公开(公告)号：US20220166616A1

公开(公告)日：2022-05-26

申请号：US17103475

申请日：2020-11-24

申请人： International Business Machines Corporation

发明人： Yacov Manevich ,  Nitin Gaur ,  Dulce B. Ponceleon ,  Petr Novotny

IPC分类号： H04L9/08 ,  H04L9/14 ,  H04L9/06

摘要： An example operation may include one or more of encrypting a private key with an encryption key, generating a plurality of keys based on the encryption key and converting the plurality of keys into a plurality of key shares based on a secret input value, storing the encrypted private key on a blockchain, and distributing the plurality of key shares to a plurality of blockchain peers of the blockchain, where the distributing comprises transmitting a different key share from among the plurality of key shares to each blockchain peer among the plurality of blockchain peers.

公开(公告)号：US11228424B2

公开(公告)日：2022-01-18

申请号：US16434929

申请日：2019-06-07

申请人： International Business Machines Corporation

发明人： Luis Angel Bathen ,  Gabor Madl ,  Dulce B. Ponceleon

IPC分类号： H04L29/06 ,  H04L9/06 ,  H04L9/32 ,  G11B7/004 ,  H04L9/30

摘要： An example operation may include one or more of receiving, by a validation node, a copy request from a user node over a blockchain network, the request contains a copy token, invoking, by the validation node, a smart contract associated with the copy token to verify the copy token, in response to a verification, generating, by the validation node, media copy keys for generation of a Blu-ray copy, and recording, by the validation node, the copy token on a ledger of the blockchain network to indicate that the copy token is spent.

公开(公告)号：US11204919B2

公开(公告)日：2021-12-21

申请号：US16734143

申请日：2020-01-03

申请人： International Business Machines Corporation

发明人： Andres Garagiola ,  Jeronimo Irazabal ,  Raul Laprida ,  Guillermo R. Lopez ,  Diego Masini ,  Dulce B. Ponceleon

IPC分类号： G06F16/2453 ,  H04L9/06 ,  G06Q20/40 ,  G06F16/951 ,  G06F16/23 ,  G06Q20/38 ,  H04L9/32

摘要： An example operation may include one or more of identifying a blockchain transaction, storing the blockchain transaction in a blockchain, assigning the blockchain transaction a transaction number and a block number, hashing a portion of blockchain transaction data associated with the blockchain transaction, and updating a blockchain index based on the hashed portion of the blockchain transaction.

公开(公告)号：US10979418B2

公开(公告)日：2021-04-13

申请号：US16540942

申请日：2019-08-14

申请人： International Business Machines Corporation

发明人： David W. Kravitz ,  Dulce B. Ponceleon ,  Diego A. Masini ,  John B. Geagan, III ,  Brian K. Smith

IPC分类号： H04L29/06 ,  H04L9/32 ,  G06F21/64 ,  G06F21/60 ,  H04L9/08 ,  G06F21/10

摘要： One example method may include generating a template transaction certificate by one or more entities which verify proof of ownership of attributes incorporated into the template transaction certificate, and generating one or more operational transaction certificates by the one or more entities which verified proof of ownership of the template transaction certificate.

公开(公告)号：US10700853B2

公开(公告)日：2020-06-30

申请号：US15590414

申请日：2017-05-09

申请人： International Business Machines Corporation

发明人： David W. Kravitz ,  Dulce B. Ponceleon ,  Diego A. Masini ,  Raul O. Laprida ,  Andres Garagiola ,  John B. Geagan, III

IPC分类号： G06F21/00 ,  H04L9/08 ,  G06Q20/40 ,  H04L9/32

摘要： One example method of operation may include receiving a request, from an entity, for one or more tokens based on one or more attributes, encrypting and masking the one or more attributes, adding the encrypted and masked one or more attributes to the one or more tokens, and transmitting the one or more tokens to the entity.

公开(公告)号：US09866373B2

公开(公告)日：2018-01-09

申请号：US15644317

申请日：2017-07-07

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： John B. Geagan, III ,  Dulce B. Ponceleon

IPC分类号： H04K1/00 ,  H04L9/06 ,  H04L9/08 ,  H04L9/32

CPC分类号： H04L9/0618 ,  H04L9/0816 ,  H04L9/0836 ,  H04L9/3234 ,  H04L2209/24 ,  H04L2209/34 ,  H04L2209/601

摘要： Embodiments of the present invention relate to encryption key allocation with additional security elements to lessen vulnerability to certain attacks. In one embodiment, a method and computer program product is provided for broadcast encryption. A key bundle encoded in a non-transient machine-readable medium is received. The key bundle comprises a first cryptographic key and an associated first cryptographic function identifier. Encrypted content is received. A key block corresponding to a subset difference tree is received. A first cryptographic triple function corresponding to the first cryptographic function identifier is determined. The subset difference tree is traversed using the first cryptographic key and the first cryptographic triple function to obtain a content cryptographic key. The content cryptographic key is applied to the encrypted content to obtain decrypted content.

公开(公告)号：US20170337351A1

公开(公告)日：2017-11-23

申请号：US15158296

申请日：2016-05-18

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： John B. Geagan ,  Dulce B. Ponceleon

IPC分类号： G06F21/10 ,  H04L9/08 ,  G06F21/62

CPC分类号： G06F21/10 ,  H04L9/0836 ,  H04L9/0891 ,  H04L2209/601

摘要： An encryption scheme is provided in which subset-difference lists are generated by blacklisting subsets corresponding to compromised devices and splitting subset difference lists corresponding to the blacklisted subsets into multiple subset difference lists. In some embodiments, a subset-difference tree is generated. The subset-difference tree includes a plurality of subsets. The subset-difference tree covers a plurality of nodes. Each of the plurality of subsets has an apex node among the plurality of nodes. At least one blacklisted node of the plurality of nodes is determined. A first subset among the plurality of subsets is identified that covers the at least one blacklisted node. A plurality of substitute subsets is determined. Each of the plurality of substitute subsets overlaps the first subset and does not cover the at least one blacklisted node. The plurality of substitute subsets are substituted for the first subset.

公开(公告)号：US09735954B2

公开(公告)日：2017-08-15

申请号：US15340715

申请日：2016-11-01

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： John B. Geagan, III ,  Dulce B. Ponceleon

IPC分类号： H04K1/00 ,  H04L9/06 ,  H04L9/08 ,  H04L9/32

CPC分类号： H04L9/0618 ,  H04L9/0816 ,  H04L9/0836 ,  H04L9/3234 ,  H04L2209/24 ,  H04L2209/34 ,  H04L2209/601

摘要： Embodiments of the present invention relate to encryption key allocation with additional security elements to lessen vulnerability to certain attacks. In one embodiment, a method and computer program product is provided for broadcast encryption. A key bundle encoded in a non-transient machine-readable medium is received. The key bundle comprises a first cryptographic key and an associated first cryptographic function identifier. Encrypted content is received. A key block corresponding to a subset difference tree is received. A first cryptographic triple function corresponding to the first cryptographic function identifier is determined. The subset difference tree is traversed using the first cryptographic key and the first cryptographic triple function to obtain a content cryptographic key. The content cryptographic key is applied to the encrypted content to obtain decrypted content.

公开(公告)号：US20150058995A1

公开(公告)日：2015-02-26

申请号：US14010104

申请日：2013-08-26

申请人： International Business Machines Corporation

发明人： John Bernard Geagan, III ,  Dulce B. Ponceleon

IPC分类号： G06F21/60 ,  G06F17/30

CPC分类号： G06F17/30864 ,  G06F21/6254

摘要： Embodiments of the present invention relate to searching for secret data through an untrusted searcher without exposing the secret data. In one embodiment, a method of and computer program product for searching for secret data through an untrusted searcher is provided. A secret value is read from a storage medium. The secret value is divided into a plurality of portions. Each of the plurality of portions is ranked. A subset of the secret value is determined from the ranking of the plurality of portions. A search string is constructed from the subset. The search string is transmitted to a searcher via a network. Search results are received from the searcher via the network. The search results are compared to the secret value to determine whether the searcher found the secret value.

摘要翻译： 本发明的实施例涉及通过不信任的搜索者搜索秘密数据而不暴露秘密数据。 在一个实施例中，提供了一种用于通过不信任的搜索者搜索秘密数据的方法和计算机程序产品。 从存储介质读取秘密值。 秘密值被分成多个部分。 对多个部分中的每一个进行排序。 根据多个部分的等级确定秘密值的子集。 从该子集构建搜索字符串。 搜索字符串通过网络发送给搜索者。 通过网络从搜索者处收到搜索结果。 将搜索结果与秘密值进行比较，以确定搜索者是否发现了秘密值。

公开(公告)号：US11526583B2

公开(公告)日：2022-12-13

申请号：US16568565

申请日：2019-09-12

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： John B. Geagan ,  Dulce B. Ponceleon

IPC分类号： G06F21/10 ,  H04L9/08

摘要： An encryption scheme is provided in which subset-difference lists are generated by blacklisting subsets corresponding to compromised devices and splitting subset difference lists corresponding to the blacklisted subsets into multiple subset difference lists. In some embodiments, a subset-difference tree is generated. The subset-difference tree includes a plurality of subsets. The subset-difference tree covers a plurality of nodes. Each of the plurality of subsets has an apex node among the plurality of nodes. At least one blacklisted node of the plurality of nodes is determined. A first subset among the plurality of subsets is identified that covers the at least one blacklisted node. A plurality of substitute subsets is determined. Each of the plurality of substitute subsets overlaps the first subset and does not cover the at least one blacklisted node. The plurality of substitute subsets are substituted for the first subset.