2022 DEC 06 (NewsRx) — By a News Reporter-Staff News Editor at Insurance Daily News — A patent utility by the inventors ESBENSEN, Daniel M. (Hayward, CA, US); OMOHUNDRO, Stephen (Palo Alto, CA, US), filed on May 9, 2022, was made obtainable on-line on November 17, 2022, in response to information reporting originating from Washington, D.C., by NewsRx correspondents.
This patent utility has not been assigned to an organization or establishment.
The following quote was obtained by the information editors from the background info provided by the inventors: “Common implementations of information storage safety depend on a single safety key of 256 bits being utilized to the info that then produces an encrypted copy of the info.
“Many conditions require that knowledge be extremely secured whereas in transit. These embody, however should not restricted to, high-value mental property like digital movies, delicate company and authorities knowledge, well being knowledge with Health Insurance Portability and Accountability Act of 1996 (HIPAA) privateness necessities, and private info in the European Union the place General Data Protection Regulation (GDPR) compliance requires knowledge safety. Many conditions additionally require knowledge to be extremely secured whereas bodily saved.
“Today’s cryptographic techniques for securing knowledge endure from quite a few issues. A standard technique for encrypted transport of information is to first use public key cryptography to transmit a symmetric cryptographic key after which to transmit the message knowledge encrypted utilizing symmetric cryptography with the exchanged key. The cryptography information by Latacora describes Advanced Encryption Standard-Galois/Counter Mode (AES-GCM) as the preferred mode of symmetric encryption at the moment and recommends the usage of a 256-bit key. Latacora additionally recommends Networking and Cryptography library (NaCl) for uneven encryption based mostly on the Curve25519 elliptic curve.
“Unfortunately, the event of quantum computing, will increase in {hardware} pace, the event of latest cryptanalysis algorithms, and {hardware} safety flaws have brought on many to be involved concerning the future safety of the present cryptographic strategies. The new area of “post-quantum cryptography” has proposed new algorithms that are supposed to be secure in opposition to cryptanalysis by quantum computer systems however they’re unproven and never but broadly accepted. Many are additionally frightened about the potential for backdoors in commonplace algorithms which is perhaps uncovered in the longer term. There is not any mathematical proof that both symmetric or public key encryption algorithms are literally safe. Public key cryptography, particularly, relies on unproven assumptions which many query. The solely recognized mathematically provably safe encryption method is the “One Time Pad” (OTP), which mixes the message with a random key of the identical size. But present implementations of OTPs have suffered from technological difficulties making their widespread use impractical. For instance, OTP key storage and distribution has historically been considered prohibitive.
“Another difficulty of accelerating significance is the insecurity of contemporary laptop {hardware}. Two processes which run on the identical processor can leak details about cryptographic keys between them via the processor’s instruction cache. Information left in caches may reveal supposedly secret info when speculative execution unwinds. And the “Rowhammer” and “Drammer” assaults entry reminiscence in methods that may flip bits in a key and break encryption. More and extra {hardware} and side-channel assaults are being found day-after-day. Using at the moment’s processors with the usual encryption strategies leaves the person unsure concerning the safety of their knowledge.
“Encryption techniques that are based mostly on a small key (e.g., Latacora’s beneficial 256 bits) allow assaults which uncover and transmit these small variety of bits to get well all the encrypted knowledge. The single key, as soon as recognized, will be simply and shortly despatched throughout the Internet or by different digital means and used to decrypt huge quantities of secured knowledge. Low knowledge fee transmission strategies like inaudible indicators over a pc’s speaker may even be used to transmit small keys from machines which aren’t linked to networks. Discovery of even a small variety of bytes of key knowledge can expose the contents of tons of of terabytes of supposedly secured message knowledge. In many settings, this sort of danger of publicity is unacceptable.
“When giant quantities of information should be despatched shortly from one location to a different, it is not uncommon apply to bodily transport the info on storage units (SD), resembling onerous disk drives, stable state disk drives, magnetic tape, and different media. Physical switch is used as a result of community transfers of huge quantities of information can take weeks or months. For instance, on a 100 Mbps connection, it may take over 120 days to switch 100 terabytes of information. Today’s storage units have a big capability and persevering with enhancements are anticipated. 14 terabyte onerous drives and 100 terabyte SSD drives at the moment are obtainable. Similarly, bodily storage units should be used when knowledge should be saved over time.
“The use of bodily storage units introduces the likelihood that they could be stolen whereas being transported or saved. They may grow to be corrupted or broken. These dangers of publicity or lack of knowledge should be minimized in many vital conditions.
“Moreover, in some conditions, it might be troublesome or impractical to transmit knowledge on bodily storage units, resembling when knowledge must be obtained inside a shortened time frame, or when climate, the local weather, or a transportation route makes transporting bodily storage units troublesome. In these circumstances, it might be advantageous to have a safe technique of transmitting knowledge which minimizes the danger of publicity of the info. While there are numerous standard strategies for transmitting digital knowledge securely, many of those strategies are much less safe than desired. For instance, these standard strategies might go away the info liable to being seen or accessed by unauthorized events throughout transmit, and sometimes occasions they don’t present any indication to the supposed recipient of the info that there was an intrusion.
“Thus, a heretofore unaddressed want exists in the trade to deal with the aforementioned deficiencies and inadequacies.”
In addition to the background info obtained for this patent utility, NewsRx journalists additionally obtained the inventors’ abstract info for this patent utility: “Embodiments of the current disclosure present a system and technique of controlling entry to safe knowledge utilizing a custodial TRNG disk. In this regard, one embodiment of such a way, amongst others, will be broadly summarized by the next steps: encrypting a primary amount of supply knowledge with a primary laptop processor of a computerized system utilizing first key knowledge from a primary true random quantity generator (TRNG) disk to generate a primary amount of encrypted knowledge, whereby the primary key knowledge contains not less than a block of random bits of the primary TRNG disk, whereby the primary TRNG disk is saved at a primary location by a primary entity; offering a second TRNG disk with second key knowledge comprising not less than a block of random bits of the second TRNG disk, whereby the second TRNG disk is saved at a second location by a second entity, the second location being totally different from the primary location; cloning the primary and second TRNG disk with a second processor, thereby creating not less than one first TRNG disk copy and not less than one second TRNG disk copy, whereby every of the primary and second TRNG disk copies are similar to the primary TRNG disk and the second TRNG disk, respectively, whereby the primary and second TRNG disk copies are saved at a number of areas by a custodial entity, whereby the a number of areas are totally different from the primary and second areas; encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively; and transmitting the encoded first key knowledge and the second key knowledge to a number of of the primary or second entities, whereby the primary amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“In one facet, the strategy additional contains: encrypting a second amount of supply knowledge with utilizing the second key knowledge from the second TRNG disk to generate a second amount of encrypted knowledge, whereby the second amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“In one other facet of the strategy, the custodial entity additional contains not less than first and second custodial entities, whereby the primary TRNG disk copy is saved on the a number of areas by the primary custodial entity and the second TRNG disk copy is saved on the a number of areas by the second custodial entity.
“In this facet of the strategy, encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively additional contains mutual settlement by the primary and second custodial entities.
“In one other facet of the strategy, the custodial entity additional contains three or extra custodial entities, whereby the primary and second TRNG disk copies are saved on the a number of areas by one of many three or extra custodial entities, and whereby encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively additional contains mutual settlement by not less than a portion of the three or extra custodial entities.
“In one more facet, the strategy additional contains speaking knowledge between the primary entity and the second entity by: receiving, by the primary entity, the encoded first key knowledge and the second key knowledge; encrypting the info, by the primary entity, with the encoded first key knowledge and the second key knowledge; and transmitting the encrypted knowledge to the second entity, whereby the encrypted knowledge is decryptable by the second entity utilizing the second key knowledge from the second TRNG disk.
“In this facet, encrypting the info with the encoded first key knowledge and the second key knowledge additional contains utilizing an XOR operation.
“In this facet, the encrypted knowledge is transmitted to the second entity immediately.
“In this facet, the encrypted knowledge is transmitted to the second entity via an untrusted community.
“Embodiments of the current disclosure present a system and technique for controlling safe knowledge transmission between two entities utilizing a custodial TRNG disk. In this regard, one embodiment of such a way, amongst others, will be broadly summarized by the next steps: encrypting a primary amount of supply knowledge with a primary laptop processor of a computerized system utilizing first key knowledge from a primary true random quantity generator (TRNG) disk to generate a primary amount of encrypted knowledge, whereby the primary key knowledge contains not less than a block of random bits of the primary TRNG disk, whereby the primary TRNG disk is saved at a primary location by a primary entity; offering a second TRNG disk with second key knowledge comprising not less than a block of random bits of the second TRNG disk, whereby the second TRNG disk is saved at a second location by a second entity, the second location being totally different from the primary location; cloning the primary and second TRNG disk with a second processor, thereby creating not less than one first TRNG disk copy and not less than one second TRNG disk copy, whereby every of the primary and second TRNG disk copies are similar to the primary TRNG disk and the second TRNG disk, respectively, whereby the primary and second TRNG disks copies are saved at a number of areas by a custodial entity, whereby the a number of areas are totally different from the primary and second areas; encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively; transmitting the encoded first key knowledge and the second key knowledge to the primary entity; and speaking knowledge between the primary entity and the second entity by: receiving, by the primary entity, the encoded first key knowledge and the second key knowledge; encrypting the info, by the primary entity, with the encoded first key knowledge and the second key knowledge; and transmitting the encrypted knowledge to the second entity, whereby the encrypted knowledge is decryptable by the second entity utilizing the second key knowledge from the second TRNG disk.
“In one facet, the custodial entity additional contains not less than first and second custodial entities, whereby the primary TRNG disk copy is saved on the a number of areas by the primary custodial entity and the second TRNG disk copy is saved on the a number of areas by the second custodial entity, and whereby encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively additional contains mutual settlement by the primary and second custodial entities.
“The current disclosure may also be seen as offering a system of controlling entry to safe knowledge utilizing a custodial TRNG disk. Briefly described, in structure, one embodiment of the system, amongst others, will be carried out as follows. A primary amount of supply knowledge is encrypted, with a primary laptop processor of a computerized system, utilizing first key knowledge from a primary true random quantity generator (TRNG) disk to generate a primary amount of encrypted knowledge, whereby the primary key knowledge contains not less than a block of random bits of the primary TRNG disk, whereby the primary TRNG disk is saved at a primary location by a primary entity. A second TRNG disk has second key knowledge comprising not less than a block of random bits of the second TRNG disk, whereby the second TRNG disk is saved at a second location by a second entity, the second location being totally different from the primary location. At least one first TRNG disk copy and not less than one second TRNG disk copy are created by cloning the primary and second TRNG disk with a second processor, whereby every of the primary and second TRNG disk copies are similar to the primary TRNG disk and the second TRNG disk, respectively, whereby the primary and second TRNG disk copies are saved at a number of areas by a custodial entity, whereby the a number of areas are totally different from the primary and second areas. First key knowledge and the second key knowledge is generated by encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively, whereby the encoded first key knowledge and the second key knowledge is transmitted to a number of of the primary or second entities, whereby the primary amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“In one facet, a second amount of supply knowledge is encrypted utilizing the second key knowledge from the second TRNG disk to generate a second amount of encrypted knowledge, whereby the second amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“In one other facet, the custodial entity additional contains not less than first and second custodial entities, whereby the primary TRNG disk copy is saved on the a number of areas by the primary custodial entity and the second TRNG disk copy is saved on the a number of areas by the second custodial entity.
“In this facet, the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy are encoded collectively by mutual settlement by the primary and second custodial entities.
“In one more facet, the custodial entity additional contains three or extra custodial entities, whereby the primary and second TRNG disk copies are saved on the a number of areas by one of many three or extra custodial entities, and whereby the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy are encoded collectively by mutual settlement by not less than a portion of the three or extra custodial entities.
“In one more facet, knowledge is communicated between the primary entity and the second entity, whereby the primary entity receives the encoded first key knowledge and the second key knowledge and encrypts the info with the encoded first key knowledge and the second key knowledge, and whereby the encrypted knowledge is transmitted to the second entity, whereby the encrypted knowledge is decryptable by the second entity utilizing the second key knowledge from the second TRNG disk.
“In this facet, encrypting the info with the encoded first key knowledge and the second key knowledge additional contains utilizing an XOR operation.”
There is extra abstract info. Please go to full patent to learn additional.”
The claims provided by the inventors are:
“1. A technique of controlling entry to safe knowledge utilizing a custodial TRNG disk, the strategy comprising: encrypting a primary amount of supply knowledge with a primary laptop processor of a computerized system utilizing first key knowledge from a primary true random quantity generator (TRNG) disk to generate a primary amount of encrypted knowledge, whereby the primary key knowledge contains not less than a block of random bits of the primary TRNG disk, whereby the primary TRNG disk is saved at a primary location by a primary entity; offering a second TRNG disk with second key knowledge comprising not less than a block of random bits of the second TRNG disk, whereby the second TRNG disk is saved at a second location by a second entity, the second location being totally different from the primary location; cloning the primary and second TRNG disk with a second processor, thereby creating not less than one first TRNG disk copy and not less than one second TRNG disk copy, whereby every of the primary and second TRNG disk copies are similar to the primary TRNG disk and the second TRNG disk, respectively, whereby the primary and second TRNG disk copies are saved at a number of areas by a custodial entity, whereby the a number of areas are totally different from the primary and second areas; encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG copy collectively; and transmitting the encoded first key knowledge and the second key knowledge to a number of of the primary or second entities, whereby the primary amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“2. The technique of declare 1, additional comprising encrypting a second amount of supply knowledge with utilizing the second key knowledge from the second TRNG disk to generate a second amount of encrypted knowledge, whereby the second amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“3. The technique of declare 1, whereby the custodial entity additional contains not less than first and second custodial entities, whereby the primary TRNG disk copy is saved on the a number of areas by the primary custodial entity and the second TRNG disk copy is saved on the a number of areas by the second custodial entity.
“4. The technique of declare 3, whereby encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy collectively additional contains mutual settlement by the primary and second custodial entities.
“5. The technique of declare 1, whereby the custodial entity additional contains three or extra custodial entities, whereby the primary and second TRNG disk copies are saved on the a number of areas by one of many three or extra custodial entities, and whereby encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy collectively additional contains mutual settlement by not less than a portion of the three or extra custodial entities.
“6. The technique of declare 1, additional comprising speaking knowledge between the primary entity and the second entity, comprising: receiving, by the primary entity, the encoded first key knowledge and the second key knowledge; encrypting the info, by the primary entity, with the encoded first key knowledge and the second key knowledge; and transmitting the encrypted knowledge to the second entity, whereby the encrypted knowledge is decryptable by the second entity utilizing the second key knowledge from the second TRNG disk.
“7. The technique of declare 6, whereby encrypting the info with the encoded first key knowledge and the second key knowledge additional contains utilizing an XOR operation.
“8. The technique of declare 6, whereby the encrypted knowledge is transmitted to the second entity immediately.
“9. The technique of declare 6, whereby the encrypted knowledge is transmitted to the second entity via an untrusted community.
“10. A technique of controlling safe knowledge transmission between two entities utilizing a custodial TRNG disk, the strategy comprising: encrypting a primary amount of supply knowledge with a primary laptop processor of a computerized system utilizing first key knowledge from a primary true random quantity generator (TRNG) disk to generate a primary amount of encrypted knowledge, whereby the primary key knowledge contains not less than a block of random bits of the primary TRNG disk, whereby the primary TRNG disk is saved at a primary location by a primary entity; offering a second TRNG disk with second key knowledge comprising not less than a block of random bits of the second TRNG disk, whereby the second TRNG disk is saved at a second location by a second entity, the second location being totally different from the primary location; cloning the primary and second TRNG disks with a second processor, thereby creating not less than one first TRNG disk copy and not less than one second TRNG disk copy, whereby every of the primary and second TRNG disk copies are similar to the primary TRNG disk and the second TRNG disk, respectively, whereby the primary and second TRNG disk copies are saved at a number of areas by a custodial entity, whereby the a number of areas are totally different from the primary and second areas; encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy collectively; transmitting the encoded first key knowledge and the second key knowledge to the primary entity; and speaking knowledge between the primary entity and the second entity by: receiving, by the primary entity, the encoded first key knowledge and the second key knowledge; encrypting the info, by the primary entity, with the encoded first key knowledge and the second key knowledge; and transmitting the encrypted knowledge to the second entity, whereby the encrypted knowledge is decryptable by the second entity utilizing the second key knowledge from the second TRNG disk.
“11. The technique of declare 10, whereby the custodial entity additional contains not less than first and second custodial entities, whereby the primary TRNG disk copy is saved on the a number of areas by the primary custodial entity and the second TRNG disk copy is saved on the a number of areas by the second custodial entity, and whereby encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy collectively additional contains mutual settlement by the primary and second custodial entities.
“12. A system of controlling entry to safe knowledge utilizing a custodial TRNG disk comprising: a primary amount of supply knowledge encrypted, with a primary laptop processor of a computerized system, utilizing first key knowledge from a primary true random quantity generator (TRNG) disk to generate a primary amount of encrypted knowledge, whereby the primary key knowledge contains not less than a block of random bits of the primary TRNG disk, whereby the primary TRNG disk is saved at a primary location by a primary entity; a second TRNG disk with second key knowledge comprising not less than a block of random bits of the second TRNG disk, whereby the second TRNG disk is saved at a second location by a second entity, the second location being totally different from the primary location; not less than one first TRNG disk copy and not less than one second TRNG disk copy created by cloning the primary and second TRNG disks with a second processor, whereby every of the primary and second TRNG disk copies are similar to the primary TRNG disk and the second TRNG disk, respectively, whereby the primary and second TRNG disk copies are saved at a number of areas by a custodial entity, whereby the a number of areas are totally different from the primary and second areas; encoded first key knowledge and the second key knowledge generated by encoding the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy collectively, whereby the encoded first key knowledge and the second key knowledge is transmitted to a number of of the primary or second entities, whereby the primary amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“13. The system of declare 12, whereby a second amount of supply knowledge is encrypted utilizing the second key knowledge from the second TRNG disk to generate a second amount of encrypted knowledge, whereby the second amount of encrypted knowledge is decryptable utilizing the encoded first key knowledge and the second key knowledge.
“14. The system of declare 12, whereby the custodial entity additional contains not less than first and second custodial entities, whereby the primary TRNG disk copy is saved on the a number of areas by the primary custodial entity and the second TRNG disk copy is saved on the a number of areas by the second custodial entity.
“15. The system of declare 14, whereby the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy are encoded collectively by mutual settlement by the primary and second custodial entities.
“16. The system of declare 12, whereby the custodial entity additional contains three or extra custodial entities, whereby the primary and second TRNG disk copies are saved on the a number of areas by one of many three or extra custodial entities, and whereby the primary key knowledge of the primary TRNG disk copy and the second key knowledge of the second TRNG disk copy are encoded collectively by mutual settlement by not less than a portion of the three or extra custodial entities.
“17. The system of declare 12, whereby knowledge is communicated between the primary entity and the second entity, whereby the primary entity receives the encoded first key knowledge and the second key knowledge and encrypts the info with the encoded first key knowledge and the second key knowledge, and whereby the encrypted knowledge is transmitted to the second entity, whereby the encrypted knowledge is decryptable by the second entity utilizing the second key knowledge from the second TRNG disk.
“18. The system of declare 17, whereby the info is encrypted with the encoded first key knowledge and the second key knowledge utilizing an XOR operation.
“19. The system of declare 17, whereby the encrypted knowledge is transmitted to the second entity immediately.
“20. The system of declare 17, whereby the encrypted knowledge is transmitted to the second entity via an untrusted community.”
URL and extra info on this patent utility, see: ESBENSEN, Daniel M.; OMOHUNDRO, Stephen. Method And System For Controlling Access To Secure Data Using Custodial Key Data. Filed May 9, 2022 and posted November 17, 2022.
(Our studies ship fact-based information of analysis and discoveries from all over the world.)
https://news.google.com/__i/rss/rd/articles/CBMiwgFodHRwczovL2luc3VyYW5jZW5ld3NuZXQuY29tL29hcnRpY2xlL21ldGhvZC1hbmQtc3lzdGVtLWZvci1jb250cm9sbGluZy1hY2Nlc3MtdG8tc2VjdXJlLWRhdGEtdXNpbmctY3VzdG9kaWFsLWtleS1kYXRhLWluLXBhdGVudC1hcHBsaWNhdGlvbi1hcHByb3ZhbC1wcm9jZXNzLXVzcHRvLTIwMjIwMzY2MDYwLXBhdGVudC1hcHBsaWNhdGlvbtIBAA?oc=5
