白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

System and method for key recovery and verification in blockchain based networks

專(zhuān)利號(hào)
US11930110B2
公開(kāi)日期
2024-03-12
申請(qǐng)人
KZEN NETWORKS LTD(IL Tel Aviv)
發(fā)明人
Tal Arieh Be'ery; Ouriel Ohayon; Omer Shlomovits; Gary Benattar
IPC分類(lèi)
H04L29/06; H04L9/00; H04L9/08
技術(shù)領(lǐng)域
recovery,key,escrow,computing,private,least,device,at,public,keys
地域: Tel Aviv

摘要

Methods and systems of recovering a cryptographic key associated with a blockchain based computer network, including encryption of at least a portion of a cryptographic key of the computer network with a recovery public key, sending of the encrypted at least a portion of the cryptographic key to at least one second computing device, sending of a recovery private key to a recovery escrow service, detection that the at least one first computing device is unavailable, publishing the recovery private key in a public repository, retrieving the recovery private key from the public repository, and decryption of the encrypted at least a portion of the cryptographic key by the at least one second computing device.

說(shuō)明書(shū)

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a National Phase Application of PCT International Application No. PCT/IL2020/050111, International Filing Date Jan. 29, 2020, claiming the benefit of U.S. Provisional Patent Application No. 62/798,892, filed Jan. 30, 2019 which is hereby incorporated by reference.

FIELD OF THE INVENTION

The present invention relates to blockchain technology. More particularly, the present invention relates to systems and methods for management of cryptographic keys in blockchain based computer networks.

BACKGROUND OF THE INVENTION

Blockchain technology can allow a consensus of replicated, shared, and/or synchronized digital data in a peer-to-peer network that can be geographically spread across multiple sites. Currently, the security of all blockchain based cryptocurrency wallets typically solely depends on the security of its private keys, that can be used to digitally sign a user transaction and/or thereby prove its validity. The majority of cryptocurrency wallets either store the key on a customer's device or on the service's side. Therefore, when these devices are compromised a cyber-theft is possible.

In typical classic blockchain software implementations, a client locally generates a private key and a corresponding public key. The public key can be used to create an address and/or the messages to be signed can be transactions of value between such addresses (or accounts). Verification of transaction validity can be done publicly by the blockchain maintainers using, e.g., the relevant addresses public keys, while the key generation can be done locally using, e.g., the client's secret key.

權(quán)利要求

1
The invention claimed is:1. A method of verifying that an encrypted cryptographic private key associated with a blockchain based computer network can be decrypted, the method comprising:encrypting, by at least one first computing device, at least a portion of a cryptographic key of the computer network with a recovery public key, wherein the encryption is carried out using an homomorphically additive encryption scheme;sending, by the at least one first computing device, the encrypted at least a portion of the cryptographic key to at least one second computing device;retrieving, by the at least one second computing device, the recovery public key from the at least one first computing device;verifying, by the at least one second computing device, that the encrypted at least a portion of the cryptographic key is compatible to be decrypted by a recovery private key, based on the retrieved recovery public key and the corresponding public key of the at least a portion of the cryptographic key;sending, by the at least one first computing device, the recovery private key to a recovery escrow service;periodically sending, by the at least one first computing device, an arbitrary message to the recovery escrow service, wherein the recovery message is signed by the recovery private key;publishing the signed arbitrary message in a public repository;retrieving, by the at least one second computing device, the signed arbitrary message from the public repository;verifying, by the at least one second computing device, that the encryption of the signed arbitrary message is compatible with the recovery public key; andverifying, by the at least one second computing device, that the recovery escrow service has the recovery private key.2. The method of claim 1 wherein the recovery escrow service stores the recovery private key, and wherein instructions to publish the recovery private key are provided by a third party.3. The method of claim 2, further comprising periodically publishing, by the third party, a status report of the at least one first computing device in a public repository to be retrieved by the at least one second computing device.4. The method of claim 1, wherein the recovery escrow service is on an external computing device.5. The method of claim 1, wherein the at least one second computing device comprises a mobile computing device.6. The method of claim 1, further comprising:connecting the at least one second computing device to the computer network; andadding a transaction to a ledger of the computer network, in accordance with the received signed at least a portion of the cryptographic key.7. The method of claim 1, wherein the encryption is carried out using a verifiable homomorphic EIGamal encryption.8. A system for verification that a cryptographic key associated with a blockchain based computer network can be decrypted, the system comprising:at least one first computing device, configured to:encrypt at least a portion of a cryptographic key of the computer network with a recovery public key, wherein the encryption is carried out using an homomorphically additive encryption scheme;at least one second computing device, in communication with the at least one first computing device, and configured to:receive the encrypted at least a portion of the cryptographic key from the at least one first computing device;retrieve a recovery public key from the at least one first computing device; andverify that the encrypted at least a portion of the cryptographic key is compatible to be decrypted by the recovery private key, based on the retrieved recovery public key and the corresponding public key of the at least a portion of the cryptographic key, wherein:the at least one first computing device is further configured to send the recovery private key to a recovery escrow service and to periodically send an arbitrary message to a recovery escrow service, wherein the arbitrary message is signed by the recovery private key;the recovery escrow service is further configured to publish the signed arbitrary message in a public repository; andthe at least one first computing device is further configured to:retrieve the signed arbitrary message from the public repository;verify that the encryption of the signed arbitrary message is compatible with the recovery public key; andverify that the recovery escrow service has the recovery private key.9. The system of claim 8, wherein the recovery escrow service stores the recovery private key, and wherein instructions to publish the recovery private key are provided by a third party.10. The system of claim 9, wherein a status report of the at least one first computing device in a public repository is periodically published by the third party.11. The system of claim 8, wherein the recovery escrow service is on an external computing device.12. The system of claim 8, wherein the at least one second computing device comprises a mobile computing device.13. The system of claim 8, wherein the at least one second computing device is connected to the computer network, and wherein a transaction is added to a ledger of the computer network, in accordance with the received signed at least a portion of the cryptographic key.
微信群二維碼
意見(jiàn)反饋