Anonymous credential authentication system and method thereof
US-2021160223-A1 · May 27, 2021 · US
Zero-knowledge proof-based certificate service method using blockchain network, certification support server using same, and user terminal using same
US11700133B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11700133-B2 |
| Application number | US-202017787509-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 13, 2020 |
| Priority date | Dec 31, 2019 |
| Publication date | Jul 11, 2023 |
| Grant date | Jul 11, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present invention relates to a zero-knowledge proof-based certificate service method using a blockchain network, the method comprising: (a) a step in which, if a certificate registration request transaction including user trap information generated by using at least one user personal information corresponding to a user and a private key of the user is acquired from a user terminal, a certification support server confirms whether or not the user personal information included in the certificate registration request transaction is authentic; (b) a step in which, if it is confirmed that the user personal information corresponds to the user, the certification support server computes the user personal information and the user trap information included in the certificate registration request transaction by using a commitment scheme, thereby generating a user commitment corresponding to the user personal information; and (c) a step in which the certification support server transmits a certificate transaction including the user commitment to the blockchain networks such that the blockchain network registers the certificate transaction in a distributed ledger.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for managing a certificate based on a zero-knowledge proof using a blockchain network, comprising steps of; (a) on condition that a user commitment, generated by applying an operation of a commitment scheme to user identity information and user trap information, has been registered on a distributed ledger of the blockchain network, wherein the user trap information is generated by using a secret key of a user, in response to acquiring a proof information request corresponding to the user identity information from a verification server, a user device (i) generating random nonces, (ii) verifying the user identity information by using the commitment scheme, and (iii) generating user identity proving information corresponding to the random nonces in order to check whether the user identity information satisfies a certain requirement; and (b) the user device transmitting the user identity proving information to the verification server, to thereby instruct the verification server to (i) acquire the user commitment from the blockchain network, (ii) verify the user identity information by using the user commitment acquired from the blockchain network and the user identity proving information acquired from the user device, and (vi) verify whether the user identity information satisfies the certain requirement; wherein generators of the commitment scheme are represented as g and h, the user trap information is represented as h A (the secret key), wherein said h A (the secret key) represents said h to the power of the secret key, and the user commitment is represented as comm(the user identity information)=g{circumflex over ( )}(the user identity information)*h A (the secret key), wherein said g{circumflex over ( )}(the user identity information) represents said g to the power of the user identity information, and wherein, at the step of (a), the user device (i) generates a random nonce x and a random nonce y, (ii) generates first user identity proving information g{circumflex over ( )} x*by corresponding to the random nonce x and the random nonce y by using the commitment scheme, (iii) transmits the first user identity proving information to the verification server, and (iv) in response to the verification server transmitting a random nonce c, generates (21)-st user identity proving information x′=x+c*(user identity information) and (2 2)-nd user identity proving information y′=y+c*(secret key) by referring to the user identity information, the secret key, the random nonce x, the random nonce y, and the random nonce c, and wherein, at the step of (b), the user device transmits the (2_1)-st user identity proving information x′ and the (2_2)-nd user identity proving information y′ to the verification server, to thereby instruct the verification server to check whether (1) a first verification value g{circumflex over ( )}x*h{circumflex over ( )}y*comm(the user identity information){circumflex over ( )}c generated by referring to the first user identity proving information g{circumflex over ( )}x*h{circumflex over ( )}y and the user commitment comm(the user identity information) and (2) a second verification value g{circumflex over ( )}x′*h{circumflex over ( )}y′ generated by referring to the (21)-st user identity proving information x′ and the (2_2)-nd user identity proving information y′ correspond with each other, thus verifying the user identity information. 2. A method for managing a certificate based on a zero-knowledge proof using a blockchain network, comprising steps of: (a) on condition that a user commitment, generated by applying an operation of a commitment scheme to user identity information and user trap information, has been registered on a distributed ledger of the blockchain network, wherein the user trap information is generated by using a secret key of a user, in response to acquiring a proof information request corresponding to the user identity information from a verification server, a user device (i) generating random nonces, (ii) verifying the user identity information by using the commitment scheme, and (iii) generating user identity proving information corresponding to the random nonces in order to check whether the user identity information satisfies a certain requirement; and (b) the user device transmitting the user identity proving information to the verification server, to thereby instruct the verification server to (i) acquire the user commitment from the blockchain network, (ii) verify the user identity information by using the user commitment acquired from the blockchain network and the user identity proving information acquired from the user device, and (vi) verify whether the user identity information satisfies the certain requirement; wherein generators of the commitment scheme are represented as g and h, the user trap information is represented as h A (the secret key), wherein said h A (the secret key) represents said h to the power of the secret key, and the user commitment is represented as comm(the user identity information)=g{circumflex over ( )}(the user identity information) * h A (the secret key), wherein said g{circumflex over ( )}(the user identity information) represents said g to the power of the user identity information, and wherein, at the step of (a), the user device (i) generates a random nonce x and a random nonce y, (ii) generates first user identity proving information g{circumflex over ( )}x*h{circumflex over ( )}y corresponding to the random nonce x and the random nonce y by using the commitment scheme, (iii) generates a hash value c=hash(g{circumflex over ( )}x*h{circumflex over ( )}y) by using the first user identity proving information g{circumflex over ( )}x*h{circumflex over ( )}y, and (iv) generates (2_1)-st user identity proving information x′=x+c*(user identity information) and (2_2)-nd user identity proving information y′=y+c*(secret key) by referring to the user identity information, the secret key, the random nonce x, the random nonce y, and the hash value c, and wherein, at the step of (b), the user device transmits the (2_1)-st user identity proving information x′, the (2_2)-nd user identity proving information y′, and the hash value c to the verification server, to thereby instruct the verification server to check whether (1) a verification value hash((g{circumflex over ( )}x′*h{circumflex over ( )}y′/(comm(the user identity information){circumflex over ( )}c)) generated by referring to the (2_1)-st user identity proving information x′, the (2_2)-nd user identity proving information y′, the hash value c, and the user commitment comm(the user identity information) and (2) the hash value c correspond with each other, thus verifying the user identity information. 3. A user device for managing a certificate based on a zero-knowledge proof using a blockchain network, comprising: at least one memory that stores instructions; and at least one processor configured to execute the instructions to perform processes of: (I) on condition that a user commitment, generated by applying an operation of a commitment scheme to user identity information and user trap information, has been registered on a distributed ledger of the blockchain network, wherein the user trap information is generated by using a secret key of a user, in response to acquiring a proof information request corresponding to the user identity information from a verification server, (i) generating random nonces, (ii) verifying the user identity information by using the commitment scheme, and (iii) generating user identity proving information corresponding to the random nonces in order to check whether the user identity information satisfies a certain requirement; and (II) transmitting the user identity proving information to the verification server, to thereby instruct the verification server to (i) acquire the user commitment fro
Assignees
Inventors
Classifications
- H04L9/50Primary
using hash chains, e.g. blockchains or hash trees · CPC title
- H04L9/3218Primary
using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs · CPC title
- H04L9/3265Primary
using certificate chains, trees or paths; Hierarchical trust model · CPC title
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
Hash functions, e.g. MD5, SHA, HMAC or f9 MAC · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11700133B2 cover?
- The present invention relates to a zero-knowledge proof-based certificate service method using a blockchain network, the method comprising: (a) a step in which, if a certificate registration request transaction including user trap information generated by using at least one user personal information corresponding to a user and a private key of the user is acquired from a user terminal, a certif…
- Who is the assignee on this patent?
- Coinplug Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/50. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 11 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).