公开(公告)号：US11528258B2

公开(公告)日：2022-12-13

申请号：US16229964

申请日：2018-12-21

Applicant: INTEL CORPORATION

Inventor： Oron Lenz ,  Alex Nayshtut ,  Alex Berenzon ,  Ishai Nadler ,  Yoni Wolf

IPC: H04L29/00 ,  H04L9/40 ,  G06F21/60 ,  G06F21/57 ,  H04L9/08 ,  H04L67/10 ,  G06F16/182 ,  H04L9/06 ,  G06F21/64 ,  H04L9/00

Abstract: A system and apparatus for data confidentiality in a distributed ledger are disclosed. The system and apparatus preserve qualities of distributed ledgers, such as transparency, integrity, and redundancy, while also providing confidentiality, scalability, and security not previously available in distributed ledgers. The system includes a data confidentiality module that exploits a trusted execution environment for both transaction processing and key synchronization. The apparatus accessing the distributed ledger provides for new nodes joining the network, sending transactions to the ledger by existing nodes, securely processing the transaction using the trusted execution environment, securing transmission to the logic layer for application of business logic, reading and writing data to local storage, and reading encrypted transactions.

公开(公告)号：US20180219841A1

公开(公告)日：2018-08-02

申请号：US15417508

申请日：2017-01-27

Applicant: Intel Corporation

Inventor： Ishai Nadler ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/64 ,  H04L9/0637 ,  H04L9/0836 ,  H04L9/0891 ,  H04L9/3236 ,  H04L63/0428 ,  H04L63/123 ,  H04L2209/38

Abstract: A file layout and encryption scheme to protect a data file are introduced. A system, computer-readable medium, and method are provided for selecting an encrypted data node of a data file for writing data, generating a node encryption key for the selected encrypted node, encrypting the selected encrypted node with the node encryption key, saving the node encryption key and a node integrity check value for the node encryption key in a parent encrypted cryptographic node, selecting an ancestor encrypted cryptographic node as the selected encrypted node, and repeating the generating, encrypting, saving, and selecting the ancestor encrypted cryptographic node until the selected ancestor encrypted cryptographic node is a root encrypted cryptographic node for the data file. Encrypting a data node with the node encryption key further saves the data to be written to the encrypted data node.