Invention Title:

SECURING ATTESTATION USING A ZERO-KNOWLEDGE DATA MANAGEMENT NETWORK

Publication number:

US20250023851

Publication date:

2025-01-16

Section:

Electricity

Class:

H04L63/0471

Inventors:

Shmuel Shaffer Palo Alto, CA, United States

Brett Shockley Bonita Springs, FL, United States

Michael Joseph Frendo Boulder, CO, United States

Alexander John Shockley Denver, CO, United States

James M. Behmke Duxbury, MA, United States

Kenneth KEITER Portland, OR, United States

Applicant:

Journey.ai Denver, CO, United States

Smart overview of the Invention

The patent application introduces a "zero-knowledge" data management network designed to enhance data security and privacy. This system allows users to share verifiable proofs of their data or identity without exposing the raw sensitive information to businesses or data storage servers. The data is encrypted and can be re-encrypted for specific recipients, ensuring that only intended parties can access it. This approach aims to protect sensitive information from unauthorized access while allowing businesses to utilize the data securely.

Technical Approach

The system operates by encrypting source data with a source encryption key and using a rekeying key for conversion. The storage server, unable to decrypt the data, uses this rekeying key to re-encrypt the data with the recipient's public key. Only the recipient can decrypt the data using their private key, maintaining confidentiality throughout the transmission process. This method ensures that sensitive information remains protected even when stored on potentially vulnerable servers.

Applications

The technology has broad applications, including secure identity verification and personalized digital experiences. Businesses can request and act on user data without directly accessing it, enhancing user privacy. Additionally, third-party attestation services can verify stored information's accuracy without reading it, ensuring integrity while maintaining confidentiality. The system also supports secure financial transactions where sensitive financial details remain hidden from unauthorized parties.

Example Implementations

Entities can perform operations without exposing sensitive information by storing it on external servers that cannot access the data.
Third-party attestation services can verify stored information's correctness without accessing the actual content.
Secure reporting mechanisms ensure that data is only shared with authorized recipients following specific triggers and approvals.
Financial transactions are protected by ensuring that relevant parties only access necessary information for transaction completion.

Benefits

This zero-knowledge network enhances privacy by decentralizing control over sensitive information and reducing exposure to potential breaches. Users maintain control over their data, businesses reduce liability associated with storing sensitive user information, and transactions are conducted securely without unnecessary exposure of financial details. Overall, this approach represents a significant advancement in secure data management and privacy protection in a connected digital world.