Systems and methods of blockchain platform for intermediaries and passwordless login
Abstract
The systems and methods on a blockchain platform for one or more intermediaries for services including proxy re-encryption, independent audit, multiple-signatures based smart wallet associated with a smart contract and split-key authentication to achieve secure passwordless login. Proxy re-encryption by receiving a ciphertext from a first user with condition parameters that has been encrypted with a dynamically selected encryption algorithm. Audit service receiving an encrypted file from a user for storage on the blockchain platform; enforcing the security policy parameters for all access requests to the file on the blockchain platform; and optionally providing audit report of the encrypted file storage and access. A smart wallet with a group key using multiple signatures based on receipt of a threshold number of signatures. Split-key authentication by splitting the private key into two or more parts; and assigning the split private key part to two or more client devices.
Claims
exact text as granted — not AI-modified1 . A method on a blockchain platform for one or more intermediaries comprising:
receiving a ciphertext from a first user with condition parameters that has been encrypted with a dynamically selected encryption algorithm; receiving a re-encryption key for a second user from the first user; identifying whether the ciphertext is valid; re-encrypting the ciphertext; outputting the re-encrypted ciphertext only if the ciphertext is valid; and achieving security against chosen ciphertext attack and distributed denial-of-service attack; sending the re-encrypted ciphertext to the second user for decryption.
2 . The method of claim 1 , wherein the intermediary does not have the ability to decrypt the received ciphertext.
3 . The method of claim 1 , further comprising:
skipping outputting the re-encrypted ciphertext based on one or more condition parameters.
4 . The method of claim 1 , further comprising:
sending the re-encrypted ciphertext to a second intermediary for second hop re-encryption.
5 . A method of a blockchain platform for an intermediary, comprising:
receiving an encrypted file from a user for storage on the blockchain platform; mapping the user to be the owner of the encrypted file; receiving one or more security policy parameters for the encrypted file from the owner; enforcing the security policy parameters for all access requests to the file on the blockchain platform; and optionally providing audit report of the encrypted file storage and access.
6 . The method of claim 5 , wherein the owner is established using past read or write transactions performed directly on the blockchain platform.
7 . The method of claim 5 , further comprising: dividing the encrypted file into two or more parts before sending for storage on the blockchain platform.
8 . A method of a blockchain platform for a smart wallet, comprising:
assigning a total number of two or more public-private key pairs for users associated with the smart wallet; allocating a threshold number for approval on transaction on the smart wallet wherein the threshold number is less than or equal to the total number; creating a group key from the total number of public-private keys and the threshold number for approvals; using the group key to register the smart wallet on the blockchain; receiving for a transaction a shared signature based on the group key from two or more users; validating and finalizing the transaction when the received signatures are more than the threshold number.
9 . The method of claim 8 , wherein:
the smart wallet with the group key supports all the functions of a single user wallet.
10 . A method of blockchain platform for authenticating clients, comprising of:
creating a public and private key at a client device; splitting the private key into two or more parts; assigning the split private key part to two or more client devices; signing to authenticate a challenge using a partial key part at one of the client devices; sending the challenge to the remaining client devices who sequentially sign using short range wireless network connection; responding back to the challenge to login without a password.
11 . A system on a blockchain platform for one or more intermediaries comprising:
a module to receive a ciphertext from a first user with condition parameters that has been encrypted with a dynamically selected encryption algorithm; a module to receive a re-encryption key for a second user from the first user; a module to identify whether the ciphertext is valid; a module to re-encrypt the ciphertext; a module to output the re-encrypted ciphertext only if the ciphertext is valid; and a module to achieve security against chosen ciphertext attack and distributed denial-of-service attack; a module to send the re-encrypted ciphertext to the second user for decryption.
12 . The system of claim 11 , wherein the intermediary does not have the ability to decrypt the received ciphertext.
13 . The system of claim 11 , further comprising:
a module to skip outputting the re-encrypted ciphertext based on one or more condition parameters.
14 . The system of claim 11 , further comprising:
a module to send the re-encrypted ciphertext to a second intermediary for second hop re-encryption.
15 . A system of a blockchain platform for an intermediary, comprising:
a module to receive an encrypted file from a user for storage on the blockchain platform; a module to map the user to be the owner of the encrypted file; a module to receive one or more security policy parameters for the encrypted file from the owner; a module to enforce the security policy parameters for all access requests to the file on the blockchain platform; and optionally a module to provide audit report of the encrypted file storage and access.
16 . The system of claim 15 , wherein the owner is established using past read or write transactions performed directly on the blockchain platform.
17 . The system of claim 15 , further comprising: a module to divide the encrypted file into two or more parts before sending for storage on the blockchain platform.
18 . A system of a blockchain platform for a smart wallet, comprising:
a module to assign a total number of two or more public-private key pairs for users associated with the smart wallet; a module to allocate a threshold number for approval on transaction on the smart wallet wherein the threshold number is less than or equal to the total number; a module to create a group key from the total number of public-private keys and the threshold number for approvals; a module to use the group key to register the smart wallet on the blockchain; a module to receive for a transaction a shared signature based on the group key from two or more users; a module to validate and finalize the transaction when the received signatures are more than the threshold number.
19 . The system of claim 18 , wherein:
the smart wallet with the group key supports all the functions of a single user wallet.
20 . A system of blockchain platform for authenticating clients, comprising of:
a module to create a public and private key at a client device; a module to split the private key into two or more parts; a module to assign the split private key part to two or more client devices; a module to sign to authenticate a challenge using a partial key part at one of the client devices; a module to send the challenge to the remaining client devices who sequentially sign using short range wireless network connection; a module to respond back to the challenge to login without a password.Join the waitlist — get patent alerts
Track US2020313856A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.