US2021391979A1PendingUtilityA1

Sealed distributed ledger system

63
Assignee: R3 LTDPriority: Aug 14, 2019Filed: Aug 30, 2021Published: Dec 16, 2021
Est. expiryAug 14, 2039(~13.1 yrs left)· nominal 20-yr term from priority
H04L 9/50G06F 21/602G06F 21/606H04L 9/0637G06F 21/62H04L 9/3247H04L 9/3073G06F 16/2379G06F 21/54G06F 16/1815H04L 9/3239H04L 9/0819H04L 2209/56G06F 16/184G06F 21/53H04L 2209/38
63
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system for ensuring privacy of transactions is provided. The system may be performed by a computing system during execution of trusted code within a secure enclave of the computing system. The system receives an indication of a transaction. The system validates the transaction. The system encrypts the validated transaction using an encryption key of the trusted code. The system requests untrusted code of the computing system to store the encrypted validated transaction in a portion of a data store. The untrusted code cannot decrypt the encrypted validated transaction that is stored in the data store. Rather, only the trusted code can decrypt the encrypted validated transaction.

Claims

exact text as granted — not AI-modified
1 . A method performed by a computing system for obscuring a memory access pattern of target code of a secure enclave of the computing system, the method comprising:
 executing the target code of the secure enclave that accesses data stored at locations in memory of the computing system, each memory access for data including a reference to the location at which the data is stored; and   when an obscure criterion is satisfied, executing obscuring code of the secure enclave that:
 rearranges data that is stored in memory so that the rearranged data is stored at new locations that are different from the locations before rearranging; and 
 adjusts references to the rearranged data to refer to the new locations so that the target code accesses the rearranged data based on the adjusted references. 
   
     
     
         2 . The method of  claim 1  wherein the obscuring code executes during garbage collection of the data. 
     
     
         3 . The method of  claim 1  wherein the obscuring code executes at randomized times. 
     
     
         4 . The method of  claim 1  wherein the rearranging is based on a randomization. 
     
     
         5 . The method of  claim 1  wherein a virtual machine of the secure enclave executes the target code. 
     
     
         6 . The method of  claim 5  wherein the obscuring code is executed by a garbage collector of the virtual machine. 
     
     
         7 . The method of  claim 5  wherein the virtual machine is a Java virtual machine. 
     
     
         8 . The method of  claim 5  wherein the virtual machine maintains translation information to translate target references used by the target code and virtual machine references used by the virtual machine to access the locations in memory. 
     
     
         9 . The method of  claim 8  wherein the virtual machine references are virtual addresses that are mapped to physical addresses when accessing data. 
     
     
         10 . The method of  claim 8  wherein the adjusting adjusts the virtual machine references. 
     
     
         11 . A method performed by a computing system for obscuring message sizes of messages of target code of a secure enclave of the computing system, the method comprising:
 executing the target code, wherein the target code requests to send messages having original message sizes; and   when the target code requests to send a message, executing obscuring code of the secure enclave that:
 adjusts the original message size of the message to an adjusted message size; and 
 sends the message as part of a message having the adjusted message size. 
   
     
     
         12 . The method of  claim 11  wherein the adjusted message size is larger than the original message size. 
     
     
         13 . The method of  claim 12  wherein the adjusted message size is larger by an amount that is based on a randomization. 
     
     
         14 . The method of  claim 13  wherein the amount is based on a maximum message size. 
     
     
         15 . The method of  claim 14  wherein the maximum message size is reduced based on the original message sizes of previously sent messages. 
     
     
         16 . The method of  claim 14  wherein the amount is based on a maximum message size of messages previously sent. 
     
     
         17 . The method of  claim 11  wherein the adjusting of the original message size splits the message into multiple messages with each of the multiple messages having a split message size and the sending sends the multiple messages. 
     
     
         18 . The method of  claim 11  further comprising executing code that, when a message with an adjusted message size is received from a secure enclave of another computing system, sets a message size of the received message to an original message size. 
     
     
         19 . The method of  claim 18  wherein the message includes the original message size. 
     
     
         20 . The method of  claim 11  further comprising executing code that, when multiple split messages of a sent message are received from a secure enclave of another computing system, combines the split messages into the sent message having an original message size of the sent message. 
     
     
         21 . A computing system that obscures a memory access pattern of target code of a secure enclave of the computing system, the computing system comprising:
 one or more computer-readable storage mediums for storing computer-executable instructions for controlling the computing system to:
 access data stored in memory, each access for the data including a reference to a location in memory at which the data is stored; and 
 rearrange the data so that the rearranged data is stored at new locations; and 
 adjust references to the rearranged data to refer to the new locations so that the rearranged data is accessible based on the adjusted references; and 
   one or more processors for executing the computer-executable instructions stored in the one or more computer-readable storage mediums.   
     
     
         22 . The computing system of  claim 21  wherein the instructions that rearrange and adjust are executed during garbage collection of the data. 
     
     
         23 . The computing system of  claim 21  wherein the instructions that rearrange and adjust are executed at randomized times. 
     
     
         24 . The computing system of  claim 21  wherein the rearranging is based on a randomization. 
     
     
         25 . The computing system of  claim 21  wherein a virtual machine of the secure enclave executes the instructions to access the data. 
     
     
         26 . The computing system of  claim 25  wherein the instructions that rearrange and adjust are executed by a garbage collector of the virtual machine. 
     
     
         27 . The computing system of  claim 25  wherein the virtual machine is a Java virtual machine. 
     
     
         28 . The computing system of  claim 25  wherein the virtual machine maintains translation information to translate target references used by the target code and virtual machine references used by the virtual machine to access the locations in memory. 
     
     
         29 . The computing system of  claim 28  wherein the virtual machine references are virtual addresses that are mapped to physical addresses when accessing data. 
     
     
         30 . The computing system of  claim 28  wherein the adjusting adjusts the virtual machine references. 
     
     
         31 . A computing system that obscures message sizes of messages of target code of a secure enclave of the computing system, the computing system comprising:
 one or more computer-readable storage mediums for storing computer-executable instructions for controlling the computing system to:
 receive a request to send a message having an original message size; 
 split the message into multiple messages each having a message size adjusted from the original message size of the message; and 
 send the multiple messages to code of a secure enclave of another computing system; 
 wherein when the multiple messages are received by the code of the secure enclave of the other computing system, the secure enclave of the other computing system combines the multiple messages into the message having the original message size; and 
   one or more processors for executing the computer-executable instructions stored in the one or more computer-readable storage mediums.   
     
     
         32 . The computing system of  claim 31  wherein the adjusted message size is larger than the original message size. 
     
     
         33 . The computing system of  claim 32  wherein the adjusted message size is larger by an amount that is based on a randomization. 
     
     
         34 . The computing system of  claim 33  wherein the amount is based on a maximum message size. 
     
     
         35 . The computing system of  claim 34  wherein the maximum message size is reduced based on the original message sizes of previously sent messages. 
     
     
         36 . The computing system of  claim 34  wherein the amount is based on a maximum message size of messages previously sent. 
     
     
         37 . The computing system of  claim 31  wherein the computer-executable instructions further include instructions to, when a message with an adjusted message size is received from code of secure enclave of another computing system, set a message size of the received message to an original message size of the received message. 
     
     
         38 . The computing system of  claim 37  wherein the message includes the original message size. 
     
     
         39 . The computing system of  claim 31  wherein the combined multiple messages into the sent message has the original message size of the sent message.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.