Reissuing obligations to preserve privacy
Abstract
A system is provided for reissuing obligations whose ownership is recorded in a distributed ledger to preserve the identity of prior owners of the obligations. The system accesses a target transaction in which an issuer has a target obligation to a target owner specified in the target transaction. The target transaction has one or more ancestor transactions that each specify an owner. The system retires the target transaction so that the issuer no longer has the target obligation. The system then receives an indication that the issuer created a reissue transaction in which the issuer has a reissued obligation to the target owner that is specified in the reissue transaction. The reissue transaction does not have any ancestor transactions.
Claims
exact text as granted — not AI-modifiedI/We claim:
1 . A method performed by one or more computing systems for creating a confidential identity for a first entity, the method comprising:
generating a first confidential public/private key pair that includes a first confidential public key and a first confidential private key; generating a first confidential identity certificate, the first confidential identity certificate including the first confidential public key and a first well-known name of the first entity; and signing the first confidential identity certificate with a first well-known private key of the first entity, a first well-known public key and the first well-known private key composing a first well-known public/private key pair.
2 . The method of claim 1 further comprising:
generating a first nonce;
receiving from a second entity a second nonce;
sending to the second entity the first nonce;
signing the first nonce and the second nonce; and
sending to the second entity the signed first nonce and second nonce.
3 . The method of claim 2 wherein the signing of the first confidential identity certificate and the signing of the first nonce and the second nonce are performed by signing a combination of the first confidential identity certificate and the first nonce and the second nonce.
4 . The method of claim 2 wherein the signing of the first nonce and the second nonce is performed by signing a hash of the first nonce and the second nonce.
5 . The method of claim 1 wherein the first well-known public key and the first well-known name are specified in a first well-known identity certificate of the first entity that is signed by a certificate authority.
6 . The method of claim 1 further comprising signing data using the first confidential private key so that a second entity when presented with the signed data and the first confidential public key can verify that the signed data was signed using the first confidential private key.
7 . The method of claim 1 further comprising:
receiving from a second entity a signed second confidential identity certificate that includes a second confidential public key of the second entity and a second well-known name of the second entity, the second confidential public key and a second confidential private key composing a second confidential public/private key pair;
verifying, using a second well-known public key of the second entity, that the received signed second confidential identity certificate was signed by the second entity; and
storing the second confidential public key for identifying the second entity based on the second confidential public key.
8 . The method of claim 7 further comprising:
receiving the second confidential public key and signed data that is signed using the second confidential private key and; and
verifying, using the second confidential public key, that the data was signed using the second confidential private key.
9 . The method of claim 8 wherein the signed data is a transaction to which the second entity is a party, the transaction including the second confidential public key.
10 . The method of claim 1 wherein multiple first confidential identity certificates are generated for signing different data.
11 . A method performed by one or more computing system for verifying a confidential identity of a first entity, the method comprising:
accessing a signed first confidential identity certificate of the first entity that includes a first confidential public key of the first entity and a first well-known name of the first entity and that is signed using a first well-known private key of the first entity, the first confidential public key and a first confidential private key composing a first confidential public/private key; a first well-known public key and the first well-known private key composing a first well-known public/private key pair; and verifying using the first well-known public key that the signed first confidential identity certificate was signed using the first well-known private key.
12 . The method of claim 11 further comprising:
receiving signed data that is signed using the first confidential private key; and
verifying, using the first confidential public key, that the data was signed using the first confidential public key.
13 . The method of claim 1 further comprising:
receiving from the first entity a first nonce; and
sending to the first entity a second nonce;
wherein the signed first confidential identity certificate is part of a signed hash derived based on the signed first confidential identity certificate, the first nonce, and the second nonce.
14 . The method of claim 13 wherein the verifying further verifies that signed hash is derived based on the first nonce and the second nonce.
15 . One or more computing systems for creating proof of a confidential identity of a first entity, the one or more computing system comprising:
one or more computer-readable storage mediums for storing computer-executable instructions for controlling the one or more computing systems to:
access a first confidential public/private key pair that includes a first confidential public key and a first confidential private key; and
sign the first confidential public key with a first well-known private key of the first entity, a first well-known public key and the first well-known private key composing a first well-known public/private key pair; and
one or more processors for executing the computer-executable instructions stored in the one or more computer-readable storage mediums.
16 . The one or more computing systems of claim 15 wherein the signing also signs a combination of the first confidential public key and an identifier of the first entity wherein the signed combination forms a first confidential identity certificate.
17 . The one or more computing system of claim 15 wherein the instructions further:
generate a hash derived from the first confidential public key, a first nonce, and a second nonce, the first nonce being generated by the first entity and the second nonce being generated by a second entity; and
sign the hash with the first well-known public key.
18 . The one or more computing system of claim 15 wherein the instructions further:
generate a signed transaction that includes the first confidential public key, the signed transaction signed using the first confidential private key; and
provide to a second entity the signed first confidential public key
so that the second entity can confirm that the first entity signed the transaction using the first confidential private key and can determine that the signed first confidential public key was signed using the first well-known private key.
19 . The one or more computing system of claim 18 wherein the instructions further record the transaction in a distributed ledger.
20 . The one or more computing system of claim 18 wherein output of the signed transaction is input to another transaction.
21 . One or more computing systems for verifying an identity of a first entity, the one or more computing system comprising:
one or more computer-readable storage mediums for storing computer-executable instructions for controlling the one or more computing systems to:
access a signed first confidential public key of the first entity and that is signed using a first well-known private key of the first entity, the first confidential public key and a first confidential private key composing a first confidential public/private key, a first well-known public key and the first well-known private key composing a first well-known public/private key pair;
verify using the first well-known public key that the signed first confidential public key was signed using the first well-known private key; and
access signed data that is data that is signed using the first confidential private key; and
verify that the first entity signed the data using the signed first confidential public key; and
one or more processors for executing the computer-executable instructions stored in the one or more computer-readable storage mediums.
22 . The one or more computing systems of claim 21 wherein the signed first confidential public key is signed in combination with an identifier of the first entity wherein the signed combination forms a first confidential identity certificate.
23 . The one or more computing systems of claim 22 wherein the instructions further:
receive from the first entity a first nonce;
send to the first entity a second nonce;
wherein the signed first confidential public key is part of a signed hash derived based on the first nonce and the second nonce, the first confidential identity certificate being received as part of receiving the signed hash.
24 . The one or more computing systems of claim 23 wherein the verifying further verifies that signed hash is derived based on the first nonce and the second nonce.
25 . The one or more computing systems of claim 21 wherein the data is a transaction that identifies the first entity by the first confidential public key.
26 . The one or more computing systems of claim 25 wherein the output of the transaction is input to another transaction to which the first entity is a party.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.