Method and apparatus for trustworthy provision of data elements and method for checking a dataset with a plurality of data elements
Inventors
Gasiba, Tiago • Cuellar Jaramillo, Jorge Ricardo • Suppan, Santiago Reinhard
Assignees
Publication Number
US-12332863-B2
Publication Date
2025-06-17
Expiration Date
2043-06-01
Interested in licensing this patent?
MTEC can help explore whether this patent might be available for licensing for your application.
Abstract
Methods and apparatuses relate to transferring user-specific data that can be validated via a hash tree. If not all of the underlying data of the hash tree is transferred, then in place of the non-transferred data, a suitable hash value from the hash tree can be transferred. The data to be transferred includes at least one reference data element which is suitable for checking the authenticity of the sender.
Core Innovation
The invention relates to a method and apparatus for the trustworthy provision of data elements and a method for checking a dataset comprising multiple data elements. It addresses the need to ensure the trustworthiness and authenticity of digitally signed documents by validating user-specific data elements using a hash tree, such as a Merkle tree.
The problem addressed is that users often do not wish to disclose all their data elements to a recipient, but conventional hash tree validation requires the entirety of the data elements to calculate and verify the root hash. This prevents verification if only partial data is shared.
The invention solves this problem by enabling verification of a subset of data elements. Selected data elements including at least one reference data element suitable for identity validation are transferred alongside hash values of nodes in the hash tree corresponding to the non-transferred elements. This ensures that even with partial data transfer, the integrity and authenticity of the subset can be reliably verified using the root hash and associated hash values from the hash tree.
Claims Coverage
The patent includes two independent claims covering a method and an apparatus for trustworthy provision of data elements with key inventive features.
Provision of a dataset with partial data elements and corresponding hash tree values
Calculating hash values for a plurality of data elements including at least one reference data element for identity validation; creating a hash tree where these hash values form the leaves; selecting a subset of data elements including the reference data element; creating a dataset comprising the selected data elements, the root hash value of the hash tree, and hash values of the non-selected data elements; and outputting this dataset.
Apparatus configured for selective data element provision with hash tree validation
An apparatus storing data elements including at least one reference data element; calculating hash values; creating a hash tree with these as leaves; selecting a subset of data elements including the reference data element; creating a dataset including the selected elements, root hash, and hash values of non-selected elements; and outputting this dataset.
The independent claims cover a method and an apparatus enabling secure, flexible transfer of selected user data elements along with necessary hash tree hash values, ensuring verifiability of authenticity and integrity even when only part of the data is disclosed.
Stated Advantages
Enables reliable verification of user-specific data elements even when only a subset is transferred, improving flexibility and user privacy.
Increases the trustworthiness of transferred data by including a reference data element which authenticates the identity of the data originator.
Enhances security by allowing modification values to be applied to node values in the hash tree, preventing brute force attacks on data elements with limited possible values.
Supports selective disclosure customized per receiver, preventing correlation of data disclosed to different recipients and ensuring controlled data sharing.
Documented Applications
Checking digital documents and digitally signed data where user-specific information is selectively disclosed for privacy reasons.
Authentication of a user’s identity via a reference data element such as a public key used for signature verification in various digital communication scenarios.
Verification of subsets of user-related data elements in digital processes requiring partial disclosure and selective data sharing.
Interested in licensing this patent?