US2022318403A1PendingUtilityA1

Cryptographic Pseudonym Mapping Method, Computer System, Computer Program And Computer-Readable Medium

38
Assignee: XTENDR ZRTPriority: Jul 15, 2019Filed: Jul 14, 2020Published: Oct 6, 2022
Est. expiryJul 15, 2039(~13 yrs left)· nominal 20-yr term from priority
H04L 9/0897G06F 21/602G06F 16/31H04L 9/0866H04L 2209/42H04L 9/302H04L 9/0825H04L 9/00H04L 2209/76H04L 9/3066G06F 21/55G06F 16/211H04L 9/0861
38
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

The invention is a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymized database (DB) from data relating to entities and originating from data sources (DSi), wherein the data are identified at the data sources (DSi) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymized database (DB) by pseudonyms (P) assigned to the respective entity identifiers (D) applying a one-to-one mapping. According to the invention, one mapper (M) and one key manager (KM) are applied, and a respective pseudonym (P) is generated by the mapper (M), for each encrypted entity identifier (Ci) encrypted by the data source (DSi), utilizing the mapping cryptographic key (hi) corresponding to the particular data source (DSi). The invention is further a computer system realizing the invention, as well as a computer program and a computer-readable medium.

Claims

exact text as granted — not AI-modified
1 . A cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymised database (DB) from data relating to entities and originating from data sources (DS i ), wherein the data are identified at the data sources (DS i ) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymised database (DB) by pseudonyms (P),
 characterised in that   the pseudonyms (P) are assigned to the respective entity identifiers (D) applying a one-to-one mapping, irrespective of the originating data source, by
 — applying one mapper (M) and one key manager (KM), 
 — wherein the key manager (KM) is applied for
 — selecting a secret element (b) from a predetermined algebraic structure constituting a multiplicative or additive cyclic group, 
 — selecting, for each data source (DS i ) an element (e i , a i ) to be applied as a cryptographic key by the given data source (DS i ), from the algebraic structure and sending it to the given data source (DS i ) while the element (e i , a i ) is kept secret, 
 — calculating an inverse (d i ) of the element (e i , a i ) in the given algebraic structure, and using it, together with the secret element (b), for generating a mapping cryptographic key (h i ) of the mapper (M), the mapping cryptographic key (h i ) corresponding to the given data source (DS i ), and sending the mapping cryptographic key (h i ) to the mapper (M) while keeping it secret and assigned to the given data source (DS i ), 
 
 — transforming by the data source (DS i ), each entity identifier (D) to be mapped, into a respective encrypted entity identifier (C i ) by using the element (e i , a i ) to be applied as a cryptographic key, and 
 — a respective pseudonym (P) is generated by the mapper (M), for each encrypted entity identifier (C i ) encrypted by the data source (DS i ), utilizing the mapping cryptographic key (h i ) corresponding to the particular data source (DS i ). 
   
     
     
         2 . The method according to  claim 1 , characterised by applying an algebraic structure constituting a multiplicative cyclic group, wherein values selected by the key manager (KM) are represented by residue classes modulo N, for which algebraic structure constants N=p·q, φ(N)=(p−1)·(q−1) are predetermined, wherein p and q are randomly selected prime numbers, the secret element (b) is a randomly selected prime number, and φ(N) is the value of the Euler function obtained for N,
 — the element (e i ) to be applied as the own cryptographic key of the data source (DS i ) is randomly selected by the key manager (KM), 
 — the key manager (KM) is applied for computing the inverse (d i ) of the element (e i ) to be applied as a cryptographic key, for which the equation e i ·d i ≡1 mod φ(N) is satisfied, 
 — then, the mapping cryptographic key h i =d i ·b is generated by the key manager (KM), and is sent to the mapper (M), 
 — the encrypted entity identifier (C i ) is computed by the data source (DS i ) utilizing the formula C i =D e     i    mod N, and 
 — the pseudonym (P) P=C i   h     i    mod N is computed by the mapper (M). 
 
     
     
         3 . The method according to  claim 2 , characterised in that the randomly selected prime numbers p and q can be represented utilizing half the number of bits of a chosen key size. 
     
     
         4 . The method according to  claim 2 , characterised by sending to an authorised entity (A)
 — by the key manager (KM), the inverse (d i ) of the element (e i ) to be applied as a cryptographic key,   — by the mapper (M), the encrypted entity identifier (C i ).   
     
     
         5 . The method according to  claim 1 , characterised by applying an algebraic structure constituting an additive cyclic group, wherein values are represented by points of elliptic curves defined over a number field of residue classes modulo p, where p is a prime number, for which algebraic structure the following constants are predetermined: the parameters A, B of the formula y 2 =x 3 +Ax+B mod p defining the points of an elliptic curve defined over the residue classes of the prime number p, and a point G of the curve that has an order q that is greater than the number of entity identifiers (D), a secret element (b) having a value chosen arbitrarily from among residue classes mod q,
 — the key manager (KM) is applied for randomly selecting, from among residue classes mod q, an element (a i ) to be applied as a cryptographic key by the data source (DS i ),   — then, a mapping cryptographic key h i =a i +b is generated by the key manager (KM), and is sent to the mapper (M),   — the encrypted entity identifier (C i ) is computed by the data source (DS i ) utilizing the formula C i =M⊕a i G, where operator ⊕ is the sum of the points of the elliptic curve, and   — and the pseudonym (P) P=C i ⊖h i G is calculated by the mapper (M), where A⊖B=A⊕(−B).   
     
     
         6 . The method according to  claim 5 , characterised by passing on to an authorised entity (A)
 — by the key manager (KM), the inverse (d i ) of the element (a i ) to be applied as a cryptographic key, and   — by the mapper (M), the encrypted entity identifier (C i ).   
     
     
         7 . A computer system for cryptographic pseudonymisation, the system comprising:
 — data sources (DS i ) comprising data by the entity identifiers (D) of the entities,   — a pseudonymised database (DB), in which the data are identified by pseudonyms (P),   characterised in that   the pseudonyms (P) are assigned to the respective entity identifiers (D) applying a one-to-one mapping, irrespective of the originating data source, and the system further comprises   — a mapper (M) and a key manager (KM),   — a module adapted for selecting, applying the key manager (KM), a secret element (b) from a predetermined algebraic structure constituting a multiplicative or an additive cyclic group,   — a module adapted for selecting from the algebraic structure, applying the key manager (KM), for each data source (DS i ), an element (e i , a i ) to be applied as a cryptographic key by the given data source (DS i ), and for sending it to the given data source (DS i ) while the element (e i , a i ) is kept secret,   — a module adapted for computing, applying the key manager (KM), an inverse (d i ) of the element (e i , a i ) in the given algebraic structure, for generating, by using said inverse (d i ), together with the secret element (b), a mapping cryptographic key (h i ) of the mapper (M) corresponding to the given data source (DS i ), and for sending said mapping cryptographic key (h i ) to the mapper (M) while keeping it secret and assigned to the given data source (DS i ),   — a module adapted for transforming, applying the data source (DS i ), each entity identifier (D) to be mapped into a respective encrypted entity identifier (C i ) utilizing the element (e i , a i ) to be applied as a cryptographic key, and   — a module adapted for mapping, applying the mapper (M), each encrypted entity identifier (C i ) encrypted by the data source (DS i ) utilizing the mapping cryptographic key (h i ) corresponding to the particular data source (DS i ) into a respective pseudonym (P).   
     
     
         8 . The computer system according to  claim 7 , characterised in that it comprises modules adapted for performing a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymised database (DB) from data relating to entities and originating from data sources (DS i ), wherein the data are identified at the data sources (DS i ) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymised database (DB) by pseudonyms (P),
 characterised in that   the pseudonyms (P) are assigned to the respective entity identifiers (D) applying a one-to-one mapping, irrespective of the originating data source, by
 — applying one mapper (M) and one key manager (KM), 
 — wherein the key manager (KM) is applied for
 — selecting a secret element (b) from a predetermined algebraic structure constituting a multiplicative or additive cyclic group, 
 — selecting, for each data source (DS i ) an element (e i , a i ) to be applied as a cryptographic key by the given data source (DS i ), from the algebraic structure and sending it to the given data source (DS i ) while the element (e i , a i ) is kept secret, 
 — calculating an inverse (d i ) of the element (e i , a i ) in the given algebraic structure, and using it, together with the secret element (b), for generating a mapping cryptographic key (h i ) of the mapper (M), the mapping cryptographic key (h i ) corresponding to the given data source (DS i ), and sending the mapping cryptographic key (h i ) to the mapper (M) while keeping it secret and assigned to the given data source (DS i ), 
 
 — transforming by the data source (DS i ), each entity identifier (D) to be mapped, into a respective encrypted entity identifier (C i ) by using the element (e i , a i ) to be applied as a cryptographic key, and 
   a respective pseudonym (P) is generated by the mapper (M), for each encrypted entity identifier (C i ) encrypted by the data source (DS i ), utilizing the mapping cryptographic key (h i ) corresponding to the particular data source (DS i ).   
     
     
         9 . A computer program comprising instructions which, when the program is executed by a computer, cause the computer to perform the steps of the method according to  claim 1 . 
     
     
         10 . A computer-readable medium storing the computer program according to  claim 9 .

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.