WO2022198078A1 - Fixity data processing - Google Patents

Fixity data processing Download PDF

Info

Publication number
WO2022198078A1
WO2022198078A1 PCT/US2022/021002 US2022021002W WO2022198078A1 WO 2022198078 A1 WO2022198078 A1 WO 2022198078A1 US 2022021002 W US2022021002 W US 2022021002W WO 2022198078 A1 WO2022198078 A1 WO 2022198078A1
Authority
WO
WIPO (PCT)
Prior art keywords
hash
master hash
file
fixity
master
Prior art date
Application number
PCT/US2022/021002
Other languages
French (fr)
Inventor
Eric Diehl
Original Assignee
Sony Group Corporation
Sony Pictures Entertainment Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony Group Corporation, Sony Pictures Entertainment Inc. filed Critical Sony Group Corporation
Priority to CN202280006188.3A priority Critical patent/CN116249977A/en
Priority to EP22772308.7A priority patent/EP4292002A4/en
Priority to JP2023556535A priority patent/JP2024509486A/en
Priority to KR1020237009488A priority patent/KR20230054422A/en
Publication of WO2022198078A1 publication Critical patent/WO2022198078A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • G06F16/137Hash-based
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • the present disclosure relates to fixity data, and more specifically, to verifying that a received file is a pristine copy of the same ingested file using the fixity data.
  • Fixity aims to demonstrate that a stored file has not been altered involuntarily or voluntarily. Voluntary alteration corresponds to an attacker changing at least one bit of a file. Thus, a proper solution for fixity should: Provide trustable proof that a file has not been altered; All non-malicious alterations must be detected; Malicious alterations by outsiders must be detected; and Malicious alterations by non-trusted insiders must be detected. Trusted insiders are entities who are authorized to alter a file.
  • the method further includes first comparing the master hash in the fixity data with a combination of hash of each part; second comparing the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key; third comparing a hash of each part with each of the set of digests; and declaring the file as pristine and not impaired when all three comparisons produce true results.
  • the method further includes requesting to verify that the master hash signature of the fixity metadata stored in the trusted database matches the master hash signature in the fixity data.
  • the first comparing includes determining whether is true, wherein MH is the master h ash and is the digest stored in the trusted database of the part.
  • the system further includes a verifier to receive and verify that the file has not been impaired by including: the master hash in the fixity data with a combination of hash of each part; the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key; and a hash of each part with the digest of each part; wherein the file is declared as pristine and not impaired when all three comparisons produce true results.
  • the verifier verifies that the master hash signature in the fixity data matches the master hash signature of the fixity metadata stored in the trusted database, wherein the trusted database is a blockchain.
  • method for verifying that a file is a pristine copy of a same file that an ingester prepared includes: receiving a plurality of parts of the file; receiving a fixity data including a set of digests of a plurality of parts, a master hash, a master hash signature, and a public key of the ingester; first comparing the master hash in the fixity data with a combination of hash of each part; second comparing the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key of the ingester; third comparing a hash of each part with each digest; and declaring the file as pristine and not impaired when all three comparisons produce true results.
  • FIG. 1 is a block diagram of a fixity data system in accordance with one implementation of the present disclosure
  • FIG. 2A is a diagram illustrating a fixity data processing in accordance with one implementation of the present disclosure
  • FIG. 2B is a diagram illustrating a trusted rooted fixity processing in accordance with one implementation of the present disclosure
  • FIG. 4A is a representation of a computer system and a user in accordance with an implementation of the present disclosure.
  • FIG. 4B is a functional block diagram illustrating the computer system hosting the fixity data processing application in accordance with an implementation of the present disclosure.
  • the current solutions for a fixity issue calculate a hash or cryptographic hash for the complete file and store the corresponding hash in a database.
  • the database is a blockchain.
  • Certain implementations of the present disclosure include a verification process to verify that the file is pristine (i.e., that a received file is a pristine copy of the same file that an ingester prepared).
  • the ingester 110 processes the file 102 by slicing it 102 into several parts
  • each part (P x) may have a different length.
  • the ingester 110 then calculates a digest (H ⁇ ) of each part P x as follows: where hash() is a hash function.
  • MH hashl(H 1 ⁇ ... ⁇ H n ), [2] where hashl() is a hash function and symbol
  • the ingester 110 generates the fixity data 112 as the set of digests, master hash ⁇ MH), master hash signature ⁇ SMH), and the public key 118 .
  • the ingester 110 stores the master hash ⁇ MH), the master hash signature ⁇ SMH), the public key 118, and the identification of the file 102 as the fixity metadata 114 in the trusted database 130.
  • FIG. 2A is a diagram illustrating a fixity data processing 200 in accordance with one implementation of the present disclosure.
  • the fixity data processing 200 includes processing the file 102 and the fixity data 112. To verify that part P ⁇ has not been impaired, following checks are performed (e.g., by the verifier 120):
  • the verifier 120 also sends an inquiry to the trusted database 130 whether the master hash signature (SMH) 220 matches the SMH stored in the trusted database 130.
  • the trusted database 130 compares the received result with the fixity metadata 114 and returns to the verifier 120 that the file 102 is pristine when the comparison is positive. Since the SMH is cryptographically protected from an attacker by using a private key to sign the master hash, the attacker is not able to forge a valid signature. Therefore, it is possible to verify one part's fixity without access to the entire file while still proving that the verified part belongs to the complete file.
  • the trusted database 130 is a blockchain.
  • FIG. 2B is a diagram illustrating a trusted rooted fixity processing 230 in accordance with one implementation of the present disclosure.
  • a trusted rooted fixity processing 230 may be used when creating fixity data from a file that already has a Message Digest 5 (MD5) hash.
  • MD5 Message Digest 5
  • the rooted fixity processing proves the following:
  • the trusted rooted fixity processing 230 links the MD5 of a legacy file to the new format.
  • the rooted fixity processing 230 securely links the MD5 of a master on a Linear Tape-Open (LTO) to a file in the cloud.
  • LTO Linear Tape-Open
  • the difference between the trusted rooted fixity processing 230 and the fixity data processing 200 in FIG. 2A is in the master hash signature ⁇ SMH) 260, which encompasses both the master hash 240 and the legacy MD5 hash 250.
  • SMH The following equation defines SMH: [4]
  • the digest function is xxhash64
  • the master hash digest is SHA256
  • the digital signature is RSA-2048 of the hashed value.
  • An X509 certificate encapsulates the public key.
  • the fixity data is a file containing at least the following fields:
  • Rooted is a Boolean value, which is true if the file described a rooted fixity
  • Parts is an array of metadata, where each metadata describes one part of the content (Pi), the first part being the first element of the array and holding at least: 'Size' that defines the number of bytes of the part; and 'Hash' that is the 64-bit digest of the part (i.e., ) ;
  • MasterHash is the 256-bit master hash
  • PEMClear is the PEM-encoded public key
  • MD5 hash is the 16-byte MD5 hash used for rooted fixity, which is meaningful only if Rooted is true.
  • FIG. 3A is a flow diagram of a method 300 for fixity data processing in accordance with one implementation of the present disclosure.
  • a file 102 is received and processed, at step 310, by slicing it 102 into several parts ⁇ P 0 ,P , ... , P n ⁇ , where each part ⁇ P K) may have a different length.
  • a digest (H ⁇ ) of each part P x is calculated, at step 320, as follows: , where hash() is a hash function.
  • the master hash ⁇ MH is calculated, at step 330, as follows:
  • the master hash signature ⁇ SMH is calculated, at step 332, as follows : , where K pr ⁇ is the private key, and
  • Sign is a digital signature.
  • the method 300 for fixity data processing includes verification processing to verify that part P ⁇ has not been impaired, following checks are performed:
  • Versign is verification of digital signature
  • an inquiry is sent to the trusted database 130, at step 350, to determine whether the master hash signature ⁇ SMH) 220 matches the SMH stored in the trusted database 130.
  • the received result is compared, at step 352, with the fixity metadata 114 and a determination is made, at step 354, that the file 102 is pristine when the comparison is positive. Since the SMH is cryptographically protected from an attacker by using a private key to sign the master hash, the attacker is not able to forge a valid signature. Therefore, it is possible to verify one part's fixity without access to the entire file while still proving that the verified part belongs to the complete file.
  • the trusted database 130 is a blockchain.
  • FIG. 3B is a flow diagram of a method 360 for verifying that a file is a pristine copy of a same file that an ingester prepared in accordance with one implementation of the present disclosure.
  • the method includes receiving a plurality of parts of the file, at step 362.
  • fixity data including a set of digests of a plurality of parts, a master hash, a master hash signature, and a public key of the ingester
  • the master hash in the fixity data is compared, at step 366, with a combination of hash of each part.
  • the master hash signature in the fixity data is then compared, at step 368, with a digital signature of the master hash calculated using the public key of the ingester.
  • a hash of each part is compared, at step 370, with each digest.
  • the file is declared, at step 380, as pristine and not impaired when all three comparisons produce true results, at step 372.
  • the file is declared, at step 382, as impaired when not all three comparisons produce true results, at step 372.
  • FIG. 4A is a representation of a computer system 400 and a user 402 in accordance with an implementation of the present disclosure.
  • the user 402 uses the computer system 400 to implement an application 490 for fixity data processing as illustrated and described with respect to the system 100 in FIG. 1 and the methods 300, 360 in FIGS. 3A and 3B.
  • the computer system 400 stores and executes the fixity data processing application 490 of FIG. 4B.
  • the computer system 400 may be in communication with a software program 404.
  • Software program 404 may include the software code for the fixity data processing application 490.
  • Software program 404 may be loaded on an external medium such as a CD, DVD, or a storage drive, as will be explained further below.
  • the computer system 400 may be connected to a network 480.
  • the network 480 can be connected in various different architectures, for example, client-server architecture, a Peer-to-Peer network architecture, or other type of architectures.
  • network 480 can be in communication with a server 485 that coordinates engines and data used within the fixity data processing application 490.
  • the network can be different types of networks.
  • the network 480 can be the Internet, a Local Area Network or any variations of Local Area Network, a Wide Area Network, a Metropolitan Area Network, an Intranet or Extranet, or a wireless network.
  • FIG. 4B is a functional block diagram illustrating the computer system 400 hosting the fixity data processing application 490 in accordance with an implementation of the present disclosure.
  • a controller 410 is a programmable processor and controls the operation of the computer system 400 and its components.
  • the controller 410 loads instructions (e.g., in the form of a computer program) from the memory 420 or an embedded controller memory (not shown) and executes these instructions to control the system, such as to provide the data processing.
  • the controller 410 provides the fixity data processing application 490 with a software system.
  • this service can be implemented as separate hardware components in the controller 410 or the computer system 400.
  • Memory 420 stores data temporarily for use by the other components of the computer system 400.
  • memory 420 is implemented as RAM.
  • memory 420 also includes long-term or permanent memory, such as flash memory and/or ROM.
  • storage 430 is a hard disk drive.
  • the media device 440 receives removable media and reads and/or writes data to the inserted media.
  • the media device 440 is an optical disc drive.
  • the user interface 450 includes components for accepting user input from the user of the computer system 400 and presenting information to the user 402.
  • the user interface 450 includes a keyboard, a mouse, audio speakers, and a display.
  • the controller 410 uses input from the user 402 to adjust the operation of the computer system 400.
  • the I/O interface 460 includes one or more I/O ports to connect to corresponding I/O devices, such as external storage or supplemental devices (e.g., a printer or a PDA).
  • the ports of the I/O interface 460 include ports such as: USB ports, PCMCIA ports, serial ports, and/or parallel ports.
  • the I/O interface 460 includes a wireless interface for communication with external devices wirelessly.
  • the network interface 470 includes a wired and/or wireless network connection, such as an RJ-45 or "Wi-Fi" interface (including, but not limited to 802.11) supporting an Ethernet connection.
  • a wired and/or wireless network connection such as an RJ-45 or "Wi-Fi" interface (including, but not limited to 802.11) supporting an Ethernet connection.
  • the computer system 400 includes additional hardware and software typical of computer systems (e.g., power, cooling, operating system), though these components are not specifically shown in FIG. 4B for simplicity. In other implementations, different configurations of the computer system can be used (e.g., different bus or storage configurations or a multi-processor configuration) .
  • the system 100 is a system configured entirely with hardware including one or more digital signal processors (DSPs), general purpose microprocessors, application specific integrated circuits (ASICs), field programmable gate/logic arrays (FPGAs), or other equivalent integrated or discrete logic circuitry.
  • DSPs digital signal processors
  • ASICs application specific integrated circuits
  • FPGAs field programmable gate/logic arrays
  • system 100 is configured with a combination of hardware and software.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

Fixity data processing of a file by an ingester, including: receiving and processing the file by slicing the file into a plurality of parts; calculating a digest of each part until digests of all of the plurality of parts have been calculated; calculating a master hash as a combination of the digests of all of the plurality of parts; calculating a master hash signature using the master hash and a private key of the ingester; forming a fixity data including a set of digests which includes digests of all of the plurality of parts, the master hash, the master hash signature, and a public key of the ingester; sending the fixity data to a verifier; and storing, in a trusted database, a fixity metadata including the master hash, the master hash signature, the public key of the ingester, and an identifier of the file.

Description

FIXITY DATA PROCESSING
BACKGROUND
Field
[ 0001 ] The present disclosure relates to fixity data, and more specifically, to verifying that a received file is a pristine copy of the same ingested file using the fixity data.
Background
[ 0002 ] Fixity aims to demonstrate that a stored file has not been altered involuntarily or voluntarily. Voluntary alteration corresponds to an attacker changing at least one bit of a file. Thus, a proper solution for fixity should: Provide trustable proof that a file has not been altered; All non-malicious alterations must be detected; Malicious alterations by outsiders must be detected; and Malicious alterations by non-trusted insiders must be detected. Trusted insiders are entities who are authorized to alter a file.
[ 0003 ] The current solutions calculate a hash or cryptographic hash for the complete file and store the corresponding hash in a database. However, when the stored file is large, using a hash for a large monolithic file is not efficient. Furthermore, hashing a large file is not compatible with modern cloud infrastructures that support multipart upload and download, where different parts of the file are concurrently uploaded and recombined at the storage level. Thus, using a current solution, an attacker may upload its forged file and register it in the trusted database (or distributed ledger). SUMMARY
[ 0004 ] The present disclosure provides for verifying that a received file is a pristine copy of the same file that an ingester prepared.
[ 0005 ] In one implementation, a method for fixity data processing of a file by an ingester is disclosed. The method includes: receiving and processing the file by slicing the file into a plurality of parts; calculating a digest of each part until digests of all of the plurality of parts have been calculated; calculating a master hash as a combination of the digests of all of the plurality of parts; calculating a master hash signature using the master hash and the private key of the ingester; forming a fixity data including a set of digests which includes digests of all of the plurality of parts, the master hash, the master hash signature, and the public key of the ingester; sending the fixity data to a verifier; and storing, in a trusted database, a fixity metadata including the master hash, the master hash signature, the public key of the ingester, and an identifier of the file.
[ 0006 ] In one implementation, the method further includes first comparing the master hash in the fixity data with a combination of hash of each part; second comparing the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key; third comparing a hash of each part with each of the set of digests; and declaring the file as pristine and not impaired when all three comparisons produce true results. In one implementation, the method further includes requesting to verify that the master hash signature of the fixity metadata stored in the trusted database matches the master hash signature in the fixity data. In one implementation, the first comparing includes determining whether is true, wherein MH is the master h
Figure imgf000005_0002
ash and is the digest stored in the trusted database of the
Figure imgf000005_0001
part. In one implementation, the second comparing includes determining whether
Figure imgf000005_0003
is true, wherein
Figure imgf000005_0008
is the public key provided by fixity data, Versign is verification of digital signature. In one implementation, the third comparing includes determining whether is true, wherein H± is the digest of each part and
Figure imgf000005_0007
is the digest stored in the trusted database of the part. In one implementation, the digest of each part is calculated as
Figure imgf000005_0004
, wherein hash() is a hash function. In one implementation, the master hash is calculated as , wherein hashl() is a
Figure imgf000005_0005
hash function and symbol | represents concatenating two parts. In one implementation, the master hash signature is calculated as
Figure imgf000005_0006
, wherein
Figure imgf000005_0009
is the private key of the ingester, and Sign is a digital signature. In one implementation, the method further includes sending an inquiry to the trusted database to determine whether the master hash signature in the fixity data matches the master hash signature in the fixity metadata. In one implementation, the trusted database is a blockchain .
[ 0007 ] In another implementation, a fixity data system is disclosed. The system includes: an ingester including a public key and a private key, the ingester to receive and process a file by slicing the file into a plurality of parts; the ingester generating a fixity data including: a set of digests of the plurality of parts, a digest of each part calculated as hash of each part; a master hash calculated as a combination of the set of digests; a master hash signature calculated using the master hash and the private key; and the public key of the ingester; a trusted database to store a fixity metadata including the master hash, the master hash signature, the public key, and an identifier of the file.
[0008] In one implementation, the system further includes a verifier to receive and verify that the file has not been impaired by including: the master hash in the fixity data with a combination of hash of each part; the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key; and a hash of each part with the digest of each part; wherein the file is declared as pristine and not impaired when all three comparisons produce true results. In one implementation, the verifier verifies that the master hash signature in the fixity data matches the master hash signature of the fixity metadata stored in the trusted database, wherein the trusted database is a blockchain.
[0009] In another implementation, method for verifying that a file is a pristine copy of a same file that an ingester prepared is disclosed. The method includes: receiving a plurality of parts of the file; receiving a fixity data including a set of digests of a plurality of parts, a master hash, a master hash signature, and a public key of the ingester; first comparing the master hash in the fixity data with a combination of hash of each part; second comparing the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key of the ingester; third comparing a hash of each part with each digest; and declaring the file as pristine and not impaired when all three comparisons produce true results.
[0010] In one implementation, the plurality of parts of the file is generated by slicing the file into parts. In one implementation, each digest of the set of digests is calculated as hash of each part. In one implementation, the master hash is calculated as a combination of the set of digests. In one implementation, the master hash is calculated as MH = has hl(H1 \ ... \Hn), wherein hashl() is a hash function and symbol | represents concatenating two parts. In one implementation, the master hash signature is calculated using the master hash and a private key of the ingester. In one implementation, the master hash signature is calculated as SMH = Sign^^^MH) , wherein Kpr± is the private key of the ingester, and Sign is a digital signature.
[0011] Other features and advantages should be apparent from the present description which illustrates, by way of example, aspects of the disclosure.
BRIEF DESCRIPTION OF THE DRAWINGS
[0012] The details of the present disclosure, both as to its structure and operation, may be gleaned in part by study of the appended drawings, in which like reference numerals refer to like parts, and in which:
[0013] FIG. 1 is a block diagram of a fixity data system in accordance with one implementation of the present disclosure;
[0014] FIG. 2A is a diagram illustrating a fixity data processing in accordance with one implementation of the present disclosure;
[0015] FIG. 2B is a diagram illustrating a trusted rooted fixity processing in accordance with one implementation of the present disclosure;
[0016] FIG. 3A is a flow diagram of a method for fixity data processing in accordance with one implementation of the present disclosure;
[0017] FIG. 3B is a flow diagram of a method for verifying that a file is a pristine copy of a same file that an ingester prepared in accordance with one implementation of the present disclosure;
[0018] FIG. 4A is a representation of a computer system and a user in accordance with an implementation of the present disclosure; and
[0019] FIG. 4B is a functional block diagram illustrating the computer system hosting the fixity data processing application in accordance with an implementation of the present disclosure.
DETAILED DESCRIPTION
[0020] As described above, the current solutions for a fixity issue calculate a hash or cryptographic hash for the complete file and store the corresponding hash in a database. In some cases, the database is a blockchain.
The use of a blockchain enforces the immutability of the stored hash. However, when the stored file is large, using a hash for a large monolithic file is not efficient and may be subject to forging of the file by an attacker. For example, in a cloud infrastructure that supports multipart upload and download, different parts of the file are concurrently uploaded and recombined at the storage level. Thus, in this infrastructure, an attacker may upload its forged file and register it in the trusted database.
[0021] Certain implementations of the present disclosure include a verification process to verify that the file is pristine (i.e., that a received file is a pristine copy of the same file that an ingester prepared). After reading below descriptions, it will become apparent how to implement the disclosure in various implementations and applications. Although various implementations of the present disclosure will be described herein, it is understood that these implementations are presented by way of example only, and not limitation. As such, the detailed description of various implementations should not be construed to limit the scope or breadth of the present disclosure .
[ 0022 ] FIG. 1 is a block diagram of a fixity data system 100 in accordance with one implementation of the present disclosure. In the illustrated implementation of FIG. 1, the fixity data system 100 includes an ingester 110, a verifier 120, and a trusted database 130. The ingester 110 includes a private key 116 and a public key 118. The ingester 110 receives and processes the file 102 to create fixity data 112 and a subset of information called fixity metadata 114. In one implementation, the trusted database 130 is a blockchain.
[ 0023 ] In one implementation, the ingester 110 processes the file 102 by slicing it 102 into several parts
{Ro,R,. Pn}, where each part (Px) may have a different length. The ingester 110 then calculates a digest (H±) of each part Px as follows:
Figure imgf000009_0001
where hash() is a hash function.
[ 0024 ] Once the ingester 110 calculates all digests, it calculates the master hash {MH) as follows:
MH = hashl(H1 \ ... \Hn), [2] where hashl() is a hash function and symbol | represents concatenating two parts. [0025] After the master hash {MH) is calculated, the ingester 110 calculates the master hash signature { SMH) as follows : , [3]
Figure imgf000010_0001
where Kpr± is the private key, and Sign is a digital signature.
[0026] In one implementation, the ingester 110 generates the fixity data 112 as the set of digests, master hash {MH), master hash signature {SMH), and the public key 118 . The ingester 110 stores
Figure imgf000010_0002
the master hash {MH), the master hash signature {SMH), the public key 118, and the identification of the file 102 as the fixity metadata 114 in the trusted database 130.
[0027] FIG. 2A is a diagram illustrating a fixity data processing 200 in accordance with one implementation of the present disclosure. In one implementation, the fixity data processing 200 includes processing the file 102 and the fixity data 112. To verify that part P± has not been impaired, following checks are performed (e.g., by the verifier 120):
(a) whether is true,
Figure imgf000010_0003
where MH 210 is master hash;
(b) whether is true,
Figure imgf000010_0004
where is the public key provided by fixity data,
Figure imgf000010_0006
Versign is the verification of digital signature;
(c) whether true,
Figure imgf000010_0005
where
Figure imgf000010_0007
is the digest of part as defined by (1).
Figure imgf000010_0008
[0028] The verification succeeds if all three checks (a), (b), and (c) made by the verifier 120 pass. [ 0029 ] In one implementation, the verifier 120 also sends an inquiry to the trusted database 130 whether the master hash signature (SMH) 220 matches the SMH stored in the trusted database 130. The trusted database 130 compares the received result with the fixity metadata 114 and returns to the verifier 120 that the file 102 is pristine when the comparison is positive. Since the SMH is cryptographically protected from an attacker by using a private key to sign the master hash, the attacker is not able to forge a valid signature. Therefore, it is possible to verify one part's fixity without access to the entire file while still proving that the verified part belongs to the complete file. In one implementation, the trusted database 130 is a blockchain.
[ 0030 ] FIG. 2B is a diagram illustrating a trusted rooted fixity processing 230 in accordance with one implementation of the present disclosure. In one implementation, a trusted rooted fixity processing 230 may be used when creating fixity data from a file that already has a Message Digest 5 (MD5) hash. In this implementation, the rooted fixity processing proves the following:
(a) the corresponding file presents a valid fixity;
(b) the corresponding file is a genuine copy of a file with a given MD5.
[ 0031 ] Thus, the trusted rooted fixity processing 230 links the MD5 of a legacy file to the new format. For example, the rooted fixity processing 230 securely links the MD5 of a master on a Linear Tape-Open (LTO) to a file in the cloud. Accordingly, the difference between the trusted rooted fixity processing 230 and the fixity data processing 200 in FIG. 2A is in the master hash signature {SMH) 260, which encompasses both the master hash 240 and the legacy MD5 hash 250. The following equation defines SMH: [4]
Figure imgf000012_0001
[ 0032 ] In one implementation, the digest function is xxhash64, the master hash digest is SHA256 and the digital signature is RSA-2048 of the hashed value. An X509 certificate encapsulates the public key. Thus, in this implementation, the equations [3] and [4] are replaced by
Figure imgf000012_0002
{ p }
[ 0033 ] The fixity data is a file containing at least the following fields:
(a) Rooted is a Boolean value, which is true if the file described a rooted fixity;
(b) Parts is an array of metadata, where each metadata describes one part of the content (Pi), the first part being the first element of the array and holding at least: 'Size' that defines the number of bytes of the part; and 'Hash' that is the 64-bit digest of the part (i.e.,
Figure imgf000012_0003
) ;
(c) MasterHash is the 256-bit master hash;
(d) SignClear is the master hash signature in its binary form;
(e) PEMClear is the PEM-encoded public key; and
(f) MD5 hash is the 16-byte MD5 hash used for rooted fixity, which is meaningful only if Rooted is true.
[ 0034 ] FIG. 3A is a flow diagram of a method 300 for fixity data processing in accordance with one implementation of the present disclosure. In the illustrated implementation of FIG. 3A, a file 102 is received and processed, at step 310, by slicing it 102 into several parts {P0 ,P , ... , Pn}, where each part {PK) may have a different length. A digest (H±) of each part Px is calculated, at step 320, as follows:
Figure imgf000013_0002
, where hash() is a hash function.
[0035] Once it is determined, at step 322, that digests for all parts have been calculated, the master hash {MH) is calculated, at step 330, as follows:
Figure imgf000013_0001
[0036] After the master hash {MH) is calculated, the master hash signature {SMH) is calculated, at step 332, as follows : ,
Figure imgf000013_0003
where Kpr± is the private key, and
Sign is a digital signature.
[0037] In one implementation, the fixity data 112 is generated, at step 334, as a set of digests, master hash {MH), master hash signature {SMH), and the public key 118 { } . The generated fixity
Figure imgf000013_0004
data 112 is sent to the verifier 120 for verification processing. Further, the fixity metadata 114 is stored in the trusted database 130, at step 336, as the master hash {MH), the master hash signature {SMH), the public key 118, and the identification of the file 102. In one implementation, the trusted database 130 is a blockchain.
[0038] In one implementation, the method 300 for fixity data processing includes verification processing to verify that part P± has not been impaired, following checks are performed:
(at step 340) whether is true,
Figure imgf000014_0001
where MH 210 is master hash;
(at step 342) whether is true,
Figure imgf000014_0002
where Kpub is the public key provided by fixity data,
Versign is verification of digital signature;
(at step 344) whether is true,
Figure imgf000014_0003
where H± is the digest of part H± as defined by [1].
[ 0039 ] The verification succeeds if it is determined, at step 346, that all three checks made at steps 340, 342, and 344 pass.
[ 0040 ] In one implementation, an inquiry is sent to the trusted database 130, at step 350, to determine whether the master hash signature {SMH) 220 matches the SMH stored in the trusted database 130. The received result is compared, at step 352, with the fixity metadata 114 and a determination is made, at step 354, that the file 102 is pristine when the comparison is positive. Since the SMH is cryptographically protected from an attacker by using a private key to sign the master hash, the attacker is not able to forge a valid signature. Therefore, it is possible to verify one part's fixity without access to the entire file while still proving that the verified part belongs to the complete file. In one implementation, the trusted database 130 is a blockchain.
[ 0041 ] FIG. 3B is a flow diagram of a method 360 for verifying that a file is a pristine copy of a same file that an ingester prepared in accordance with one implementation of the present disclosure. In the illustrated implementation of FIG. 3B, the method includes receiving a plurality of parts of the file, at step 362.
At step 364, fixity data including a set of digests of a plurality of parts, a master hash, a master hash signature, and a public key of the ingester, is received. The master hash in the fixity data is compared, at step 366, with a combination of hash of each part. The master hash signature in the fixity data is then compared, at step 368, with a digital signature of the master hash calculated using the public key of the ingester. A hash of each part is compared, at step 370, with each digest. The file is declared, at step 380, as pristine and not impaired when all three comparisons produce true results, at step 372. The file is declared, at step 382, as impaired when not all three comparisons produce true results, at step 372.
[ 0042 ] FIG. 4A is a representation of a computer system 400 and a user 402 in accordance with an implementation of the present disclosure. The user 402 uses the computer system 400 to implement an application 490 for fixity data processing as illustrated and described with respect to the system 100 in FIG. 1 and the methods 300, 360 in FIGS. 3A and 3B.
[ 0043 ] The computer system 400 stores and executes the fixity data processing application 490 of FIG. 4B. In addition, the computer system 400 may be in communication with a software program 404. Software program 404 may include the software code for the fixity data processing application 490. Software program 404 may be loaded on an external medium such as a CD, DVD, or a storage drive, as will be explained further below.
[ 0044 ] Furthermore, the computer system 400 may be connected to a network 480. The network 480 can be connected in various different architectures, for example, client-server architecture, a Peer-to-Peer network architecture, or other type of architectures. For example, network 480 can be in communication with a server 485 that coordinates engines and data used within the fixity data processing application 490. Also, the network can be different types of networks. For example, the network 480 can be the Internet, a Local Area Network or any variations of Local Area Network, a Wide Area Network, a Metropolitan Area Network, an Intranet or Extranet, or a wireless network.
[ 0045 ] FIG. 4B is a functional block diagram illustrating the computer system 400 hosting the fixity data processing application 490 in accordance with an implementation of the present disclosure. A controller 410 is a programmable processor and controls the operation of the computer system 400 and its components. The controller 410 loads instructions (e.g., in the form of a computer program) from the memory 420 or an embedded controller memory (not shown) and executes these instructions to control the system, such as to provide the data processing. In its execution, the controller 410 provides the fixity data processing application 490 with a software system. Alternatively, this service can be implemented as separate hardware components in the controller 410 or the computer system 400.
[ 0046 ] Memory 420 stores data temporarily for use by the other components of the computer system 400. In one implementation, memory 420 is implemented as RAM. In one implementation, memory 420 also includes long-term or permanent memory, such as flash memory and/or ROM.
[ 0047 ] Storage 430 stores data either temporarily or for long periods of time for use by the other components of the computer system 400. For example, storage 430 stores data used by the fixity data processing application 490.
In one implementation, storage 430 is a hard disk drive.
[0048] The media device 440 receives removable media and reads and/or writes data to the inserted media. In one implementation, for example, the media device 440 is an optical disc drive.
[0049] The user interface 450 includes components for accepting user input from the user of the computer system 400 and presenting information to the user 402. In one implementation, the user interface 450 includes a keyboard, a mouse, audio speakers, and a display. The controller 410 uses input from the user 402 to adjust the operation of the computer system 400.
[0050] The I/O interface 460 includes one or more I/O ports to connect to corresponding I/O devices, such as external storage or supplemental devices (e.g., a printer or a PDA). In one implementation, the ports of the I/O interface 460 include ports such as: USB ports, PCMCIA ports, serial ports, and/or parallel ports. In another implementation, the I/O interface 460 includes a wireless interface for communication with external devices wirelessly.
[0051] The network interface 470 includes a wired and/or wireless network connection, such as an RJ-45 or "Wi-Fi" interface (including, but not limited to 802.11) supporting an Ethernet connection.
[0052] The computer system 400 includes additional hardware and software typical of computer systems (e.g., power, cooling, operating system), though these components are not specifically shown in FIG. 4B for simplicity. In other implementations, different configurations of the computer system can be used (e.g., different bus or storage configurations or a multi-processor configuration) .
[ 0053 ] In one implementation, the system 100 is a system configured entirely with hardware including one or more digital signal processors (DSPs), general purpose microprocessors, application specific integrated circuits (ASICs), field programmable gate/logic arrays (FPGAs), or other equivalent integrated or discrete logic circuitry.
In another implementation, the system 100 is configured with a combination of hardware and software.
[ 0054 ] The description herein of the disclosed implementations is provided to enable any person skilled in the art to make or use the present disclosure. Numerous modifications to these implementations would be readily apparent to those skilled in the art, and the principals defined herein can be applied to other implementations without departing from the spirit or scope of the present disclosure. Thus, the present disclosure is not intended to be limited to the implementations shown herein but is to be accorded the widest scope consistent with the principal and novel features disclosed herein.
[ 0055 ] Those of skill in the art will appreciate that the various illustrative modules and method steps described herein can be implemented as electronic hardware, software, firmware or combinations of the foregoing. To clearly illustrate this interchangeability of hardware and software, various illustrative modules and method steps have been described herein generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. Skilled persons can implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure. In addition, the grouping of functions within a module or step is for ease of description. Specific functions can be moved from one module or step to another without departing from the present disclosure.
[ 0056 ] All features of the above-discussed examples are not necessarily required in a particular implementation of the present disclosure. Further, it is to be understood that the description and drawings presented herein are representative of the subject matter that is broadly contemplated by the present disclosure. It is further understood that the scope of the present disclosure fully encompasses other implementations that may become obvious to those skilled in the art and that the scope of the present disclosure is accordingly limited by nothing other than the appended claims.

Claims

1. A method for fixity data processing of a file by an ingester, the method comprising: receiving and processing the file by slicing the file into a plurality of parts; calculating a digest of each part until digests of all of the plurality of parts have been calculated; calculating a master hash as a combination of the digests of all of the plurality of parts; calculating a master hash signature using the master hash and a private key of the ingester; forming a fixity data including a set of digests which includes digests of all of the plurality of parts, the master hash, the master hash signature, and a public key of the ingester; sending the fixity data to a verifier; and storing, in a trusted database, a fixity metadata including the master hash, the master hash signature, the public key of the ingester, and an identifier of the file.
2. The method of claim 1, further comprising: first comparing the master hash in the fixity data with a combination of hash of each part; second comparing the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key; third comparing a hash of each part with each of the set of digests; declaring the file as pristine and not impaired when all three comparisons produce true results.
3. The method of claim 2, further comprising requesting to verify that the master hash signature of the fixity metadata stored in the trusted database matches the master hash signature in the fixity data.
4. The method of claim 2, wherein the first comparing comprises determining whether is true, wherein MH is the master
Figure imgf000021_0002
hash and is the digest stored in the database of the
Figure imgf000021_0001
part.
5. The method of claim 2, wherein the second comparing comprises determining whether is true,
Figure imgf000021_0003
wherein Kput is the public key provided by fixity data, Versign is verification of digital signature.
6. The method of claim 2, wherein the third comparing comprises determining whether is true, wherein H± is
Figure imgf000021_0004
the digest of each part and HR± is the digest stored in the database of the
Figure imgf000021_0005
part.
7. The method of claim 1, wherein the digest of each part is calculated as
Figure imgf000021_0006
, wherein hash() is a hash function.
8. The method of claim 1, wherein the master hash is calculated as , wherein hashl() is a
Figure imgf000021_0007
hash function and symbol | represents concatenating two parts.
9. The method of claim 1, wherein the master hash signature is calculated as SMH = Sign^ ^(MH~), wherein Kpr± is the private key of the ingester, and Sign is a digital signature.
10. The method of claim 1, further comprising sending an inquiry to the trusted database to determine whether the master hash signature in the fixity data matches the master hash signature in the fixity metadata.
11. The method of claim 1, wherein the trusted database is a blockchain.
12. A fixity data system comprising: an ingester including a public key and a private key, the ingester to receive and process a file by slicing the file into a plurality of parts; the ingester generating a fixity data including:
(a) a set of digests of the plurality of parts, a digest of each part calculated as hash of each part;
(b) a master hash calculated as a combination of the set of digests;
(c) a master hash signature calculated using the master hash and the private key; and
(d) the public key of the ingester; a trusted database to store a fixity metadata including the master hash, the master hash signature, the public key, and an identifier of the file.
13. The system of claim 12, further comprising: a verifier to receive and verify that the file has not been impaired by comparing:
(a) the master hash in the fixity data with a combination of hash of each part;
(b) the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key; and
(c) a hash of each part with the digest of each part; wherein the file is declared as pristine and not impaired when all three comparisons produce true results.
14. The system of claim 13, wherein the verifier verifies that the master hash signature in the fixity data matches the master hash signature of the fixity metadata stored in the trusted database, wherein the trusted database is a blockchain.
15. A method for verifying that a file is a pristine copy of a same file that an ingester prepared, the method comprising : receiving a plurality of parts of the file; receiving a fixity data including a set of digests of a plurality of parts, a master hash, a master hash signature, and a public key of the ingester; first comparing the master hash in the fixity data with a combination of hash of each part; second comparing the master hash signature in the fixity data with a digital signature of the master hash calculated using the public key of the ingester; third comparing a hash of each part with each digest; and declaring the file as pristine and not impaired when all three comparisons produce true results.
16. The method of claim 15, wherein the plurality of parts of the file is generated by slicing the file into parts.
17. The method of claim 15, wherein each digest of the set of digests is calculated as hash of each part.
18. The method of claim 15, wherein the master hash is calculated as a combination of the set of digests.
19. The method of claim 15, wherein the master hash signature is calculated using the master hash and a private key of the ingester.
20. The method of claim 19, wherein the master hash signature is calculated as SMH = Sign^ ^(MH~), wherein Kpr± is the private key of the ingester, and Sign is a digital signature.
PCT/US2022/021002 2021-03-18 2022-03-18 Fixity data processing WO2022198078A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
CN202280006188.3A CN116249977A (en) 2021-03-18 2022-03-18 Stationarity data processing
EP22772308.7A EP4292002A4 (en) 2021-03-18 2022-03-18 Fixity data processing
JP2023556535A JP2024509486A (en) 2021-03-18 2022-03-18 Fixed data processing
KR1020237009488A KR20230054422A (en) 2021-03-18 2022-03-18 Fixed data processing

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US202163162810P 2021-03-18 2021-03-18
US63/162,810 2021-03-18
US17/697,346 2022-03-17
US17/697,346 US20220300452A1 (en) 2021-03-18 2022-03-17 Fixity data processing

Publications (1)

Publication Number Publication Date
WO2022198078A1 true WO2022198078A1 (en) 2022-09-22

Family

ID=83284868

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2022/021002 WO2022198078A1 (en) 2021-03-18 2022-03-18 Fixity data processing

Country Status (6)

Country Link
US (1) US20220300452A1 (en)
EP (1) EP4292002A4 (en)
JP (1) JP2024509486A (en)
KR (1) KR20230054422A (en)
CN (1) CN116249977A (en)
WO (1) WO2022198078A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230224166A1 (en) * 2021-12-03 2023-07-13 Snektech, Inc. Systems and Methods for Associating Digital Media Files with External Commodities
US12010239B2 (en) * 2022-02-11 2024-06-11 Avaworks Incorporated Talking head digital identity authentication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050066169A1 (en) * 2003-09-18 2005-03-24 Perry Kiehtreiber Method and apparatus for incremental code signing
US20200201964A1 (en) * 2018-12-20 2020-06-25 International Business Machines Corporation File verification database system
US20210019418A1 (en) * 2019-07-18 2021-01-21 Texas Instruments Incorporated Technique for authentication and prerequisite checks for software updates

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9916310B2 (en) * 2015-06-24 2018-03-13 Oracle International Corporation Data storage system with fixity end-to-end data protection during data archiving

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050066169A1 (en) * 2003-09-18 2005-03-24 Perry Kiehtreiber Method and apparatus for incremental code signing
US20200201964A1 (en) * 2018-12-20 2020-06-25 International Business Machines Corporation File verification database system
US20210019418A1 (en) * 2019-07-18 2021-01-21 Texas Instruments Incorporated Technique for authentication and prerequisite checks for software updates

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4292002A4 *

Also Published As

Publication number Publication date
US20220300452A1 (en) 2022-09-22
EP4292002A4 (en) 2024-06-19
EP4292002A1 (en) 2023-12-20
JP2024509486A (en) 2024-03-01
KR20230054422A (en) 2023-04-24
CN116249977A (en) 2023-06-09

Similar Documents

Publication Publication Date Title
US10157295B2 (en) System and method for file authenticity certification using blockchain network
US10938571B2 (en) System and method for verification of data transferred among several data storages
CN111095322B (en) Real examples of digital goods
US8959346B2 (en) System and method for a single request—single response protocol with mutual replay attack protection
US11057187B2 (en) Blockchain-assisted hash-based data signature system and method
US10114980B2 (en) System and method for verifying data integrity using a blockchain network
CN111030822B (en) Method and system for protecting firmware, and computer readable medium
US20220300452A1 (en) Fixity data processing
US11582042B2 (en) Industrial data verification using secure, distributed ledger
TW202036419A (en) Data isolation in blockchain networks
US7953972B2 (en) System and method for managing files
US11943339B2 (en) Information processing apparatus, information processing method, and program
US11558531B2 (en) Systems and methods for authenticating an image
TW202044086A (en) File verification method, file verification system and file verification server
WO2023051308A1 (en) Data verification method and apparatus, device and storage medium
US11676111B1 (en) Apparatuses and methods for determining and processing dormant user data in a job resume immutable sequential listing
He et al. Public integrity auditing for dynamic regenerating code based cloud storage
US11595369B2 (en) Promoting system authentication to the edge of a cloud computing network
CN111143817A (en) Device attestation techniques
CN114745173B (en) Login verification method, login verification device, computer equipment and storage medium
CN113810497B (en) Medical data sharing method and device based on block chain
US20230239304A1 (en) User device configuration
JP2002006739A (en) Authentication information generating device and data verifying device
GB2596335A (en) Network access determination for user device
Zhang et al. On the security of a dynamic-hash-table based public auditing protocol

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22772308

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 20237009488

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2023556535

Country of ref document: JP

Ref document number: 2022772308

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2022772308

Country of ref document: EP

Effective date: 20230913

NENP Non-entry into the national phase

Ref country code: DE