US20200374126A1 - Method for storing an object on a plurality of storage nodes - Google Patents
Method for storing an object on a plurality of storage nodes Download PDFInfo
- Publication number
- US20200374126A1 US20200374126A1 US16/993,633 US202016993633A US2020374126A1 US 20200374126 A1 US20200374126 A1 US 20200374126A1 US 202016993633 A US202016993633 A US 202016993633A US 2020374126 A1 US2020374126 A1 US 2020374126A1
- Authority
- US
- United States
- Prior art keywords
- key
- blockchain
- transaction
- stored
- copy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
Definitions
- the present invention relates to a method for storing an object on a plurality of storage nodes, said method performed in a memory available to one or more computing entities.
- the present invention further relates to a method for retrieving a stored object.
- the present invention further relates to a system for storing an object comprising a plurality of storage nodes for storing said object, one or more blockchain nodes for hosting a blockchain for transactions and one or more user clients connected to said storage nodes and said blockchain nodes.
- the present invention relates to a non-transitory computer readable medium storing a program causing a computer to execute a method for storing an object on a plurality of storing nodes.
- the present invention relates to a method, performed on a client, for storing an object on a plurality of storage nodes.
- the present invention relates to a non-transitory computer readable medium storing a program causing a computer to execute, on a client, a method for storing an object in an object on a plurality of storage nodes.
- quorum based replication For example to implement a robust replicated data store, i.e. guaranteeing correctness under arbitrary failures, in the presence of asynchrony, concurrency and failures, quorum based replication is used.
- a quorum Qr i.e. a set of servers Qr, queried by a read operation needs to intersect a quorum Qw updated by a write operation in f+1 servers. That could guarantee that there is at least one correct server in the intersection, since at most f may be fail Byzantine . This translates to the following requirement:
- Qr and Qw can comprise of at most n ⁇ f servers. Since at most f servers may be faulty, n ⁇ f servers are guaranteed to eventually reply. This translates to the following requirement:
- the present invention provides a method for storing an object on a plurality of storage nodes.
- an object to be stored is encrypted with a key.
- one or more hash values are computed for the object to be stored.
- the encrypted object is stored on the plurality of storage nodes.
- storage location data is provided for the stored object.
- a transaction is computed for a blockchain, wherein information is encoded in the transaction, the encoded information representing the storage location data, the computed one or more hash values and key data, wherein the key data includes at least one of: (i) a copy of the key and (ii) a copy of a master secret from which the key was derived.
- the transaction is stored in the blockchain, wherein the key data encoded into the blockchain transaction, including the at least one of the copy of the key and the copy of the master secret for deriving the key, is encrypted.
- FIG. 1 shows steps at a method according to an embodiment of the present invention
- FIG. 2 shows a step of a method according to a further embodiment the present invention.
- FIG. 3 shows a step of a method according to a further embodiment of the present invention.
- Improvements provided by embodiments of the invention include providing a Byzantine -fault tolerance storage system with minimum costs and maximum efficiency.
- the present invention provides a method for storing an object on a plurality of storage nodes, said method performed in a memory available to one or more computing entities, said method comprising the steps of
- Said method may be performed in a memory available to one or more computing devices.
- the present invention provides a system for storing an object comprising a plurality of storage nodes for storing said object, one or more blockchain nodes for hosting a blockchain for transactions and one or more user clients connected to said storage nodes and said blockchain nodes, wherein
- the client is adapted to encrypt an object to be stored with a key, to compute one or more hash values for said object to be stored, to initiate storing said encrypted object on a plurality of said storage nodes, to compute a transaction for a blockchain, wherein information is encoded in said transaction, said encoded information representing storage location data, said computed one or more hash values and key data, and to initiate storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain to compare a received number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information ins said transaction and stored in the blockchain cannot be modified, said storage nodes being adapted to provide storage location data for said stored object, said blockchain nodes being adapted to store said transaction in a blockchain, provided by one or more blockchain nodes hosting said blockchain to provide a number of confirmations for said transaction by said blockchain.
- the present invention provides a non-transitory computer readable medium storing a program causing a computer to execute a method for storing an object on a plurality of storage nodes, said method comprising the steps of
- the present invention provides a method, performed on a client, for storing an object on a plurality of storage nodes, said method performed in a memory available to said client, said method comprising the steps of
- the present invention provides a non-transitory computer readable medium storing a program causing a computer to execute on a client a method for storing an object on a plurality of storage nodes, said method comprising the steps of
- At least one embodiment has the advantage that a robust and provably authenticated storage system and method is provided. Further at least one embodiment of the present invention has the advantage that no metadata node is required and the storage system can resist up to n ⁇ 1 Byzantine storage nodes out of n storage nodes. At least one embodiment has the advantage of enhancing the performance compared to conventional Byzantine fault tolerant storage systems. At least one embodiment has the advantage of requiring a smaller number of storage nodes and metadata nodes.
- object is to be understood, in particular in the claims, preferably in the description as any kind of information or data.
- blockchain is to be understood, in particular in the claims, preferably in the description as a distributed database maintaining a continuously growing list of data records that are hardened against tampering and revision even by operators of the data storing nodes hosting database.
- a blockchain comprises for example two kinds of records: so-called transactions and so-called blocks.
- Transactions may be the actual data to be stored in the blockchain and blocks may be records confirming when and in what sequence certain transactions became journaled as a part of the blockchain database.
- Transactions may be created by participants and blocks may be created by users who may use specialized software or equipment designed specifically to create blocks.
- the term “blockchain” is e.g. identical to the Bitcoin blockchain as a digital currency was introduced in 2008 and has meanwhile more adoption and attention than any other digital currency up to date. Currently Bitcoin is integrated across several businesses and has several exchange markets.
- Bitcoin is based on the so-called blockchain.
- This blockchain provides a distributed consensus scheme enabling transactions and any other data to be securely stored and verified without any centralized authority.
- a number of applications have already been published.
- blockchain enables the construction of a time-dependent public randomness beacon as disclosed in the non-patent literate of F. Armknecht, J. Bohli, G. O. Karame, Z. Liu, and C. A. Reuter, “Outsourced proofs of retrievability”, in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Ariz., USA, Nov.
- Transactions are basically formed by digitally signing a hash of the previous transaction, where this coin was last spent along with a public key of the future owner and incorporating this signature in the coin as disclosed in the non-patent literature of Ghassan Karame, Elli Androulaki, Srdjan Capkun, “Double-Spending Attacks on Fast Payments in Bitcoin”, in Proceedings of the ACM Conference on Computer and Communications Security (CCS), Chicago, Ill., USA, 2012.
- Any peer can verify the authenticity of a Bitcoin by checking the chain of signatures.
- Transactions may optionally include a text field which can be used to a text to transactions.
- text can be added in form of invalid public keys. That means instead of specifying a valid public key, one can encode text and include the encoded text in this field. Bitcoin enables multi-output transactions and multi-signature transactions, thus enabling large text fields in place of multiple public keys.
- node is to be understood in its broadest sense, preferably in the claims, in particular in the description and indicates any kind of computing device or computing entity, computer or the like.
- storage location data is to be understood in its broadest sense, and refers in particular in the claims, preferably in the description to any kind of information or data which enables to find the location(s) of a stored object on a node, server or the like.
- key data is to be understood in its broadest sense and refers in particular in the claims, preferably in the description to any kind of data which comprises information of, about or being related to encryption and/or decryption keys, master secrets, master secret keys or the like.
- confirmation refers in particular in the claims, preferably in the description to any kind of data or information, indicating acknowledging or confirming correct storage, e.g. in the blockchain.
- threshold number is to be understood as a natural number including zero.
- computing device or “computing entity”, etc. refers in particular in the claims, preferably in the description to a device adapted to perform computing like a personal computer, a tablet, a mobile phone, a server, or the like and may comprise one or more processors having one or more cores and may be connectable to a memory for storing an application which is adapted to perform corresponding steps of one or more of the embodiments of the present invention.
- Any application may be software based and/or hardware based installed in the memory on which the processor(s) can work on.
- the computing devices or computing entities may be adapted in such a way that the corresponding steps to be computed are performed in an optimized way. For instance different steps may be performed in parallel with a single processor on different of its cores.
- computer readable medium may refer to any kind of medium, which can be used together with a computation device or computer and on which information can be stored.
- Said information may be any kind of data e.g. instructions, commands or the like which can be read into a memory of a computer and may be executed by said computer.
- said information may include program code for executing with said computer.
- Examples of a computer readable medium are tapes, CD-ROMs, DVD-ROMs, DVD-RAMs, DVD-RWs, BluRay, DAT, MiniDisk, solid state disks SSD, floppy disks, SD-cards, CF-cards, memory-sticks, USB-sticks, EPROM, EEPROM or the like.
- the key for encryption may be generated and based on a precomputed master secret.
- a master secret enables for example in an easy way to construct a decryption key.
- Encryption of step a) may be performed semantically secure. This enhances the security since an attacker can not draw conclusions about the contents of a ciphertext except the length of the ciphertext.
- Key data may include said precomputed master secret and/or the encryption key itself, wherein said key data may be secured with a passphrase. This enables an efficient construction of a decryption and a later download of the stored object.
- An information dispersal algorithm may be used on the encrypted object to be stored resulting in a first number of chunks such that the encrypted object can be reconstructed from a second number of chunks, said second number being smaller than said first number, wherein in step c) the hash values for the first number of chunks is computed and subsequently used for steps d)-h).
- This enables an erasure-coded storage: A user then may erasure code the encrypted object by using said informational dispersal algorithm so that any m chunks out of the n erasure coded chunks are enough to construct the encrypted object. The user then may compute the individual hashes of each chunk.
- P1, . . . , Pn indicate pointers, pointing to the location of the encrypted object
- E(S) denotes an encrypted master secret.
- a public/private key pair may be provided for a user of a plurality of users, wherein each public key maps to a Bitcoin address and wherein a master key which is used for encryption or an object, is preshared among said plurality of users.
- Authenticated storage refers to a storage system where each entity can prove to another that it has stored a given object. Applications for such authenticated storage are for example court documents, which need to be proven that they are stored by a given entity, any modifications to legal documents, etc.
- To provide said authenticated storage the plurality of users each having a public/private key pair. Each public key maps to a Bitcoin address.
- a user may perform the following steps, under the assumption that all these users have preshared a master key K1.
- a user Prior to storing a version change of object O on the servers, a user encrypts the object O with the preshared master key K1 Enc(K1, O) denoting a semantic secure encryption of object O under key K1.
- the user then proceeds to store object O according to steps a)-h) since users are authenticated—each user is authenticated with each transaction he makes—users can prove to others that they preformed a given modification to a given object like a document, etc.
- Said encryption key and/or master secret used for generating the encryption key may be encrypted and stored in said blockchain.
- This provides a perpetual storage for encryption keys:
- the blockchain is used as inherent storage for keys since they are small in size and they will be stored and replicated usually across millions of blockchain nodes. This has the advantage that keys are unlikely to be lost and due to the blockchain inherent features these keys can never be modified.
- the object to be stored may be a group encryption key defined for a group of users. This allows to provide a public bulletin board: A group key can be derived by a plurality of users using the blockchain as committed and authenticated communication medium.
- the method for retrieving an object may comprise the step G) of upon matching, decrypting the retrieved object using the computed decryption key. This enables to provide the object in clear text when certainty is given, that the object has not been modified.
- the storage node in step E) may be selected randomly. This enables in an easy and efficient way to download the object from one of the storage nodes.
- FIG. 1 shows steps of a method according to an embodiment of the present invention.
- FIG. 1 some steps for providing a dependable and robust storage is shown where a user performs in detail the following steps, assuming n storage nodes SN, for example cloud servers, out of which n ⁇ 1 storage nodes SN can be arbitrarily Byzantine.
- a user U encrypts the object O and computes a corresponding hash value.
- the encrypted object is stored on the storage nodes SN and a transaction is issued in a third step S 3 comprising a hash, storage pointers and encryption keys wherein said transaction is transmitted to the blockchain BC for confirmation.
- Authentication is not needed here but is implicit since nobody can issue a transaction on behalf of the user due to the underlying structure: For example in Bitcoin the issue of a transaction is the only entity who can sign the ownership of a given coin.
- the method shown is secure even if n ⁇ 1 storage nodes N are arbitrarily Byzantine and when a large fraction of blockchain nodes, for example Bitcoin nodes is arbitrarily Byzantine as well as for example disclosed in the non-patent literature of Arthur Gervais, Hubert Ritzdorf, Ghassan O. Karame, HYPERLINK “http://dblp.uni-trier.de/pers/hd/c/Capkun:Srdjan” Srdjan Capkun, IACR Cryptology ePrint Archive 2015: 578 (2015).
- the user can directly detect Byzantine storage SN.
- erasure coded storage is provided, the method for storage is very similar to the aforementioned method with the following differences:
- the user erasure-codes Enc(K,O) using an information dispersal algorithm (IDA) so that any m chunks out of the n erasure codes are enough to construct O.
- IDA information dispersal algorithm
- the user computes the individual hash of each chunk H1, . . . , Hn. After storing the chunks on the n storage servers, the user then stores the following information in the blockchain:
- aforementioned robust storage can be adapted to provide an authenticated storage.
- Authenticated storage refers to a storage system where each entity can prove to another that it had stored a given object. Typical examples are court documents which for example need to be proven that they are stored by a given entity, any modifications to legal documents, etc.
- a setting comprising of m users is assumed, each having a public/private key pair.
- Each public key maps to a Bitcoin address.
- the user performs the following operations assuming that all these users pre-share a master key K1.
- Enc(K1,O) which denotes the semantic secure encryption of object O under key K1.
- the user then proceeds to store O using the methods described in the aforementioned embodiment.
- users are authenticated (each user is authenticated with each transaction he makes), users can prove to others that they performed a given modification to a given document.
- a perpetual storage for encryption keys can be provided using the blockchain providing effective means to securely store encryption keys.
- Techniques range from hardware tokens to paper QR keys, to trusted computing, applications specific to storing keys, etc.
- encryption keys can be encrypted with a passphrase and stored in the blockchain in encrypted form.
- a master key can be stored and encrypted in the blockchain and the remaining keys can be derived from the master key.
- a public bulletin board is provided.
- a group key can be derived by n users by leveraging the blockchain as a committed and authenticated communication medium.
- FIG. 2 shows steps of a method according to a further embodiment of the present invention.
- steps of a method for storing an object on a plurality of storage nodes are shown said method performed in a memory available to one or more computing entities, said method comprising the steps of
- FIG. 3 shows steps of a method according to a further embodiment of the present invention.
- steps of a method for retrieving an object stored according to an embodiment of the present invention comprising the steps of
- the present invention enables storing of metadata in unused transaction outputs and/or unused signature fields in the blockchain in order to
- Embodiments of the present invention may have the advantage of providing a robust and provably authenticated storage system not requiring any metadata node and further which can resist up to n ⁇ 1 Byzantine storage nodes. Embodiments of the present invention further may have the advantage of considerably enhancing the performance compared to conventional Byzantine fault tolerance storage systems or methods requiring considerably the smaller number of storage and metadata nodes.
- the recitation of “at least one of A, B and C” should be interpreted as one or more of a group of elements consisting of A, B and C, and should not be interpreted as requiring at least one of each of the listed elements A, B and C, regardless of whether A, B and C are related as categories or otherwise.
- the recitation of “A, B and/or C” or “at least one of A, B or C” should be interpreted as including any singular entity from the listed elements, e.g., A, any subset from the listed elements, e.g., A and B, or the entire list of elements A, B and C.
Abstract
Description
- This application is a continuation of U.S. patent application Ser. No. 15/756,599 filed on Mar. 1, 2018, which was a U.S. National Stage Entry under 35 U.S.C. § 371 of International Application No. PCT/EP2015/070206 filed on Sep. 4, 2015, both of which are hereby incorporated by reference herein. The International Application was published in English on Mar. 9, 2017 as WO 2017/036546 A1 under PCT Article 21(2).
- The present invention relates to a method for storing an object on a plurality of storage nodes, said method performed in a memory available to one or more computing entities.
- The present invention further relates to a method for retrieving a stored object.
- The present invention further relates to a system for storing an object comprising a plurality of storage nodes for storing said object, one or more blockchain nodes for hosting a blockchain for transactions and one or more user clients connected to said storage nodes and said blockchain nodes.
- Even further the present invention relates to a non-transitory computer readable medium storing a program causing a computer to execute a method for storing an object on a plurality of storing nodes.
- Even further the present invention relates to a method, performed on a client, for storing an object on a plurality of storage nodes.
- Even further the present invention relates to a non-transitory computer readable medium storing a program causing a computer to execute, on a client, a method for storing an object in an object on a plurality of storage nodes.
- Although applicable in general to any kind of secure distributed consensus protocol enabling storing of information being replicated across a plurality of nodes, the present invention will be described with regard to blockchain as secure distributed consensus protocol.
- Due to the increasing complexity of data-serving systems nowadays and an increased criticality of stored data Byzantine-fault tolerance was established as an alternative to crash-fault tolerance since a large spectrum of issues including simple outages, software bucks, misconfigurations and even intrusions can be grouped together under the term “arbitrary failure” respectively “Byzantine failure”.
- For example to implement a robust replicated data store, i.e. guaranteeing correctness under arbitrary failures, in the presence of asynchrony, concurrency and failures, quorum based replication is used. In the non-patent literature of Jean-Philippe Martin, Lorenzo Alvisi, Michael Dahlin “Minimal Byzantine Storage, DISC 2002: 311-325”, it is shown that 3f+1 servers have to be used for Byzantine-fault tolerance off arbitrary failures. To read a correct value, a quorum Qr, i.e. a set of servers Qr, queried by a read operation needs to intersect a quorum Qw updated by a write operation in f+1 servers. That could guarantee that there is at least one correct server in the intersection, since at most f may be fail Byzantine. This translates to the following requirement:
-
|Qr|+|Qw|−n>=f+1, wherein n is the total number of servers to be used. 1) - Furthermore, to avoid indefinitely waiting for crashed servers during a read or a write operation the quorums of servers, Qr and Qw can comprise of at most n−f servers. Since at most f servers may be faulty, n−f servers are guaranteed to eventually reply. This translates to the following requirement:
-
|Qr|=|Qw|<=n−f 2) - By combining the two requirements 1) and 2) this leads to:
-
2n−2f−n>=f+1=>n>=3f+1. - Therefore conventional systems use 3f+1 servers on Byzantine fault-tolerant storage.
- For example, in the non-patent literature of Alysson Neves Bessani, Miguel P. Correia, Bruno Quaresma, Fernando André, Paulo Sousa: DepSky “Dependable and secure storage in a cloud-of-clouds”, EuroSys 2011: 31-46, 3f+1 servers or clouds are used to tolerate the failure up to f servers using Byzantine quorum-based data replication.
- In the further non-patent literature of Miguel Castro, Barbara Liskov “Practical byzantine fault tolerance and proactive recovery”, ACM Trans. Comput. Syst. 20(4): 398-461 (2002) and Dahlia Malkhi, Michael K. Reiter “Byzantine Quorum Systems”, Distributed Computing 11(4): 203-213 (1998) other conventional Byzantine fault tolerance systems are shown.
- Since tolerating Byzantine faults requires f servers more than needed to tolerate only crash failures, one of the problems of byzantine quorum-based data replication are the additional costs compared to crash tolerant systems. For example as shown in the non-patent literature of Rui Fan, Nancy A. Lynch “Efficient Replication of Large Data Objects”, DISC 2003: 75-91, 2f+1 servers are used to tolerate f crashes, yet no byzantine faults can be tolerated.
- Thus, Byzantine-fault tolerance protocols are still complicated and costly to implement. As already mentioned conventional Byzantine-fault tolerance storage system require 3f+1 servers in order to tolerate any f Byzantine nodes to ensure full consistency and is often required that readers contact multiple servers at a time in order to retrieve the most updated version of an object as for example as disclosed in the non-patent literature of Elli Androulaki, Christian Cachin, Dan Dobre, Marko Vukolic, “Erasure-Coded Byzantine Storage with Separate Metadata”, in Proceedings of OPODIS 2014 and in the non-patent literature of Dan Dobre, Ghassan Karame, Wenting Li, Matthias Majuntke, Neeraj Sun, Marko Vukolic “PoWerStore: Proofs of Writing for Efficient and Robust Storage”, in Proceedings of the ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, 2013.
- In an embodiment, the present invention provides a method for storing an object on a plurality of storage nodes. In a step a), an object to be stored is encrypted with a key. In a step b), one or more hash values are computed for the object to be stored. In a step c), the encrypted object is stored on the plurality of storage nodes. In a step d), storage location data is provided for the stored object. In a step e), a transaction is computed for a blockchain, wherein information is encoded in the transaction, the encoded information representing the storage location data, the computed one or more hash values and key data, wherein the key data includes at least one of: (i) a copy of the key and (ii) a copy of a master secret from which the key was derived. In a step f), the transaction is stored in the blockchain, wherein the key data encoded into the blockchain transaction, including the at least one of the copy of the key and the copy of the master secret for deriving the key, is encrypted.
- The present invention will be described in even greater detail below based on the exemplary figures. The invention is not limited to the exemplary embodiments. All features described and/or illustrated herein can be used alone or combined in different combinations in embodiments of the invention. The features and advantages of various embodiments of the present invention will become apparent by reading the following detailed description with reference to the attached drawings which illustrate the following:
-
FIG. 1 shows steps at a method according to an embodiment of the present invention; -
FIG. 2 shows a step of a method according to a further embodiment the present invention; and -
FIG. 3 shows a step of a method according to a further embodiment of the present invention. - Improvements provided by embodiments of the invention include providing a Byzantine-fault tolerance storage system with minimum costs and maximum efficiency.
- In an embodiment the present invention provides a method for storing an object on a plurality of storage nodes, said method performed in a memory available to one or more computing entities, said method comprising the steps of
- a) Encrypting an object to be stored with a key,
- b) Computing one or more hash values for said object to be stored,
- c) Storing said encrypted object on a plurality of said storage nodes,
- d) Providing storage location data for said stored object,
- e) Computing a transaction for a blockchain, wherein information is encoded in said transaction, said encoded information representing storage location data, said computed one or more hash values and key data,
- f) Storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain,
- g) Providing a number of confirmations for said transaction stored in said blockchain by said blockchain nodes,
- h) Comparing said number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information in said transaction stored in the blockchain cannot be modified.
- Said method may be performed in a memory available to one or more computing devices.
- In a further embodiment the present invention provides a method for retrieving an object stored comprising the steps of
- A) Searching for all transactions issued by a user in the blockchain,
- B) Parsing found transactions to obtain the encoded information for said object,
- C) Decrypting key data of the obtained encoded information,
- D) Computing a decryption key based on the decrypted key generation data,
- E) Retrieving the object from a storage node, and
- F) Comparing a hash value of the retrieved object with the hash value computed during storage of the object and upon matching determining that the stored object has not be altered.
- In a further embodiment the present invention provides a system for storing an object comprising a plurality of storage nodes for storing said object, one or more blockchain nodes for hosting a blockchain for transactions and one or more user clients connected to said storage nodes and said blockchain nodes, wherein
- the client is adapted
to encrypt an object to be stored with a key,
to compute one or more hash values for said object to be stored,
to initiate storing said encrypted object on a plurality of said storage nodes,
to compute a transaction for a blockchain, wherein information is encoded in said transaction,
said encoded information representing storage location data, said computed one or more hash values and key data, and
to initiate storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain
to compare a received number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information ins said transaction and stored in the blockchain cannot be modified, said storage nodes being adapted
to provide storage location data for said stored object,
said blockchain nodes being adapted
to store said transaction in a blockchain, provided by one or more blockchain nodes hosting said blockchain
to provide a number of confirmations for said transaction by said blockchain. - In a further embodiment the present invention provides a non-transitory computer readable medium storing a program causing a computer to execute a method for storing an object on a plurality of storage nodes, said method comprising the steps of
-
- a) Encrypting an object to be stored with a key,
- b) Computing one or more hash values for said object to be stored,
- c) Storing said encrypted object on a plurality of said storage nodes,
- d) Providing storage location data for said stored object,
- e) Computing a transaction for a blockchain, wherein information is encoded in said transaction, said encoded information representing storage location data, said computed one or more hash values and key data,
- f) Storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain,
- g) Providing a number of confirmations for said transaction stored in said blockchain by said blockchain,
- h) Comparing said number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information in said transaction stored in the blockchain cannot be modified.
- In a further embodiment the present invention provides a method, performed on a client, for storing an object on a plurality of storage nodes, said method performed in a memory available to said client, said method comprising the steps of
-
- 1) Encrypting an object to be stored with a key,
- 2) Computing one or more hash values for said object to be stored,
- 3) Initiating storing said encrypted object on a plurality of said storage nodes,
- 4) Receiving storage location data for said stored object,
- 5) Computing a transaction for a blockchain, wherein information is encoded in said transaction, said encoded information representing storage location data, said computed one or more hash values and key data,
- 6) Initiating storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain,
- 7) Receiving a number of confirmations for said transaction,
- 8) Comparing said number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information in said transaction and stored in the blockchain cannot be modified.
- In a further embodiment the present invention provides a non-transitory computer readable medium storing a program causing a computer to execute on a client a method for storing an object on a plurality of storage nodes, said method comprising the steps of
-
- 1) Encrypting an object to be stored with a key,
- 2) Computing one or more hash values for said object to be stored,
- 3) Initiating storing said encrypted object on a plurality of said storage nodes,
- 4) Receiving storage location data for said stored object,
- 5) Computing a transaction for a blockchain, wherein information is encoded in said transaction, said encoded information representing storage location data, said computed one or more hash values and key data,
- 6) Initiating storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain,
- 7) Receiving a number of confirmations for said transaction,
- 8) Comparing said number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information in said transaction and stored in the blockchain cannot be modified.
- At least one embodiment has the advantage that a robust and provably authenticated storage system and method is provided. Further at least one embodiment of the present invention has the advantage that no metadata node is required and the storage system can resist up to n−1 Byzantine storage nodes out of n storage nodes. At least one embodiment has the advantage of enhancing the performance compared to conventional Byzantine fault tolerant storage systems. At least one embodiment has the advantage of requiring a smaller number of storage nodes and metadata nodes.
- The term “object” is to be understood, in particular in the claims, preferably in the description as any kind of information or data.
- The term “blockchain” is to be understood, in particular in the claims, preferably in the description as a distributed database maintaining a continuously growing list of data records that are hardened against tampering and revision even by operators of the data storing nodes hosting database. A blockchain comprises for example two kinds of records: so-called transactions and so-called blocks. Transactions may be the actual data to be stored in the blockchain and blocks may be records confirming when and in what sequence certain transactions became journaled as a part of the blockchain database. Transactions may be created by participants and blocks may be created by users who may use specialized software or equipment designed specifically to create blocks. The term “blockchain” is e.g. identical to the Bitcoin blockchain as a digital currency was introduced in 2008 and has meanwhile more adoption and attention than any other digital currency up to date. Currently Bitcoin is integrated across several businesses and has several exchange markets.
- In the last couple of years research concerning Bitcoin was focused on the provisions of Bitcoin as digital currency as disclosed in the non-patent literature of Ghassan Karame, Elli Androulaki, Srdjan Capkun, “Double-Spending Attacks on Fast Payments in Bitcoin”, in Proceedings of the ACM Conference on Computer and Communications Security (CCS), Chicago, Ill., USA, 2012.
- Bitcoin is based on the so-called blockchain. This blockchain provides a distributed consensus scheme enabling transactions and any other data to be securely stored and verified without any centralized authority. A number of applications have already been published. For instant recent studies have shown that blockchain enables the construction of a time-dependent public randomness beacon as disclosed in the non-patent literate of F. Armknecht, J. Bohli, G. O. Karame, Z. Liu, and C. A. Reuter, “Outsourced proofs of retrievability”, in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Ariz., USA, Nov. 3-7, 2014, pages 831-843, 2014, outputting 64 bits of minimal entropy every 10 minutes as disclosed in the non-patent literature of Bitcoin as a public source of randomness, https://docs.google.com/presentation/d/1VWHm4Moza2znhXSOJ8FacfNK2B_vxnfbdZgC5 EpeXFE/view?pli=1#slide=id.g3934beb89_034, 2014.
- In Bitcoin uses execute payments by digitally signing the transactions and are prevented from double-spending their coins, i.e. signing-over the same coin to different users, through a distributed time-stamping service. This service operates on top of the Bitcoin peer-to-peer network ensuring that all transactions and their order of execution are available to all Bitcoin users.
- Transactions are basically formed by digitally signing a hash of the previous transaction, where this coin was last spent along with a public key of the future owner and incorporating this signature in the coin as disclosed in the non-patent literature of Ghassan Karame, Elli Androulaki, Srdjan Capkun, “Double-Spending Attacks on Fast Payments in Bitcoin”, in Proceedings of the ACM Conference on Computer and Communications Security (CCS), Chicago, Ill., USA, 2012.
- Any peer can verify the authenticity of a Bitcoin by checking the chain of signatures. Transactions may optionally include a text field which can be used to a text to transactions. Alternatively text can be added in form of invalid public keys. That means instead of specifying a valid public key, one can encode text and include the encoded text in this field. Bitcoin enables multi-output transactions and multi-signature transactions, thus enabling large text fields in place of multiple public keys.
- The term “node” is to be understood in its broadest sense, preferably in the claims, in particular in the description and indicates any kind of computing device or computing entity, computer or the like.
- The term “storage location data” is to be understood in its broadest sense, and refers in particular in the claims, preferably in the description to any kind of information or data which enables to find the location(s) of a stored object on a node, server or the like.
- The term “key data” is to be understood in its broadest sense and refers in particular in the claims, preferably in the description to any kind of data which comprises information of, about or being related to encryption and/or decryption keys, master secrets, master secret keys or the like.
- The term “confirmation” refers in particular in the claims, preferably in the description to any kind of data or information, indicating acknowledging or confirming correct storage, e.g. in the blockchain.
- The term “threshold number” is to be understood as a natural number including zero.
- The term “computing device” or “computing entity”, etc. refers in particular in the claims, preferably in the description to a device adapted to perform computing like a personal computer, a tablet, a mobile phone, a server, or the like and may comprise one or more processors having one or more cores and may be connectable to a memory for storing an application which is adapted to perform corresponding steps of one or more of the embodiments of the present invention. Any application may be software based and/or hardware based installed in the memory on which the processor(s) can work on. The computing devices or computing entities may be adapted in such a way that the corresponding steps to be computed are performed in an optimized way. For instance different steps may be performed in parallel with a single processor on different of its cores.
- The term “computer readable medium” may refer to any kind of medium, which can be used together with a computation device or computer and on which information can be stored. Said information may be any kind of data e.g. instructions, commands or the like which can be read into a memory of a computer and may be executed by said computer. For example said information may include program code for executing with said computer. Examples of a computer readable medium are tapes, CD-ROMs, DVD-ROMs, DVD-RAMs, DVD-RWs, BluRay, DAT, MiniDisk, solid state disks SSD, floppy disks, SD-cards, CF-cards, memory-sticks, USB-sticks, EPROM, EEPROM or the like.
- Further features, advantages and further embodiments are described or may become apparent in the following:
- The key for encryption may be generated and based on a precomputed master secret. A master secret enables for example in an easy way to construct a decryption key.
- Encryption of step a) may be performed semantically secure. This enhances the security since an attacker can not draw conclusions about the contents of a ciphertext except the length of the ciphertext.
- Key data may include said precomputed master secret and/or the encryption key itself, wherein said key data may be secured with a passphrase. This enables an efficient construction of a decryption and a later download of the stored object.
- An information dispersal algorithm may be used on the encrypted object to be stored resulting in a first number of chunks such that the encrypted object can be reconstructed from a second number of chunks, said second number being smaller than said first number, wherein in step c) the hash values for the first number of chunks is computed and subsequently used for steps d)-h). This enables an erasure-coded storage: A user then may erasure code the encrypted object by using said informational dispersal algorithm so that any m chunks out of the n erasure coded chunks are enough to construct the encrypted object. The user then may compute the individual hashes of each chunk. After storing the m chunks on n storage servers the user may then store the following information in the blockchain: E(S) II G1, . . . , Pn II H1, . . . , Hn wherein P1, . . . , Pn indicate pointers, pointing to the location of the encrypted object and E(S) denotes an encrypted master secret. This provides security even when n-m storage nodes are arbitrarily Byzantine and when a large fraction, for example of Bitcoin nodes is arbitrarily Byzantine. A user can also directly detect said Byzantine storage nodes.
- A public/private key pair may be provided for a user of a plurality of users, wherein each public key maps to a Bitcoin address and wherein a master key which is used for encryption or an object, is preshared among said plurality of users. This enables an authenticated storage: Authenticated storage refers to a storage system where each entity can prove to another that it has stored a given object. Applications for such authenticated storage are for example court documents, which need to be proven that they are stored by a given entity, any modifications to legal documents, etc. In detail: To provide said authenticated storage the plurality of users each having a public/private key pair. Each public key maps to a Bitcoin address. Whenever a user wants to commit a change to a given document then the user may perform the following steps, under the assumption that all these users have preshared a master key K1. Prior to storing a version change of object O on the servers, a user encrypts the object O with the preshared master key K1 Enc(K1, O) denoting a semantic secure encryption of object O under key K1. The user then proceeds to store object O according to steps a)-h) since users are authenticated—each user is authenticated with each transaction he makes—users can prove to others that they preformed a given modification to a given object like a document, etc.
- Said encryption key and/or master secret used for generating the encryption key may be encrypted and stored in said blockchain. This provides a perpetual storage for encryption keys: The blockchain is used as inherent storage for keys since they are small in size and they will be stored and replicated usually across millions of blockchain nodes. This has the advantage that keys are unlikely to be lost and due to the blockchain inherent features these keys can never be modified.
- The object to be stored may be a group encryption key defined for a group of users. This allows to provide a public bulletin board: A group key can be derived by a plurality of users using the blockchain as committed and authenticated communication medium.
- The method for retrieving an object may comprise the step G) of upon matching, decrypting the retrieved object using the computed decryption key. This enables to provide the object in clear text when certainty is given, that the object has not been modified.
- The storage node in step E) may be selected randomly. This enables in an easy and efficient way to download the object from one of the storage nodes.
-
FIG. 1 shows steps of a method according to an embodiment of the present invention. - In
FIG. 1 some steps for providing a dependable and robust storage is shown where a user performs in detail the following steps, assuming n storage nodes SN, for example cloud servers, out of which n−1 storage nodes SN can be arbitrarily Byzantine. - 1. Prior to storing the object O on the storage nodes SN, the user U computes a master secret S, and a key K=H(S∥“Encryption key”).
- 2. The user then computes Enc(K,O), which denotes the semantic secure encryption of object O under key K.
- 3. The user U then stores the encrypted object Enc(K,O) redundantly on the n storage nodes SN and acquires n pointers P1, . . . Pn which point to the location of the encrypted object on each of the n storage nodes, respectively.
- 4. The user encrypts master secret S using a passphrase of this choice. The resulting encryption is denoted as E(S). The user U then encodes the following information in a transaction to be confirmed in the blockchain: E(S)∥P1 . . . Pn∥(Enc(K,O)), where H(.) is a hash function.
- 5. Once the transaction acquires enough confirmation in the blockchain (e.g. six confirmations are enough), the user U is certain that the metadata information i.e. the encoded information in the blockchain can never be modified by any entity.
- 6. To retrieve the information, the user's client searches for all transactions issued by the user U in the blockchain and parses the transactions in order to acquire E(S)∥P1 . . . Pn∥H(Enc(K,O)).
- 7. The user U decrypts S, constructs K, and downloads O from a storage node SN location e.g. picked at random. If the hash of the downloaded object matches H(Enc(K,O)), then the file has not been modified.
- 8. The user U then decrypts the file using K.
- To summarize: In a first step S1 a user U encrypts the object O and computes a corresponding hash value. In a second step S2 the encrypted object is stored on the storage nodes SN and a transaction is issued in a third step S3 comprising a hash, storage pointers and encryption keys wherein said transaction is transmitted to the blockchain BC for confirmation.
- Authentication is not needed here but is implicit since nobody can issue a transaction on behalf of the user due to the underlying structure: For example in Bitcoin the issue of a transaction is the only entity who can sign the ownership of a given coin.
- The method shown is secure even if n−1 storage nodes N are arbitrarily Byzantine and when a large fraction of blockchain nodes, for example Bitcoin nodes is arbitrarily Byzantine as well as for example disclosed in the non-patent literature of Arthur Gervais, Hubert Ritzdorf, Ghassan O. Karame, HYPERLINK “http://dblp.uni-trier.de/pers/hd/c/Capkun:Srdjan” Srdjan Capkun, IACR Cryptology ePrint Archive 2015: 578 (2015). The user can directly detect Byzantine storage SN.
- In another embodiment erasure coded storage is provided, the method for storage is very similar to the aforementioned method with the following differences:
- The user erasure-codes Enc(K,O) using an information dispersal algorithm (IDA) so that any m chunks out of the n erasure codes are enough to construct O. The user computes the individual hash of each chunk H1, . . . , Hn. After storing the chunks on the n storage servers, the user then stores the following information in the blockchain:
-
E(S)∥P1 . . . Pn∥H1 . . . Hn - This scheme is secure even when n-m storage nodes are arbitrarily Byzantine, and when a large fraction of Bitcoin nodes is arbitrarily Byzantine as disclosed in the non-patent literature of Arthur Gervais, Hubert Ritzdorf, Ghassan O. Karame, Srdjan Capkun, IACR Cryptology ePrint Archive 2015: 578 (2015). The user can directly detect Byzantine storage nodes.
- In another embodiment, aforementioned robust storage can be adapted to provide an authenticated storage. Authenticated storage refers to a storage system where each entity can prove to another that it had stored a given object. Typical examples are court documents which for example need to be proven that they are stored by a given entity, any modifications to legal documents, etc.
- To construct an authenticated storage, a setting comprising of m users is assumed, each having a public/private key pair. Each public key maps to a Bitcoin address. Whenever the user wants to commit a change to a given document, then the user performs the following operations assuming that all these users pre-share a master key K1.
- Prior to storing version change O on the servers, the user computes Enc(K1,O), which denotes the semantic secure encryption of object O under key K1. The user then proceeds to store O using the methods described in the aforementioned embodiment.
- Since users are authenticated (each user is authenticated with each transaction he makes), users can prove to others that they performed a given modification to a given document.
- In a further embodiment a perpetual storage for encryption keys can be provided using the blockchain providing effective means to securely store encryption keys. Techniques range from hardware tokens to paper QR keys, to trusted computing, applications specific to storing keys, etc.
- An inherent storage for keys using said blockchain is enabled since they are small in size and they will be stored replicated across millions of nodes. That is, these keys are unlikely to be lost. Moreover, due to the blockchain nature, these keys can never be modified.
- As described above, encryption keys can be encrypted with a passphrase and stored in the blockchain in encrypted form. Alternatively, only a master key can be stored and encrypted in the blockchain and the remaining keys can be derived from the master key.
- In a further embodiment a public bulletin board is provided. A group key can be derived by n users by leveraging the blockchain as a committed and authenticated communication medium.
- In a further embodiment the present invention provides a method comprising the steps of
- 1. Encrypting object with a key and storing the encrypted object on storage nodes.
- 2. Computing the encrypted object hash, and the storage pointers, and encrypting the encryption key with a passphrase.
- 3. Issuing a transaction where the outputs and/or the multi-sig fields encode the hash, URI pointers and encrypted key.
- 4. Waiting till the issued transaction is confirmed and permanently stored in the blockchain.
- 5. To retrieve the object, the user first fetches the issued transaction (by searching over the issuer's address field), acquires the storage pointers, then uses those to fetch the object from the storage node, then checks the object hash, and if the verification passes, the user decrypts the object using the key.
-
FIG. 2 shows steps of a method according to a further embodiment of the present invention. - In
FIG. 2 steps of a method for storing an object on a plurality of storage nodes are shown said method performed in a memory available to one or more computing entities, said method comprising the steps of - a) Encrypting an object to be stored with a key,
- b) Computing one or more hash values for said object to be stored,
- c) Storing said encrypted object on a plurality of said storage nodes,
- d) Providing storage location data for said stored object,
- e) Computing a transaction for a blockchain, wherein information is encoded in said transaction, said encoded information representing storage location data, said computed one or more hash values and key data,
- f) Storing said transaction in a blockchain provided by one or more blockchain nodes hosting said blockchain,
- g) Providing a number of confirmations for said transaction by said blockchain,
- h) Comparing said number of confirmations with a predefined threshold confirmation number, wherein said predefined threshold confirmation number is computed such, that with a pregiven certainty the encoded information in said transaction and stored in the blockchain cannot be modified.
-
FIG. 3 shows steps of a method according to a further embodiment of the present invention. - In
FIG. 3 steps of a method for retrieving an object stored according to an embodiment of the present invention, comprising the steps of - A) searching for all transactions issued by a user in the blockchain,
- B) parsing found transactions to obtain the encoded information for said object,
- C) Decrypting key generation data,
- D) Computing a decryption key based on the decrypted key generation data,
- E) Retrieving the object from a storage node, and
- F) Comparing the hash value of the retrieved object with the hash value computed during storage of the object and upon matching determining that the stored object has not be altered.
- The present invention enables storing of metadata in unused transaction outputs and/or unused signature fields in the blockchain in order to
-
- construct a durable reliable robust and Byzantine resilient storage,
- an authenticated storage system, wherein each entity can prove that it committed changes in a document and wherein the order and timestamp of the changes can be securely kept and recorded in spite of malicious entities, and
- an efficient perpetual storage for encryption keys.
- Embodiments of the present invention may have the advantage of providing a robust and provably authenticated storage system not requiring any metadata node and further which can resist up to n−1 Byzantine storage nodes. Embodiments of the present invention further may have the advantage of considerably enhancing the performance compared to conventional Byzantine fault tolerance storage systems or methods requiring considerably the smaller number of storage and metadata nodes.
- Many modifications and other embodiments of the invention set forth herein will come to mind to the one skilled in the art to which the invention pertains having the benefit of the teachings presented in the foregoing description and the associated drawings. Therefore, it is to be understood that the invention is not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
- While the invention has been illustrated and described in detail in the drawings and foregoing description, such illustration and description are to be considered illustrative or exemplary and not restrictive. It will be understood that changes and modifications may be made by those of ordinary skill within the scope of the following claims. In particular, the present invention covers further embodiments with any combination of features from different embodiments described above and below. Additionally, statements made herein characterizing the invention refer to an embodiment of the invention and not necessarily all embodiments.
- The terms used in the claims should be construed to have the broadest reasonable interpretation consistent with the foregoing description. For example, the use of the article “a” or “the” in introducing an element should not be interpreted as being exclusive of a plurality of elements. Likewise, the recitation of “or” should be interpreted as being inclusive, such that the recitation of “A or B” is not exclusive of “A and B,” unless it is clear from the context or the foregoing description that only one of A and B is intended. Further, the recitation of “at least one of A, B and C” should be interpreted as one or more of a group of elements consisting of A, B and C, and should not be interpreted as requiring at least one of each of the listed elements A, B and C, regardless of whether A, B and C are related as categories or otherwise. Moreover, the recitation of “A, B and/or C” or “at least one of A, B or C” should be interpreted as including any singular entity from the listed elements, e.g., A, any subset from the listed elements, e.g., A and B, or the entire list of elements A, B and C.
Claims (15)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/993,633 US20200374126A1 (en) | 2015-09-04 | 2020-08-14 | Method for storing an object on a plurality of storage nodes |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2015/070206 WO2017036546A1 (en) | 2015-09-04 | 2015-09-04 | Method for storing an object on a plurality of storage nodes |
US201815756599A | 2018-03-01 | 2018-03-01 | |
US16/993,633 US20200374126A1 (en) | 2015-09-04 | 2020-08-14 | Method for storing an object on a plurality of storage nodes |
Related Parent Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/756,599 Continuation US10785033B2 (en) | 2015-09-04 | 2015-09-04 | Method for storing an object on a plurality of storage nodes |
PCT/EP2015/070206 Continuation WO2017036546A1 (en) | 2015-09-04 | 2015-09-04 | Method for storing an object on a plurality of storage nodes |
Publications (1)
Publication Number | Publication Date |
---|---|
US20200374126A1 true US20200374126A1 (en) | 2020-11-26 |
Family
ID=54260717
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/756,599 Active 2036-01-18 US10785033B2 (en) | 2015-09-04 | 2015-09-04 | Method for storing an object on a plurality of storage nodes |
US16/993,633 Abandoned US20200374126A1 (en) | 2015-09-04 | 2020-08-14 | Method for storing an object on a plurality of storage nodes |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/756,599 Active 2036-01-18 US10785033B2 (en) | 2015-09-04 | 2015-09-04 | Method for storing an object on a plurality of storage nodes |
Country Status (3)
Country | Link |
---|---|
US (2) | US10785033B2 (en) |
EP (1) | EP3345360B1 (en) |
WO (1) | WO2017036546A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220284525A1 (en) * | 2018-09-06 | 2022-09-08 | Side, Inc. | Multi-tier blockchain-based system and method for document transformation and accountability |
Families Citing this family (78)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10721058B2 (en) * | 2015-08-04 | 2020-07-21 | Charlie Housholder | Ultra-secure blockchain enabled analytics |
US10114969B1 (en) * | 2015-08-04 | 2018-10-30 | Jordan White Chaney | Ultra-secure blockchain-based electronic information transfer system |
US20180089651A9 (en) * | 2015-11-06 | 2018-03-29 | Cable Television Laboratories, Inc | Blockchaining systems and methods for frictionless media |
US20170134161A1 (en) * | 2015-11-06 | 2017-05-11 | Cable Television Laboratories, Inc | Blockchaining for media distribution |
US10127399B1 (en) * | 2015-12-29 | 2018-11-13 | EMC IP Holding Company LLC | Secrets as a service |
MX2019002573A (en) * | 2016-09-09 | 2019-08-01 | Microsoft Technology Licensing Llc | Tracing objects across different parties. |
CN109716707B (en) * | 2016-09-27 | 2022-06-03 | 维萨国际服务协会 | Server apparatus and method for distributed electronic recording and transaction history |
US11159334B2 (en) * | 2016-10-04 | 2021-10-26 | International Business Machines Corporation | Distribution of software signatures using a community catalog based on blockchain |
US10938571B2 (en) * | 2016-10-26 | 2021-03-02 | Acronis International Gmbh | System and method for verification of data transferred among several data storages |
US10628268B1 (en) * | 2016-12-15 | 2020-04-21 | EMC IP Holding Company LLC | Proof of data replication consistency using blockchain |
CN110383760A (en) * | 2017-01-03 | 2019-10-25 | 斯塔万格大学 | User's control, distributing, distribution and safety content distribution |
CN107239479B (en) | 2017-03-28 | 2020-03-13 | 创新先进技术有限公司 | Block chain based data storage and query method and device |
WO2018187410A1 (en) * | 2017-04-07 | 2018-10-11 | Walmart Apollo, Llc | Systems and methods for data backup and authentication using blockchain |
US10819501B2 (en) * | 2017-05-23 | 2020-10-27 | Centurylink Intellectual Property Llc | Validating one or more blockchains without ledger limitations |
US10944546B2 (en) | 2017-07-07 | 2021-03-09 | Microsoft Technology Licensing, Llc | Blockchain object interface |
CN107276754B (en) * | 2017-07-10 | 2020-05-05 | 北京云知科技有限公司 | Method and device for generating a large number of private keys based on block chain |
US10795977B2 (en) * | 2017-08-24 | 2020-10-06 | Oracle International Corporation | Digital asset traceability and assurance using a distributed ledger |
US11251975B1 (en) * | 2017-09-27 | 2022-02-15 | Seagate Technology Llc | Block chain based trusted security infrastructure |
US10318957B2 (en) * | 2017-10-23 | 2019-06-11 | Capital One Services, Llc | Customer identification verification process |
US10601598B2 (en) * | 2017-11-02 | 2020-03-24 | Keir Finlow-Bates | System and method for storing the location on a blockchain of a hash of a digital item within said digital item |
US11429967B2 (en) * | 2018-03-13 | 2022-08-30 | Nec Corporation | Mechanism for efficient validation of finality proof in lightweight distributed ledger clients |
CN110990407B (en) * | 2018-04-27 | 2020-11-10 | 腾讯科技(深圳)有限公司 | Block chain based data storage method and device, server and storage medium |
CN108647968A (en) * | 2018-05-10 | 2018-10-12 | 阿里巴巴集团控股有限公司 | A kind of block chain data processing method, device, processing equipment and system |
US11188920B2 (en) | 2018-05-23 | 2021-11-30 | International Business Machines Corporation | Autocommit transaction management in a blockchain network |
WO2019236637A1 (en) * | 2018-06-06 | 2019-12-12 | Argosoperem Llc | Blockchain structure for an intellectual property exchange including a pointer to an oracle and user interface therefor |
CN110196682B (en) * | 2018-06-15 | 2022-03-18 | 腾讯科技(深圳)有限公司 | Data management method and device, computing equipment and storage medium |
CN110674128B (en) * | 2018-07-02 | 2023-12-15 | 国际商业机器公司 | On-chain governance of blockchain |
KR102209178B1 (en) * | 2018-07-17 | 2021-01-29 | 이윤경 | Method for preserving and utilizing genome and genome information |
CN109190384B (en) * | 2018-07-26 | 2022-02-22 | 百色学院 | Multi-center block chain fusing protection system and method |
US10410190B1 (en) * | 2018-07-31 | 2019-09-10 | Morgan Stanley Services Group Inc. | Network of computing nodes and a method of operating the computing nodes to effectuate real-time bank account-to-bank account money transfer |
US10839395B2 (en) | 2018-07-31 | 2020-11-17 | Americorp Investments Llc | Techniques for expediting processing of blockchain transactions |
CN109194718A (en) * | 2018-08-09 | 2019-01-11 | 玄章技术有限公司 | A kind of block chain network and its method for scheduling task |
JP7073977B2 (en) * | 2018-08-09 | 2022-05-24 | 日本電信電話株式会社 | Message information management system, message information management method, message information management device and message information management program |
IT201800008095A1 (en) * | 2018-08-14 | 2018-11-14 | Crio Solutions Srl | Procedure for certifying the existence of resources |
US20210306158A1 (en) * | 2018-08-14 | 2021-09-30 | Crio Solutions S.R.L. | Certification system and certification method for certifying the existence of a digitial content |
CN109345386B (en) | 2018-08-31 | 2020-04-14 | 阿里巴巴集团控股有限公司 | Transaction consensus processing method and device based on block chain and electronic equipment |
US10951408B2 (en) * | 2018-09-05 | 2021-03-16 | Nec Corporation | Method and system for publicly verifiable proofs of retrievability in blockchains |
US11232221B2 (en) * | 2018-09-17 | 2022-01-25 | International Business Machines Corporation | Right to be forgotten on an immutable ledger |
US20210375409A1 (en) * | 2018-10-19 | 2021-12-02 | Longenesis Ltd. | Systems and methods for blockchain-based health data validation and access management |
US20200136809A1 (en) * | 2018-10-30 | 2020-04-30 | Xanadu Big Data, Llc | Systems and methods for decentralized distributed storage using blockchain |
CN111125724A (en) * | 2018-10-31 | 2020-05-08 | 崔旭 | Independent rights and interests data set transaction method and system based on block chain technology |
CN111198784B (en) * | 2018-11-16 | 2024-04-23 | 杭州海康威视系统技术有限公司 | Data storage method and device |
US10949388B2 (en) | 2018-11-16 | 2021-03-16 | Advanced Messaging Technologies, Inc. | Systems and methods for distributed data storage and delivery using blockchain |
MX2019008861A (en) * | 2018-12-13 | 2019-09-11 | Alibaba Group Holding Ltd | Achieving consensus among network nodes in a distributed system. |
AU2018348335B2 (en) | 2018-12-13 | 2020-07-30 | Advanced New Technologies Co., Ltd. | Performing a recovery process for a network node in a distributed system |
CA3053208C (en) | 2018-12-13 | 2020-10-06 | Alibaba Group Holding Limited | Performing a change of primary node in a distributed system |
US11133983B2 (en) * | 2018-12-14 | 2021-09-28 | T-Mobile Usa, Inc. | Provisioning edge devices in a mobile carrier network as compute nodes in a blockchain network |
US11057240B2 (en) | 2018-12-20 | 2021-07-06 | Rolls-Royce North American Technologies Inc. | Method and process for securing an executable image |
KR20200085095A (en) * | 2019-01-04 | 2020-07-14 | 삼성전자주식회사 | Electronic apparatus and method for managing data based on block chain |
CN109684861A (en) * | 2019-01-11 | 2019-04-26 | 阳光电源股份有限公司 | Multi-energy data storage method, system and data audit center based on block chain |
CN111694502B (en) * | 2019-03-14 | 2023-05-30 | 北京沃东天骏信息技术有限公司 | Block chain data storage method, device, equipment and storage medium |
SG11201908853YA (en) | 2019-03-18 | 2019-10-30 | Alibaba Group Holding Ltd | System and method for ending view change protocol |
AU2019203862B2 (en) | 2019-03-18 | 2020-07-09 | Advanced New Technologies Co., Ltd. | System and method for ending view change protocol |
CA3061265C (en) * | 2019-04-03 | 2022-03-08 | Alibaba Group Holding Limited | Processing and storing blockchain data under a trusted execution environment |
US20220215394A1 (en) * | 2019-05-24 | 2022-07-07 | Gwangju Institute Of Science And Technology | Transaction verification system for blockchain, and transaction verification method for blockchain |
WO2019179538A2 (en) | 2019-07-11 | 2019-09-26 | Alibaba Group Holding Limited | Shared blockchain data storage |
CN111108478B (en) * | 2019-07-11 | 2023-11-21 | 创新先进技术有限公司 | Method, system and apparatus for communicating and sharing blockchain data |
WO2019179540A2 (en) | 2019-07-11 | 2019-09-26 | Alibaba Group Holding Limited | Shared blockchain data storage |
CN111033491B (en) | 2019-08-01 | 2023-06-30 | 创新先进技术有限公司 | Storing shared blockchain data based on error correction coding |
SG11202002912XA (en) | 2019-08-01 | 2021-03-30 | Advanced New Technologies Co Ltd | Shared blockchain data storage based on error correction code |
WO2021016998A1 (en) | 2019-08-01 | 2021-02-04 | Advanced New Technologies Co., Ltd. | Shared blockchain data storage based on error correction code |
CN110430194B (en) * | 2019-08-06 | 2022-04-15 | 腾讯科技(深圳)有限公司 | Information verification method, chess and card information verification method and device |
US11456874B2 (en) | 2019-09-19 | 2022-09-27 | Denso International America, Inc. | Vehicle control system for cybersecurity and financial transactions |
US11516147B2 (en) * | 2019-10-02 | 2022-11-29 | Red Hat, Inc. | Blockchain-based dynamic storage provisioner |
KR20210046187A (en) * | 2019-10-18 | 2021-04-28 | 삼성에스디에스 주식회사 | Method for associating data between a plurality of blockchain networks and apparatus thereof |
CN112866981B (en) * | 2019-11-08 | 2022-04-22 | 华为技术有限公司 | Method and device for managing subscription data |
US11368285B2 (en) | 2019-12-05 | 2022-06-21 | International Business Machines Corporation | Efficient threshold storage of data object |
CN111222165B (en) * | 2020-01-10 | 2022-09-23 | 北京百度网讯科技有限公司 | Multi-party computing method, device, equipment and medium based on block chain |
WO2020143854A2 (en) | 2020-04-22 | 2020-07-16 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
EP3834157B1 (en) * | 2020-04-22 | 2023-09-13 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
SG11202103218YA (en) | 2020-04-22 | 2021-04-29 | Alipay Hangzhou Inf Tech Co Ltd | Managing transaction requests in ledger systems |
US11641665B2 (en) | 2020-09-09 | 2023-05-02 | Self Financial, Inc. | Resource utilization retrieval and modification |
US20220075877A1 (en) | 2020-09-09 | 2022-03-10 | Self Financial, Inc. | Interface and system for updating isolated repositories |
CN112307127B (en) * | 2020-11-24 | 2024-04-02 | 圆通速递有限公司 | Logistics block chain data storage method and system |
WO2022109840A1 (en) * | 2020-11-25 | 2022-06-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Blockchain-based trusted platform |
US11271716B1 (en) * | 2021-01-28 | 2022-03-08 | Emtruth, Inc. | Blockchain-based data management of distributed binary objects |
CN112968940A (en) * | 2021-01-30 | 2021-06-15 | 银盛通信有限公司 | Internet transaction data storage method based on partition authentication technology |
CN113065965A (en) * | 2021-04-23 | 2021-07-02 | 深圳壹账通智能科技有限公司 | Block chain transaction processing method, device, equipment and storage medium for multi-party confirmation |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130138706A1 (en) * | 2011-11-28 | 2013-05-30 | Cleversafe, Inc. | Creating a New File for a Dispersed Storage Network |
US20150006895A1 (en) * | 2009-06-01 | 2015-01-01 | Maidsafe Foundation | Distributed network system |
US20170017955A1 (en) * | 2015-07-14 | 2017-01-19 | Fmr Llc | Point-to-Point Transaction Guidance Apparatuses, Methods and Systems |
US10211977B1 (en) * | 2013-02-12 | 2019-02-19 | Amazon Technologies, Inc. | Secure management of information using a security module |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014147085A2 (en) | 2013-03-20 | 2014-09-25 | Nec Europe Ltd. | Method and system for byzantine fault tolerant data replication |
US10963881B2 (en) * | 2015-05-21 | 2021-03-30 | Mastercard International Incorporated | Method and system for fraud control of blockchain-based transactions |
-
2015
- 2015-09-04 US US15/756,599 patent/US10785033B2/en active Active
- 2015-09-04 WO PCT/EP2015/070206 patent/WO2017036546A1/en unknown
- 2015-09-04 EP EP15775632.1A patent/EP3345360B1/en active Active
-
2020
- 2020-08-14 US US16/993,633 patent/US20200374126A1/en not_active Abandoned
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150006895A1 (en) * | 2009-06-01 | 2015-01-01 | Maidsafe Foundation | Distributed network system |
US20130138706A1 (en) * | 2011-11-28 | 2013-05-30 | Cleversafe, Inc. | Creating a New File for a Dispersed Storage Network |
US10211977B1 (en) * | 2013-02-12 | 2019-02-19 | Amazon Technologies, Inc. | Secure management of information using a security module |
US20170017955A1 (en) * | 2015-07-14 | 2017-01-19 | Fmr Llc | Point-to-Point Transaction Guidance Apparatuses, Methods and Systems |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220284525A1 (en) * | 2018-09-06 | 2022-09-08 | Side, Inc. | Multi-tier blockchain-based system and method for document transformation and accountability |
US11676229B2 (en) | 2018-09-06 | 2023-06-13 | Side, Inc. | System and method for document transformation and accountability |
US11734781B2 (en) | 2018-09-06 | 2023-08-22 | Side, Inc. | Single-tier blockchain-based system and method for document transformation and accountability |
US11748831B2 (en) | 2018-09-06 | 2023-09-05 | Side, Inc. | System and method for document transformation |
US11803923B1 (en) | 2018-09-06 | 2023-10-31 | Side, Inc. | Blockchain-based system and method for purchase document transformation and accountability |
US11869107B2 (en) * | 2018-09-06 | 2024-01-09 | Side, Inc. | Multi-tier blockchain-based system and method for document transformation and accountability |
Also Published As
Publication number | Publication date |
---|---|
EP3345360A1 (en) | 2018-07-11 |
WO2017036546A1 (en) | 2017-03-09 |
US20180191502A1 (en) | 2018-07-05 |
US10785033B2 (en) | 2020-09-22 |
EP3345360B1 (en) | 2021-03-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20200374126A1 (en) | Method for storing an object on a plurality of storage nodes | |
EP3673620B1 (en) | Shared blockchain data storage | |
EP3669280B1 (en) | Shared blockchain data storage | |
KR102051288B1 (en) | Methods and systems for verifying the integrity of digital assets using distributed hash tables and peer-to-peer distributed ledgers | |
Zafar et al. | A survey of cloud computing data integrity schemes: Design challenges, taxonomy and future trends | |
TWI737392B (en) | Computer-implemented method for processing blockchain data by a blockchain node of a blockchain network in a trusted execution environment (tee), system communicating shared blockchain data and apparatus for communicating shared blockchain data | |
TWI729880B (en) | Shared blockchain data storage based on error correction coding in trusted execution environments | |
CN111837115A (en) | Shared blockchain data storage | |
JP7047133B2 (en) | Indexing and restoration of coded blockchain data | |
WO2010144735A2 (en) | Secure and private backup storage and processing for trusted computing and data services | |
CN111295650A (en) | Performing mapping iterations in a blockchain based system | |
CN111656386B (en) | Managing transaction requests in ledger system | |
Tasnim et al. | Crab: Blockchain based criminal record management system | |
EP3794532B1 (en) | Shared blockchain data storage based on error correction code | |
CN111066019A (en) | Processing data elements stored in a blockchain network | |
US20210279358A1 (en) | Cryptographic data entry blockchain data structure | |
CN111226209A (en) | Performing mapping iterations in a blockchain based system | |
CN111630545B (en) | Managing transaction requests in ledger system | |
Periasamy et al. | Efficient hash function–based duplication detection algorithm for data Deduplication deduction and reduction | |
He et al. | Public integrity auditing for dynamic regenerating code based cloud storage | |
CN111630549B (en) | Managing transaction requests in ledger system | |
CN114793237B (en) | Smart city data sharing method, device and medium based on block chain technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NEC LABORATORIES EUROPE GMBH, GERMANY Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:KARAME, GHASSAN;REEL/FRAME:053609/0856 Effective date: 20180130 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
AS | Assignment |
Owner name: NEC CORPORATION, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NEC LABORATORIES EUROPE GMBH;REEL/FRAME:059483/0221 Effective date: 20200817 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |