Patent Grant
10411897
This application relates to U.S. application Ser. No. 15/419,033 filed Jan. 30, 2017 and to U.S. application Ser. No. 15/419,042 also filed Jan. 30, 2017, with both applications incorporated herein by reference in their entireties.
Security is important in today's online environment. One reads nearly every day of another hacking. People's data is even being held ransom.
The features, aspects, and advantages of the exemplary embodiments are understood when the following Detailed Description is read with reference to the accompanying drawings, wherein:
The exemplary embodiments will now be described more fully hereinafter with reference to the accompanying drawings. The exemplary embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. These embodiments are provided so that this disclosure will be thorough and complete and will fully convey the exemplary embodiments to those of ordinary skill in the art. Moreover, all statements herein reciting embodiments, as well as specific examples thereof, are intended to encompass both structural and functional equivalents thereof. Additionally, it is intended that such equivalents include both currently known equivalents as well as equivalents developed in the future (i.e., any elements developed that perform the same function, regardless of structure).
Thus, for example, it will be appreciated by those of ordinary skill in the art that the diagrams, schematics, illustrations, and the like represent conceptual views or processes illustrating the exemplary embodiments. The functions of the various elements shown in the figures may be provided through the use of dedicated hardware as well as hardware capable of executing associated software. Those of ordinary skill in the art further understand that the exemplary hardware, software, processes, methods, and/or operating systems described herein are for illustrative purposes and, thus, are not intended to be limited to any particular named manufacturer.
As used herein, the singular forms “a,” “an,” and “the” are intended to include the plural forms as well, unless expressly stated otherwise. It will be further understood that the terms “includes,” “comprises,” “including,” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being “connected” or “coupled” to another element, it can be directly connected or coupled to the other element or intervening elements may be present. Furthermore, “connected” or “coupled” as used herein may include wirelessly connected or coupled. As used herein, the term “and/or” includes any and all combinations of one or more of the associated listed items.
It will also be understood that, although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first device could be termed a second device, and, similarly, a second device could be termed a first device without departing from the teachings of the disclosure.
Exemplary embodiments thus protect the secret data 22. A server 26 retrieves a representation 28 of the electronic document 20 and splits the representation 28 into multiple pieces termed shares 30. The server 26 may then distribute one or more of the shares 30 via a blockchain 32. As the reader may understand, the blockchain 32 is generally a digital ledger in which transactions are chronologically and/or publically recorded. The blockchain 32 is most commonly used in decentralized cryptocurrencies (such as Bitcoin). The blockchain 32, however, may be adapted to any chain or custody (such as in medical records and in chains of title in real estate transactions). Indeed, there are many different mechanisms and configurations of the blockchain 32, and exemplary embodiments may be adapted to any version. Regardless, the shares 30 may be integrated into the blockchain 32 as a distribution or publication mechanism. The blockchain 32 may then route via a communications network 34 to any destination.
Exemplary embodiments may thus stash the secret data 22 in the multiple blockchains 32a-c. Because the electronic document 20 (containing the secret data 22) is split into the multiple shares 30, any one or more of the peer devices must possess a sufficient minimum number MMin (illustrated as reference numeral 60) of the shares 30 before the secret data 22 may be recovered. That is, possession of an insufficient number of the shares 30 guarantees that the secret data 22 remains unknown and confidential. So, if the first blockchain 32a contains less than the MMin 60 of the total shares 30, then the first group 42a of peer devices cannot reconstruct the secret data 22. Likewise, if the second blockchain 32b and/or the third blockchain 32c also contains less than the MMin 30, the second group 42b of peer devices and the third group 42c of peer devices are also unable to reveal or decipher the secret data 22. In other words, no single one of the multiple blockchains 32a-c stores the requisite minimum number MMin 60 of the shares 30 to launch a brute-force attack on the secret data 22. Even multiple ones of the blockchains 32a-c may be purposefully designed to never exceed the requisite minimum number MMin 60 of the shares 30, perhaps thus forcing a hacker to compromise several or all of the blockchains 32a-c. A rogue attack, in simple words, would have to access and compromise multiple blockchains 32 before jeopardizing the secret data 22 contained within the electronic document 20.
Exemplary embodiments thus present an elegant solution. Sensitive, secret documents (containing the secret data 22) may be secretly shared via the one or more blockchains 32a-c. Even if the blockchains 32a-c are dispersed to trusted peer devices, the peer devices still cannot discern the secret data 22 until the threshold minimum number MMin 60 of the shares 30 is obtained. Exemplary embodiments thus purposefully add a second-layer of protection, beyond merely trusted receipt of the blockchain 32. The trusted peers simply do not have access to the secret data 22 until the minimum number MMin 60 of the shares 30 is obtained.
Any secret sharing scheme may be utilized. The reader is perhaps familiar with Shamir's Secret Sharing Algorithm, which is a well-known cryptographic algorithm. Exemplary embodiments divide the secret data 22 into unique parts (e.g., the shares 30), with each individual share 30 being different from other shares 30. However, there are many secret sharing or splitting schemes and algorithms for distributing a secret, and exemplary embodiments may be applied regardless of any particular scheme or algorithm.
Exemplary embodiments may be applied regardless of networking environment. Exemplary embodiments may be easily adapted to stationary or mobile devices having cellular, wireless fidelity (WI-FI®), near field, and/or BLUETOOTH® capability. Exemplary embodiments may be applied to mobile devices utilizing any portion of the electromagnetic spectrum and any signaling standard (such as the IEEE 802 family of standards, GSM/CDMA/TDMA or any cellular standard, and/or the ISM band). Exemplary embodiments, however, may be applied to any processor-controlled device operating in the radio-frequency domain and/or the Internet Protocol (IP) domain. Exemplary embodiments may be applied to any processor-controlled device utilizing a distributed computing network, such as the Internet (sometimes alternatively known as the “World Wide Web”), an intranet, a local-area network (LAN), and/or a wide-area network (WAN). Exemplary embodiments may be applied to any processor-controlled device utilizing power line technologies, in which signals are communicated via electrical wiring. Indeed, exemplary embodiments may be applied regardless of physical componentry, physical configuration, or communications standard(s).
Exemplary embodiments may utilize any processing component, configuration, or system. Any processor could be multiple processors, which could include distributed processors or parallel processors in a single machine or multiple machines. The processor can be used in supporting a virtual processing environment. The processor could include a state machine, application specific integrated circuit (ASIC), programmable gate array (PGA) including a Field PGA, or state machine. When any of the processors execute instructions to perform “operations”, this could include the processor performing the operations directly and/or facilitating, directing, or cooperating with another device or component to perform the operations.
Exemplary embodiments may packetize. The server 26 and the recipient peer devices may have network interfaces to the communications network 34, thus allowing collection and retrieval of information. The information may be received as packets of data according to a packet protocol (such as the Internet Protocol). The packets of data contain bits or bytes of data describing the contents, or payload, of a message. A header of each packet of data may contain routing information identifying an origination address and/or a destination address.
Hashing adds another layer of security. Exemplary embodiments may call or execute the hashing algorithm 82 that generates the hash values 80 (e.g., the hash tree 86 and the root 88) associated with the electronic document 20. There are many hashing algorithms, and exemplary embodiments may utilize any of the hashing algorithms. For example, many readers may be familiar with the SHA family of cryptographic hashing algorithms. Moreover, the hash tree 86 may be described as the Merkle tree, which many readers are also thought familiar. Regardless, once the hash values 80 are determined, exemplary embodiments may split the hash values 80 into the shares 30 for integration into the one or more blockchains 32. That is, the shares 30 may be added to, or incorporated in, any record, transaction, or block and distributed via the blockchain(s) 32.
where the total number NS 92 of the shares 30 is ten thousand (10,000) times the number NB 94 of blockchains 32 that must be used. Again, as a simple example, if the electronic document 20 is associated with one million (1,000,000) shares 30, then one hundred (100) different blockchains 32 must be generated and distributed. The sharing strategy 90, in other words, may set a maximum number NSmax (illustrated as reference numeral 96) of shares 30 integrated into any single blockchain 32. The sharing strategy 90, in other words, may thus limit the number of the shares 30 exposed by any individual blockchain 32.
where the total number NR 98 of the recipients is one hundred (100) times the number NB 94 of blockchains 32 that must be used. Again, as a simple example, if there are ten thousand recipients, then one hundred (100) different blockchains 32 must be generated and distributed. The sharing strategy 90, in other words, may set a maximum number NRmax (illustrated as reference numeral 100) of recipients per blockchain 32. The sharing strategy 90, in other words, may thus limit the number of the shares 30 exposed by any individual blockchain 32.
The sharing strategy 90 may be implemented as logical rules. If the sharing strategy 90 is mathematically defined (such as the ratio above discussed), the sharing strategy 90 may be expressed as logical statements involving mathematical expressions. Exemplary embodiments may code or program the sharing strategy 90 to achieve policy goals and/or security objectives.
Exemplary embodiments may be applied to any signaling standard. Most readers are thought familiar with the Global System for Mobile (GSM) communications signaling standard. Those of ordinary skill in the art, however, also recognize that exemplary embodiments are equally applicable to any communications device utilizing the Time Division Multiple Access signaling standard, the Code Division Multiple Access signaling standard, the “dual-mode” GSM-ANSI Interoperability Team (GAIT) signaling standard, or any variant of the GSM/CDMA/TDMA signaling standard. Exemplary embodiments may also be applied to other standards, such as the I.E.E.E. 802 family of standards, the Industrial, Scientific, and Medical band of the electromagnetic spectrum, BLUETOOTH®, and any other.
Exemplary embodiments may be physically embodied on or in a computer-readable storage medium. This computer-readable medium, for example, may include CD-ROM, DVD, tape, cassette, floppy disk, optical disk, memory card, memory drive, and large-capacity disks. This computer-readable medium, or media, could be distributed to end-subscribers, licensees, and assignees. A computer program product comprises processor-executable instructions for sharing secrets via blockchains, as the above paragraphs explained.
While the exemplary embodiments have been described with respect to various features, aspects, and embodiments, those skilled and unskilled in the art will recognize the exemplary embodiments are not so limited. Other variations, modifications, and alternative embodiments may be made without departing from the spirit and scope of the exemplary embodiments.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4309569 | Merkel | Jun 1982 | A |
| 5499294 | Friedman | Mar 1996 | A |
| 5862218 | Steinberg | Jan 1999 | A |
| 5966446 | Davis | Oct 1999 | A |
| 7272179 | Siemens et al. | Sep 2007 | B2 |
| 7572179 | Choi et al. | Aug 2009 | B2 |
| 7729950 | Mendizabal et al. | Jun 2010 | B2 |
| 8245038 | Golle et al. | Aug 2012 | B2 |
| 8266439 | Haber et al. | Sep 2012 | B2 |
| 8442903 | Zadoorian et al. | May 2013 | B2 |
| 8560722 | Gates et al. | Oct 2013 | B2 |
| 8706616 | Flynn | Apr 2014 | B1 |
| 8712887 | DeGroeve et al. | Apr 2014 | B2 |
| 8867741 | McCorkindale et al. | Oct 2014 | B2 |
| 8943332 | Horne et al. | Jan 2015 | B2 |
| 9124423 | Jennas, II et al. | Sep 2015 | B2 |
| 9396006 | Kundu et al. | Jul 2016 | B2 |
| 9407431 | Bellare et al. | Aug 2016 | B2 |
| 9411524 | O'Hare et al. | Aug 2016 | B2 |
| 9411976 | Irvine | Aug 2016 | B2 |
| 9411982 | Dippenaar et al. | Aug 2016 | B1 |
| 9424576 | Vandervort | Aug 2016 | B2 |
| 9436935 | Hudon | Sep 2016 | B2 |
| 9472069 | Roskowski | Oct 2016 | B2 |
| 9489827 | Quinn et al. | Nov 2016 | B2 |
| 9584493 | Leavy et al. | Feb 2017 | B1 |
| 9722790 | Ebrahimi | Aug 2017 | B2 |
| 9876646 | Ebrahimi et al. | Jan 2018 | B2 |
| 9882918 | Ford et al. | Jan 2018 | B1 |
| 20030018563 | Kilgour et al. | Jan 2003 | A1 |
| 20040085445 | Park | May 2004 | A1 |
| 20050206741 | Raber | Sep 2005 | A1 |
| 20060075228 | Black et al. | Apr 2006 | A1 |
| 20060184443 | Erez et al. | Aug 2006 | A1 |
| 20070094272 | Yeh | Apr 2007 | A1 |
| 20070296817 | Ebrahimi et al. | Dec 2007 | A1 |
| 20080010466 | Hopper | Jan 2008 | A1 |
| 20090025063 | Thomas | Jan 2009 | A1 |
| 20090287597 | Bahar | Nov 2009 | A1 |
| 20100049966 | Kato | Feb 2010 | A1 |
| 20100058476 | Isoda | Mar 2010 | A1 |
| 20100161459 | Kass et al. | Jun 2010 | A1 |
| 20100241537 | Kass et al. | Sep 2010 | A1 |
| 20130142323 | Chiarella | Jun 2013 | A1 |
| 20130222587 | Roskowski | Aug 2013 | A1 |
| 20140229738 | Sato | Aug 2014 | A1 |
| 20140344015 | Puertolas-Montasnes et al. | Nov 2014 | A1 |
| 20150193633 | Chida | Jul 2015 | A1 |
| 20150378627 | Kitazawa | Dec 2015 | A1 |
| 20160071096 | Rosca | Mar 2016 | A1 |
| 20160119134 | Hakoda et al. | Apr 2016 | A1 |
| 20160148198 | Kelley | May 2016 | A1 |
| 20160162897 | Feeney | Jun 2016 | A1 |
| 20160217436 | Brama | Jul 2016 | A1 |
| 20160253663 | Clark et al. | Sep 2016 | A1 |
| 20160260091 | Tobias | Sep 2016 | A1 |
| 20160267472 | Lingham et al. | Sep 2016 | A1 |
| 20160267558 | Bonnell et al. | Sep 2016 | A1 |
| 20160275294 | Irvine | Sep 2016 | A1 |
| 20160283920 | Fisher et al. | Sep 2016 | A1 |
| 20160292396 | Akerwall | Oct 2016 | A1 |
| 20160292672 | Fay et al. | Oct 2016 | A1 |
| 20160292680 | Wilson, Jr. et al. | Oct 2016 | A1 |
| 20160300200 | Brown et al. | Oct 2016 | A1 |
| 20160300234 | Moss-Pultz et al. | Oct 2016 | A1 |
| 20160321675 | McCoy et al. | Nov 2016 | A1 |
| 20160321751 | Creighton, IV et al. | Nov 2016 | A1 |
| 20160328791 | Parsells et al. | Nov 2016 | A1 |
| 20160330031 | Drego et al. | Nov 2016 | A1 |
| 20160330244 | Denton | Nov 2016 | A1 |
| 20160337119 | Hosaka et al. | Nov 2016 | A1 |
| 20160342977 | Lam | Nov 2016 | A1 |
| 20160342989 | Davis | Nov 2016 | A1 |
| 20160344737 | Anton et al. | Nov 2016 | A1 |
| 20170005797 | Lanc et al. | Jan 2017 | A1 |
| 20170053249 | Tunnell et al. | Feb 2017 | A1 |
| 20170061396 | Melika et al. | Mar 2017 | A1 |
| 20170124534 | Savolainen | May 2017 | A1 |
| 20170124535 | Juels et al. | May 2017 | A1 |
| 20170177898 | Dillenberger | Jun 2017 | A1 |
| 20170213287 | Bruno | Jul 2017 | A1 |
| 20170243208 | Kurian et al. | Aug 2017 | A1 |
| 20170243289 | Rufo | Aug 2017 | A1 |
| 20170244757 | Castinado et al. | Aug 2017 | A1 |
| 20170330279 | Ponzone | Nov 2017 | A1 |
| 20170352031 | Collin | Dec 2017 | A1 |
| 20170373859 | Shors et al. | Dec 2017 | A1 |
| 20180075527 | Nagla et al. | Mar 2018 | A1 |
| 20180091524 | Setty | Mar 2018 | A1 |
| 20180097779 | Karame et al. | Apr 2018 | A1 |
| 20180157700 | Roberts et al. | Jun 2018 | A1 |
| Number | Date | Country |
|---|---|---|
| 10128728 | Jan 2003 | DE |
| 5383297 | Jan 2014 | JP |
| 100653512 | Nov 2006 | KR |
| 101747221 | Jun 2017 | KR |
| WO 0049797 | Aug 2000 | WO |
| WO 2007069176 | Jun 2007 | WO |
| WO 2015077378 | May 2015 | WO |
| WO 2018013898 | Jan 2018 | WO |
| WO-2018109010 | Jun 2018 | WO |
| Entry |
|---|
| Menezes, A.J., van oorschot, P.C. & Vanstone, S.A., Handbook of Applied Cryptography, 1997, CRC Press, p. 527-28. |
| Alsolami, Fahad, and Terrance E. Boult. “CloudStash: using secret-sharing scheme to secure data, not keys, in multi-clouds.” Information Technology: New Generations (ITNG), 2014 11th International Conference on. IEEE, 2014. |
| Watanabe, Hiroki, et al. “Blockchain contract: Securing a blockchain applied to smart contracts.” 2016 IEEE International Conference on Consumer Electronics (ICCE). IEEE. 2016. |
| Unkown, “Federated Learning: Collaborative Machine Learning without Centralized Training Data” Apr. 6, 2017, 11 pages. |
| Casey, “BitBeat: Factom Touts Blockchain Tool for Keeping Record Keepers Honest”, Wall Street Journal, Nov. 5, 2014. |
| Crosby, Michael et al., “BlockChain Technology, Beyond Bitcoin”, Sutardja Center for Entrepreneurship & Technology, Berkeley Engineering, Oct. 16, 2015, 35 pages. |
| Al-Naji, Nader et al., “Basis: A Price-Stable Cryptocurrency with an Algorithmic Central Bank” www.basis.io Jun. 20, 2017, 27 pages. |
| Unknown, Xtrade White Paper, https://xtrade1-9649.kxcdn.com/wp-content/uploads/2017/09/xtrade-whitepaper.pdf Feb. 7, 2018, 37 pages. |
| Chakravorty, Antorweep, and Chunming Rong, “Ushare: user controlled social media based on blockchain.” Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication. ACM, 2017. |
| Chen, Zhixong, and Yixuan Zhu. “Personal Archive Service System using Blockchain Technology: Case Study, Promising and Challenging.” AI & Mobile Services (AIMS), 2017 IEEE International Conference on. IEEE, 2017. |
| Number | Date | Country | |
|---|---|---|---|
| 20180241565 A1 | Aug 2018 | US |
