US2018144114A1PendingUtilityA1

Securing Blockchain Transactions Against Cyberattacks

51
Assignee: FISKE MICHAEL STEPHENPriority: Aug 9, 2011Filed: Jan 1, 2018Published: May 24, 2018
Est. expiryAug 9, 2031(~5.1 yrs left)· nominal 20-yr term from priority
H04L 9/3239H04L 2209/56G06F 21/32
51
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Methods and systems are provided for performing a secure transaction. In an embodiment, users register biometric and/or other identifying user information. A private encryption key is generated from the biometric information and/or other user information and/or information obtained from a unpredictable physical process and are stored in a secure area of a device and a public key is transmitted to the blockchain network which acts as a service provider. In some embodiments, the private key depends upon at least partly on user information presented in the secure area. This hinders attacks like the Mt. Gox exchange. Each unique transaction passcode or transaction signature depends upon the transaction information and user information, so that on the next step of that transaction, only that unique transaction passcode will be valid. In some embodiments, if the transaction information has been altered relative to the transaction information stored in the device's secure area, then the transaction passcode sent to the blockchain network during this step will be invalid and the blockchain network may abort the transaction.

Claims

exact text as granted — not AI-modified
1 . A method of securing a transaction comprising:
 generating a passcode at a user system, whose value depends upon the transaction information and a private key, the user system having a processor system having at least one processor, a communications interface, and a memory system;   sending the transaction information and the passcode generated by the user system, to a blockchain network, for validation in conjunction with a request to perform the transaction.   
     
     
         2 . The method of  claim 1 , wherein the user system includes a secure area and a remaining portion that includes all of the user system but the secure area, the remaining portion of the user system not having access to the secure area; the method further comprising computing and/or storing a private key in the secure area of the user system. 
     
     
         3 . The method of  claim 1 , wherein the user system includes a secure area and a remaining portion that includes all of the user system but the secure area, the remaining portion of the user system not having access to the secure area; the method further comprising computing and/or storing a transaction passcode generator in a secure area of the user system. 
     
     
         4 . The method of  claim 2 , wherein user information is entered into an interface with the user system that is part of the secure area wherein said private key is derived at least partly from some of the user information. 
     
     
         5 . The method of  claim 4 , where user information entered into the interface is a PIN or password. 
     
     
         6 . The method of  claim 4 , where user information entered into the interface is biometric data of the user such as a fingerprint, voice data, face data, finger vein or hand geometry. 
     
     
         7 . The method of  claim 4 , where user information entered into the interface is the selection of one or more visual images. 
     
     
         8 . The method of  claim 1  further comprising,
 the blockchain network validates the transaction information and passcode received from the user system with a user system public key. 
 
     
     
         9 . The method of  claim 4 , applying a one-way function on the user information and a seed to compute said private key. 
     
     
         10 . The method of  claim 9  wherein the one-way function is a one-way hash function. 
     
     
         11 . A system of securing a transaction comprising:
 generating a passcode at a user system, whose value depends upon the transaction information and a private key, the user system having a processor system having at least one processor, a communications interface, and a memory system;   sending the transaction information and the passcode generated by the user system, to a blockchain network, for validation in conjunction with a request to perform the transaction.   
     
     
         12 . A system of  claim 11 , wherein the user system includes a secure area and a remaining portion that includes all of the user system but the secure area, the remaining portion of the user system not having access to the secure area; the method further comprising computing and/or storing a private key in the secure area of the user system. 
     
     
         13 . The system of  claim 11 , wherein the user system includes a secure area and a remaining portion that includes all of the user system but the secure area, the remaining portion of the user system not having access to the secure area; the method further comprising computing and/or storing a transaction passcode generator in a secure area of the user system. 
     
     
         14 . The method of  claim 12 , wherein user information is entered into an interface with the user system that is part of the secure area wherein said private key is derived at least partly from some of the user information. 
     
     
         15 . A system comprising;
 a first processor system having at least one processor,   a first memory system with which the processor system communicates,   a user interface for the user to enter and view information that is processed by the processor system, and   a network communications system for receiving and sending messages over a network that are processed by the processor system;   a secure area including at least
 a second processor system for processing secure transactions, and 
 a second memory system storing a private key, which is a value from which a passcode or a signature is generated; 
 the second memory and second processor system being communicatively coupled to one another; 
   the first processor system having no access to the second processor system and the second memory system.   
     
     
         16 . The system of  claim 15 , wherein said system executes on a mobile phone. 
     
     
         17 . The system of  claim 15 , further comprising:
 a display screen, the secure area being communicatively coupled to the display screen;   the secure area being communicatively coupled to at least a portion of the display screen for displaying information about the transaction on the display screen.   
     
     
         18 . The system of  claim 15  the first processor not having access to the display screen controlled by the second processor system in the secure area at least while the portion of the display screen is being controlled by the second processor system. 
     
     
         19 . The system of  claim 15  further comprising buttons or character entry of letters, numbers or other symbols into a user interface that is only connected to the secure area so as to not be accessible to the first processor system. 
     
     
         20 . The system of  claim 15  where the second memory system, which is in the secure area storing one or more algorithms that cryptographically bind the passcode to the transaction information, so that the passcode will not be valid if the passcode is based on incorrect transaction information.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.