Privacy preserving identity data exchange based on hybrid encryption

By using a hybrid encryption method to generate and transmit encrypted data, the security issues of existing exchangeable encryption technologies are resolved, achieving secure data transmission and privacy protection.

CN116868540BActive Publication Date: 2026-06-23VISA INTERNATIONAL SERVICE ASSOCIATION

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
VISA INTERNATIONAL SERVICE ASSOCIATION
Filing Date
2022-02-10
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Existing commutative encryption technologies have security issues because both parties know the prime factorization of the modulus, which could potentially be exploited by malicious parties. Furthermore, non-standard technologies are not widely implemented and require significant changes to current systems.

Method used

A hybrid encryption method is adopted, in which a second symmetric key is generated by the processing network computer and encrypted using a public encryption key. The encrypted data is generated by combining a key stream generation function and random numbers. The user equipment and the dependent computer perform multiple encryption and decryption operations to ensure secure data transmission.

Benefits of technology

It enables the secure transmission of sensitive data without exposing the modulus factorization, avoiding potential security risks and ensuring data integrity and privacy protection.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116868540B_ABST
    Figure CN116868540B_ABST
Patent Text Reader

Abstract

A method is disclosed. The method includes receiving, by a processing network computer from a relying party computer associated with a relying party, a request for data associated with a user operating a user device. The processing network computer is capable of retrieving first encrypted data of the user having an encrypted user layer. The processing computer is then capable of generating a second symmetric key to add an encrypted relying party layer to the first encrypted data using a stream cipher. The double encrypted data can be transmitted to the user device, which removes the encrypted user layer on the first double encrypted data and then adds a second encrypted relying party layer to form a second double encrypted data. The second double encrypted data can be transmitted to the relying party computer, which is capable of removing both encrypted relying party layers to obtain access to the data associated with the user.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] Cross-reference to related applications

[0002] This application is a PCT application that claims priority and benefit to U.S. Provisional Patent Application No. 63 / 149,125, filed February 12, 2021, which is incorporated herein by reference. Background Technology

[0003] Interactions between users and dependent parties may require users to grant access to sensitive data. In some processes, exchangeable encryption can allow the transfer of sensitive data between users and dependent parties. Exchangeable encryption is an encryption system that allows plaintext to be encrypted more than once using public keys from different users. In this system, decryption is not required before the encryption / re-encryption process. Furthermore, the resulting ciphertext can be decrypted by a designated decryption entity regardless of the order of the public keys used in the encryption / re-encryption process. A simple construct of exchangeable encryption would be the application of the RSA (Rivest, Shamir, and Adleman) cryptosystem. However, this introduces security problems because it means that each party can know the prime factorization of the other's modulus, potentially allowing malicious parties to exploit this. Other non-standard exchangeable encryption techniques exist but are not widely implemented and would require many changes to current systems.

[0004] The implementation scheme disclosed herein addresses this problem and other problems individually and collectively. Summary of the Invention

[0005] A method is disclosed. The method includes: receiving, by a processing network computer, data associated with a user operating a user equipment and a public encryption key associated with the dependent party from a dependent party computer associated with the dependent party; generating a second symmetric key by the processing network computer; encrypting the second symmetric key by the processing network computer using the public encryption key associated with the dependent party to form an encrypted second symmetric key; encrypting first encrypted data associated with the user by the processing network computer using a second keystream to form first double-encrypted data, wherein the second keystream is generated using a keystream generation function with the second symmetric key and a second random number as inputs, wherein the first encrypted data associated with the user includes plaintext data associated with the user, and wherein the plaintext data associated with the user is encrypted using a first keystream, the first keystream being generated using the keystream generation function with a first symmetric key and a first random number as inputs; transmitting the encrypted first symmetric key, the first random number, the first double-encrypted data, and the public encryption key associated with the dependent party to the user equipment by the processing network computer; and... The processing network computer receives from the user equipment an encrypted third symmetric key, a third random number, and second double-encrypted data, wherein the second double-encrypted data is formed by encrypting second encrypted data associated with the user using a third keystream, the third keystream being generated using the keystream generation function with the third symmetric key and the third random number as input; and the processing network computer transmits the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data to the dependent computer, wherein after the dependent computer receives the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data from the processing network computer, the dependent computer: decrypts the encrypted second symmetric key and the encrypted third symmetric key to obtain the second symmetric key and the third symmetric key; and uses the second symmetric key, the second random number, the third symmetric key, and the third random number to decrypt the second double-encrypted data to obtain the plaintext data associated with the user.

[0006] Another method is disclosed. The method includes: a user-operated user equipment receiving, from a processing network computer, an encrypted first symmetric key, a first random number, first double-encrypted data, and a public encryption key associated with a dependent party; the user equipment decrypting the encrypted first symmetric key using a private encryption key associated with the user equipment to obtain a first symmetric key; the user equipment decrypting the first double-encrypted data using the first symmetric key and the first random number to obtain second encrypted data associated with the user; the user equipment generating a third symmetric key; the user equipment encrypting the third symmetric key using the public encryption key associated with the dependent party to form an encrypted third symmetric key; and the user equipment encrypting the second encrypted data associated with the user using a third keystream to form a second double encryption. The data, wherein the third keystream is generated using a keystream generation function with the third symmetric key and a third random number; and the user equipment transmits the encrypted third symmetric key, the third random number, and the second double-encrypted data to the processing network computer, wherein the processing network computer: transmits the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data to a dependent computer operated by the dependent party, wherein the dependent party computer: decrypts the encrypted second symmetric key and the encrypted third symmetric key to obtain the second symmetric key and the third symmetric key; and uses the second symmetric key, the second random number, the third symmetric key, and the third random number to decrypt the second double-encrypted data to obtain plaintext data associated with the user.

[0007] Another method is disclosed. The method includes: a dependent computer, operated by a dependent party, transmitting a request to a processing network computer for data associated with a user operating a user equipment and a public encryption key associated with the dependent party, wherein the processing network computer: generates a second symmetric key; encrypts the second symmetric key using the public encryption key associated with the dependent party to form an encrypted second symmetric key; encrypts first encrypted data associated with the user using a second keystream to form first double-encrypted data, wherein the second keystream is generated using a keystream generation function with the second symmetric key and a second random number as input, wherein the first encrypted data associated with the user includes plaintext data associated with the user, and wherein the plaintext data associated with the user is encrypted using a first keystream, the first keystream being generated using the keystream generation function with a first symmetric key and a first random number as input; and transmits the encrypted first symmetric key, the first random number, and the first double-encrypted key to the user equipment. The dependent computer receives encrypted data and the public encryption key associated with the dependent party; and receives encrypted third symmetric key, third random number and second double-encrypted data from the user equipment, wherein the second double-encrypted data is formed by encrypting the second encrypted data associated with the user using a third keystream, the third keystream being generated using the keystream generation function with the third symmetric key and the third random number as input; the dependent computer receives the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number and the second double-encrypted data from the processing network computer; the dependent computer decrypts the encrypted second symmetric key and the encrypted third symmetric key to obtain the second symmetric key and the third symmetric key; and the dependent computer decrypts the second double-encrypted data using the second symmetric key, the second random number, the third symmetric key and the third random number to obtain the plaintext data associated with the user.

[0008] Other implementations may involve machines (e.g., computers, devices, or systems) that are programmed or configured to perform the methods described above.

[0009] A better understanding of the nature and advantages of embodiments of the present invention can be obtained by referring to the following detailed description and accompanying drawings. Attached Figure Description

[0010] Figure 1 A block diagram of an identity data system according to an implementation scheme is shown.

[0011] Figure 2A block diagram is shown of an identity data system using a hybrid encryption scheme and an overlay secure data exchange method, according to an implementation scheme.

[0012] Figure 3 A block diagram of a digital identity computer according to an implementation scheme is shown.

[0013] Figure 4 A block diagram of the user equipment according to the implementation scheme is shown.

[0014] Figure 5 A block diagram of the dependent computer according to the implementation scheme is shown. Detailed Implementation

[0015] Before discussing the implementation schemes of this disclosure, some terms may be described in further detail.

[0016] "User" can include an individual. In some implementations, a user can be associated with one or more personal accounts and / or mobile devices.

[0017] "User equipment" can be a device operated by a user. Examples of user equipment may include mobile phones, smartphones, cards, personal digital assistants (PDAs), laptops, desktop computers, server computers, tablet PCs, etc. Furthermore, user equipment can be any type of wearable technology device, such as watches, headphones, glasses, etc. User equipment may include one or more processors capable of processing user input. User equipment may also include one or more input sensors for receiving user input. As is known in the art, there are various input sensors capable of detecting user input, such as accelerometers, cameras, microphones, etc. User input obtained by input sensors can come from various data input types, including but not limited to audio data, visual data, or biometric data. User equipment may include any electronic device that can be operated by the user, and said electronic device may also provide remote communication capabilities with a network. Examples of remote communication capabilities include using mobile phone (wireless) networks, wireless data networks (e.g., 3G, 4G, or similar networks), Wi-Fi, Wi-Max, or any other communication medium that provides access to a network (such as the Internet or a private network).

[0018] A "resource provider" can be any suitable entity that provides resources (such as goods, services, access to secure data, access to location, etc.) to another entity. For example, a resource provider can be a merchant, venue operator, building owner, government entity, etc. A "merchant" can typically be an entity that participates in a transaction and can sell goods or services or provide access to goods or services.

[0019] "Issuer" can refer to a commercial entity (such as a bank) that issues and optionally maintains user accounts. An issuer may also issue payment credentials to consumers that are stored on user devices such as cell phones, smart cards, tablets, or laptops.

[0020] "Personal data" can be data associated with a specific user. A user's personal data can provide information about the user or things related to the user. Examples of personal data can be a user's name, date of birth, contact information (e.g., email address, phone number, IP address, etc.), home address, account numbers associated with the user (e.g., bank account number, student ID number, etc.). In some implementations, personal data can refer to proof of the original personal data. For example, personal data can be birth data such as January 1, 1970, but proof stating that "the user is over 21 years old" can also be called personal data.

[0021] A "key" can be a piece of information used in a cryptographic algorithm to transform input data into another representation. A cryptographic algorithm can be an encryption algorithm that transforms the original data into an alternative representation, or a decryption algorithm that transforms encrypted information back into the original data. Examples of cryptographic algorithms can include Triple Data Encryption Standard (TDES), Data Encryption Standard (DES), Advanced Encryption Standard (AES), etc.

[0022] A "public encryption key" can include encryption keys that can be opened and publicly shared. A public encryption key can be designed to be shared and can be configured such that any information encrypted using the public encryption key can only be decrypted using the private encryption key associated with the public encryption key (i.e., a public encryption key / private encryption key pair).

[0023] A "private encryption key" can include any encryption key that can be protected and secure. A private encryption key can be securely stored in an entity and can be used to decrypt any information that has been encrypted using the associated public encryption key in a public / private encryption key pair.

[0024] A "public encryption key / private encryption key pair" can refer to a pair of associated cryptographic keys generated by an entity. The public encryption key can be used for public functions, such as encrypting messages to be sent to the entity or verifying digital signatures that should be made by the entity. Conversely, the private encryption key can be used for private functions, such as decrypting received messages or applying digital signatures. In some implementations, the public encryption key may be authorized by a subject called a Certificate Authority (CA), which stores the public encryption key in a database and distributes it to any other entity that requests it. The private encryption key is typically kept in a secure storage medium and is usually known only to the entity. The public and private encryption keys can be in any suitable format, including formats based on Rivest-Shamir-Adleman (RSA) or Elliptic Curve Cryptography (ECC).

[0025] A stream cipher can be a symmetric-key cipher in which plaintext numbers are combined with a pseudo-random cryptographic stream (keystream). In some implementations, a stream cipher may include an underlying keystream generation function that takes a cryptographic key and a random number as input and outputs a keystream. The resulting keystream can be used to encrypt data by performing an XOR operation on the plaintext data using the keystream. For example, the cryptographic key and a random number can be input into the keystream generation function, which produces a keystream [11001101] as output. The plaintext data [00101000] can be encrypted using the keystream by performing an XOR operation on the plaintext data and the keystream together to retrieve the encrypted data [11100101]. Examples of stream ciphers may include RC4, Salsa, counter-mode block counters, etc.

[0026] "Processor" can refer to any suitable one or more data computing devices. A processor can include one or more microprocessors working together to perform the desired function. A processor can include a CPU, which includes at least one high-speed data processor sufficient to execute program components for performing user and / or system-generated requests. A CPU can be a microprocessor, such as AMD's Athlon, Duron, and / or Opteron; IBM and / or Motorola's PowerPC; IBM and Sony's Cell processors; Intel's Celeron, Itanium, Pentium, Xeon, and / or XScale; and / or similar processors.

[0027] "Memory" can be any suitable one or more devices capable of storing electronic data. Suitable memory can include non-transitory computer-readable media whose storage can be executed by a processor to implement desired methods. Examples of memory can include one or more memory chips, disk drives, etc. Such memory can be operated using any suitable electrical, optical, and / or magnetic modes of operation.

[0028] Figure 1 A block diagram of an identity data system according to an implementation scheme is shown. The identity data system includes user equipment 100, processing network computer 102, dependent-party computer 104, and identity computer 106. User equipment 100 can be operated by a user (not shown). Processing network computer 102 can be located in a processing network (e.g., a payment processing network) operated by a payment processing organization. Dependent-party computer 104 can be operated by a dependent party such as a resource provider (e.g., a merchant, library, etc.). Identity computer 106 can be operated by an identity provider (e.g., a government entity, educational institution, issuer, etc.).

[0029] Figure 1 Each component in the identity data system can be associated with a public and private encryption key of a public-key encryption scheme (e.g., RSA, ElGamal, ECDSA, etc.). Encrypting a key K to form an encryption key ENC(K) can be represented by PKE.E(PK,K) = ENC(K), where PK is the public encryption key. Decrypting encrypted data ENC(K) to obtain the unencrypted symmetric key K can be represented by PKE.D(DK,ENC(K)) = K = K, where DK is the private decryption key. User equipment 100 can be associated with the public encryption key pk associated with the user. U And the private encryption key sk associated with the user U Associated. Similarly, the dependent computer 104 can pk with the public encryption key associated with the dependent. R And the private encryption key sk associated with the dependent party R Related.

[0030] Figure 1 Components in the identity data system and any of the figures below can communicate with each other operably via any suitable communication medium 150. Suitable examples of communication medium 150 may be any and / or a combination of the following: direct interconnection; the Internet; local area network (LAN); metropolitan area network (MAN); Operational Mission as an Internet node (OMNI); secure custom connection; wide area network (WAN); wireless network (e.g., employing protocols such as, but not limited to, Wireless Application Protocol (WAP); I-mode, etc.). Figure 1Messages between computers, networks, and devices can be transmitted using secure communication protocols, such as, but not limited to, Secure Hypertext Transfer Protocol (HTTPS).

[0031] User equipment 100 can communicate with identity computer 106 to provide personal data to an identity account maintained by processing network computer 102. User equipment 100 can transmit a request to provide personal data of the user operating user equipment 100 to the identity account. For example, user equipment 100 can generate a request to identity computer 106 to provide plaintext data M associated with the user (e.g., personal data, such as the user's full name, date of birth, account associated with the user, home address, etc.) to the identity account at processing network computer 102.

[0032] Once a request for provision is received, the identity computer 106 can generate a first symmetric key K1. The identity computer 106 can then use the public encryption key pk associated with the user. U To encrypt the first symmetric key K1 to form the encrypted first symmetric key KEM U =PKE.E(pk U The identity computer 106 can then retrieve the plaintext data M associated with the user. In some embodiments, the plaintext data M associated with the user may additionally include a digital signature on the plaintext data M associated with the user (e.g., a digital signature of the private encryption key in a public / private encryption key pair associated with the identity computer 106). Adding a digital signature to the plaintext data can be used to ensure the integrity of the encrypted plaintext data. The identity computer 106 can then generate a first random number N1. The first random number N1 can be generated using a random or pseudo-random number generator. The identity computer 106 can then use a stream cipher keystream generation function F to generate a first keystream F(K1,N1) to encrypt the personal data M using the first symmetric key K1 as input. For example, the first keystream F(K1,N1) can be used to encrypt the personal data M using XOR to form the first encrypted data associated with the user. Identity computer 106 can use the encrypted first symmetric key KEM U The first random number N1 and the first encrypted data C associated with the user U The request is transmitted to the processing network computer 102 to complete the provision.

[0033] Figure 2 A block diagram is shown illustrating an identity data system using a hybrid encryption scheme and a method for overlaying secure data exchange, according to an implementation scheme. The process involves network computer 102 receiving an encrypted first symmetric key KEM from identity computer 106. UThe first random number N1 and the first encrypted data C associated with the user U Subsequently, the user operating user device 100 can initiate a secure data exchange to complete an interaction with the dependent computer 104. To complete the interaction, the user may wish to transmit plaintext data M associated with the user to the dependent computer 104. For example, the interaction could include a user borrowing a book from a library. The library could request the user to transmit their home address and account information (e.g., library card number) to the dependent computer 104 operated by the library, allowing the library to lend the book to the user. Another example interaction could include a user purchasing restricted goods, such as alcohol, from a merchant. The merchant could request the user to transmit their date of birth to the dependent computer 104 operated by the merchant, allowing the merchant to verify the user's age.

[0034] In step S200, user equipment 100 may initiate secure data exchange with dependent computer 104. For example, dependent computer 104 may detect that user equipment 100 is close by and prompt user equipment 100 to transmit (e.g., via Bluetooth, NFC, etc.) plaintext data M associated with the user. Another example may include user equipment 100 accessing a webpage maintained by dependent computer 104. User equipment 100 may indicate to dependent computer 104 that the user operating user equipment 100 has an identity account at network computer 102, and may transmit user identifiers (e.g., user's full name, user's phone number, user's email address, user's account number, etc.) to dependent computer 104.

[0035] In step S202, after receiving the user identifier from user equipment 100, the dependent computer 104 can transmit an identity request to the processing network computer 102. This identity request includes the user identifier, an indication of the user's plaintext data or the type of plaintext data (e.g., "HOME ADDRESS" and "ACCOUNT NUMBER"), and a public encryption key pk associated with the dependent party. R .

[0036] In step S204, after receiving the identity request from the dependent computer 104, the processing network computer 102 can generate a second symmetric key K2. The processing network computer 102 can then use the public encryption key pk associated with the dependent party in the identity request. R To encrypt the second symmetric key K2 to form the encrypted second symmetric key KEM R_2 =PKE.E(pk RThe processing network computer 102 can then use a random or pseudo-random number generator to generate a second random number N2. After generating the second random number N2, the processing network computer 102 can then use a keystream generation function to generate a second keystream F(K2,N2), where the second symmetric key K2 and the second random number N2 are inputs to the keystream generation function. The processing network computer 102 can retrieve first encrypted data C associated with the user, as identified by the user identifier. U The network computer 102 can then use the second keystream F(K2,N2) to process the first encrypted data C associated with the user. U Encryption is performed to form the first double-encrypted data.

[0037] In step S206, the first double-encrypted data C is formed. UR Then, the network computer 102 can encrypt the first symmetric key KEM. U First random number N1, first double-encrypted data C UR and the public encryption key p associated with the dependent party KR Transmitted to user equipment 100.

[0038] In step S208, upon receiving the encrypted first symmetric key KEM U First random number N1, first double-encrypted data C UR and the public encryption key p associated with the dependent party KR Then, user equipment 100 can use the private encryption key sk associated with the user equipment. U To encrypt the first symmetric key KEM U Decryption is performed to obtain the first symmetric key K1 = PKE.D(sk U ,KEM U User equipment 100 can then use the first symmetric key K1 and the first random number N1 to extract the first double-encrypted data C. UR The encrypted user layer is decrypted to obtain the second encrypted data associated with the user. It should be noted that C is expanded. R The right side of the expression is obtained

[0039] User equipment 100 can then generate a third symmetric key K3. User equipment 100 can then use the public encryption key pk associated with the dependent party, received from the processing network computer 102. R To encrypt the third symmetric key K3 to form the encrypted third symmetric key KEM R_3=PKE.E(pk R User equipment 100 can then use a random or pseudo-random number generator to generate a third random number N3. After generating the third random number N3, user equipment 100 can then use a keystream generation function to generate a third keystream F(K3,N3), where the third symmetric key K3 and the third random number N3 are inputs to the keystream generation function. User equipment 100 can then use the third keystream F(K3,N3) to encrypt the second encrypted data C associated with the user. R Encryption is performed to create a second double-encrypted data.

[0040] In step S210, the second double-encrypted data C is formed. RR Afterwards, user equipment 100 can encrypt the third symmetric key KEM R_3 The third random number N3 and the second double-encrypted data C RR The data is transmitted to the processing network computer 102.

[0041] In step S212, upon receiving the encrypted third symmetric key KEM from user equipment 100... R_3 The third random number N3 and the second double encryption C RR Then, the network computer 102 can encrypt the second symmetric key KEM. R_2 The third symmetric key for encryption, KEM R_3 The second random number N2, the third random number N3, and the second double-encrypted data C RR Transmitted to the dependent computer 104.

[0042] In step S214, after receiving the encrypted second symmetric key KEM from the processing network computer 102... R_2 The third symmetric key for encryption, KEM R_3 The second random number N2, the third random number N3, and the second double-encrypted data C RR Then, the dependent computer 104 can use the private encryption key sk associated with the dependent party. R To encrypt the second symmetric key KEM R_2 Decryption is performed to obtain the second symmetric key K2 = PKE.D(sk) R ,KEM R_2 The dependent computer 104 can then use the private encryption key sk associated with the dependent party. R To encrypt the third symmetric key KEM R_3 Decryption is performed to obtain the third symmetric key K3 = PKE.D(sk) R ,KEM R_3The dependent computer 104 can then use the second symmetric key K2, the second random number N2, the third symmetric key K3, and the third random number N3 to encrypt the second double-encrypted data C. RR Decryption is performed to obtain plaintext data associated with the user. Note that expanding the right-hand side of the expression for M yields... The dependent computer 104 can then use the plaintext data M associated with the user to complete the interaction. For example, the dependent computer 104 can use the library account number in the plaintext data M associated with the user to verify that the user holds a library account, or the dependent computer 104 can verify the user's age to authorize the purchase of alcohol. In some implementations, when the plaintext data includes a digital signature, the dependent computer 104 can verify the digital signature by using the public encryption key from the public encryption key / private encryption key pair associated with the identity computer 106 to ensure the integrity of the plaintext data M associated with the user.

[0043] Figure 3 A block diagram of a processing network computer 300 according to an embodiment is shown. The processing network computer 300 may include a processor 302, which may be coupled to a memory 304, a network interface 306, and a computer-readable medium 308.

[0044] Memory 304 may contain encryption keys, such as plaintext symmetric keys, encrypted symmetric keys, encrypted data associated with multiple users, public encryption keys, etc. Memory 304 may be coupled internally or externally to processor 302 (e.g., via a cloud-based data storage device) and may include any combination of volatile memory and / or non-volatile memory (such as RAM, DRAM, ROM, flash memory, or any other suitable memory device).

[0045] Network interface 306 may include an interface that allows the processing network computer 300 to communicate with external computers and / or devices. Network interface 306 enables the processing network computer 300 to transfer data to and from another device, such as a user equipment, a dependent computer, or an identity computer. Some examples of network interface 306 may include a modem, a physical network interface (such as an Ethernet card or other network interface card (NIC)), a virtual network interface, a communication port, a PCMCIA slot and card, etc. Wireless protocols enabled by network interface 306 may include Wi-Fi. Data transferred via network interface 306 may be in the form of signals, which may be electrical, electromagnetic, optical, or any other signal that can be received by an external communication interface (collectively, "electronic signals" or "electronic messages"). These electronic messages, which may include data or instructions, may be provided between network interface 306 and other devices via communication paths or channels. As noted above, any suitable communication path or channel can be used, such as wires or cables, optical fibers, telephone lines, cellular links, radio frequency (RF) links, WAN or LAN networks, the Internet, or any other suitable medium.

[0046] Computer-readable medium 308 may include code executable by processor 302 for a method comprising: receiving data associated with a user operating a user equipment and a public encryption key (PK) associated with the dependent party from a dependent party computer associated with the dependent party. R The request is processed by the network computer; a second symmetric key (K2) is generated by the network computer; and the network computer uses the public encryption key (pk) associated with the dependent party. R The second symmetric key (K2) is used to encrypt the second symmetric key (KEM) to form the encrypted second symmetric key (KEM). R_2 The network computer uses a second keystream (F(K2,N2)) to encrypt the first encrypted data (C) associated with the user. U Encryption is performed to form the first double-encrypted data (C). UR The second keystream (F(K2,N2)) is generated using a keystream generation function (F) with a second symmetric key (K2) and a second random number (N2) as input, wherein the first encrypted data (C) associated with the user is... U The data includes plaintext data (M) associated with the user, wherein the plaintext data (M) associated with the user is encrypted using a first keystream (F(K1,N1)), which is generated using a keystream generation function (F) with a first symmetric key (K1) and a first random number (N1) as input; the encrypted first symmetric key (KEM) is transmitted from the processing network computer to the user equipment. U), First random number (N1), First double-encrypted data (C) UR ) and the public encryption key (pk) associated with the dependent party. R The network computer receives the encrypted third symmetric key (KEM) from the user equipment. R_3 ), third random number (N3) and second double-encrypted data (C RR ), of which the second double-encrypted data (C RR The second encrypted data (C) associated with the user is encrypted using a third keystream (F(K3,N3)). R The third keystream is generated by encryption using a keystream generation function (F) with a third symmetric key (K3) and a third random number (N3) as input; and a second symmetric key (KEM) is transmitted from the network computer to the dependent computer for encryption. R_2 ), and the third symmetric key for encryption (KEM) R_3 ), second random number (N2), third random number (N3), and second double-encrypted data (C RR ), whereby the dependent computer receives a second symmetric key (KEM) for encryption from the processing network computer. R_2 ), and the third symmetric key for encryption (KEM) R_3 ), second random number (N2), third random number (N3), and second double-encrypted data (C RR After that, the dependent computer: uses the second symmetric key for encryption (KEM). R_2 ) and the encrypted third symmetric key (KEM) R_3 The decryption process yields the second symmetric key (K2) and the third symmetric key (K3); and the second symmetric key (K2), the second random number (N2), the third symmetric key (K3), and the third random number (N3) are used to decrypt the second double-encrypted data (C). RR The data is decrypted to obtain the plaintext data (M) associated with the user.

[0047] The computer-readable medium 308 may include multiple software modules, including but not limited to an encryption module 308A, an identity management module 308B, and a communication module 308C.

[0048] In embodiments of the present invention, encryption module 308A may include any suitable encryption / decryption algorithm to encrypt and decrypt data. Suitable data encryption / decryption algorithms may include RSA, DES, triple DES, AES, etc. Additional encryption algorithms that encryption module 308A may use may include those using stream ciphers. Encryption module 308A may store a keystream generation function for generating a keystream using stream ciphers. Encryption module 308A may perform an XOR operation on the keystream and plaintext data to encrypt the plaintext data. Encryption module 308A, in conjunction with identity management module 308B, may store encryption keys that can be used with such encryption / decryption algorithms. Encryption module 308A may utilize symmetric or asymmetric encryption techniques to encrypt and / or verify data. Cryptographic keys that encryption module 308A may use may be stored in memory 304.

[0049] The identity management module 308B may include code that enables the processor 302 to manage identity accounts for multiple users. The identity management module 308B may store encrypted user data in memory 304. The identity management module 308B may retrieve encrypted data based on a received user identifier.

[0050] The communication module 308C may include code that enables the processor 302 to generate messages, forward messages, reformat messages, and / or otherwise communicate with other entities.

[0051] Figure 4 A block diagram of user equipment 400 according to an embodiment is shown. User equipment 400 may include a processor 402, which may be coupled to a memory 404, a network interface 406, and a computer-readable medium 408.

[0052] The memory 404 and the network interface 406 may have the same or different features as the memory 304 and the network interface 306 previously described.

[0053] Computer-readable medium 408 may include code executable by processor 402 for a method comprising: receiving an encrypted first symmetric key (KEM) from a network computer by a user device. U ), First random number (N1), First double-encrypted data (C) UR ) and the public encryption key (pk) associated with the dependent party. R The user equipment uses a private encryption key (sk) associated with it. U ) to encrypt the first symmetric key (KEM) U The user equipment uses the first symmetric key (K1) and a first random number (N1) to decrypt the first double-encrypted data (C) to obtain the first symmetric key (K1); the user equipment then uses the first symmetric key (K1) and a first random number (N1) to decrypt the first double-encrypted data (C).UR Decryption is performed to obtain a second encrypted data (C) associated with the user. R The user equipment generates a third symmetric key (K3); the user equipment uses the public encryption key (pk) associated with the dependent party. R The third symmetric key (K3) is used to encrypt the third symmetric key (KEM) to form the encrypted third symmetric key (KEM). R_3 The user equipment uses a third keystream (F(K3,N3)) to encrypt the second encrypted data (C) associated with the user. R Encryption is performed to form a second double-encrypted data (C). RR The third keystream (F(K3,N3)) is generated using a keystream generation function (F) with a third symmetric key (K3) and a third random number (N3); and the encrypted third symmetric key (KEM) is transmitted by the user equipment to the processing network computer. R_3 ), third random number (N3) and second double-encrypted data (C RR In this process, the network computer transmits an encrypted second symmetric key (KEM) to the dependent computer operated by the dependent party. R_2 ), and the third symmetric key for encryption (KEM) R_3 ), second random number (N2), third random number (N3), and second double-encrypted data (C RR ), and in which the dependent computer uses the second symmetric key (KEM) for encryption. R_2 ) and the encrypted third symmetric key (KEM) R_3 The process involves decrypting the data to obtain the second symmetric key (K2) and the third symmetric key (K3); and using the second symmetric key (K2), the second random number (N2), the third symmetric key (K3), and the third random number (N3) to decrypt the second double-encrypted data (C). RR The data is decrypted to obtain the plaintext data (M) associated with the user.

[0054] The computer-readable medium 408 may include multiple software modules, including but not limited to an encryption module 408A, an identity account module 408B, and a communication module 408C.

[0055] In embodiments of the present invention, encryption module 408A may include any suitable encryption / decryption algorithm to encrypt and decrypt data. Suitable data encryption / decryption algorithms may include RSA, DES, triple DES, AES, etc. Additional encryption algorithms that encryption module 408A may use may include those using stream ciphers. Encryption module 408A may store a keystream generation function for generating a keystream using stream ciphers. Encryption module 408A may use the keystream and plaintext data to perform an XOR operation to encrypt the plaintext data. Encryption module 408A may utilize symmetric or asymmetric encryption techniques to encrypt and / or verify data. Cryptographic keys that encryption module 408A may use may be stored in memory 404.

[0056] The identity account module 408B may include code that causes the processor 402 to maintain identity accounts. The identity account module 408B can be used to provide identity data from the identity computer to identity accounts maintained by the processing network computer. The identity account module 408B may store user identifiers that identify identity accounts at the processing network computer.

[0057] The communication module 408C may include code that enables the processor 402 to generate messages, forward messages, reformat messages, and / or otherwise communicate with other entities.

[0058] Figure 5 A block diagram of a dependent computer 500 according to an embodiment is shown. The dependent computer 500 may include a processor 502, which may be coupled to a memory 504, a network interface 506, and a computer-readable medium 508.

[0059] The memory 504 and the network interface 506 may have the same or different features as the memory 304 and the network interface 306 previously described.

[0060] Computer-readable medium 508 may include code executable by processor 502 for a method comprising: transmitting data associated with a user operating a user equipment and a public encryption key (PK) associated with the dependent party from a dependent party computer to a processing network computer. R The request; wherein the network computer processes: generates a second symmetric key (K2); and uses the public encryption key (pk) associated with the dependent party. R The second symmetric key (K2) is used to encrypt the second symmetric key (KEM) to form the encrypted second symmetric key (KEM). R_2 The second keystream (F(K2,N2)) is used to encrypt the first data (C) associated with the user. U Encryption is performed to form the first double-encrypted data (C). URThe second keystream (F(K2,N2)) is generated using a keystream generation function (F) with a second symmetric key (K2) and a second random number (N2) as input, wherein the first encrypted data (C) associated with the user is... U The data includes plaintext data (M) associated with the user, wherein the plaintext data (M) associated with the user is encrypted using a first keystream (F(K1,N1)), which is generated using a keystream generation function (F) with a first symmetric key (K1) and a first random number (N1) as input; the encrypted first symmetric key (KEM) is transmitted to the user equipment. U ), First random number (N1), First double-encrypted data (C) UR ) and the public encryption key (pk) associated with the dependent party. R ); and receiving an encrypted third symmetric key (KEM) from the user equipment. R_3 ), third random number (N3) and second double-encrypted data (C RR ), of which the second double-encrypted data (C RR The second encrypted data (C) associated with the user is encrypted using a third keystream (F(K3,N3)). R The third keystream is generated by encryption using a keystream generation function (F) with a third symmetric key (K3) and a third random number (N3) as input; the dependent computer receives the encrypted second symmetric key (KEM) from the processing network computer. R_2 ), and the third symmetric key for encryption (KEM) R_3 ), second random number (N2), third random number (N3), and second double-encrypted data (C RR The second symmetric key (KEM) for encryption is provided by the dependent computer. R_2 ) and the encrypted third symmetric key (KEM) R_3 The decryption process yields the second symmetric key (K2) and the third symmetric key (K3); and the dependent computer uses the second symmetric key (K2), the second random number (N2), the third symmetric key (K3), and the third random number (N3) to decrypt the second double-encrypted data (C). RR The data is decrypted to obtain the plaintext data (M) associated with the user.

[0061] The computer-readable medium 508 may include multiple software modules, including but not limited to an encryption module 508A, an interaction module 508B, and a communication module 508C.

[0062] In embodiments of the present invention, encryption module 508A may include any suitable encryption / decryption algorithm to encrypt and decrypt data. Suitable data encryption / decryption algorithms may include RSA, DES, triple DES, AES, etc. Additional encryption algorithms that encryption module 508A may use may include those using stream ciphers. Encryption module 508A may store a keystream generation function for generating a keystream using stream ciphers. Encryption module 508A may perform an XOR operation on the keystream and plaintext data to encrypt the plaintext data. Encryption module 508A may utilize symmetric or asymmetric encryption techniques to encrypt and / or verify data. For example, encryption module 508A may be used to verify digital signatures using a public encryption key. Cryptographic keys that encryption module 508A may use may be stored in memory 504.

[0063] The interaction module 508B may include code that enables the processor 502 to handle interactions. The interaction module 508B may be combined with the communication module 508C to allow the dependent computer 500 to handle interactions with external devices.

[0064] The communication module 508C may include code that enables the processor 502 to generate messages, forward messages, reformat messages, and / or otherwise communicate with other entities.

[0065] The embodiments of the present invention have many advantages. Embodiments of the present invention allow users to securely exchange encrypted data with external devices. Embodiments of the present invention protect data in transmission by applying an encryption layer, ensuring that only the intended recipient of the data can fully decrypt the encrypted data. For example, upon receiving double-encrypted data (e.g., C... UR When this occurs, the user equipment can remove the encrypted user layer to obtain a second encrypted data (e.g., C). R However, the user equipment cannot decrypt the second encrypted data because the encryption is performed using a symmetric key (e.g., K2) known only to the dependent party and the processing network. The user equipment then decrypts the second encrypted dependent party layer (e.g., using a third keystream F(K3,N3) to form C) before transmitting the data to the processing network. RRThe processing network cannot remove the two cryptographic dependency layers because it cannot access the two symmetric keys required to decrypt the data (e.g., the processing network can access K2 but not K3). Furthermore, embodiments of the present invention provide security against malicious entities in identity exchange systems. Simple exchangeable encryption techniques may require both the user and the dependency to use the same modulus to generate the encryption key, which necessitates them sharing prime factorization. Embodiments of the present invention use the symmetric key as input to a stream cipher that generates a key stream for encrypting the data, and therefore do not require the user to share prime factorization with the dependency. These simple techniques can pose significant security threats because a malicious party can deduce the other party's encryption key. Embodiments of the present invention employ standard and widely used cryptographic primitives to provide a secure data exchange method.

[0066] Other embodiments of the invention are also conceivable. For example, some embodiments may include a method comprising: transmitting data associated with a user operating a user device and a public encryption key (PK) associated with the user device to a processing network computer operated by the user device. R The request; wherein the network computer processes: generates a second symmetric key (K2); and uses the public encryption key (pk) associated with the dependent party. R The second symmetric key (K2) is used to encrypt the second symmetric key (KEM) to form the encrypted second symmetric key (KEM). R_2 The second keystream (F(K2,N2)) is used to encrypt the first data (C) associated with the user. U Encryption is performed to form the first double-encrypted data (C). UR The second keystream (F(K2,N2)) is generated using a keystream generation function (F) with a second symmetric key (K2) and a second random number (N2) as input, wherein the first encrypted data (C) associated with the user is... U The data includes plaintext data (M) associated with the user, wherein the plaintext data (M) associated with the user is encrypted using a first keystream (F(K1,N1)), which is generated using a keystream generation function (F) with a first symmetric key (K1) and a first random number (N1) as input; the encrypted first symmetric key (KEM) is transmitted to the user equipment. U ), First random number (N1), First double-encrypted data (C) UR ) and the public encryption key (pk) associated with the dependent party. R ); and receiving an encrypted third symmetric key (KEM) from the user equipment. R_3 ), third random number (N3) and second double-encrypted data (C RR), of which the second double-encrypted data (C RR The second encrypted data (C) associated with the user is encrypted using a third keystream (F(K3,N3)). R The third keystream is generated by encryption using a keystream generation function (F) with a third symmetric key (K3) and a third random number (N3) as input; the dependent computer receives the encrypted second symmetric key (KEM) from the processing network computer. R_2 ), and the third symmetric key for encryption (KEM) R_3 ), second random number (N2), third random number (N3), and second double-encrypted data (C RR The second symmetric key (KEM) for encryption is provided by the dependent computer. R_2 ) and the encrypted third symmetric key (KEM) R_3 The decryption process yields the second symmetric key (K2) and the third symmetric key (K3); and the dependent computer uses the second symmetric key (K2), the second random number (N2), the third symmetric key (K3), and the third random number (N3) to decrypt the second double-encrypted data (C). RR The data is decrypted to obtain the plaintext data (M) associated with the user.

[0067] Any software component or function described in this application can be implemented as software code executed by a processor using any suitable computer language such as Java, C, C++, C#, Objective-C, Swift, or a scripting language such as Perl or Python using, for example, conventional or object-oriented techniques. This software code can be stored as a series of instructions or commands on a computer-readable medium for storage and / or transmission. Suitable media include random access memory (RAM), read-only memory (ROM), magnetic media (e.g., hard disk drive or floppy disk), or optical media (e.g., optical disc (CD) or digital versatile optical disc (DVD)), flash memory, and so on. The computer-readable medium can be any combination of such storage or transmission devices.

[0068] Such programs can also be encoded and transmitted using carrier signals suitable for transmission over wired, optical, and / or wireless networks conforming to various protocols, including the Internet. Therefore, a computer-readable medium according to an embodiment of the invention can be created using data signals encoded with such a program. Computer-readable media encoded with program code can be packaged with a compatible device or provided separately from other devices (e.g., downloaded via the Internet). Any such computer-readable medium can reside on or within a single computer product (e.g., a hard disk drive, CD, or an entire computer system) and can exist on or within different computer products within a system or network. A computer system may include a monitor, printer, or other suitable display for providing a user with any of the results mentioned herein.

[0069] The above description is illustrative and not restrictive. Many variations of the invention will become apparent to those skilled in the art after reading this disclosure. Therefore, the scope of the invention should not be determined by reference to the foregoing description, but rather by reference to the pending claims together with their full scope or equivalents.

[0070] Without departing from the scope of the invention, one or more features of any embodiment may be combined with one or more features of any other embodiment.

[0071] As used herein, unless explicitly indicated otherwise, the use of “a / an” or “the” is intended to mean “at least one”.

Claims

1. A method for data security, the method comprising: The processing network computer receives a request from the dependent party computer associated with the dependent party for data associated with the user operating the user equipment and a public encryption key associated with the dependent party; The second symmetric key is generated by the processing network computer; The processing network computer uses the public encryption key associated with the dependent party to encrypt the second symmetric key to form an encrypted second symmetric key; The processing network computer uses a second keystream to encrypt first encrypted data associated with the user to form first double-encrypted data, wherein the second keystream is generated using a keystream generation function with a second symmetric key and a second random number as input, wherein the first encrypted data associated with the user includes plaintext data associated with the user, and wherein the plaintext data associated with the user is encrypted using a first keystream, which is generated using the keystream generation function with a first symmetric key and a first random number as input; The processing network computer transmits to the user equipment an encrypted first symmetric key, a first random number, first double-encrypted data, and the public encryption key associated with the dependent party; The processing network computer receives encrypted third symmetric key, third random number and second double-encrypted data from the user equipment, wherein the second double-encrypted data is formed by encrypting second encrypted data associated with the user using a third key stream, and the third key stream is generated using the key stream generation function with the third symmetric key and the third random number as input; as well as The processing network computer transmits the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data to the dependent computer, wherein after the dependent computer receives the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data from the processing network computer, the dependent computer: Decrypt the encrypted second symmetric key and the encrypted third symmetric key to obtain the second symmetric key and the third symmetric key; as well as The second double-encrypted data is decrypted using the second symmetric key, the second random number, the third symmetric key, and the third random number to obtain the plaintext data associated with the user.

2. The method as described in claim 1, wherein the key stream generation function implements a counter-mode stream cipher.

3. The method of claim 1, wherein encrypting the first encrypted data associated with the user using the second keystream, encrypting the plaintext data using the first keystream, and encrypting the second encrypted data associated with the user using the third keystream includes performing an XOR operation on the data to be encrypted using the respective keystream.

4. The method of claim 1, wherein the data associated with the user operating the user equipment includes the user's identity data.

5. The method of claim 1, wherein the first symmetric key is generated by an identity computer and encrypted by the identity computer using a public encryption key associated with the user to form the encrypted first symmetric key.

6. The method of claim 1, further comprising: Before the processing network computer receives the request from the dependent party computer associated with the dependent party for data associated with the user operating the user equipment and the public encryption key associated with the dependent party: The processing network computer receives the first symmetric key, the encrypted first symmetric key, and the first random number from the identity computer.

7. The method of claim 1, wherein the request for data associated with the user operating the user equipment includes a user identifier, and wherein the processing network computer retrieves the first encrypted data associated with the user based on the user identifier.

8. The method of claim 1, wherein after the user equipment receives the encrypted first symmetric key, the first random number, the first double-encrypted data, and the public encryption key associated with the dependent party from the processing network computer, the user equipment: The encrypted first symmetric key is decrypted using a private encryption key associated with the user equipment; The first double-encrypted data is decrypted using the first symmetric key and the first random number to obtain the second encrypted data associated with the user; Generate the third symmetric key; The third symmetric key is encrypted using the public encryption key associated with the dependent party to form the encrypted third symmetric key; and The third keystream is used to encrypt the second encrypted data associated with the user to obtain the second double-encrypted data. The third keystream is generated using the keystream generation function with the third symmetric key and the third random number.

9. The method of claim 1, wherein the plaintext data associated with the user further includes a digital signature associated with the user equipment.

10. The method of claim 1, wherein the user equipment is a mobile device.

11. The method of claim 1, wherein the request for data associated with the user operating the user equipment is in the process of interaction.

12. The method of claim 1, wherein the encrypted first symmetric key, the encrypted second symmetric key, and the encrypted third symmetric key are formed using a public-key encryption scheme.

13. The method of claim 1, wherein the plaintext data associated with the user can be obtained by performing an XOR operation on the second double-encrypted data and the second key stream and the third key stream.

14. The method of claim 1, wherein the plaintext data associated with the user is provided by an identity computer.

15. A network computer, comprising: processor; as well as A non-transitory computer-readable medium, the non-transitory computer-readable medium comprising instructions executable by the processor to perform operations including: Receive a request from the dependent party's computer associated with the dependent party for data associated with the user operating the user equipment and a public encryption key associated with the dependent party; Generate a second symmetric key; The second symmetric key is encrypted using the public encryption key associated with the dependent party to form an encrypted second symmetric key; A second keystream is used to encrypt the first encrypted data associated with the user to form first double-encrypted data, wherein the second keystream is generated using a keystream generation function with a second symmetric key and a second random number as input, wherein the first encrypted data associated with the user includes plaintext data associated with the user, and wherein the plaintext data associated with the user is encrypted using a first keystream, which is generated using the keystream generation function with a first symmetric key and a first random number as input; Transmit to the user equipment an encrypted first symmetric key, a first random number, first double-encrypted data, and the public encryption key associated with the dependent party; The user equipment receives an encrypted third symmetric key, a third random number, and second double-encrypted data, wherein the second double-encrypted data is formed by encrypting second encrypted data associated with the user using a third keystream, the third keystream being generated using the keystream generation function with the third symmetric key and the third random number as input; and The dependent computer transmits the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data to the dependent computer, wherein after the dependent computer receives the encrypted second symmetric key, the encrypted third symmetric key, the second random number, the third random number, and the second double-encrypted data from the processing network computer, the dependent computer: Decrypting the encrypted second symmetric key and the encrypted third symmetric key yields the second symmetric key and the third symmetric key; and The second double-encrypted data is decrypted using the second symmetric key, the second random number, the third symmetric key, and the third random number to obtain the plaintext data associated with the user.

16. The processing network computer of claim 15, wherein the key stream generation function implements a counter-mode stream cipher.

17. The network computer of claim 15, wherein the operation further comprises: Before receiving the request from the dependent party's computer associated with the dependent party for data associated with the user operating the user equipment and the public encryption key associated with the dependent party: Receive the first symmetric key, the encrypted first symmetric key, and the first random number from the identity computer.

18. The processing network computer of claim 15, wherein using the second keystream to encrypt the first encrypted data associated with the user, using the first keystream to encrypt the plaintext data, and using the third keystream to encrypt the second encrypted data associated with the user includes performing an XOR operation on the data to be encrypted using the respective keystreams.

19. A method for data security, the method comprising: The user-operated user equipment receives, from the processing network computer, a first symmetric key for encryption, a first random number, first double-encrypted data, and a public encryption key associated with the dependent party; The user equipment uses a private encryption key associated with the user equipment to decrypt the encrypted first symmetric key to obtain the first symmetric key; The user equipment uses the first symmetric key and the first random number to decrypt the first double-encrypted data to obtain the second encrypted data associated with the user; The user equipment generates a third symmetric key; The user equipment uses the public encryption key associated with the dependent party to encrypt the third symmetric key to form an encrypted third symmetric key; The user equipment uses a third keystream to encrypt the second encrypted data associated with the user to form second double-encrypted data, wherein the third keystream is generated using a keystream generation function with the third symmetric key and a third random number; as well as The user equipment transmits the encrypted third symmetric key, the third random number, and the second double-encrypted data to the processing network computer, wherein the processing network computer: Transmitted to a dependent computer operated by the dependent party an encrypted second symmetric key, the encrypted third symmetric key, a second random number, the third random number, and the second double-encrypted data, wherein the dependent computer: Decrypt the encrypted second symmetric key and the encrypted third symmetric key to obtain the second symmetric key and the third symmetric key; as well as The second double-encrypted data is decrypted using the second symmetric key, the second random number, the third symmetric key, and the third random number to obtain plaintext data associated with the user.

20. The method of claim 19, wherein the key stream generation function implements a counter-mode stream cipher.