WO2018109010A1 - P2p network data distribution and retrieval using blockchain log - Google Patents

P2p network data distribution and retrieval using blockchain log Download PDF

Info

Publication number
WO2018109010A1
WO2018109010A1 PCT/EP2017/082625 EP2017082625W WO2018109010A1 WO 2018109010 A1 WO2018109010 A1 WO 2018109010A1 EP 2017082625 W EP2017082625 W EP 2017082625W WO 2018109010 A1 WO2018109010 A1 WO 2018109010A1
Authority
WO
WIPO (PCT)
Prior art keywords
secret
shares
message
secret shares
file
Prior art date
Application number
PCT/EP2017/082625
Other languages
French (fr)
Inventor
Uwe Roth
Original Assignee
Luxembourg Institute Of Science And Technology (List)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Luxembourg Institute Of Science And Technology (List) filed Critical Luxembourg Institute Of Science And Technology (List)
Priority to EP17821863.2A priority Critical patent/EP3556045B1/en
Priority to ES17821863T priority patent/ES2817433T3/en
Publication of WO2018109010A1 publication Critical patent/WO2018109010A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1074Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
    • H04L67/1078Resource delivery mechanisms
    • H04L67/108Resource delivery mechanisms characterised by resources being split in blocks or fragments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • the invention is directed to the field of computer peer-to-peer networks and more particularly to the field of data sharing between different partners or peer nodes through a computer network.
  • Peer-to-peer (P2P) technologies constitute an alternative to traditional centralized information systems because of their potential to scale to realistic sizes and their inherent fault-tolerances.
  • computers communicate directly with each other, rather than through servers that can become performance bottlenecks and single points of failure.
  • Self-organizing P2P networks have proven highly adaptable to changes in network connectivity and resilient to node or network failures. While current P2P technology may provide scalable and robust distributed data object storage, current P2P solutions are not widely used due, at least in part, to security concerns.
  • P2P networks are generally used for freely sharing data, such as information or music.
  • P2P networks generally do not provide the needed security and access control with query functionality that is required for more sophisticated information systems.
  • Prior art patent document published US 2005/0240591 A1 discloses a peer-to-peer networking system forming a large repository with a distributed object data access mechanism granting access to data objects to authorized users.
  • the data can be split and distributed according to a hash table to different peer nodes.
  • the data can also be encrypted using a secret encryption key that is split into a series of secret shares distributed among the peer nodes. By retrieving these secret shares, the corresponding secret key can be reconstructed and the encrypted data can be decrypted and accessed to.
  • This provides the advantage that a complete version of the secret encryption key is never transmitted across the network. The security of such a network remains however limited in that a malicious node could request copies of each of the secret shares for reconstructing the encryption key.
  • the invention has for technical problem to provide to a solution to at least one shortcoming of the above cited prior art. More specifically, the invention has for technical problem to provide a P2P network with an increased security and transparency with regard to the access by a peer node to encrypted data.
  • the invention is directed to a method of distributing and retrieving data on a computer network with peer nodes, comprising: (a) encrypting, with a secret key, a file containing said data; (b) splitting the encrypted file into blocks and splitting the secret key into secret shares; (c) distributing the blocks and the secret shares to the peer nodes; (d) upon request of a client to access the file, retrieving via one of the peer nodes the encrypted blocks for reconstructing the encrypted file, retrieving at least some of the secret shares for reconstructing the secret key, and decrypting the encrypted file with the reconstructed secret key; wherein the peer nodes share a blockchain so as to form a blockchain network; and at step (a), the secret shares are transmitted to the peer nodes via messages sent over the blockchain network; and at step (d), requesting and retrieving the secret shares is done via messages sent over the blockchain network.
  • the blockchain forms a decentralized ledger storing information forever without any possibility of fraudulent or hidden addition, change or deletion of content.
  • a blockchain is to be understood as a database or data structure of data records with the following properties:
  • Each node of a blockchain network maintains a copy of the database or data structure.
  • a majority of equal nodes reach consensus about the current state of the database or data structure.
  • For each two data records in the agreed database or data structure it is known which of the two data records was added earlier and which was added later to the agreed database or data structure.
  • a new data record that is added to the agreed database or data structure is the latest data record in the agreed database or data structure and it is not possible to add a data record to the agreed database or data structure in a way, that any other existing data record in the agreed database or data structure is seen as a data record that was added later to the agreed database or data structure.
  • a blockchain log is a decentralized message log stored inside a blockchain.
  • said secret shares are encrypted with a public key of the peer node that is the recipient of said message.
  • the public key is a key of an asymmetric cryptography that uses pairs of keys, i.e. public keys that may be disseminated widely, and private keys, which are known only to the owner.
  • each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively contains information identifying the peer node sending the message, identifying the peer node(s) recipient of said message, and identifying the secret share that is transmitted or retrieved, said information being publicly accessible to all peer nodes of the network.
  • the information identifying the secret share in each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively identifies the number of the secret share in relation with the secret key, and the file associated with said secret share.
  • the information identifying the secret share in each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively identifies the version of the secret share.
  • a version of secret shares can be revoked by a message send from one of the peer nodes to all remaining nodes.
  • each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively is digitally signed, e.g. with a certificate, by the peer node that sends the message.
  • step (d) comprises a message of request of secret shares sent from one peer node to all remaining peer nodes, prior to messages of retrieval of said secret shares sent from said remaining peer nodes.
  • the blockchain contains all messages of transmittal, request and retrieval of the secret shares at steps
  • the messages are contained in a hash tree of the blockchain.
  • the secret key is split into k secret shares on the basis of a Secret Sharing technique, e.g.
  • k is the current number of nodes in the network.
  • each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, contains information identifying the secret share, and the values n and / of said secret share.
  • each peer node comprises a unique identifier, a data storage space, a networks manager, and preferably a specific public key.
  • the blocks and the secret shares are stored on the data storage space of the peer nodes.
  • the secret key is randomly generated, preferably with salts.
  • step (c) the blocks are associated to peer nodes based on a Distributed Hash Table algorithm, step (c) producing a hash block distribution scheme that is distributed to each peer node.
  • the invention is also directed to a computer program comprising instructions that are executable by a computer, wherein the instructions are configured for executing the steps of the method according to the invention when running on said computer.
  • the invention is also directed to a computer data storage server, preferably of the Network-Attached Storage type, with storage medium and wherein the storage medium comprises a computer program according to the invention.
  • the invention is also directed to a computer network with peer nodes, each peer node comprises a unique identifier, a data storage space, a networks manager, and preferably a public key and a private key; each networks manager being configured for executing the method according to the invention.
  • the invention is particularly interesting in that the provider of files in the network does not need to be reachable during the access of the data while being able to trace the access to its files by the network partners. Also, access to the files is not restricted to only some nodes but well to all nodes. No particular authorisation is required. Also no central managing and controlling instance is required.
  • Blockchain technology is usually used for transferring assets (e.g., bitcoins) between partners.
  • assets e.g., bitcoins
  • That technology is implemented in a particular manner so as to provide a complete ledger or logger of all information exchanged in relation with the secret shares for decrypting the data, without the need of a central logging instance.
  • Request for and access to secret shares by a node are put on the same level as having undeniable access to the unencrypted file by that node.
  • Figure 1 illustrates the architecture of a P2P network that operates a method for distributing and retrieving data according to the invention.
  • Figure 2 is a flow chart illustrating the encryption of a file, according to the invention.
  • Figure 3 illustrates the structure of the file storage tables on each peer node of the network, according to the invention.
  • Figure 4 illustrates the structure of the secret storage tables on each peer node of the network, according to the invention.
  • Figure 5 illustrates an exemplary structure of a blockchain log on the network of figure 1 , in accordance with the invention.
  • Figure 6 is a flow chart illustrating the retrieval and decryption of a file according to the invention.
  • Figure 7 illustrates different messages sent on the blockchain network of figure 1 , in accordance with the invention.
  • FIG. 1 An embodiment of the invention will be described in relation with figures 1 to 7.
  • reference numbers are used for designating physical elements and also information elements like file ID, secret share, etc.
  • different reference numbers are used designating the same information at different points of time and/or at different locations in the computer storage and/or treatment of the information. This is for the sake of clarity and shall not be construed as a lack of consistency.
  • FIG. 1 illustrates the architecture of a P2P network in accordance with the invention.
  • the network forms a shared data pool 1 comprising a series of Distributed Network Storage Systems 5 and 15, forming peer nodes.
  • Each node 5 and 15 owns a unique identifier or Node ID 12 and a key pair that consist of a Private Key 14 and a Public Key 13.
  • the Private and Public Key form an asymmetric cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. Such systems are as such well known to the skilled person.
  • the Node ID 12 and the Public Key 13 are known by the other nodes, while the Private Key 14 is kept secret in the node.
  • Each node 5 and 15 comprises a Networks Manager 6 and a data internal Storage 7.
  • the Networks Manager 6 of a node manages two networks: a Blockchain Network 4 that is used to have a synchronised and agreed Blockchain Log 10 via all nodes and a Distributed Hash Table Network 2 that is used to distribute files amongst partner nodes.
  • Blockchain technology is as such known to the skilled person, in particular for transferring assets (e.g., bitcoins) between partners.
  • Distributed Hash Table Networks is as such known to the skilled person, in particular for decentralized and distributed efficient storage of (key, value) pairs.
  • the entry in the Files Table 41 consists of a unique File ID 42, the File Name of the file 60, and the File itself 43.
  • the Node shares the file with other nodes in the Distributed Hash Table network 2 (figure 1 ).
  • the File 20 is first Encrypted 21 with the use of a Secret Key 22 that is unique per file.
  • the encrypted file 23 is then split into blocks 24 with a fixed size per block 25.
  • the Distributed Hash Table Algorithm foresees, that on the basis of a given Hash Algorithm 26 the Hash value 27 for each Block 25 is calculated.
  • the Block Number 46 (figure 3) and its associated Hash Value 47 (figure 3), together with the File ID 45 are shared amongst all nodes via the Distributed Hash Table Network 2 (figure 1 ) and stored in the local Hashes Lookup Table 44 of each node (figure 3).
  • the blocks of the encrypted file are distributed via the Networks Manager of the node 6 (figure 1 ) amongst the involved partner nodes on the basis of the Distributed Hash Table Network 2. In dependence on the distribution strategy of that Distributed Hash Table Network, it is decided whether a node will store the block 50 (figure 3) and its Hash Value 49 in their local Hash Table 48 or not.
  • the node that uploaded the file to the Shared Data Pool 1 (figure 1) can re-calculate and re-distribute the Secret Shares as a new version on base a new Salt and new n and k values.
  • the new Salt value makes the new Secret Shares incompatible to the already distributed shares.
  • Each node in the Blockchain Network 4 will read that information (File ID 53, Share Number 54, responsible Node ID 55, n (66), k (67), Version Number 68) and copy it to its local Secret Shares Lookup Table 52 in its Secret Storage 51.
  • a partner client 14 who wants to access a file will ask the local Distributed Network Storage 5 to search in the Distributed Hash Table Network 2 for the File ID 42 (figure 3) of a given File Name 60.
  • the Hash Value 47 of each required Block 46 can be determined.
  • the node then downloads the Encrypted File Blocks 50 listed in the Distributed Hash Table Network 2.
  • the node then sends a request for the secret shares 81 via the Blockchain 70 (figure 5).
  • Each node provides the requested information via a message 82 via the Blockchain Log 70 (figure 5).
  • the messages include information about who accessed what Share of what File 82.
  • the information can be digitally signed, e.g. by the use of the certificate, by the Node 5, 15 that is providing that information.
  • the decrypted file can be stored for future access in the Files Table 41 (figure 3) of the file Storage 40 (figure 3) and made available via a download protocol 16 (figure 1 ) to the Access Client 1 1 (figure 1 ).
  • the provider of a file can recalculate and distribute the new secret shares(33) on base of a new salt (28) and new n (30) and k (31).
  • the node then sends a Revoke Secret Share Message 84 (figure 7) via the Blockchain 70 (figure 5) to revoke the latest version of the secret shares set.
  • This message can also be used to make a file in the Shared Data Pool 1 (figure 1 ) inaccessible, because there will be no secret shares available to reconstruct the decryption key.
  • messages (80, 81 , 82, 84) are stored in the Blockchain Log (70) inside a message structure (76) as part of a hash tree (74, 75), inside a block (71 ) that is linked irreversibly to the previous blocks (72), including blockchain-specific administrative information (73).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

A peer-to-peer network (1, 2, 4) allows distribution and retrieval of data by encrypting, with a secret key, a file containing said data; splitting the encrypted file into blocks and splitting the secret key into secret shares; distributing the blocks and the secret shares to the peer nodes (5, 15); and, upon request of a client (11) to access the file, retrieving via one of the peer nodes (5, 15) the encrypted blocks for reconstructing the encrypted file; retrieving at least some of the secret shares for reconstructing the secret key; and decrypting the encrypted file with the reconstructed secret key. The peer nodes (5, 15) share a blockchain log (10) so as to form a blockchain network (4). The secret shares are transmitted, requested and retrieved via messages sent over the blockchain network (4), thus providing evidence of a node having access to the unencrypted file.

Description

Description
P2P NETWORK DATA DISTRIBUTION AND RETRIEVAL USING BLOCKCHAIN LOG Technical field
[0001] The invention is directed to the field of computer peer-to-peer networks and more particularly to the field of data sharing between different partners or peer nodes through a computer network.
Background art
[0002] Peer-to-peer (P2P) technologies constitute an alternative to traditional centralized information systems because of their potential to scale to realistic sizes and their inherent fault-tolerances. In P2P systems, computers communicate directly with each other, rather than through servers that can become performance bottlenecks and single points of failure. Self-organizing P2P networks have proven highly adaptable to changes in network connectivity and resilient to node or network failures. While current P2P technology may provide scalable and robust distributed data object storage, current P2P solutions are not widely used due, at least in part, to security concerns. For example, P2P networks are generally used for freely sharing data, such as information or music. However, P2P networks generally do not provide the needed security and access control with query functionality that is required for more sophisticated information systems.
[0003] Prior art patent document published US 2005/0240591 A1 discloses a peer-to-peer networking system forming a large repository with a distributed object data access mechanism granting access to data objects to authorized users. The data can be split and distributed according to a hash table to different peer nodes. The data can also be encrypted using a secret encryption key that is split into a series of secret shares distributed among the peer nodes. By retrieving these secret shares, the corresponding secret key can be reconstructed and the encrypted data can be decrypted and accessed to. This provides the advantage that a complete version of the secret encryption key is never transmitted across the network. The security of such a network remains however limited in that a malicious node could request copies of each of the secret shares for reconstructing the encryption key.
Summary of invention
Technical Problem
[0004] The invention has for technical problem to provide to a solution to at least one shortcoming of the above cited prior art. More specifically, the invention has for technical problem to provide a P2P network with an increased security and transparency with regard to the access by a peer node to encrypted data.
Technical solution
[0005] The invention is directed to a method of distributing and retrieving data on a computer network with peer nodes, comprising: (a) encrypting, with a secret key, a file containing said data; (b) splitting the encrypted file into blocks and splitting the secret key into secret shares; (c) distributing the blocks and the secret shares to the peer nodes; (d) upon request of a client to access the file, retrieving via one of the peer nodes the encrypted blocks for reconstructing the encrypted file, retrieving at least some of the secret shares for reconstructing the secret key, and decrypting the encrypted file with the reconstructed secret key; wherein the peer nodes share a blockchain so as to form a blockchain network; and at step (a), the secret shares are transmitted to the peer nodes via messages sent over the blockchain network; and at step (d), requesting and retrieving the secret shares is done via messages sent over the blockchain network.
[0006] The blockchain forms a decentralized ledger storing information forever without any possibility of fraudulent or hidden addition, change or deletion of content.
[0007] A blockchain is to be understood as a database or data structure of data records with the following properties: Each node of a blockchain network maintains a copy of the database or data structure. A majority of equal nodes reach consensus about the current state of the database or data structure. For each two data records in the agreed database or data structure, it is known which of the two data records was added earlier and which was added later to the agreed database or data structure. As a consequence, a new data record that is added to the agreed database or data structure is the latest data record in the agreed database or data structure and it is not possible to add a data record to the agreed database or data structure in a way, that any other existing data record in the agreed database or data structure is seen as a data record that was added later to the agreed database or data structure. It is not possible to modify or alter any data record that has been added already to the agreed database or data structure. It is not possible to delete any data record that has been added already to the agreed database or data structure.
[0008] A blockchain log is a decentralized message log stored inside a blockchain.
[0009] According to a preferred embodiment, in each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, said secret shares are encrypted with a public key of the peer node that is the recipient of said message.
[0010] The public key is a key of an asymmetric cryptography that uses pairs of keys, i.e. public keys that may be disseminated widely, and private keys, which are known only to the owner.
[001 1] According to a preferred embodiment, each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, contains information identifying the peer node sending the message, identifying the peer node(s) recipient of said message, and identifying the secret share that is transmitted or retrieved, said information being publicly accessible to all peer nodes of the network.
[0012] According to a preferred embodiment, the information identifying the secret share in each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, identifies the number of the secret share in relation with the secret key, and the file associated with said secret share.
[0013] According to a preferred embodiment, the information identifying the secret share in each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, identifies the version of the secret share.
[0014] According to a preferred embodiment, a version of secret shares can be revoked by a message send from one of the peer nodes to all remaining nodes.
[0015] According to a preferred embodiment, each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, is digitally signed, e.g. with a certificate, by the peer node that sends the message.
[0016] According to a preferred embodiment, step (d) comprises a message of request of secret shares sent from one peer node to all remaining peer nodes, prior to messages of retrieval of said secret shares sent from said remaining peer nodes.
[0017] According to a preferred embodiment, the blockchain contains all messages of transmittal, request and retrieval of the secret shares at steps
(a) and (d), respectively.
[0018] According to a preferred embodiment, the messages are contained in a hash tree of the blockchain.
[0019] According to a preferred embodiment, at step (b), the secret key is split into k secret shares on the basis of a Secret Sharing technique, e.g.
Shamir's Secret Sharing, where n secret shares, n<k, are sufficient for reconstructing the secret key.
[0020] According to a preferred embodiment, k/2<n<3/4k, and k>2.
Advantageously, k is the current number of nodes in the network.
[0021] According to a preferred embodiment, each message of transmittal, request and retrieval of the secret shares at steps (a) and (d), respectively, contains information identifying the secret share, and the values n and / of said secret share.
[0022] According to a preferred embodiment, each peer node comprises a unique identifier, a data storage space, a networks manager, and preferably a specific public key.
[0023] According to a preferred embodiment, at step (c) the blocks and the secret shares are stored on the data storage space of the peer nodes. [0024] According to a preferred embodiment, at step (a) the secret key is randomly generated, preferably with salts.
[0025] According to a preferred embodiment, at step (c) the blocks are associated to peer nodes based on a Distributed Hash Table algorithm, step (c) producing a hash block distribution scheme that is distributed to each peer node. The network forms then also a Distributed Hash Table network.
[0026] The invention is also directed to a computer program comprising instructions that are executable by a computer, wherein the instructions are configured for executing the steps of the method according to the invention when running on said computer.
[0027] The invention is also directed to a computer data storage server, preferably of the Network-Attached Storage type, with storage medium and wherein the storage medium comprises a computer program according to the invention.
[0028] The invention is also directed to a computer network with peer nodes, each peer node comprises a unique identifier, a data storage space, a networks manager, and preferably a public key and a private key; each networks manager being configured for executing the method according to the invention.
Advantages of the invention
[0029] The invention is particularly interesting in that the provider of files in the network does not need to be reachable during the access of the data while being able to trace the access to its files by the network partners. Also, access to the files is not restricted to only some nodes but well to all nodes. No particular authorisation is required. Also no central managing and controlling instance is required.
[0030] The use of a blockchain network that records the data transmittal, request and retrieval actions by the partners provides a useful and interesting solution to the problem of keeping control of the information and the transparency of their access. Blockchain technology is usually used for transferring assets (e.g., bitcoins) between partners. Here that technology is implemented in a particular manner so as to provide a complete ledger or logger of all information exchanged in relation with the secret shares for decrypting the data, without the need of a central logging instance. Request for and access to secret shares by a node are put on the same level as having undeniable access to the unencrypted file by that node. Brief description of the drawings
[0031] Figure 1 illustrates the architecture of a P2P network that operates a method for distributing and retrieving data according to the invention.
[0032] Figure 2 is a flow chart illustrating the encryption of a file, according to the invention.
[0033] Figure 3 illustrates the structure of the file storage tables on each peer node of the network, according to the invention.
[0034] Figure 4 illustrates the structure of the secret storage tables on each peer node of the network, according to the invention.
[0035] Figure 5 illustrates an exemplary structure of a blockchain log on the network of figure 1 , in accordance with the invention.
[0036] Figure 6 is a flow chart illustrating the retrieval and decryption of a file according to the invention.
[0037] Figure 7 illustrates different messages sent on the blockchain network of figure 1 , in accordance with the invention.
Description of an embodiment
[0038] An embodiment of the invention will be described in relation with figures 1 to 7. In these figures reference numbers are used for designating physical elements and also information elements like file ID, secret share, etc. For these information elements, different reference numbers are used designating the same information at different points of time and/or at different locations in the computer storage and/or treatment of the information. This is for the sake of clarity and shall not be construed as a lack of consistency.
[0039] Figure 1 illustrates the architecture of a P2P network in accordance with the invention. The network forms a shared data pool 1 comprising a series of Distributed Network Storage Systems 5 and 15, forming peer nodes. Each node 5 and 15 owns a unique identifier or Node ID 12 and a key pair that consist of a Private Key 14 and a Public Key 13. The Private and Public Key form an asymmetric cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. Such systems are as such well known to the skilled person. The Node ID 12 and the Public Key 13 are known by the other nodes, while the Private Key 14 is kept secret in the node. Each node 5 and 15 comprises a Networks Manager 6 and a data internal Storage 7.
[0040] The Networks Manager 6 of a node manages two networks: a Blockchain Network 4 that is used to have a synchronised and agreed Blockchain Log 10 via all nodes and a Distributed Hash Table Network 2 that is used to distribute files amongst partner nodes. Blockchain technology is as such known to the skilled person, in particular for transferring assets (e.g., bitcoins) between partners. Distributed Hash Table Networks is as such known to the skilled person, in particular for decentralized and distributed efficient storage of (key, value) pairs.
[0041] The process of uploading and accessing of files inside the Shared Data Pool will be described in relation with figures 1-7.
[0042] With reference to figure 1 , a file that is added by an Access Client 1 1 to the Shared Data Pool 1 is uploaded to its local Distributed Network Storage Node 5 via a special upload protocol 16.
[0043] The file is added to the Files Table 41 (figure 3) in the File Storage 8/40 of the internal Storage 7.
[0044] With reference to figure 3, the entry in the Files Table 41 consists of a unique File ID 42, the File Name of the file 60, and the File itself 43.
[0045] On the basis of the Distributed Hash Table Algorithm, the Node shares the file with other nodes in the Distributed Hash Table network 2 (figure 1 ).
[0046] With reference to figure 2, to ensure confidentiality of the file before sharing it with other nodes, the File 20 is first Encrypted 21 with the use of a Secret Key 22 that is unique per file. The encrypted file 23 is then split into blocks 24 with a fixed size per block 25. The Distributed Hash Table Algorithm foresees, that on the basis of a given Hash Algorithm 26 the Hash value 27 for each Block 25 is calculated. The Block Number 46 (figure 3) and its associated Hash Value 47 (figure 3), together with the File ID 45 are shared amongst all nodes via the Distributed Hash Table Network 2 (figure 1 ) and stored in the local Hashes Lookup Table 44 of each node (figure 3).
[0047] The blocks of the encrypted file are distributed via the Networks Manager of the node 6 (figure 1 ) amongst the involved partner nodes on the basis of the Distributed Hash Table Network 2. In dependence on the distribution strategy of that Distributed Hash Table Network, it is decided whether a node will store the block 50 (figure 3) and its Hash Value 49 in their local Hash Table 48 or not.
[0048] Still with reference to figure 2, to be able to access a file, not only the blocks of the encrypted file have to be loaded from the various nodes, but also the used secret key 22. This secret key 22 can be concatenated with a random Salt 28. It is transformed into a Split Secret 32 of k parts 33 on base of Shamir's Secret Sharing technique 29. It requires n (30) out of k (31 ) parts to reconstruct the original encryption key. The parameter n can be set to be the upper rounded value of (2/3/ ) and k equals the number of current nodes in the Shared Data Pool.
[0049] With reference to figure 4, the File ID 62, the values n (64) and k (65) plus the Version Number of that parameter set 69, and the used Secret Key 63 are stored in the Keys Table 61 of the Secrete Storage 51 , 9 of the internal Storage 7 (figure 1 ).
[0050] If during the running of the infrastructure, the number of nodes becomes permanently smaller than n, the node that uploaded the file to the Shared Data Pool 1 (figure 1) can re-calculate and re-distribute the Secret Shares as a new version on base a new Salt and new n and k values. The new Salt value makes the new Secret Shares incompatible to the already distributed shares.
[0051] With reference to figure 7, all k Secret Shares and their Version Number are sent as dedicated messages 80 via the Blockchain Network 4 (figure 1 ) to the nodes of the Shared Data Pool 1 (figure 1 ). Each message is encrypted for the recipient with the public key 13 (figure 1 ) of that recipient so that each partner only has access to one part of the secret. All remaining nodes of the Shared Data Pool will then know that this Secret Share is available from that node. [0052] With reference to figure 4, each node that receives a Secret Share 59 will store it with the File ID 57 and its Share Number 58 and the Version Number 79 in its local Secret Shares Table 56.
[0053] In the messages 80 sending the secret shares to dedicated nodes and stored in the Blockchain 70 (figure 5), it is published which Node ID 55 (figure 4) is responsible for what Share Number 54 (figure 4) of what File ID 53 (figure 4). Additionally, the parameters n (66) and k (67) that are used to calculate the share are attached plus the Version Number 68 of that parameter set. All information can be digitally signed, e.g. by the use of the certificate, by the Node 5,15 that is publishing that information.
[0054] Each node in the Blockchain Network 4 will read that information (File ID 53, Share Number 54, responsible Node ID 55, n (66), k (67), Version Number 68) and copy it to its local Secret Shares Lookup Table 52 in its Secret Storage 51.
[0055] With reference back to figure 1 , a partner client 14 who wants to access a file will ask the local Distributed Network Storage 5 to search in the Distributed Hash Table Network 2 for the File ID 42 (figure 3) of a given File Name 60. On basis of the Hash Table Lookup Table 44 and the File ID 45, the Hash Value 47 of each required Block 46 can be determined. On base of that Hash Value 49, the node then downloads the Encrypted File Blocks 50 listed in the Distributed Hash Table Network 2.
[0056] With reference to figure 7, the node then sends a request for the secret shares 81 via the Blockchain 70 (figure 5). Each node provides the requested information via a message 82 via the Blockchain Log 70 (figure 5). The messages include information about who accessed what Share of what File 82. The information can be digitally signed, e.g. by the use of the certificate, by the Node 5, 15 that is providing that information.
[0057] With reference to figure 6, after downloading a minimum of n (93) Shares 91 from all k (94) Shares 90, the node is able to perform a reconstruction on basis of Shamir's algorithm 92. The result 95 consists of two parts: The random Salt 96 that can be ignored and the Secret Key 97. All blocks that have been downloaded 98 forms the Encrypted File 99. Together with the Secret Key 97 and the use of the decryption Algorithm 100, the original File 101 can be decrypted.
[0058] The decrypted file can be stored for future access in the Files Table 41 (figure 3) of the file Storage 40 (figure 3) and made available via a download protocol 16 (figure 1 ) to the Access Client 1 1 (figure 1 ).
[0059] In case the number of nodes in the network is becoming lower than the minimal required number of shares n, the provider of a file can recalculate and distribute the new secret shares(33) on base of a new salt (28) and new n (30) and k (31). The node then sends a Revoke Secret Share Message 84 (figure 7) via the Blockchain 70 (figure 5) to revoke the latest version of the secret shares set. This message can also be used to make a file in the Shared Data Pool 1 (figure 1 ) inaccessible, because there will be no secret shares available to reconstruct the decryption key.
[0060] With reference to figure 5, messages (80, 81 , 82, 84) are stored in the Blockchain Log (70) inside a message structure (76) as part of a hash tree (74, 75), inside a block (71 ) that is linked irreversibly to the previous blocks (72), including blockchain-specific administrative information (73).

Claims

Claims
1. Method of distributing and retrieving data on a computer network (2, 4) with peer nodes (5, 15), comprising:
(a) encrypting, with a secret key (22), a file (20) containing said data;
(b) splitting (24) the encrypted file (23) into blocks (25, 50) and splitting (32) the secret key (22) into secret shares (33, 59);
(c) distributing the blocks (50) and the secret shares (59) to the peer nodes (5, 15);
(d) upon request of a client (1 1 ) to access the file (20), retrieving via one of the peer nodes (5, 15) the encrypted blocks (50, 98) for reconstructing the encrypted file (23), retrieving at least some of the secret shares (59, 90) for reconstructing the secret key (22, 97), and decrypting the encrypted file (23, 99) with the reconstructed secret key (97);
characterized in that
the peer nodes (5, 15) share a blockchain (10, 70) so as to form a blockchain network (4); and
at step (c), the secret shares (33, 59) are transmitted to the peer nodes (5, 15) via messages (80) sent over the blockchain network (4); and at step (d), requesting and retrieving the secret shares (59, 90) is done via messages (81 , 82) sent over the blockchain network (4).
2. Method according to claim 1 , wherein in each message (80, 81 , 82) of transmittal, request and retrieval of the secret shares (59, 90) at steps (c) and (d), respectively, said secret shares (59, 90) are encrypted with a public key (13) of the peer node (5, 15) that is the recipient of said message.
3. Method according to one of claims 1 and 2, wherein each message (80, 81 , 82) of transmittal, request and retrieval of the secret shares (59, 90) at steps (c) and (d), respectively, contains information identifying the peer node (5, 15) sending the message, identifying the peer node(s) recipient (5, 15) of said message, and identifying the secret share (59, 90) that is transmitted or retrieved, said information being publicly accessible to all peer nodes (5, 15) of the network (2, 4).
4. Method according to claim 3, wherein the information identifying the secret share (59, 90) in each message (80, 81 , 82) of transmittal, request and retrieval of the secret shares (33, 59, 90) at steps (c) and (d), respectively, identifies the number (54, 58) of the secret share (33, 59, 90) in relation with the secret key (22), and the file (42, 60, 43) associated with said secret share.
5. Method according to one of claims 3 and 4, wherein the information identifying the secret share (33, 59, 90) in each message (80, 81 , 82) of transmittal, request and retrieval of the secret shares (33, 59, 90) at steps (c) and (d), respectively, identifies the version (68, 69, 79) of the secret share.
6. Method according to claim 5, wherein a version (68, 69, 79) of secret shares can be revoked by a message (84) send from one of the peer nodes to all remaining nodes.
7. Method according to any one of claims 1 to 6, wherein each message (80, 81 , 82) of transmittal, request and retrieval of the secret shares (33, 59, 90) at steps (c) and (d), respectively, is digitally signed by the peer node that sends the message.
8. Method according to any one of claims 1 to 7, wherein step (d) comprises sending a message (81 ) of request of secret shares, from one of the peer nodes to all remaining peer nodes, prior to sending messages (82) of retrieval of said secret shares, from said remaining peer nodes.
9. Method according to any one of claims 1 to 8, wherein the blockchain log (10, 70) contains all messages (80, 81 , 82, 84) of transmittal, request and retrieval of the secret shares at steps (c) and (d), respectively.
10. Method according to claim 9, wherein the messages (80, 81 , 82, 84) are contained in a hash tree of the blockchain (70).
1 1. Method according to any one of claims 1 to 10, wherein at step (b), a salted (28) secret key (22) is split into k secret shares (33, 59) on the basis a Secret Sharing technique where n secret shares, n<k, are sufficient for reconstructing the secret key (22, 63, 97).
12. Method according to claim 1 1 , wherein k/2<n≤3/4k and k>2.
13. Method according to one of claims 1 1 and 12, wherein each message (80, 81 , 82) of transmittal, request and retrieval of the secret shares (33, 59, 90) at steps (c) and (d), respectively, contains information identifying the secret share, and the values n and k and the version of said secret share.
14. Method according to any one of claims 1 to 13, wherein each peer node (5, 15) comprises a unique identifier (12), a data storage space (7), a networks manager (6), a public key (13), preferably provided inside a certificate, and a private key (14).
15. Method according to claim 13, wherein at step (c) the blocks (50) and the secret shares (59) are stored on the data storage space (7) of the peer nodes (5, 15).
16. Method according to any one of claims 1 to 15, wherein at step (a) the secret key (22) is randomly generated, preferably with salts (23).
17. Method according to any one of claims 1 to 16, wherein at step (c) the blocks (50) are associated and distributed to peer nodes (5, 15) based on a distributed hash algorithm, step (c) producing a distributed network (2).
18. A computer program comprising instructions that are executable by a computer, characterized in that the instructions are configured for executing the steps of the method according to any one of claims 1 to 17 when running on said computer.
19. Computer data storage server (5), preferably of the Network-Attached Storage type, with storage medium (7) and characterized in that the storage medium stores a computer program according to claim 18.
20. A computer network (2, 4) with peer nodes (5, 15), each peer node (5, 15) comprising a unique identifier (12), a data storage space (7), a networks manager (6), a public key (13), preferably provided inside a certificate, and a private key (14); each networks manager (6) being configured for executing the method according to any one of claims 1 to 17.
PCT/EP2017/082625 2016-12-15 2017-12-13 P2p network data distribution and retrieval using blockchain log WO2018109010A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP17821863.2A EP3556045B1 (en) 2016-12-15 2017-12-13 P2p network data distribution and retrieval using blockchain log
ES17821863T ES2817433T3 (en) 2016-12-15 2017-12-13 Distribution and retrieval of data from a P2P network using a blockchain registry

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
LULU93377 2016-12-15
LU93377A LU93377B1 (en) 2016-12-15 2016-12-15 P2p network data distribution and retrieval using blockchain log

Publications (1)

Publication Number Publication Date
WO2018109010A1 true WO2018109010A1 (en) 2018-06-21

Family

ID=57708709

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/082625 WO2018109010A1 (en) 2016-12-15 2017-12-13 P2p network data distribution and retrieval using blockchain log

Country Status (4)

Country Link
EP (1) EP3556045B1 (en)
ES (1) ES2817433T3 (en)
LU (1) LU93377B1 (en)
WO (1) WO2018109010A1 (en)

Cited By (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109067522A (en) * 2018-07-27 2018-12-21 深圳市汇尊区块链技术有限公司 A kind of random number Verified secret sharing method
CN109408523A (en) * 2018-10-10 2019-03-01 罗克佳华科技集团股份有限公司 Data sharing method, device, data sharing platform, electronic equipment
WO2019072262A2 (en) 2018-11-07 2019-04-18 Alibaba Group Holding Limited Recovering encrypted transaction information in blockchain confidential transactions
US10270599B2 (en) 2017-04-27 2019-04-23 Factom, Inc. Data reproducibility using blockchains
CN110062047A (en) * 2019-04-25 2019-07-26 王毛路 The dotted storage method of the big file of file distribution is adjusted to the greatest extent in a kind of credible investment and financing based on block chain
US10411897B2 (en) * 2017-02-17 2019-09-10 Factom, Inc. Secret sharing via blockchains
US10419225B2 (en) 2017-01-30 2019-09-17 Factom, Inc. Validating documents via blockchain
CN110383311A (en) * 2018-11-07 2019-10-25 阿里巴巴集团控股有限公司 Supervise the transaction of block chain secret
US20190342084A1 (en) * 2018-05-03 2019-11-07 International Business Machines Corporation Blockchain for on-chain management of off-chain storage
US20190372765A1 (en) * 2018-06-01 2019-12-05 Roland Tegeder System and Method for Providing an Authorised Third Party with Overt Ledger Secured Key Escrow Access to a Secret
EP3654580A1 (en) * 2018-11-15 2020-05-20 Fujitsu Limited Communication device and communication method used in decentralized network
US10685399B2 (en) 2017-03-31 2020-06-16 Factom, Inc. Due diligence in electronic documents
US10783164B2 (en) 2018-05-18 2020-09-22 Factom, Inc. Import and export in blockchain environments
CN111698198A (en) * 2019-03-13 2020-09-22 国际商业机器公司 Secret generation and share distribution
US10817873B2 (en) 2017-03-22 2020-10-27 Factom, Inc. Auditing of electronic documents
WO2020220641A1 (en) * 2019-04-28 2020-11-05 平安科技(深圳)有限公司 Data storage method and apparatus based on point-to-point network, and medium and server
WO2020234814A1 (en) * 2019-05-22 2020-11-26 Salesforce.Com, Inc. System or method to implement right to be forgotten on metadata driven blockchain using secret sharing and consensus on read
CN112039837A (en) * 2020-07-09 2020-12-04 中原工学院 Electronic evidence preservation method based on block chain and secret sharing
CN112398643A (en) * 2019-08-16 2021-02-23 丁爱民 Communication number right protection method and system
KR20210020699A (en) * 2019-08-16 2021-02-24 주식회사 코인플러그 Method for performing backup and recovery private key in consortium blockchain network, and device using them
US20210089676A1 (en) * 2018-02-16 2021-03-25 Ecole Polytechnique Fédérale De Lausanne Epfl-Tto Methods and systems for secure data exchange
CN112635010A (en) * 2020-12-28 2021-04-09 扬州大学 Data storage and sharing method under edge calculation based on double block chains
US11044095B2 (en) 2018-08-06 2021-06-22 Factom, Inc. Debt recordation to blockchains
US11042871B2 (en) 2018-08-06 2021-06-22 Factom, Inc. Smart contracts in blockchain environments
WO2021163960A1 (en) * 2020-02-20 2021-08-26 深圳市汇尊区块链技术有限公司 Blockchain-based random number generation method and system, and storage medium
US11134120B2 (en) 2018-05-18 2021-09-28 Inveniam Capital Partners, Inc. Load balancing in blockchain environments
US11164250B2 (en) 2018-08-06 2021-11-02 Inveniam Capital Partners, Inc. Stable cryptocurrency coinage
US11170366B2 (en) 2018-05-18 2021-11-09 Inveniam Capital Partners, Inc. Private blockchain services
US20210391982A1 (en) * 2020-06-12 2021-12-16 Nagravision S.A. Distributed anonymized compliant encryption management system
CN114205170A (en) * 2021-12-21 2022-03-18 厦门安胜网络科技有限公司 Cross-interface platform networking communication and service encryption calling method
US11328290B2 (en) 2018-08-06 2022-05-10 Inveniam Capital Partners, Inc. Stable cryptocurrency coinage
US11343075B2 (en) 2020-01-17 2022-05-24 Inveniam Capital Partners, Inc. RAM hashing in blockchain environments
US20220166616A1 (en) * 2020-11-24 2022-05-26 International Business Machines Corporation Key reclamation in blockchain network via oprf
KR102406388B1 (en) * 2021-06-03 2022-06-08 보노테크놀로지스 주식회사 A method and an apparatus for master key management based on sharing algorithms for block chain transactions
US11368285B2 (en) * 2019-12-05 2022-06-21 International Business Machines Corporation Efficient threshold storage of data object
US20240095220A1 (en) * 2022-09-20 2024-03-21 Salesforce, Inc. Ensuring trust throughout lifecycle of a non-fungible token
US11989208B2 (en) 2018-08-06 2024-05-21 Inveniam Capital Partners, Inc. Transactional sharding of blockchain transactions
US11989726B2 (en) 2021-09-13 2024-05-21 Salesforce, Inc. Database system public trust ledger token creation and exchange
US12008526B2 (en) 2021-03-26 2024-06-11 Inveniam Capital Partners, Inc. Computer system and method for programmatic collateralization services
US12007972B2 (en) 2021-06-19 2024-06-11 Inveniam Capital Partners, Inc. Systems and methods for processing blockchain transactions

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10867057B1 (en) * 2017-06-01 2020-12-15 Massachusetts Mutual Life Insurance Company Decentralized encryption and decryption of blockchain data
CN111858519B (en) * 2020-07-10 2023-08-01 北京远景视点科技有限公司 System and method for sharing confidential data on blockchain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030084020A1 (en) * 2000-12-22 2003-05-01 Li Shu Distributed fault tolerant and secure storage
US20050240591A1 (en) 2004-04-21 2005-10-27 Carla Marceau Secure peer-to-peer object storage system
US20150261973A1 (en) * 2004-10-25 2015-09-17 Security First Corp. Secure data parser method and system
US20160162897A1 (en) * 2014-12-03 2016-06-09 The Filing Cabinet, LLC System and method for user authentication using crypto-currency transactions as access tokens
US20160254910A1 (en) * 2016-05-07 2016-09-01 Keir Finlow-Bates Revocation of cryptographic keys in the absence of a trusted central authority

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030084020A1 (en) * 2000-12-22 2003-05-01 Li Shu Distributed fault tolerant and secure storage
US20050240591A1 (en) 2004-04-21 2005-10-27 Carla Marceau Secure peer-to-peer object storage system
US20150261973A1 (en) * 2004-10-25 2015-09-17 Security First Corp. Secure data parser method and system
US20160162897A1 (en) * 2014-12-03 2016-06-09 The Filing Cabinet, LLC System and method for user authentication using crypto-currency transactions as access tokens
US20160254910A1 (en) * 2016-05-07 2016-09-01 Keir Finlow-Bates Revocation of cryptographic keys in the absence of a trusted central authority

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
PETER LINDER: "DEcryption Contract ENforcement Tool (DECENT): A Practical Alternative to Government Decryption Backdoors", INTERNATIONAL ASSOCIATION FOR CRYPTOLOGIC RESEARCH,, vol. 20160401:160351, 22 March 2016 (2016-03-22), pages 1 - 18, XP061020263 *

Cited By (95)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11044100B2 (en) 2017-01-30 2021-06-22 Factom, Inc. Validating documents
US11863686B2 (en) 2017-01-30 2024-01-02 Inveniam Capital Partners, Inc. Validating authenticity of electronic documents shared via computer networks
US10419225B2 (en) 2017-01-30 2019-09-17 Factom, Inc. Validating documents via blockchain
US10411897B2 (en) * 2017-02-17 2019-09-10 Factom, Inc. Secret sharing via blockchains
US11296889B2 (en) 2017-02-17 2022-04-05 Inveniam Capital Partners, Inc. Secret sharing via blockchains
US11580534B2 (en) 2017-03-22 2023-02-14 Inveniam Capital Partners, Inc. Auditing of electronic documents
US10817873B2 (en) 2017-03-22 2020-10-27 Factom, Inc. Auditing of electronic documents
US10685399B2 (en) 2017-03-31 2020-06-16 Factom, Inc. Due diligence in electronic documents
US11468510B2 (en) 2017-03-31 2022-10-11 Inveniam Capital Partners, Inc. Due diligence in electronic documents
US11443371B2 (en) 2017-03-31 2022-09-13 Inveniam Capital Partners, Inc. Due diligence in electronic documents
US11443370B2 (en) 2017-03-31 2022-09-13 Inveniam Capital Partners, Inc. Due diligence in electronic documents
US10270599B2 (en) 2017-04-27 2019-04-23 Factom, Inc. Data reproducibility using blockchains
US11044097B2 (en) 2017-04-27 2021-06-22 Factom, Inc. Blockchain recordation of device usage
US10693652B2 (en) 2017-04-27 2020-06-23 Factom, Inc. Secret sharing via blockchain distribution
US20210089676A1 (en) * 2018-02-16 2021-03-25 Ecole Polytechnique Fédérale De Lausanne Epfl-Tto Methods and systems for secure data exchange
US10917234B2 (en) * 2018-05-03 2021-02-09 International Business Machines Corporation Blockchain for on-chain management of off-chain storage
US20190342084A1 (en) * 2018-05-03 2019-11-07 International Business Machines Corporation Blockchain for on-chain management of off-chain storage
US10783164B2 (en) 2018-05-18 2020-09-22 Factom, Inc. Import and export in blockchain environments
US11347769B2 (en) 2018-05-18 2022-05-31 Inveniam Capital Partners, Inc. Import and export in blockchain environments
US11587074B2 (en) 2018-05-18 2023-02-21 Inveniam Capital Partners, Inc. Recordation of device usage to blockchains
US11580535B2 (en) 2018-05-18 2023-02-14 Inveniam Capital Partners, Inc. Recordation of device usage to public/private blockchains
US12008015B2 (en) 2018-05-18 2024-06-11 Inveniam Capital Partners, Inc. Import and export in blockchain environments
US11134120B2 (en) 2018-05-18 2021-09-28 Inveniam Capital Partners, Inc. Load balancing in blockchain environments
US11170366B2 (en) 2018-05-18 2021-11-09 Inveniam Capital Partners, Inc. Private blockchain services
US11477271B2 (en) 2018-05-18 2022-10-18 Inveniam Capital Partners, Inc. Load balancing in blockchain environments
US11930072B2 (en) 2018-05-18 2024-03-12 Inveniam Capital Partners, Inc. Load balancing in blockchain environments
US20190372765A1 (en) * 2018-06-01 2019-12-05 Roland Tegeder System and Method for Providing an Authorised Third Party with Overt Ledger Secured Key Escrow Access to a Secret
CN109067522A (en) * 2018-07-27 2018-12-21 深圳市汇尊区块链技术有限公司 A kind of random number Verified secret sharing method
US11587069B2 (en) 2018-08-06 2023-02-21 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11164250B2 (en) 2018-08-06 2021-11-02 Inveniam Capital Partners, Inc. Stable cryptocurrency coinage
US11348098B2 (en) 2018-08-06 2022-05-31 Inveniam Capital Partners, Inc. Decisional architectures in blockchain environments
US11295296B2 (en) 2018-08-06 2022-04-05 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11989208B2 (en) 2018-08-06 2024-05-21 Inveniam Capital Partners, Inc. Transactional sharding of blockchain transactions
US11276056B2 (en) 2018-08-06 2022-03-15 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11044095B2 (en) 2018-08-06 2021-06-22 Factom, Inc. Debt recordation to blockchains
US11615398B2 (en) 2018-08-06 2023-03-28 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11042871B2 (en) 2018-08-06 2021-06-22 Factom, Inc. Smart contracts in blockchain environments
US11348097B2 (en) 2018-08-06 2022-05-31 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11334874B2 (en) 2018-08-06 2022-05-17 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11328290B2 (en) 2018-08-06 2022-05-10 Inveniam Capital Partners, Inc. Stable cryptocurrency coinage
US11620642B2 (en) 2018-08-06 2023-04-04 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11531981B2 (en) 2018-08-06 2022-12-20 Inveniam Capital Partners, Inc. Digital contracts in blockchain environments
US11676132B2 (en) 2018-08-06 2023-06-13 Inveniam Capital Partners, Inc. Smart contracts in blockchain environments
US11687916B2 (en) 2018-08-06 2023-06-27 Inveniam Capital Partners, Inc. Decisional architectures in blockchain environments
US11205172B2 (en) 2018-08-06 2021-12-21 Inveniam Capital Partners, Inc. Factom protocol in blockchain environments
CN109408523A (en) * 2018-10-10 2019-03-01 罗克佳华科技集团股份有限公司 Data sharing method, device, data sharing platform, electronic equipment
CN109408523B (en) * 2018-10-10 2020-06-02 罗克佳华科技集团股份有限公司 Data sharing method and device, data sharing platform and electronic equipment
US11232442B2 (en) 2018-11-07 2022-01-25 Advanced New Technologies Co., Ltd. Recovering encrypted transaction information in blockchain confidential transactions
JP2020515087A (en) * 2018-11-07 2020-05-21 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited Restoring encrypted transaction information within blockchain sensitive transactions
WO2019072262A2 (en) 2018-11-07 2019-04-18 Alibaba Group Holding Limited Recovering encrypted transaction information in blockchain confidential transactions
US10922421B2 (en) 2018-11-07 2021-02-16 Advanced New Technologies Co., Ltd. Regulating blockchain confidential transactions
US11055709B2 (en) 2018-11-07 2021-07-06 Advanced New Technologies Co., Ltd. Recovering encrypted transaction information in blockchain confidential transactions
CN110291756A (en) * 2018-11-07 2019-09-27 阿里巴巴集团控股有限公司 Restore encrypted transaction message in the transaction of block chain secret
CN110383311A (en) * 2018-11-07 2019-10-25 阿里巴巴集团控股有限公司 Supervise the transaction of block chain secret
EP3549306A4 (en) * 2018-11-07 2020-01-01 Alibaba Group Holding Limited Recovering encrypted transaction information in blockchain confidential transactions
AU2018347186B2 (en) * 2018-11-07 2020-09-03 Advanced New Technologies Co., Ltd. Recovering encrypted transaction information in blockchain confidential transactions
US11429962B2 (en) 2018-11-07 2022-08-30 Advanced New Technologies Co., Ltd. Recovering encrypted transaction information in blockchain confidential transactions
RU2726157C1 (en) * 2018-11-07 2020-07-09 Алибаба Груп Холдинг Лимитед Recovering encrypted transaction information in confidential transactions with blockchain
US10678931B2 (en) 2018-11-07 2020-06-09 Alibaba Group Holding Limited Regulating blockchain confidential transactions
US11595187B2 (en) 2018-11-15 2023-02-28 Fujitsu Limited Communication device and communication method used in decentralized network
CN111193703A (en) * 2018-11-15 2020-05-22 富士通株式会社 Communication apparatus and communication method used in distributed network
EP3654580A1 (en) * 2018-11-15 2020-05-20 Fujitsu Limited Communication device and communication method used in decentralized network
CN111698198A (en) * 2019-03-13 2020-09-22 国际商业机器公司 Secret generation and share distribution
CN110062047A (en) * 2019-04-25 2019-07-26 王毛路 The dotted storage method of the big file of file distribution is adjusted to the greatest extent in a kind of credible investment and financing based on block chain
WO2020220641A1 (en) * 2019-04-28 2020-11-05 平安科技(深圳)有限公司 Data storage method and apparatus based on point-to-point network, and medium and server
JP2022533770A (en) * 2019-05-22 2022-07-25 セールスフォース ドット コム インコーポレイティッド A system or method for enforcing the right to be forgotten on a metadata-driven blockchain using shared secrets and read agreements
US11431486B2 (en) 2019-05-22 2022-08-30 Salesforce.Com, Inc. System or method to implement consensus on read on distributed ledger/blockchain
JP7451565B2 (en) 2019-05-22 2024-03-18 セールスフォース インコーポレイテッド A system or method for enforcing the right to be forgotten on a metadata-driven blockchain using a shared secret and read agreement
WO2020234814A1 (en) * 2019-05-22 2020-11-26 Salesforce.Com, Inc. System or method to implement right to be forgotten on metadata driven blockchain using secret sharing and consensus on read
US11764950B2 (en) 2019-05-22 2023-09-19 Salesforce, Inc. System or method to implement right to be forgotten on metadata driven blockchain using shared secrets and consensus on read
US11469886B2 (en) 2019-05-22 2022-10-11 Salesforce.Com, Inc. System or method to implement record level access on metadata driven blockchain using shared secrets and consensus on read
CN112398643B (en) * 2019-08-16 2023-08-18 丁爱民 Communication digital right protection method and system
KR20210020699A (en) * 2019-08-16 2021-02-24 주식회사 코인플러그 Method for performing backup and recovery private key in consortium blockchain network, and device using them
KR102269753B1 (en) * 2019-08-16 2021-06-28 주식회사 코인플러그 Method for performing backup and recovery private key in consortium blockchain network, and device using them
CN112398643A (en) * 2019-08-16 2021-02-23 丁爱民 Communication number right protection method and system
US11368285B2 (en) * 2019-12-05 2022-06-21 International Business Machines Corporation Efficient threshold storage of data object
US11863305B2 (en) 2020-01-17 2024-01-02 Inveniam Capital Partners, Inc. RAM hashing in blockchain environments
US11943334B2 (en) 2020-01-17 2024-03-26 Inveniam Capital Partners, Inc. Separating hashing from proof-of-work in blockchain environments
US11343075B2 (en) 2020-01-17 2022-05-24 Inveniam Capital Partners, Inc. RAM hashing in blockchain environments
US11444749B2 (en) 2020-01-17 2022-09-13 Inveniam Capital Partners, Inc. Separating hashing from proof-of-work in blockchain environments
WO2021163960A1 (en) * 2020-02-20 2021-08-26 深圳市汇尊区块链技术有限公司 Blockchain-based random number generation method and system, and storage medium
US20210391982A1 (en) * 2020-06-12 2021-12-16 Nagravision S.A. Distributed anonymized compliant encryption management system
US11777720B2 (en) 2020-06-12 2023-10-03 Nagravision Sàrl Distributed anonymized compliant encryption management system
CN112039837A (en) * 2020-07-09 2020-12-04 中原工学院 Electronic evidence preservation method based on block chain and secret sharing
CN112039837B (en) * 2020-07-09 2022-09-02 中原工学院 Electronic evidence preservation method based on block chain and secret sharing
US20220166616A1 (en) * 2020-11-24 2022-05-26 International Business Machines Corporation Key reclamation in blockchain network via oprf
CN112635010B (en) * 2020-12-28 2023-07-07 扬州大学 Data storage and sharing method under edge computing based on double block chains
CN112635010A (en) * 2020-12-28 2021-04-09 扬州大学 Data storage and sharing method under edge calculation based on double block chains
US12008526B2 (en) 2021-03-26 2024-06-11 Inveniam Capital Partners, Inc. Computer system and method for programmatic collateralization services
KR102406388B1 (en) * 2021-06-03 2022-06-08 보노테크놀로지스 주식회사 A method and an apparatus for master key management based on sharing algorithms for block chain transactions
US12007972B2 (en) 2021-06-19 2024-06-11 Inveniam Capital Partners, Inc. Systems and methods for processing blockchain transactions
US11989726B2 (en) 2021-09-13 2024-05-21 Salesforce, Inc. Database system public trust ledger token creation and exchange
CN114205170B (en) * 2021-12-21 2023-11-17 厦门安胜网络科技有限公司 Bridging port platform networking communication and service encryption calling method
CN114205170A (en) * 2021-12-21 2022-03-18 厦门安胜网络科技有限公司 Cross-interface platform networking communication and service encryption calling method
US20240095220A1 (en) * 2022-09-20 2024-03-21 Salesforce, Inc. Ensuring trust throughout lifecycle of a non-fungible token

Also Published As

Publication number Publication date
ES2817433T3 (en) 2021-04-07
LU93377B1 (en) 2018-07-03
EP3556045A1 (en) 2019-10-23
EP3556045B1 (en) 2020-06-17

Similar Documents

Publication Publication Date Title
EP3556045B1 (en) P2p network data distribution and retrieval using blockchain log
US11153290B2 (en) Advanced security protocol for broadcasting and synchronizing shared folders over local area network
CN112910840B (en) Medical data storage and sharing method and system based on alliance blockchain
CN108259169B (en) File secure sharing method and system based on block chain cloud storage
US8051205B2 (en) Peer-to-peer distributed storage
Nilizadeh et al. Cachet: a decentralized architecture for privacy preserving social networking with caching
US9626527B2 (en) Server and method for secure and economical sharing of data
US9900155B2 (en) Security techniques for cooperative file distribution
KR20040019328A (en) Access control system
Ali et al. Blockstack: A new decentralized internet
EP2692107B1 (en) Managed authentication on a distributed network
CN116204923A (en) Data management and data query methods and devices
Ali et al. Secure provable data possession scheme with replication support in the cloud using Tweaks
CN113505098A (en) File sharing system, method and storage medium
Bigini et al. Decentralized health data distribution: A dlt-based architecture for data protection
Koç et al. PACISSO: P2P access control incorporating scalability and self-organization for storage systems
Roth Proof of file access in a private P2P network using blockchain
Irvine et al. Sigmoid (x): Secure distributed network storage
Indira et al. Cloud secure distributed storage deduplication scheme for encrypted data
Joseph Co-Operative Multiple Replica Provable Data Possession for Integrity Verification in Multi-Cloud Storage
CN116361000A (en) Method for controlling dynamic access of data in cloud environment based on fabric block chain
Erdin et al. Cloud Assisted Personal Online Social Network
Lu CloudChord: A P2P Network of Clients Cloud Storage for Data Access Pattern Privacy
Wang et al. A Privacy-Preserving Blockchain-based Information Shared Scheme in Smart-Cities
Hassan et al. S-SAC: Towards a Scalable Secure Access Control Framework for Cloud Storage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17821863

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2017821863

Country of ref document: EP

Effective date: 20190715