WO2024043936A1 - Carte de serveur cryptographique sécurisée - Google Patents

Carte de serveur cryptographique sécurisée Download PDF

Info

Publication number
WO2024043936A1
WO2024043936A1 PCT/US2022/075477 US2022075477W WO2024043936A1 WO 2024043936 A1 WO2024043936 A1 WO 2024043936A1 US 2022075477 W US2022075477 W US 2022075477W WO 2024043936 A1 WO2024043936 A1 WO 2024043936A1
Authority
WO
WIPO (PCT)
Prior art keywords
crypto
expansion card
cryptographic
request
processing
Prior art date
Application number
PCT/US2022/075477
Other languages
English (en)
Inventor
Michal Pospieszalski
Original Assignee
MatterFi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MatterFi filed Critical MatterFi
Priority to PCT/US2022/075477 priority Critical patent/WO2024043936A1/fr
Publication of WO2024043936A1 publication Critical patent/WO2024043936A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data

Definitions

  • the present disclosure relates to cryptocurrency and, more specifically, to server security including physical hardware for protection of signing keys for cryptocurrency transactions.
  • a crypto expansion card including a computer interface, a secure computing enclave having a secure microcontroller unit running smart contracts.
  • the computer interface can couple the computer expansion card to a computing device.
  • the secure computing enclave may be coupled to the computer interface.
  • the secure computing enclave includes a secured micro controller unit configured to run smart contacts by: receiving a cryptographic request via the computer interface, verifying the cryptographic request is properly signed and processing the verified cryptographic request.
  • the processing of the verified cryptographic request includes using a private cryptographic security key.
  • the processing of the verified cryptographic request on the secure micro controller unit may include using the private cryptographic security key to generate a cryptographic signature that may be part of a multi signature address.
  • the private cryptographic security key may be accessed via the auxiliary data connector or from secured memory in the crypto expansion card.
  • the crypto expansion card where the secure computing enclave is on a single integrated circuit chip.
  • the crypto expansion card where the cryptographic request is to transfer a crypto asset that may involve on-blockchain address or off-blockchain account.
  • the crypto expansion card where the cryptographic request to transfer the crypto asset includes an Open Transactions protocol transaction.
  • a crypto transaction processing system including two or more physical computers where each of the physical computers has a computer expansion card and each computer expansion card generates a signature with a private key for the same multi signature blockchain address.
  • FIG. 1 is an illustration of a crypto transaction processing system with a network of servers.
  • FIG. 2 is an illustration of a block diagram of a crypto expansion card with a seed input device.
  • FIG. 3 A is an illustration of the seed input device as a seed backup wallet connected to the crypto expansion card in a server computer.
  • FIG. 3B is an illustration of a seed entry device connected to the crypto expansion card in a server computer.
  • FIG. 4 illustrates a flow chart of a method of a secured transaction between the crypto expansion card and a server computer.
  • FIG. 1 illustrates a block diagram of a crypto transaction processing system 100 that may be used for managing secured cryptocurrency transactions.
  • the crypto transaction processing system 100 is shown with a mesh network 10 that may include a plurality of nodes 111, 112, 113, 114 and 115 (for example, node one 111, node two 112, node three 113, node four 114 and node five 115), and a physical storage area 116 for seed backup wallets, and shows the seed backup wallet 118A for node two attached to node two 112.
  • Each node may include a notary server.
  • Each node may include an audit server.
  • the crypto transaction processing system 100 may include a voting pool that includes a set of audit servers.
  • the notary servers may receive signed transactions, note their arrival, and do other bookkeeping tasks, including requesting that the audit servers execute an on-blockchain transaction.
  • the node-communication between the nodes 111, 112, 113, 114 and 115 may be done by any number of communication protocols, for example, the Open Transactions messaging protocol.
  • the node-communication from the notary servers to the audit servers may use a broadcast protocol so all the notaries can broadcast messages and all the audit servers can receive messages from the notaries.
  • the node-communication may have be decentralized, encrypted, peer-to-peer, trustless communications protocol that can be used to send encrypted messages to multiple subscribers.
  • the node-communication may be done using a broadcast on a particular communication channel.
  • the node-communication may use a protocol like Bitmessage.
  • the identity of the communication channel may use a hash of a smart contract (for example the hash of the voting pool smart contract), or a smart property of the smart contract.
  • the smart property may be used as the broadcast address. See U.S. Provisional Application No. 63/140,270 for a description of how a voting pool may be implemented.
  • the U. S. Provisional Application No. 63/140,270, (filed January 22, 2020), is incorporated by reference for all purposes as if fully written in this document.
  • the notary server may process the requests for on-blockchain transactions using a blockchain address.
  • the blockchain address may require multiple approval signatures, signed by different private keys (i.e., a multisig, multiple signature blockchain address), .
  • On-blockchain may refer to distributed ledger technology using blockchain or other distributed ledger technologies for example Directed Acyclic Graph (DAG).
  • DAG Directed Acyclic Graph
  • An individual server lacks the ability to move crypto assets on a multi-signature address on its own in a voting pool when a multi-signature vote is necessary to move crypto assets on that blockchain address, thus a server is incapable of stealing crypto assets from a voting pool.
  • the notary servers fails to have the private keys and the votes are under the control of the audit servers, notary servers are incapable of malicious action.
  • the audit servers with their private keys authorize the creation of a blockchain transaction on a multi-signature address during the processing of a signed request
  • the audit servers must act by consensus and with their individual audit server private keys to sending on the blockchain a signature authorizing the transaction. Once the blockchain receives enough signatures for multi-signature blockchain address the then transaction will be authorized.
  • One way for a bad actor to attempt to steal funds and break the crypto transaction processing system 100 would be by stealing a super majority of the private keys from the audit servers.
  • a crypto expansion card may store crypto currency private keys and have the cryptographic security functionality and processes implemented in the convenient functioning single-expansion-card that can integrate with an off-the-shelf computers, like a server, via a computer interface.
  • a voting pool is an arrangement of notary servers and audit servers to securely store and account for customer crypto assets (e.g., crypto currency) deposits and to process valid withdrawal requests.
  • a notary may be an individual or organization that is running a node on the network 10, where the node may have a notary server and audit server. Voting pools are designed to ensure that no single person or organization can perform a unilateral action on deposited crypto assets, this is to reduce the risk of loss or theft and thus reduced custodial liability.
  • Each notary in the voting pool may operate an audit server, and each audit server may have a corresponding blockchain private key server wallet.
  • the server wallet it a crypto wallet and may generate a signature needed for authorizing the generation of a multi-signature transaction.
  • the server wallet may have a hierarchical and deterministic list of addresses for a blockchain like the bitcoin blockchain or colored coins.
  • a customer deposits crypto assets (e.g. cryptocurrency) into a voting pool
  • the customer receives corresponding units of crypto assets in an account on a notary server of their choice.
  • Each audit server may watch the receipt stream for requests to deposit or withdraw crypto assets (like crypto currency, for example bitcoins or colored coins) from the voting pool and then communicate with its blockchain wallet as appropriate.
  • An audit server independently verifies the operations of all notaries in the voting pool and the crypto assets held by the voting pool on the blockchain itself.
  • the audit server uses this audit data to know when it should direct the wallet to authorize the creation of a withdrawal transaction.
  • the audit server is also responsible for information sharing and achieving consensus between members of the voting pool. The effect of these behaviors is that each audit server conducts a permanent, real-time proof-of-reserves audit against all of the notary servers in the voting pool and simultaneously enforces it.
  • the audit server wallets hold the private keys for creating blockchain transactions at the request of the user when a proper cryptographically signed request is received.
  • the audit servers act by consensus using the private keys in their wallet to send a signed request to create multi-signature blockchain transactions.
  • Each voting pool regardless of how many servers, aka notary servers it contains, may be implemented as a single node with its own BIP -47 identity that supports on-chain multisignature (multisig).
  • the servers that do cryptographic operations may use a crypto expansion card to provide increase security with minimal decrease in throughput, or no decrease in throughput, or even with an increase in throughput.
  • Example of such servers may include notary server, off-chain server, or any server that does cryptographic operations with private keys.
  • the crypto expansion card may provide security-critical functionality that may be implemented with all the hardware and software processing security-sensitive functionality inside the single Integrated Circuit die, a microscopic environment that significantly raises the difficulty in extracting the private cryptographic key. Storing private cryptographic keys on a crypto expansion card provides an easy way to add cryptographic security transactions to a standard computer server.
  • FIG. 2 illustrates a block diagram 200 of a crypto expansion card 202 for a computing device like a computer server with a seed input device 118 attached to the crypto expansion card 202.
  • the seed input device 118 may have a private cryptographic security key, that it may provide to the crypto expansion card 202.
  • the seed input device 118 may require the crypto expansion card 202 to prove it is a trusted environment before providing access to the private key, for example, providing proof it is signed by a trusted private key known to the seed input device 118.
  • the seed input device 118 may be software upgradable so long as that software upgrade process is tamper-proof and cryptographically secure, for example cryptographically signed by a trusted private key.
  • the seed input device 118 may be implemented by hardware or by software or by a combination of hardware and software.
  • the seed input device 105 may have input devices such as a keyboard or a touchpad.
  • the seed input device 105 may use a deterministic key generation algorithm that relies on an easily human referenced id such as the “mnemonic code words” as specified in BIP-39.
  • FIG. 2 illustrates the crypto expansion card 202 with an auxiliary data connector 204, a computer interface 206, a secure micro controller unit 2068, a crypto co-processor 210, a hardware encryptor/decryptor 212, and a secure memory 214.
  • the crypto expansion card 202 may employ a secure computing enclave architecture.
  • the secure micro controller unit 2068, crypto co-processor 210, hardware encryptor/decryptor 212, and the secure memory 214 may be part of the secure computer enclave architecture.
  • the secure computing enclave may be coupled to the computer interface 206.
  • the secure micro controller unit 2068 may implement in a secure enclave the crypto co-processor 210 and hardware encryptor/decryptor 212.
  • the crypto expansion card 202 may include a single IC (Integrated Circuit) die implementation that may include the secure micro controller unit 2068, a crypto co-processor 210, secure memory 214, and a hardware encryptor/decryptor 212.
  • IC Integrated Circuit
  • the crypto expansion card 202 shows the computer interface 206 as a Peripheral Component Interconnect PCI card but other interfaces may be use, such as, USB, PCMICA or other industry standards or other proprietary interfaces.
  • the computer interface 206 may couple the crypto expansion card 202 to a computing device. If the computer interface 206 implements an industry standard interface, then the computer can gain the described capability without any changes to the end-user experience and little or no slowdown in processing throughput.
  • the auxiliary data connector 204 may be a USB connector, serial (e.g., RS-232) or short-range wireless like Bluetooth, or other industry standard or customized data connection that either provides secured or unsecured communication.
  • serial e.g., RS-232
  • short-range wireless like Bluetooth
  • other industry standard or customized data connection that either provides secured or unsecured communication.
  • the auxiliary data connector 204 may provide access to the private cryptographic security key, for example when needed for processing a request, or to copy it to the secure memory 214.
  • auxiliary data connector 204 may be the only way to get the private cryptographic key loaded on the crypto expansion card, and maybe the only way to get the cryptographic key from the crypto expansion card 202, for a bad actor to compromise a server they would need physical access to the server. Network access to a computer housing the crypto expansion card 202 should provide no possibility of access to the private security key.
  • Data from the auxiliary data connector 204 may be considered trustworthy by the crypto expansion card 202, particularly the secure micro controller unit 2068 and the crypto coprocessor 210.
  • the crypto expansion card 202 may consider all input from the auxiliary data connector 204 as trustworthy if the only way to connect via to auxiliary data connector 204 is via physical access to the auxiliary data connector 204.
  • the crypto expansion card 202 may consider all input from the auxiliary data connector 204 as untrustworthy and require additional security such as a code (e.g., a 4-digit code), a password or some other form of authentication.
  • the crypto expansion card 202 may consider all input from the auxiliary data connector 204 as untrustworthy if the auxiliary data connector 204 is wireless.
  • the secure micro controller unit 2068 may be connected to a computer via the computer interface 206.
  • the secure micro controller unit 2068 may run smart contacts.
  • the secure micro controller unit 2068 may be unalterable, meaning the programs that that the secure micro controller unit 2068 runs cannot be changed or updated. For example, a single bum PROM or ROM or other technology that is not physically updatable or could be restricted to only be updated by cryptographically proven (e.g., a software update private key signed) software content updates.
  • the public key corresponding the software update private key may be stored in the secure memory 214.
  • the secure micro controller unit 2068 may be software upgradable so long as that software upgrade process is tamper-proof and cryptographically secure, for example cryptographically signed by a trusted private key.
  • the functionality of the secure micro controller unit 2068 may be implemented by hardware or by software or by any combination of hardware and software.
  • the crypto co-processor 210 implements crypto functions.
  • the crypto functions maybe ones that are well established or are not expected to change significantly over time.
  • the crypto coprocessor 210 can speed up the processing of crypto transactions.
  • the hardware encryptor/decryptor 212 may use an internal secret symmetric key pair.
  • the secret symmetric key pair may be generated from hardware-derived entropy.
  • the hardware- derived entropy may come from a micro radiation source.
  • the secret symmetric key may be uniquely set at time of manufacture.
  • the hardware encryptor/decryptor 212 may destroy the symmetric or other cryptographic key used in decrypting the secure memory 214, if the crypto expansion card 202 is broken or tampered with.
  • the secure memory 214 may store a copy of a secure cryptographic private key received from a seed input device 118 connected to the auxiliary data connector 204.
  • the secure memory 214 may not be addressable from the computer interface 206, i.e., the crypto expansion card 202 restricts direct access to the data in the secure memory 214.
  • the restriction may be because of software, firmware or hardware limitations.
  • the secure memory 214 may store the private cryptographic security key after encrypting by the hardware encryptor/decryptor 212.
  • the secured memory 214 may be distinguished from plain memory in that the data stored in the memory is encrypted, for example by the encryptor/decryptor 212.
  • the secure memory 214 and the secure micro controller unit 2068 may be on a single integrated circuit.
  • the information stored in the secure memory 214 may be stored in an encrypted format because of it going through the encryptor/decryptor 212 which may be hardware circuitry.
  • the encryptor/decryptor 212 may be software that encrypts the information before it is written into the secure memory 214.
  • the hardware encryptor/decryptor 212 may be difficult/impossible to tamper with, for example there is no exposed electrical connections that talk directly to the encryptor/decryptor 212, as may be achieved by fabricating the crypto co-processor 210 and the encryptor/decryptor 212 in a single die IC (Integrated Circuit).
  • the data stored in the secure memory 214 may be securely protected first because the data may be encrypted at rest in the secure memory 214, and second, the only way to unencrypt it is to use the hardware encryptor/decryptor 212 that works as part of a program (i.e. a smart contract) while the hardware symmetric keys are still intact in the hardware encryptor/decryptor 212.
  • FIG. 3A illustrates a block diagram 300A that shows a crypto expansion card 202A in a computing device a server computer 2061 with a hardwired display 202 and the seed input device 118 that is a seed backup wallet 118B depicted as a USB stick.
  • the crypto expansion card 202 A shows the computer interface 206 coupling the crypto expansion card 202A to the server computer 2061.
  • the crypto expansion card 202 A shows a hardwired display 202.
  • the hardwired display may be just a simple light, e.g., LED, that turns green when the secret key has been successfully updated.
  • the hardwired display 204 may be, for example, a simple LCD display capable of black/white blocks, or alphanumeric characters.
  • FIG. 3B illustrates a block diagram 300B that shows a crypto expansion card 202B, installed in a server computer 2061 , and attached to a seed input device 118 shown as a wired seed input device 118C attached to the crypto expansion card 202B via the auxiliary data connector 204.
  • the seed input device 118C may include a Universal Serial Bus (USB) interface 302, a processor 304, a memory 306, a keyboard 308, and a display 310.
  • USB Universal Serial Bus
  • the USB interface 302 may be configured to transfer the secured private key to the secured memory 214.
  • the keyboard 308 may be used to initiate an input of a private key, either by direct input or restoration using twelve-word backup phrase.
  • Display 310 may provide instruction for the user on how to perform data input and provide feedback on input provided.
  • the keyboard 308 and the display 310 may be embedded in a touchscreen.
  • the seed input device 118C may be a smartphone, and a short-range wireless interface may replace the USB interface. Wired or physical connection may be preferred so that complete physical access is required.
  • FIG. 4 illustrates a flow chart 400 showing an implementation of a process of using the crypto expansion card 202.
  • the flow chart 400 starts at box 402 where the crypto expansion card 202 receives a private signing key from a seed input device 118, via the auxiliary data connector 204.
  • the crypto expansion card 202 via the secure micro controller unit 2068, the crypto coprocessor 210, the secure memory 214, and the hardware encryptor/decryptor 212 may support processing of requests.
  • the requests may be for transactions.
  • the transactions may be standard protocol transactions, for example Bakes and Open Transactions protocol standard transactions.
  • the programs (i.e. smart contracts) on the secure micro controller unit 2068 may be run by receiving a cryptographic request via the computer interface 206.
  • the process continues at box 408 where the request is verified.
  • the request may be verified by ensuring the cryptographic request is signed by a specific cryptographic key (for example the customer private key that corresponds to an off-blockchain customer account, that has the corresponding public key). If the request is to move crypto assets out of account 123, and the signature is signed by the customer’s private key that put the crypto assets into account 123 the that would verify the request. If the request is verified then the request is a verified request, and the verified request may then be processed using the secure micro controller unit 2068. [0072] The flow chart 400 continues at box 410 where the request is processed using the smart contract that is programmed on the secure micro controller unit 2068.
  • the processing of the cryptographic request may use the private cryptographic security key (for example a private key of an audit server for a multi-signature blockchain address).
  • the cryptographic security key may be stored in secured memory 214 or accessed when needed via the auxiliary data connector 204.
  • the verified request processing may be a transfer involving crypto asset and on- blockchain address and an off blockchain accounts.
  • the verified request processing may be to transfer crypto assets between an on-blockchain address and an off-blockchain account.
  • the verified request processing may include to transfer the crypto asset from one off-blockchain account to a second off-blockchain account.
  • the processing of the verified request may include the on-chain ownership being transferred from an on-blockchain customer address to a blockchain address of an off-chain system.
  • the off-chain system may track the crypto asset in an off-chain account and allows the crypto assets to be moved with requests signed by the private key associated with the customer wallet blockchain address.
  • the processing of the verified cryptographic request may include using a private cryptographic security key, for example a private key for a blockchain address, where the blockchain address may be a multi-signature address.
  • the processing of the verified cryptographic request may include an open transactions protocol transaction.
  • the processing of the verified cryptographic request may move crypto assets between an on-blockchain address and an off- blockchain account.
  • the processing of the verified cryptographic request may move crypto assets out of an off-blockchain account, for example out of the off-blockchain account A to the off- blockchain account B.
  • the flow chart 400 ends after box 410.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne une carte d'extension cryptographique comprenant une interface informatique, une enclave informatique sécurisée comportant une unité de microcontrôleur sécurisée exécutant des contrats intelligents. L'interface informatique peut coupler la carte d'extension d'ordinateur à un dispositif informatique. L'enclave informatique sécurisée peut être couplée à l'interface informatique. L'enclave informatique sécurisée comprend une unité de microcontrôleur sécurisée configurée pour exécuter des contacts intelligents : en recevant une demande cryptographique par le biais de l'interface informatique, en vérifiant que la demande cryptographique est signée correctement et en traitant la demande cryptographique vérifiée. Le traitement de la demande cryptographique vérifiée comprend l'utilisation d'une clé de sécurité cryptographique privée. Le traitement de la demande cryptographique vérifiée sur l'unité de microcontrôleur sécurisée peut comprendre l'utilisation de la clé de sécurité cryptographique privée pour générer une signature cryptographique qui peut faire partie d'une adresse multi-signature. La carte d'extension cryptographique qui présente la configuration d'unité de microcontrôleur n'est pas modifiable ou peut être mise à jour avec une mise à jour signée de manière cryptographique.
PCT/US2022/075477 2022-08-25 2022-08-25 Carte de serveur cryptographique sécurisée WO2024043936A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2022/075477 WO2024043936A1 (fr) 2022-08-25 2022-08-25 Carte de serveur cryptographique sécurisée

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2022/075477 WO2024043936A1 (fr) 2022-08-25 2022-08-25 Carte de serveur cryptographique sécurisée

Publications (1)

Publication Number Publication Date
WO2024043936A1 true WO2024043936A1 (fr) 2024-02-29

Family

ID=90013789

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2022/075477 WO2024043936A1 (fr) 2022-08-25 2022-08-25 Carte de serveur cryptographique sécurisée

Country Status (1)

Country Link
WO (1) WO2024043936A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070220500A1 (en) * 2006-03-20 2007-09-20 Louisa Saunier Computer security method and computer system
US20140188738A1 (en) * 2011-07-20 2014-07-03 Horatio Nelson Huxham Mobile banking system with cryptographic expansion device
US20200186337A1 (en) * 2015-06-05 2020-06-11 Apple Inc. Secure circuit for encryption key generation
US20200210402A1 (en) * 2018-12-28 2020-07-02 Accelor Ltd. Systems and methods for performing programmable smart contract execution
US20210256070A1 (en) * 2018-10-15 2021-08-19 Bao Tran Non-fungible token (nft)
US20220253813A1 (en) * 2021-01-22 2022-08-11 MatterFi Cryptographicaly secured hybrid (on and off blockchain) cryptocurrency system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070220500A1 (en) * 2006-03-20 2007-09-20 Louisa Saunier Computer security method and computer system
US20140188738A1 (en) * 2011-07-20 2014-07-03 Horatio Nelson Huxham Mobile banking system with cryptographic expansion device
US20200186337A1 (en) * 2015-06-05 2020-06-11 Apple Inc. Secure circuit for encryption key generation
US20210256070A1 (en) * 2018-10-15 2021-08-19 Bao Tran Non-fungible token (nft)
US20200210402A1 (en) * 2018-12-28 2020-07-02 Accelor Ltd. Systems and methods for performing programmable smart contract execution
US20220253813A1 (en) * 2021-01-22 2022-08-11 MatterFi Cryptographicaly secured hybrid (on and off blockchain) cryptocurrency system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
BAHRAMI MASOOMEH, MOVAHEDIAN ALIREZA, DELDARI ARASH: "A Comprehensive Blockchain-based solution For Academic Certificates Management Using Smart Contracts", 2020 10TH INTERNATIONAL CONFERENCE ON COMPUTER AND KNOWLEDGE ENGINEERING (ICCKE), IEEE, 29 October 2020 (2020-10-29) - 30 October 2020 (2020-10-30), pages 573 - 578, XP093147615, ISBN: 978-1-7281-8566-8, DOI: 10.1109/ICCKE50421.2020.9303656 *

Similar Documents

Publication Publication Date Title
US11853987B2 (en) System and method for secure communication in a retail environment
EP2143028B1 (fr) Gestion securisee d'un pin
ES2599985T3 (es) Validación en cualquier momento para los tokens de verificación
JP4083218B2 (ja) マルチステップディジタル署名方法およびそのシステム
US7526652B2 (en) Secure PIN management
KR102177848B1 (ko) 액세스 요청을 검증하기 위한 방법 및 시스템
KR101954863B1 (ko) 온라인 월렛 장치 및 이의 생성과 검증 방법
CN105427099A (zh) 安全电子交易的网络认证方法
KR20210040078A (ko) 안전한 보관 서비스를 위한 시스템 및 방법
US11461565B2 (en) Apparatus and methods for remote controlled cold storage of digital assets using near field communication tags
US11711213B2 (en) Master key escrow process
AU2019204711B2 (en) Securely performing cryptographic operations
JP2003044436A (ja) 認証処理方法、および情報処理装置、並びにコンピュータ・プログラム
JPS60136440A (ja) セツシヨン暗号キー更新方法
US6606387B1 (en) Secure establishment of cryptographic keys
JP2002529778A (ja) 共有無作為性の分散暗号化への組み込み
US20220374529A1 (en) Secure cryptographic server card
WO2024043936A1 (fr) Carte de serveur cryptographique sécurisée
KR20200057985A (ko) 하이브리드 블록체인과 기업형 하드웨어 키보관 시스템을 결합한 솔루션
JP2020127109A (ja) プログラム及び端末を製造する方法
Jones et al. Securing the World Wide Web: smart tokens and their implementation
US20240169349A1 (en) Method for Attestation of a Hardware Wallet of a Blockchain
US20230396456A1 (en) Secure hardware cryptocurrency keystore and key generation ceremony
JP2020058007A (ja) デジタルアセット管理システム
Yang et al. DOPS: A Practical Dual Offline Payment Scheme of CBDC for Mobile Devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22956672

Country of ref document: EP

Kind code of ref document: A1