by Pk has the same IDi as
the initial data submission posted by some other party. Recall that Pk knows both ri' and ri as Pk generated ri' and retained a copy of ri that it learned during the linkage creation protocol. In this scenario and as shown in FIG. 6, the entity would initiate the linkage verification protocol 308, which proceeds as follows:
1. Determine Value 600: Pk computes and sends this value, along with Ni to V. For example, since Pk knows ri— ri' and h , it can compute using basic arithmetic over group G.
2. Verify Value 602: Then V reads u = from block Ni and
and verifies that
[00062] (4.5) Practical Applications
[00063] As can be appreciated by those skilled in the art, the process described herein can be used for data verification between parties or ledgers. Further, the process can be used in a variety of other applications. As a non-limiting example, some of the processes could be automated. For instance, for the data submission protocol, a factory worker could scan barcodes of component pieces and the barcode of the final product created using those pieces (which could be done using a portable device or cell phone), and the device could then automatically send the relevant data to a factory server, which could then publish the relevant information to the blockchain.
[00064] Finally, while this invention has been described in terms of several
embodiments, one of ordinary skill in the art will readily recognize that the invention may have other applications in other environments. It should be noted that many embodiments and implementations are possible. Further, the following claims are in no way intended to limit the scope of the present invention to the specific embodiments described above. In addition, any recitation of“means for” is intended to evoke a means-plus-function reading of an element and a claim, whereas, any elements that do not specifically use the recitation“means for”, are not intended to be read as means-plus-function elements, even if the claim otherwise includes the word“means”. Further, while particular method steps have been recited in a particular order, the method steps may occur in any desired order and fall within the scope of the present invention.

Claims

CLAIMS What is claimed is:
1. A system for selective transparency in a public ledger, the system comprising:
one or more processors and associated one or more memories, each of the one or more memories being a non-transitory computer-readable medium having executable instructions encoded thereon, such that upon execution of the instructions, the one or more processors perform operations of:
logging a first submission by a first entity to the public ledger by performing operations of:
constructing a data entry with a message M;
constructing a commitment to an identification number (ID) corresponding to message M, the commitment being constructed based on randomness r;
encrypting the ID and the randomness r;
concatenating the message M, commitment, and encryption data into a data payload D; and
logging the payload D into the public ledger as the first submission and providing the first entity with a block number of payload D along with values of message M, ID, and r;
recording a linkage by a second entity, the linkage being an encryption and commitment linking the submission by the first entity to a second submission by the second entity;
decrypting the linkage to provide a regulator a decrypted linkage entry; and
verifying the linkage by performing operations of:
determining a value of linkage verification information; transmitting the value of the linkage verification information and corresponding block number to a third entity without revealing the ID committed to; reading, by the third entity, the commitments from block Ni and verifying that the commitments are commitments to the same ID using the linkage verification information, where Ni is a block number indexed by i.
2. A computer program product for selective transparency in a public ledger, the computer program product comprising:
a non-transitory computer-readable medium having executable instructions encoded thereon, such that upon execution of the instructions by one or more processors, the one or more processors perform operations of:
logging a first submission by a first entity to the public ledger by performing operations of:
constructing a data entry with a message M;
constructing a commitment to an identification number (ID) corresponding to message M, the commitment being constructed based on randomness r;
encrypting the ID and the randomness r;
concatenating the message M, commitment, and encryption data into a data payload D; and
logging the payload D into the public ledger as the first submission and providing the first entity with a block number of payload D along with values of message M, ID, and r;
recording a linkage by a second entity, the linkage being an encryption and commitment linking the submission by the first entity to a second submission by the second entity;
decrypting the linkage to provide a regulator a decrypted linkage entry; and
verifying the linkage by performing operations of:
determining a value of linkage verification information; transmitting the value of the linkage verification
information and corresponding block number to a third entity without revealing the ID committed to;
reading, by the third entity, the commitments from block Ni and verifying that the commitments are commitments to the same ID using the linkage verification information, where Ni is a block number indexed by i.
3. A computer implemented method for selective transparency in a public ledger, the method comprising an act of:
causing one or more processers to execute instructions encoded on an associated non-transitory computer-readable medium, such that upon execution, the one or more processors perform operations of:
logging a first submission by a first entity to the public ledger by performing operations of:
constructing a data entry with a message M;
constructing a commitment to an identification number (ID) corresponding to message M, the commitment being constructed based on randomness r;
encrypting the ID and the randomness r;
concatenating the message M, commitment, and encryption data into a data payload D; and
logging the payload D into the public ledger as the first submission and providing the first entity with a block number of payload D along with values of message M, ID, and r;
recording a linkage by a second entity, the linkage being an encryption and commitment linking the submission by the first entity to a second submission by the second entity; decrypting the linkage to provide a regulator a decrypted linkage entry; and
verifying the linkage by performing operations of:
determining a value of linkage verification information; transmitting the value of the linkage verification
information and corresponding block number to a third entity without revealing the ID committed to;
reading, by the third entity, the commitments from block Ni and verifying that the commitments are commitments to the same ID using the linkage verification information, where Ni is a block number indexed by i.
EP20712741.6A 2019-03-05 2020-02-18 A system and method for selective transparency for public ledgers Pending EP3935782A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201962814167P 2019-03-05 2019-03-05
US16/444,582 US20200034550A1 (en) 2018-07-27 2019-06-18 System and method to protect data privacy of lightweight devices using blockchain and multi-party computation
US16/444,903 US10721073B2 (en) 2018-07-27 2019-06-18 Bidirectional blockchain
PCT/US2020/018685 WO2020180487A1 (en) 2019-03-05 2020-02-18 A system and method for selective transparency for public ledgers

Publications (1)

Publication Number Publication Date
EP3935782A1 true EP3935782A1 (en) 2022-01-12

Family

ID=72338067

Family Applications (1)

Application Number Title Priority Date Filing Date
EP20712741.6A Pending EP3935782A1 (en) 2019-03-05 2020-02-18 A system and method for selective transparency for public ledgers

Country Status (3)

Country Link
EP (1) EP3935782A1 (en)
CN (1) CN113396557A (en)
WO (1) WO2020180487A1 (en)

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101193723B (en) * 2004-02-09 2011-09-07 林肯环球股份有限公司 System and method providing automated welding notification
AU2016288644A1 (en) * 2015-07-02 2018-02-22 Nasdaq, Inc. Systems and methods of secure provenance for distributed transaction databases
GB2571801A (en) * 2016-02-23 2019-09-11 Nchain Holdings Ltd Consolidated blockchain-based data transfer control method and system
WO2017201489A1 (en) * 2016-05-20 2017-11-23 Moog Inc. Secure and traceable manufactured parts
GB201611948D0 (en) * 2016-07-08 2016-08-24 Kalypton Int Ltd Distributed transcation processing and authentication system
US10411895B2 (en) * 2017-05-04 2019-09-10 International Business Machines Corporation Creating match cohorts and exchanging protected data using blockchain
CN111492634A (en) * 2017-07-31 2020-08-04 编年史公司 Secure and confidential custody transaction systems, methods, and apparatus using zero-knowledge protocols
CN107911216B (en) * 2017-10-26 2020-07-14 矩阵元技术(深圳)有限公司 Block chain transaction privacy protection method and system
CN109359971B (en) * 2018-08-06 2020-05-05 阿里巴巴集团控股有限公司 Block chain transaction method and device and electronic equipment
CN112651740A (en) * 2018-08-30 2021-04-13 创新先进技术有限公司 Block chain transaction method and device and electronic equipment

Also Published As

Publication number Publication date
WO2020180487A1 (en) 2020-09-10
CN113396557A (en) 2021-09-14

Similar Documents

Publication Publication Date Title
US20110276490A1 (en) Security service level agreements with publicly verifiable proofs of compliance
EP4273843A1 (en) Data sharing system, data sharing method, and data sharing program
US10963593B1 (en) Secure data storage using multiple factors
US20150312217A1 (en) Client-side encryption of form data
CN114223175A (en) Generating a sequence of network data while preventing acquisition or manipulation of time data
CN112804217A (en) Block chain technology-based evidence storing method and device
Habib et al. Simplified file assured deletion (sfade)-a user friendly overlay approach for data security in cloud storage system
CN113498602A (en) Aggregating encrypted network values
JP2020524864A (en) Controlling access to data
Qureshi et al. Encryption techniques for smart systems data security offloaded to the cloud
US11343080B1 (en) System and method for data privacy and authentication
US11374753B2 (en) System and method for selective transparency for public ledgers
He et al. Public auditing for encrypted data with client-side deduplication in cloud storage
US10742404B2 (en) System and asynchronous protocol for verifiable secret sharing
Malgari et al. A novel data security framework in distributed cloud computing
Kaushik et al. Secure cloud data using hybrid cryptographic scheme
EP3935782A1 (en) A system and method for selective transparency for public ledgers
CN113518992A (en) Preventing data operations using multiple aggregation servers
Eldefrawy et al. In-App Cryptographically-Enforced Selective Access Control for Microsoft Office and Similar Platforms
Srivastava et al. Elliptic Curves for Data Provenance
CN114006689B (en) Data processing method, device and medium based on federal learning
Suganya et al. Decentralized secure money transfer using blockchain
Gandhi et al. Secure Encrypted Data Deduplication using Hashing Technique in Cloud
EP4016916A1 (en) Method and apparatus for sharing data
JP2000134195A (en) Encryption device, decoder, method and its recoding medium

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20210708

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230525