Data repository and method for promoting network storage of data
First Claim
1. A method for archiving digital records which allows the existence and content of a stored record at a point in time to be proven, while supporting a deletion mechanism which, if applied to the stored record, does not allow its existence to be proven even if the content of the stored record is guessed correctly, the method comprising:
- for each record in a set of records;
determining a content fingerprint based on content of the each record;
choosing a number that is distinct from the content fingerprint;
determining a record identifier for the each record based at least in part on the number; and
storing the each record and the number;
selecting a plurality of records from the set of records;
constructing a cryptographic hash for each record of the plurality, based at least in part on both the content fingerprint of the each record and on the record identifier for the each record;
storing a timestamp record that comprises the cryptographic hashes constructed for each record of the plurality;
determining a content fingerprint from the contents of the timestamp record;
recording the content fingerprint for the timestamp record in a manner that allows both the time of the recording and the value of the content fingerprint at the time of the recording to be later proven; and
deleting from storage a one of the plurality of records and also deleting from storage the number of the one record deleted;
wherein the choosing of a number is done in a manner designed to make it impracticable to reconstruct or guess the number if the number has been deleted from storage.
4 Assignments
0 Petitions
Accused Products
Abstract
In general, the invention features methods by which more than one client program connected to a network stores the same data item on a storage device of a data repository connected to the network. In one aspect, the method comprises encrypting the data item using a key derived from the content of the data item, determining a digital fingerprint of the data item, and storing the data item on the storage device at a location or locations associated with the digital fingerprint. In a second aspect, the method comprises determining a digital fingerprint of the data item, testing for whether the data item is already stored in the repository by comparing the digital fingerprint of the data item to the digital fingerprints of data items already in storage in the repository, and challenging a client that is attempting to deposit a data item already stored in the repository, to ascertain that the client has the full data item.
-
Citations
10 Claims
-
1. A method for archiving digital records which allows the existence and content of a stored record at a point in time to be proven, while supporting a deletion mechanism which, if applied to the stored record, does not allow its existence to be proven even if the content of the stored record is guessed correctly, the method comprising:
for each record in a set of records; determining a content fingerprint based on content of the each record; choosing a number that is distinct from the content fingerprint; determining a record identifier for the each record based at least in part on the number; and storing the each record and the number; selecting a plurality of records from the set of records; constructing a cryptographic hash for each record of the plurality, based at least in part on both the content fingerprint of the each record and on the record identifier for the each record; storing a timestamp record that comprises the cryptographic hashes constructed for each record of the plurality; determining a content fingerprint from the contents of the timestamp record; recording the content fingerprint for the timestamp record in a manner that allows both the time of the recording and the value of the content fingerprint at the time of the recording to be later proven; and deleting from storage a one of the plurality of records and also deleting from storage the number of the one record deleted; wherein the choosing of a number is done in a manner designed to make it impracticable to reconstruct or guess the number if the number has been deleted from storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
Specification