Patent Application
20230370282
The present invention is related to a distributed ledger based cryptographic systems and methods for improving the integrity and privacy of data; more specifically, a blockchain based cryptographic systems and methods for securing the integrity and privacy of private data which are generated from a data recording device and stored remotely in a remote data storage.
The emergence of distributed ledger technologies (DLT), including blockchains, offers a solution to improve data integrity. DLT is trusted because transactions recorded in such a distributed ledger across the entire network of nodes are very difficult or even impossible to alter. For this reason, various blockchain security methods have been implemented to provide secure transactions across networks. The blockchain itself may be regarded as an open and distributed ledger that can record transactions between parties. After a block in the blockchain is recorded and linked, the data in any given block cannot be altered or tampered without altering all the other blocks; therefore, blockchain is well suited to many records management activities such as cryptocurrency. However, DLT such as blockchains may be secure and transparent at the same time because transactions are recorded in a large number of blocks or network nodes forming the distributed transaction consensus network. Thus, recording data themselves in a distributed ledger may cause privacy issues or even violate the related regulations. Furthermore, there has been few DLT based cryptographic system and method for maintaining the integrity and privacy of data which are generated from a data recording device and stored remotely in a remote data storage. Therefore, the present invention aims to implement DLT technology to protect the integrity of the data which are generated from the data recording device, such as a surveillance camera, driving recorder, or a mobile device.
The present disclosure relates to distributed ledger based cryptographic systems and methods for improving data integrity. In the age of IOT (internet of things), various types of data are recorded by different devices at any moment and circulated via various wired and wireless networks. In addition, the advanced data processing technologies also cause the data recorded by a data recording device can be easily corrupted, falsified, forged, tampered, or altered without authority. As mentioned earlier, the distributed ledger technologies (DLT), including blockchains, offers a solution to improve data integrity.
The present disclosure describes systems and methods to generate a commitment and store it in a distributed ledger. A commitment is a cryptographic algorithm that allows one to commit to a chosen value or statement while keeping it hidden to others, with the ability to reveal the committed value later. Commitment is binding because the one who committed can no longer change the chosen value or statement. Here, the chosen statement is a data signature which is generated by a data recording device signing a data piece. Recording the commitment in a distributed ledger makes it very difficult or even impossible to alter the commitment. In addition, the committed value or statement, such as the data signature, cannot be changed as well. By revealing the commitment in the future, the data signature will be verified. And then the authenticity of the data piece will be verified. At the same time, the commitment does not contain any personal information, and is not traceable or even linkable to the data piece recorded by a data recording device, such as a digital video recorder.
In one embodiment, the ecosystem for using distributed ledgers to improve data integrity may include a distributed integrity ledger, a distributed identity ledger, multiple network node managers to manage transactions in both ledgers, a data recording device, a manufacturer to make the device, a user to use the device, a data center to store recorded data pieces, and a verifier who needs to verify authenticity of the recorded data.
In one embodiment, the distributed integrity ledger, maintained by a first distributed transaction consensus network (“first distributed network”), is used to store commitments generated by the data recording device to verify authenticity of recorded data pieces. The distributed identity ledger, maintained by a second distributed transaction consensus network (“second distributed network”), is used to store DIDs (decentralized identifier), credential schemas, credential definitions, and public keys associated with credential owners and credential publishers to verify the identity of the user, the data center, and the verifier. The multiple network node managers may respectively manage a node in the first distributed network and the second distributed network. Thus, the network node managers may record transactions and retrieve information from both the distributed integrity ledger and the distributed identity ledger.
In one embodiment, the data recording device may be any device that is able to record data and transmit data to other related parties in various wired or wireless manners. In one embodiment, the data recording device may be a digital recorder or driving recorder to record video clips of the surrounding traffic conditions.
In one embodiment, the manufacturer may store an original device certificate, a device signing private key and a device signing public key, and some other device related information in the data recording device. After the user purchases the data recording device, he/she has to register the device with the manufacturer. The user also has to establish a DID, a user identification, in the distributed identity ledger. Then the user can begin to use the data recording device to record data pieces.
In one embodiment, each recorded data piece is encrypted by a data encryption key and an encrypted data piece is transmitted to the data center for storage. The data recording device also generated a data signature, a commitment string and a commitment. The data signature and the commitment string may be stored in the data center. The commitment may be recorded in the distributed integrity ledger through a network node manager.
In one embodiment, the user may initiate the verification procedure for the verifier to eventually receive a data encryption key, an encrypted data piece, the commitment, the data signature, and the commitment string. As a result, the verifier, such as the judge/the court, may decrypt the encrypted data piece by using the data encryption key, verify the authenticity of the recorded data by using the data signature, verify the data signature by using the commitment and the commitment string, and verify the commitment by inquiring the distributed integrity ledger.
The terminology used in the description presented below is intended to be interpreted in its broadest reasonable manner, even though it is used in conjunction with a detailed description of certain specific embodiments of the technology. Certain terms may even be emphasized below; however, any terminology intended to be interpreted in any restricted manner will be specifically defined as such in this Detailed Description section.
The present disclosure relates to distributed ledger based cryptographic systems and methods for improving data integrity. In the age of IOT (internet of things), various types of data are recorded by different devices at any moment and circulated via various wired and wireless networks. In addition, the advanced data processing technologies also cause the data recorded by a data recording device can be easily corrupted, falsified, forged, tampered, or altered without authority. The emergence of distributed ledger technologies (DLT), including blockchains, offers a solution to improve data integrity. DLT is trusted because transactions recorded in such a distributed ledger across the entire network of nodes are very difficult or even impossible to alter. However, DLT may be transparent at the same time because transactions are recorded in a large number of network nodes forming the distributed transaction consensus network. Thus, recording data themselves in a distributed ledger may cause privacy issues or even violate the related regulations.
The present disclosure describes systems and methods to generate a commitment and store it in a distributed ledger. A commitment is a cryptographic algorithm that allows one to commit to a chosen value or statement while keeping it hidden to others, with the ability to reveal the committed value later. Commitment is binding because the one who committed can no longer change the chosen value or statement. Here, the chosen statement is a data signature which is generated by a data recording device signing a data piece. Recording the commitment in a distributed ledger makes it very difficult or even impossible to alter the commitment. In addition, the committed value or statement, such as the data signature, cannot be changed as well. By revealing the commitment in the future, the data signature will be verified. And then the authenticity of the data piece will be verified. At the same time, the commitment does not contain any personal information, and is not traceable or even linkable to the data piece recorded by a data recording device, such as a digital video recorder.
As shown in
The distributed integrity ledger 110, maintained by a first distributed transaction consensus network (“first distributed network”) 115, is used to store commitments generated by the data recording device 150 to verify authenticity of recorded data pieces. The distributed identity ledger 120, maintained by a second distributed transaction consensus network (“second distributed network”) 125, is used to store DIDs (decentralized identifier), credential schemas, credential definitions, and public keys associated with credential owners and credential publishers to verify the identity of the user 160, the data center 170, and the verifier 180. The multiple network node managers 130, 132, 134, 136 may respectively manage a node in the first distributed network and the second distributed network. Thus, the network node managers may record transactions and retrieve information from both the distributed integrity ledger 110 and the distributed identity ledger 120. The network node managers may be telecommunication carriers, such as ATT and Sprint in the United States, organizations operated by government agencies, or other DLT related companies, such as TBCASOFT. One of the network node managers may be a network administrator. In one embodiment, certain function, such as generating a DID and recording it in the distributed identity ledger 120 is reserved for the network administrator.
The data recording device 150 may be any device that is able to record data and transmit data to other related parties via various wired or wireless manners. In one embodiment, the data recording device 150 may be a digital recorder or driving recorder to record video clips of the surrounding traffic conditions. The data recording device 150 may have a recording module for recording a data piece, a memory module for storing an original device certificate signed by a manufacturer, a device signing public key, and a device signing private key; and a processor module for generating a data encryption key, encrypting the data piece with the data encryption key, encrypting the data encryption key with the encryption public key.
The data recording device 150 is made by the manufacturer 140. As part of the manufacturing process, the manufacturer 140 may store an original device certificate, a device signing private key and a device signing public key, and some other device related information in the data recording device 150. After the user 160 purchases the data recording device 150, he/she has to register the device with the manufacturer 140. The user also has to establish a DID, a user identification, in the distributed identity ledger.
Then the user 160 can begin to use the data recording device to record data pieces. Each recorded data piece is encrypted by a data encryption key and an encrypted data piece is transmitted to the data center 170 for storage. The data recording device 150 also generated a data signature, a commitment string and a commitment. The data signature and the commitment string may be stored in the data center 170. The commitment may be recorded in the distributed integrity ledger 110 through a network node manager.
The need for verifying authenticity of the recorded data occurs in various situations. For example, when there is a car accident and the liability is in dispute, a user or a judge/a court may need to review the video clip recorded by a driving recorder at the time of accident and verify authenticity of the recorded video clip. In one embodiment, the user 160 may initiate the verification procedure for the verifier to eventually receive a data encryption key, an encrypted data piece, the commitment, the data signature, and the commitment string. As a result, the verifier, such as the judge/the court, may decrypt the encrypted data piece by using the data encryption key, verify the authenticity of the recorded data by using the data signature, verify the data signature by using the commitment and the commitment string, and verify the commitment by inquiring the distributed integrity ledger 110.
The manufacturer 140, the data recording device, the user, the data center, and the verifier may need to interact with either one of or both the distributed integrity ledger 110 and the distributed identity ledger 120 through one of the network node managers 130, 132, 134, 136. Each may have its own network node manager. In another embodiment, two wo or more may share the same network node manager.
As shown in
The manufacturer 140 then verifies the original device certificate by using the manufacturer's signing public key to confirm that the original device certificate is authentic. At step 330, after verification, the manufacturer 140 provides the device signing public, the original device certificate, and information related to the device and the user to the network node manager 130. At step 340, the user 160 may also provide his/her personal information, such as user ID, name, gender, and birthday and the device related information to the network node manager 132. As described before, the manufacturer 140 may use its own network node manager 130 and the user 160 uses his/her own network node manager 132. The manufacturer 140 and the user may also use the same network node manager (either 130 or 132).
Thus, between the two network node managers 130 and 132, the following processes have to be performed. First, the network node manager (130 or 132) may verify the original device certificate by using the manufacturer's signing public key. Second, the network node manager may verify the user's DID via the distributed identity ledger 120 and possibly also verify other user's information via the user's ID credential, given that the user 160 already has a DID recorded in the distributed identity ledger 120. If the user 160 is new, a DID has to be created to the user and recorded in the distributed identity ledger 120. The user's DID serves as a user identification. One example of DID is did.sovrin.V4SDRN84Z56d7YV7PBUe6f. Similar to virtual wallet addresses, DIDs are globally unique identifiers that are created by their owner or their network node managers. DIDs have their associated public keys and communication endpoints—addresses where messages can be delivered for that identity. The credential owners of the DIDs hold the corresponding private keys in their wallets that can be managed by their network node managers.
Third, the network node manager (either 130 or 132) generates a pair of encryption keys for the data recording device, an encryption private key and an encrption public key. Fourth, the network node manager (either 130 or 132) issues a user's device credential to the user 160. The user's device credential may include the following fields: user's DID, the device signing public key, the encryption public key, the device information, and the user information. In one embodiment, the device information may include the model number and the serial number of the driving recorder, the car plate number of the car in which the driving recorder is installed, and the model and color of the car. And the user information includes the driver's name, birthday, and the driver's license number. Fifth, the network node manager (either 130 or 132) generates a proof for the user's device credential including the encryption public key. Step 350 is for the two network node managers 130 and 132 to provide related information to each other to accomplish the above five processes.
At step 360, the network node manager (either 130 or 132) provides the manufacturer 140 the proof of the user's device credential, the encryption public key and the user's DID. The manufacturer 140 may verify the proof of the user's device credential. After verification is valid, the manufacturer 140 generates an updated device certificate which is signed by the manufacturer's signing private key. The updated device certificate includes the user's DID, the encryption public key, and the device related information. At step 370, the manufacturer 140 provides the data recording device 150 the proof for the updated device certificate, the user's DID, and the encryption public key.
At step 410, the data recording device 150 provides the data center 170 the encrypted data piece, the encrypted data encryption key, the data signature, the commitment, and the commitment string for storage. In some situations, the updated device certificate and the related device information may be provided from the data recording device 150 to the data center 170 as well. At step 420, the data recording device provides the commitment, the commitment signature, the updated device certificate, and the device related information to the network node manager 132.
The network node manager 132 first verifies the updated device certificate by using the manufacturer's signing public key and then verifies the commitment by using the commitment signature and the device signing public key. After confirmation, the network node manager 132 writes (records) the commitment to the distributed integrity ledger 110. Again the netowrk node manager in the recording stage may be any network node manager.
Upon receipt of the data center's authorization and the encrypted data encryption key, at step 545, the user obtains encryption private key from the network node manager to decrpyt the encrypted data encryption key to eventually derive the data encryption key. At step 550, the user 160 provides the verifier the data encryption key. The verifier then verifies the data center's authorization, decrypts the encrrypted data piece to derive the original data piece, verifies authenticity of the data piece by the data signature, and verifies the data signature by the commitment.
Below is an embodiment of pseudo code for implementing the methods described above
The foregoing description of embodiments is provided to enable any person skilled in the art to make and use the subject matter. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the novel principles and subject matter disclosed herein may be applied to other embodiments without the use of the innovative faculty. The claimed subject matter set forth in the claims is not intended to be limited to the embodiments shown herein but is to be accorded the Widest scope consistent With the principles and novel features disclosed herein. It is contemplated that additional embodiments are Within the spirit and true scope of the disclosed subject matter. Thus, it is intended that the present invention covers modifications and variations that come Within the scope of the appended claims and their equivalents.
This application claims the priority of U.S. provisional application 63/088,412 filed on Oct. 6, 2020, titled “ BLOCKCHAIN BASED MEDIA ANTI-TAMPERING METHODS AND SYSTEMS”. This application claims the benefit of U.S. non-provisional application 16/801,114 filed on Feb. 25, 2020, titled “CREDENTIAL VERIFICATION AND ISSUANCE THROUGH CREDENTIAL SERVICE PROVIDERS”, which is incorporated herein by reference at its entirety.
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/US21/53868 | 10/6/2021 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 63088412 | Oct 2020 | US |
