US 9774578 B1 - Distributed Key Secret For Rewritable Blockchain - The Lens

Distributed Key Secret For Rewritable Blockchain

Published: Sep 26, 2017
Earliest Priority: May 23 2016
Family: 21
Cited Works: 14
Cited by: 6
Cites: 34
Additional Info: Cited Works Full text

Abstract

A system includes circuitry for rewriting blockchains in a non-tamper-evident or tamper-evident operation using a key secret held in portions by multiple individually untrusted parties. The blockchains may include a series of blocks secured by integrity codes that may prevent non-tamper-evident rewrites by non-trusted parties that are not in possession of the key secret or individually-untrusted parties in possession of only a portion of the key secret. In some cases, multiple individually-untrusted parties may combine their portions into the key secret. As a group, the multiple individually-untrusted parties may perform non-tamper-evident operation with respect to at least one integrity code within the blockchain.

Claims

A system comprising:
a memory;

a blockchain stored within the memory, the blockchain comprising:
a selected block comprising original data; and

a specific block comprising an integrity output, the integrity output determined from the original data as an input;

communication interface circuitry configured to:
perform a key secret exchange operation to receive portions of a key secret, the portions received on behalf of multiple individually untrusted parties;

receive a command coordinated with the key secret exchange operation, the command specifying to overwrite the original data with altered data; and

rewrite circuitry in data communication with the communication interface circuitry, the rewrite circuitry configured to:
obtain a portion combination from the portions of the key secret;

determine whether a count of the portions exceeds a rewriting threshold for rewrite privileges; and

when the count of the portions exceeds the rewriting threshold for rewrite privileges:
compute collision data that includes the altered data, where:
the collision data is coding-consistent with the integrity output, where overwriting the original data with the collision data does not introduce coding-inconsistency with the integrity output thereby preserving validity of the blockchain; and

the collision data is algorithmically determined from the portion combination and the altered data as inputs; and

responsive to the command, overwrite the original data with the collision data.
The system of claim 1, where the rewrite circuitry is further configured to fail to compute the collision data when the count does not exceed the rewriting threshold for rewrite privileges.
The system of claim 2, where the rewrite circuitry is configured to fail to compute the collision data by:
determining that the count does not exceed the rewriting threshold; and

responsive to determining that the count does not exceed the rewriting threshold, forgoing computation of the collision data.
The system of claim 2, where the rewrite circuitry is configured to:
fail to compute the collision data by generating invalid data by attempting to compute the collision data with incomplete knowledge of the key secret, the invalid data coding-inconsistent with integrity output; and

perform a tamper-evident rewrite of the blockchain by overwriting at least the original data with the invalid data.
The system of claim 1, where the specific block follows the selected block within the blockchain.
The system of claim 1, where the specific block comprises a block adjacent to the selected block within the blockchain.
The system of claim 1, where the rewrite circuitry is further configured to decrypt a cache of key secret portions when the count exceeds a granting threshold for key secret granting privileges.
A method comprising:
accessing, in memory, a blockchain comprising:
a selected block comprising original data; and

a specific block comprising an integrity output, the integrity output determined from the original data as an input;

at communication interference circuitry:
performing a key secret exchange operation to receive portions of a key secret, the portions sent by multiple individually untrusted parties;

receiving a command coordinated with the key secret exchange operation,
the command specifying to overwrite the original data with altered data; and

at rewrite circuitry:
obtaining a portion combination from the portions of the key secret;

determining whether a count of the portions exceeds a rewriting threshold for rewrite privileges; and

when the count of the portions exceeds the rewriting threshold for rewrite privileges:
computing collision data that includes the altered data, where:
the collision data is coding-consistent with the integrity output, where overwriting the original data with the collision data does not introduce coding-inconsistency with the integrity output thereby preserving validity of the blockchain; and

collision data is algorithmically determined from the portion combination and the altered data as inputs

responsive to the command, overwriting the original data with the collision data.
The method of claim 8, further comprising:
failing to compute the collision data, when the count does not exceed the rewriting threshold for rewrite privileges.
The method of claim 9, where failing to compute the collision data comprises:
determining that the count does not exceed the rewriting threshold; and

responsive to determining that the count does not exceed the rewriting threshold, forgoing computation of the collision data.
The method of claim 9, where:
failing to compute the collision data comprises: generating invalid data by attempting to compute the collision data with incomplete knowledge of the key secret, the invalid data coding-inconsistent with integrity output; and

performing a tamper-evident rewrite of the blockchain comprises overwriting at least the original data with the invalid data.
The method of claim 8, further comprising decrypting a cache of key secret portions when the count exceeds a granting threshold for key secret granting privileges.
A product comprising:
machine-readable medium other than a transitory signal;

instructions stored on the machine-readable medium, the instructions, when executed, configured to cause a processor to:
access, in memory, a blockchain comprising:
a selected block comprising original data; and

a specific block comprising an integrity output, the integrity output determined from the original data as an input;

at communication interference circuitry:
perform a key secret exchange operation to receive portions of a key secret, the portions sent by multiple individually untrusted parties;

receive a command coordinated with the key secret exchange operation, the command specifying to overwrite the original data with altered data; and

at rewrite circuitry:
obtain a portion combination from the portions of the key secret;

determine whether a count of the portions exceeds a rewriting threshold for rewrite privileges; and

when the count of the portions exceeds the rewriting threshold for rewrite privileges:
compute collision data that includes the altered data, where:

the collision data is coding-consistent with the integrity output, where overwriting the original data with the collision data does not introduce coding-inconsistency with the integrity output thereby preserving validity of the blockchain; and

collision data is algorithmically determined from the portion combination and the altered data as inputs

responsive to the command, overwrite the original data with the collision data.
The product of claim 13, where the specific block follows the selected block within the blockchain.
The product of claim 13, where the specific block comprises a block adjacent to the selected block within the blockchain.
The product of claim 13, where the instructions are configured to cause the processor to receive the portions of the key secret via the key secret exchange operation by receiving the portions of the key secret via a public key exchange protocol.
The product of claim 13, where the instructions are configured to cause the processor to receive the portions of the key secret the key secret exchange operation by performing the key secret exchange operation under authority of multiple individually-untrusted parties.
The product of claim 13, where the instructions are configured to cause the processor to access the portions of the key secret in a protected memory prior to combining the portions of the key secret.
The product of claim 13, where the instructions are configured to cause the processor to fail to compute the collision data when the count does not exceed the rewriting threshold for rewrite privileges.
The product of claim 19, where the instructions are configured to cause the processor to fail to compute the collision data by:
determining that the count does not exceed the rewriting threshold; and

responsive to determining that the count does not exceed the rewriting threshold, forgoing computation of the collision data.
The product of claim 13, where the instructions are configured to cause the processor to:
fail to compute the collision data by generating invalid data by attempting to compute the collision data with incomplete knowledge of the key secret, the invalid data coding-inconsistent with integrity output; and

perform a tamper-evident rewrite of the blockchain by overwriting at least the original data with the invalid data.