Patents by Inventor Srdjan Capkun
Srdjan Capkun has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11595188Abstract: A method for storing a data file (DF) on a storage entity (SE) includes receiving, by a proxy (PE) and from a computing entity (CE), a plurality of hash values corresponding to a plurality of blocks of the DF. The PE may check whether the plurality of blocks of the DF are stored in the SE based on the plurality of hash values. Based on determining that at least a subset of the plurality of blocks of the DF are not being stored in the SE, the PE may compute a secret associated with an encryption key. The PE may transmit, to the CE, the secret. The PE may receive, from the CE, information including storage locations of the subset of the plurality of blocks within the SE and one or more hash values, of the plurality of hash values, associated with the subset of the plurality of blocks.Type: GrantFiled: September 14, 2020Date of Patent: February 28, 2023Assignee: NEC CORPORATIONInventors: Ghassan Karame, Claudio Soriente, Hubert Ritzdorf, Srdjan Capkun
-
Publication number: 20220391900Abstract: A method for operating a mining pool includes running, by a mining pool operator, a blockchain node and at least one enclave. The blockchain node is connected to the enclave as well as to a blockchain P2P network and to a publicly available site. The method further includes checking, by the blockchain node, validity of incoming blocks and transactions received from the blockchain P2P network, and forwarding information on the received blocks and transactions to the at least one enclave. The method further includes creating, by the at least one enclave, a state transparency log and inserting the block and transaction information received from the blockchain node into the state transparency log, and signing, by the at least one enclave, the state transparency log and publishing the state transparency log at the publicly available site.Type: ApplicationFiled: September 25, 2020Publication date: December 8, 2022Inventors: Karl Wuest, Kari Kostiainen, Ghassan Karame, Srdjan Capkun
-
Patent number: 11475157Abstract: A full blockchain node for preserving privacy of a lightweight blockchain client in a blockchain network includes at least one computer device having an operating system. A trusted execution environment is installed on the at least one computer device such that code is executable by the trusted execution environment in isolation from the operating system. The trusted execution environment is configured to communicate with the lightweight blockchain client for performing blockchain transactions in a blockchain network.Type: GrantFiled: July 31, 2020Date of Patent: October 18, 2022Assignee: NEC CORPORATIONInventors: Sinisa Matetic, Ghassan Karame, Srdjan Capkun
-
Publication number: 20220147995Abstract: A method for executing smart contracts in a cryptocurrency, in which a state of the smart contract is stored on a blockchain of the cryptocurrency, is performed by a contract creator and includes determining a distributed set of service providers. A smart contract is deployed and a trust model is defined that allows the distributed set of service providers to perform a transaction that effects a state transition of the smart contract in a case that a predefined or configurable quorum of the service providers of the distributed set of service providers attests to validity of the transaction. Contract execution is offloaded to the distributed set of service providers and, in a case of achieving the quorum, the state transition effected by the transaction is included in the blockchain.Type: ApplicationFiled: July 18, 2019Publication date: May 12, 2022Inventors: Karl WUEST, Sinisa MATETIC, Ghassan KARAME, Srdjan CAPKUN
-
Patent number: 11303445Abstract: A method of preserving privacy for usage of a lightweight blockchain client in a blockchain network includes using, in a full blockchain node of the blockchain network, a trusted execution environment (TEE). A secure communication is established between the lightweight blockchain client and the TEE. The TEE receives a request from the lightweight blockchain client for at least one transaction or address of the lightweight blockchain client. The TEE obtains unspent transaction output (UTXO) information with respect to the request from the lightweight blockchain client from a UTXO database by oblivious database access using an oblivious RAM (ORAM) protocol.Type: GrantFiled: March 27, 2019Date of Patent: April 12, 2022Assignee: NEC CORPORATIONInventors: Sinisa Matetic, Karl Wuest, Moritz Schneider, Kari Kostiainen, Ghassan Karame, Srdjan Capkun
-
Publication number: 20200412529Abstract: A method for storing a data file (DF) on a storage entity (SE) includes receiving, by a proxy (PE) and from a computing entity (CE), a plurality of hash values corresponding to a plurality of blocks of the DF. The PE may check whether the plurality of blocks of the DF are stored in the SE based on the plurality of hash values. Based on determining that at least a subset of the plurality of blocks of the DF are not being stored in the SE, the PE may compute a secret associated with an encryption key. The PE may transmit, to the CE, the secret. The PE may receive, from the CE, information including storage locations of the subset of the plurality of blocks within the SE and one or more hash values, of the plurality of hash values, associated with the subset of the plurality of blocks.Type: ApplicationFiled: September 14, 2020Publication date: December 31, 2020Inventors: Ghassan Karame, Claudio Soriente, Hubert Ritzdorf, Srdjan Capkun
-
Publication number: 20200364368Abstract: A full blockchain node for preserving privacy of a lightweight blockchain client in a blockchain network includes at least one computer device having an operating system. A trusted execution environment is installed on the at least one computer device such that code is executable by the trusted execution environment in isolation from the operating system. The trusted execution environment is configured to communicate with the lightweight blockchain client for performing blockchain transactions in a blockchain network.Type: ApplicationFiled: July 31, 2020Publication date: November 19, 2020Inventors: Sinisa Matetic, Ghassan Karame, Srdjan Capkun
-
Patent number: 10819506Abstract: A method for storing a data file, ‘DF’ on a storage entity, ‘SE’ includes a computing entity, ‘CE’, chunking the DF into a number of blocks using a one-way-function and a chunking key. The CE may compute a hash value for each of the blocks. One or more proxies, ‘PE’, may check whether the blocks are already stored, resulting in a first number of already stored blocks and a second number of blocks not being stored. The CE may encrypt the blocks not being stored using an encryption key, transmit the encrypted blocks to the SE for storing, and inform the PE about the hash value of each of the transmitted blocks and corresponding storage location information of the transmitted blocks.Type: GrantFiled: October 7, 2015Date of Patent: October 27, 2020Assignee: NEC CORPORATIONInventors: Ghassan Karame, Claudio Soriente, Hubert Ritzdorf, Srdjan Capkun
-
Publication number: 20200328889Abstract: A method of preserving privacy for usage of a lightweight blockchain client in a blockchain network includes using, in a full blockchain node of the blockchain network, a trusted execution environment (TEE). A secure communication is established between the lightweight blockchain client and the TEE. The TEE receives a request from the lightweight blockchain client for at least one transaction or address of the lightweight blockchain client. The TEE obtains unspent transaction output (UTXO) information with respect to the request from the lightweight blockchain client from a UTXO database by oblivious database access using an oblivious RAM (ORAM) protocol.Type: ApplicationFiled: March 27, 2019Publication date: October 15, 2020Inventors: Sinisa Matetic, Karl Wuest, Moritz Schneider, Kari Kostiainen, Ghassan Karame, Srdjan Capkun
-
Patent number: 10783272Abstract: A method of preserving privacy for usage of a lightweight blockchain client in a blockchain network includes using, in a full blockchain node of the blockchain network, a secure software guard extensions (SGX) enclave. A request is received from the lightweight blockchain client for a setup of a secure network connection. A client unique ID is received from the lightweight blockchain client, and is acknowledged following a successful attestation by the lightweight blockchain client. A request is received from the lightweight blockchain client for transaction(s)/address(es) of the lightweight blockchain client. The SGX enclave loads and searches unspent transaction outputs (UTXO) from a memory of the full blockchain node and sends a response to the request from the lightweight blockchain client for the transaction(s)/address(es) based on a match from the searching the UTXO. The secure communication is then terminated with the lightweight blockchain client.Type: GrantFiled: December 8, 2017Date of Patent: September 22, 2020Assignee: NEC CORPORATIONInventors: Sinisa Matetic, Ghassan Karame, Srdjan Capkun
-
Patent number: 10785167Abstract: A method for controlling access to a shared resource for a plurality of collaborative users includes securely providing, on a storage and device entity, the shared resource. The shared resource is created by a resource owner entity. The method further includes specifying access control rules for the shared resource, translating the access control rules into a smart contract, including the smart contract into a blockchain, and if a second user requests access to the shared resource, performing access decisions for the shared resource by evaluating the smart contract with regard to the access control rules.Type: GrantFiled: July 26, 2016Date of Patent: September 22, 2020Assignee: NEC CORPORATIONInventors: Ghassan Karame, Damian Gruber, Hubert Ritzdorf, Srdjan Capkun
-
Patent number: 10649847Abstract: A communication apparatus comprising: a plurality of communication processes, each performing communication process on a flow associated thereto; a plurality of network interfaces, each of the network interfaces adapted to be connected to a network; a dispatcher that receives a packet from the network interface and dispatches the packet to an associated communication process, based on a dispatch rule that defines association of a flow to a communication process to which the flow is dispatched; and a control unit that performs control to roll back each of the communication processes using saved image thereof.Type: GrantFiled: May 11, 2015Date of Patent: May 12, 2020Assignee: NEC CorporationInventors: Takayuki Sasaki, Adrian Perrig, Srdjan Capkun, Claudio Soriente, Ramya Jayaram Masti, Jason Lee
-
Patent number: 10601632Abstract: A communication apparatus comprising a plurality of communication processes, each of the communication processes configured to be executed in an environment allocated thereto and isolated from each of one or more environments arranged for remaining one or more processes, each of the communication processes performing communication processing on a flow associated thereto, a network interface connected to a network; a dispatcher that dispatches a packet to the communication process based on a dispatch rule that defines association of a flow with a communication process.Type: GrantFiled: May 11, 2015Date of Patent: March 24, 2020Assignee: NEC CorporationInventors: Takayuki Sasaki, Adrian Perrig, Srdjan Capkun, Claudio Soriente, Ramya Jayaram Masti, Jason Lee
-
Publication number: 20200067697Abstract: A method operates a blockchain to provide mutable transactions. The blockchain has a sequence of blocks, each block having transaction information, having a transaction, in its data record. A mutability policy is includable in the transaction information, and specifies conditions for changing its transaction.Type: ApplicationFiled: March 22, 2018Publication date: February 27, 2020Inventors: Ivan Puddu, Alexandra Dmitrienko, Ghassan Karame, Srdjan Capkun
-
Publication number: 20190268284Abstract: A method for controlling access to a shared resource for a plurality of collaborative users includes securely providing, on a storage and device entity, the shared resource. The shared resource is created by a resource owner entity. The method further includes specifying access control rules for the shared resource, translating the access control rules into a smart contract, including the smart contract into a blockchain, and if a second user requests access to the shared resource, performing access decisions for the shared resource by evaluating the smart contract with regard to the access control rules.Type: ApplicationFiled: July 26, 2016Publication date: August 29, 2019Inventors: Ghassan Karame, Damian Gruber, Hubert Ritzdorf, Srdjan Capkun
-
Publication number: 20190180047Abstract: A method of preserving privacy for usage of a lightweight blockchain client in a blockchain network includes using, in a full blockchain node of the blockchain network, a secure software guard extensions (SGX) enclave. A request is received from the lightweight blockchain client for a setup of a secure network connection. A client unique ID is received from the lightweight blockchain client, and is acknowledged following a successful attestation by the lightweight blockchain client. A request is received from the lightweight blockchain client for transaction(s)/address(es) of the lightweight blockchain client. The SGX enclave loads and searches unspent transaction outputs (UTXO) from a memory of the full blockchain node and sends a response to the request from the lightweight blockchain client for the transaction(s)/address(es) based on a match from the searching the UTXO. The secure communication is then terminated with the lightweight blockchain client.Type: ApplicationFiled: December 8, 2017Publication date: June 13, 2019Inventors: Sinisa Matetic, Ghassan Karame, Srdjan Capkun
-
Patent number: 10291392Abstract: A method for encrypting data based on all-or-nothing encryption includes: providing, by an encryption system, data to be encrypted and an encryption key; dividing, by the encryption system, the data into an odd number of blocks, wherein each of the blocks has the same size; encrypting, by the encryption system, the blocks with the encryption key to obtain an intermediate ciphertext c? comprising intermediate ciphertext blocks c0?, . . . , cN?, wherein c0? corresponds to a random seed and c1?, . . . , cN? corresponds to the encrypted blocks; and obtaining, by the encryption system, a final ciphertext c using the intermediate ciphertext c?. An intermediate overall ciphertext t is obtained based on XOR'ing the intermediate ciphertext blocks c0?, . . . , cN?; and obtaining a plurality of final ciphertext blocks c1, . . . cN by XOR'ing respective intermediate ciphertext blocks c1?, . . . , cN? with the intermediate overall ciphertext t.Type: GrantFiled: August 28, 2017Date of Patent: May 14, 2019Assignee: NEC CORPORATIONInventors: Ghassan Karame, Claudio Soriente, Srdjan Capkun
-
Publication number: 20180287782Abstract: A method for storing a data file, ‘DF’ on a storage entity, ‘SE’ includes a computing entity, ‘CE’, chunking the DF into a number of blocks using a one-way-function and a chunking key. The CE may compute a hash value for each of the blocks. One or more proxies, ‘PE’, may check whether the blocks are already stored, resulting in a first number of already stored blocks and a second number of blocks not being stored. The CE may encrypt the blocks not being stored using an encryption key, transmit the encrypted blocks to the SE for storing, and inform the PE about the hash value of each of the transmitted blocks and corresponding storage location information of the transmitted blocks.Type: ApplicationFiled: October 7, 2015Publication date: October 4, 2018Inventors: Ghassan Karame, Claudio Soriente, Hubert Ritzdorf, Srdjan Capkun
-
Publication number: 20180165156Abstract: A communication apparatus comprising: a plurality of communication processes, each performing communication process on a flow associated thereto; a plurality of network interfaces, each of the network interfaces adapted to be connected to a network; a dispatcher that receives a packet from the network interface and dispatches the packet to an associated communication process, based on a dispatch rule that defines association of a flow to a communication process to which the flow is dispatched; and a control unit that performs control to roll back each of the communication processes using saved image thereof.Type: ApplicationFiled: May 11, 2015Publication date: June 14, 2018Applicant: NEC CorporationInventors: Takayuki SASAKI, Adrian PERRIG, Srdjan CAPKUN, Claudio SORIENTE, Ramya Jayaram MASTI, Jason LEE
-
Publication number: 20180159716Abstract: A communication apparatus comprising a plurality of communication processes, each of the communication processes configured to be executed in an environment allocated thereto and isolated from each of one or more environments arranged for remaining one or more processes, each of the communication processes performing communication processing on a flow associated thereto, a network interface connected to a network; a dispatcher that dispatches a packet to the communication process based on a dispatch rule that defines association of a flow with a communication process.Type: ApplicationFiled: May 11, 2015Publication date: June 7, 2018Applicant: NEC CorporationInventors: Takayuki SASAKI, Adrian PERRIG, Srdjan CAPKUN, Claudio SORIENTE, Ramya Jayaram MASTI, Jason LEE