What technology area does this patent fall under?

Primary CPC classification H04L9/3218. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 04 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Privacy protecting transparency tree for device attestation

US11621846B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11621846-B2
Application number	US-202117212931-A
Country	US
Kind code	B2
Filing date	Mar 25, 2021
Priority date	Mar 25, 2021
Publication date	Apr 4, 2023
Grant date	Apr 4, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A system includes a binary tree having leaf hashes. The leaf hashes include a device privacy protected index and a set of zero-knowledge commitments relating to a computer device. The system calculates the device privacy protected index using a verifiable random function such that a device entity path in the binary tree cannot reveal any information about any other device in the binary tree, and associates the set of zero-knowledge commitments with the device privacy protected index. The system then generates a privacy-protected attestation for the computer device using the device privacy protected index and the set of zero-knowledge commitments.

First claim

Opening claim text (preview).

The invention claimed is: 1. A computerized process comprising: receiving into a computer processor a binary tree comprising a plurality of leaf hashes, the leaf hashes comprising a device privacy protected index and a set of zero-knowledge commitments relating to a computer device; calculating the device privacy protected index using a verifiable random function such that a device entity path in the binary tree cannot reveal any information about any other device in the binary tree; associating the set of zero-knowledge commitments with the device privacy protected index; and generating a privacy-protected attestation for the computer device using the device privacy protected index and the set of zero-knowledge commitments; wherein the binary tree comprises a Merkle binary tree; and wherein a root of the Merkle tree is signed with a provider private key and the root is verified with an associated public key. 2. The process of claim 1 , wherein the privacy-protected attestation comprises data relating to one or more of a device credential, a device attribute, a device manufacture, device firmware, a device performance characteristic, device warranty information, on-chip firmware, and a flash drive binary. 3. The process of claim 1 , comprising calculating the device privacy protected index from a computer device identifier. 4. The process of claim 1 , wherein the set of zero-knowledge commitments comprises data relating to one or more of a commitment to a public key, a commitment to a device attribute, a commitment to a device identification, and a commitment to a solution identification. 5. The process of claim 1 , wherein the privacy-protected attestation comprises authenticating the computer device to a third party, the authenticating comprising: communicating a device identity and a public key to the third party; receiving a verification from the third party; and transmitting signed attributes to the third party. 6. The process of claim 1 , wherein the privacy-protected attestation comprises an authentication or an identification between a first computer device and a second computer device. 7. The process of claim 1 , wherein the privacy-protected attestation comprises a computer device verifying its own attributes using the set of zero-knowledge commitments. 8. The process of claim 1 , wherein the verifiable random function comprises a pseudorandom function that requires a public key and a seed value. 9. A non-transitory computer-readable medium comprising instructions that when executed by a processor execute a process comprising: receiving into a computer processor a binary tree comprising a plurality of leaf hashes, the leaf hashes comprising a device privacy protected index and a set of zero-knowledge commitments relating to a computer device; calculating the device privacy protected index using a verifiable random function such that a device entity path in the binary tree cannot reveal any information about any other device in the binary tree; associating the set of zero-knowledge commitments with the device privacy protected index; and generating a privacy-protected attestation for the computer device using the device privacy protected index and the set of zero-knowledge commitments; wherein the binary tree comprises a Merkle binary tree; and wherein a root of the Merkle tree is signed with a provider private key and the root is verified with an associated public key. 10. The non-transitory computer-readable medium of claim 9 , wherein the privacy-protected attestation comprises data relating to one or more of a device credential, a device attribute, a device manufacture, firmware, a device performance characteristic, device warranty information, on-chip firmware, and a flash drive binary; and wherein the set of zero-knowledge commitments comprises data relating to one or more of a commitment to a public key, a commitment to a device attribute, a commitment to a device identification, and a commitment to a solution identification. 11. The non-transitory computer-readable medium of claim 9 , comprising instructions for calculating the device privacy protected index from a computer device identifier. 12. The non-transitory computer-readable medium of claim 9 , wherein the privacy-protected attestation comprises instructions for authenticating the computer device to a third party, and the authenticating comprises: communicating a device identity and a public key to the third party; receiving a verification from the third party; and transmitting signed attributes to the third party. 13. The non-transitory computer-readable medium of claim 9 , wherein the privacy-protected attestation comprises an authentication or identification between a first computer device and a second computer device. 14. The non-transitory computer-readable medium of claim 9 , wherein the privacy-protected attestation comprises a computer device verifying its own attributes using the set of zero-knowledge commitments. 15. The non-transitory computer-readable medium of claim 9 , wherein the verifiable random function comprises a pseudorandom function that requires a public key and a seed value. 16. A system comprising: a computer processor; and a computer memory coupled to the computer processor; wherein the computer processor is operatable for: receiving into a computer processor a binary tree comprising a plurality of leaf hashes, the leaf hashes comprising a device privacy protected index and a set of zero-knowledge commitments relating to a computer device; calculating the device privacy protected index using a verifiable random function such that a device entity path in the binary tree cannot reveal any information about any other device in the binary tree; associating the set of zero-knowledge commitments with the device privacy protected index; and generating a privacy-protected attestation for the computer device using the device privacy protected index and the set of zero-knowledge commitments; wherein the binary tree comprises a Merkle binary tree; and wherein a root of the Merkle tree is signed with a provider private key and the root is verified with an associated public key.

Assignees

Lenovo Singapore Pte Ltd

Inventors

Classifications

H04L9/3218Primary
using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs · CPC title
H04L9/0825
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
G06F16/9027Primary
Trees · CPC title

Patent family

Related publications grouped by family.

View patent family 83363904

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11621846B2 cover?: A system includes a binary tree having leaf hashes. The leaf hashes include a device privacy protected index and a set of zero-knowledge commitments relating to a computer device. The system calculates the device privacy protected index using a verifiable random function such that a device entity path in the binary tree cannot reveal any information about any other device in the binary tree, an…
Who is the assignee on this patent?: Lenovo Singapore Pte Ltd
What technology area does this patent fall under?: Primary CPC classification H04L9/3218. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 04 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).