Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems

US 10,778,439 B2
Filed: 05/18/2018
Issued: 09/15/2020
Est. Priority Date: 07/14/2015
Status: Active Grant

First Claim

Patent Images

1. A transaction signing apparatus, comprising:

a memory;

a component collection in the memory, including;

a secure firmware transaction signing component implemented by a first hardware security module (HSM), wherein the first HSM is a Peripheral Component Interconnect Express (PCIe) appliance;

at least one processor disposed in communication with the memory, and configured to issue a plurality of processing instructions from the component collection stored in the memory,wherein the at least one processor issues instructions from the secure firmware transaction signing component, stored in the memory, to;

receive, via the at least one processor, by the first HSM, a transaction signing request message for a transaction from a transaction signing server (TSS), wherein the transaction signing request message includes an encrypted second master key share associated with a second HSM, wherein the second HSM is a Universal Serial Bus (USB) appliance communicatively coupled to the TSS via USB;

retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a private key decryption key corresponding to a public key encryption key previously provided by the first HSM to the TSS for the second HSM, wherein the encrypted second master key share is encrypted using the public key encryption key by the second HSM;

decrypt, via the at least one processor, by the first HSM, the encrypted second master key share using the retrieved private key decryption key;

retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a first master key share;

recover, via the at least one processor, by the first HSM, a master private key from the first master key share and the decrypted second master key share using a secret sharing method;

determine, via the at least one processor, by the first HSM, a transaction hash and a keychain path associated with the transaction signing request message;

generate, via the at least one processor, by the first HSM, a signing private key for the determined keychain path using the recovered master private key;

sign, via the at least one processor, by the first HSM, the determined transaction hash using the generated signing private key to generate a signature; and

return, via the at least one processor, the generated signature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The Seed Splitting and Firmware Extension for Secure Cryptocurrency Key Backup, Restore, and Transaction Signing Platform Apparatuses, Methods and Systems (“SFTSP”) transforms transaction signing request, key backup request, key recovery request inputs via SFTSP components into transaction signing response, key backup response, key recovery response outputs. A transaction signing request message for a transaction is received by a first HSM and includes an encrypted second master key share from a second HSM whose access is controlled by M-of-N authentication policy. The encrypted second master key share is decrypted. A first master key share is retrieved. A master private key is recovered from the master key shares. A transaction hash and a keychain path is determined. A signing private key for the keychain path is generated using the recovered master private key. The transaction hash is signed using the signing private key, and the generated signature is returned.

97 Citations

View as Search Results

16 Claims

1. A transaction signing apparatus, comprising:
- a memory;
  
  a component collection in the memory, including;
  
  a secure firmware transaction signing component implemented by a first hardware security module (HSM), wherein the first HSM is a Peripheral Component Interconnect Express (PCIe) appliance;
  
  at least one processor disposed in communication with the memory, and configured to issue a plurality of processing instructions from the component collection stored in the memory,wherein the at least one processor issues instructions from the secure firmware transaction signing component, stored in the memory, to;
  
  receive, via the at least one processor, by the first HSM, a transaction signing request message for a transaction from a transaction signing server (TSS), wherein the transaction signing request message includes an encrypted second master key share associated with a second HSM, wherein the second HSM is a Universal Serial Bus (USB) appliance communicatively coupled to the TSS via USB;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a private key decryption key corresponding to a public key encryption key previously provided by the first HSM to the TSS for the second HSM, wherein the encrypted second master key share is encrypted using the public key encryption key by the second HSM;
  
  decrypt, via the at least one processor, by the first HSM, the encrypted second master key share using the retrieved private key decryption key;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a first master key share;
  
  recover, via the at least one processor, by the first HSM, a master private key from the first master key share and the decrypted second master key share using a secret sharing method;
  
  determine, via the at least one processor, by the first HSM, a transaction hash and a keychain path associated with the transaction signing request message;
  
  generate, via the at least one processor, by the first HSM, a signing private key for the determined keychain path using the recovered master private key;
  
  sign, via the at least one processor, by the first HSM, the determined transaction hash using the generated signing private key to generate a signature; and
  
  return, via the at least one processor, the generated signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The apparatus of claim 1, wherein the second HSM includes an authentication entry device.
  - 3. The apparatus of claim 2, wherein the second HSM provides the encrypted second master key share to the TSS upon obtaining separate credentials via the authentication entry device from a predetermined number of people.
  - 4. The apparatus of claim 3, wherein the second HSM enforces M-of-N security policy for exporting the encrypted second master key share, wherein access to the second HSM is controlled by M-of-N authentication policy.
  - 5. The apparatus of claim 1, wherein the private key decryption key and the public key encryption key are predefined for the first HSM.
  - 6. The apparatus of claim 1, wherein the private key decryption key and the public key encryption key are generated dynamically each time a transaction signing request message is received.
  - 7. The apparatus of claim 1, wherein the transaction signing request message is an API call to a method exposed by the secure firmware transaction signing component.
  - 8. The apparatus of claim 1, wherein the secret sharing method is Shamir'"'"'s Secret Sharing.
  - 9. The apparatus of claim 1, wherein the signing private key is generated using a Bip32-based deterministic key derivation procedure.
  - 10. The apparatus of claim 1, further, comprising:
    - the at least one processor issues instructions from the secure firmware transaction signing component, stored in the memory, to;
      
      wipe, via the at least one processor, temporary private key data from the memory after generating the signature.
  - 11. The apparatus of claim 10, wherein the temporary private key data includes the private key decryption key, the public key encryption key, the encrypted second master key share, the decrypted second master key share, the recovered master private key, and the generated signing private key.
  - 12. The apparatus of claim 1, wherein the transaction hash is signed in accordance with the hashing algorithm utilized by the Bitcoin protocol.
  - 13. The apparatus of claim 1, wherein the signature is returned in Distinguished Encoding Rules format.

14. A processor-readable transaction signing non-transient physical medium storing processor-executable components, the components, comprising:
- a component collection stored in the medium, including;
  
  a secure firmware transaction signing component implemented by a first hardware security module (HSM), wherein the first HSM is a Peripheral Component Interconnect Express (PCIe) appliance;
  
  wherein the secure firmware transaction signing component, stored in the medium, includes processor-issuable instructions to;
  
  receive, via at least one processor, by the first HSM, a transaction signing request message for a transaction from a transaction signing server (TSS), wherein the transaction signing request message includes an encrypted second master key share associated with a second HSM, wherein the second HSM is a Universal Serial Bus (USB) appliance communicatively coupled to the TSS via USB;
  
  retrieve, via at the least one processor, from the first HSM'"'"'s tamper-proof storage, a private key decryption key corresponding to a public key encryption key previously provided by the first HSM to the TSS for the second HSM, wherein the encrypted second master key share is encrypted using the public key encryption key by the second HSM;
  
  decrypt, via the at least one processor, by the first HSM, the encrypted second master key share using the retrieved private key decryption key;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a first master key share;
  
  recover, via the at least one processor, by the first HSM, a master private key from the first master key share and the decrypted second master key share using a secret sharing method;
  
  determine, via the at least one processor, by the first HSM, a transaction hash and a keychain path associated with the transaction signing request message;
  
  generate, via the at least one processor, by the first HSM, a signing private key for the determined keychain path using the recovered master private key;
  
  sign, via the at least one processor, by the first HSM, the determined transaction hash using the generated signing private key to generate a signature; and
  
  return, via the at least one processor, the generated signature.

15. A processor-implemented transaction signing system, comprising:
- a memory;
  
  secure firmware transaction signing component implemented by a first hardware security module (HSM), wherein the first HSM is a Peripheral Component Interconnect Express (PCIe) appliance, to;
  
  receive, via at least one processor disposed in communication with the memory, by the first HSM, a transaction signing request message for a transaction from a transaction signing server (TSS), wherein the transaction signing request message includes an encrypted second master key share associated with a second HSM, wherein the second HSM is a Universal Serial Bus (USB) appliance communicatively coupled to the TSS via USB;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a private key decryption key corresponding to a public key encryption key previously provided by the first HSM to the TSS for the second HSM, wherein the encrypted second master key share is encrypted using the public key encryption key by the second HSM;
  
  decrypt, via the at least one processor, by the first HSM, the encrypted second master key share using the retrieved private key decryption key;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a first master key share;
  
  recover, via the at least one processor, by the first HSM, a master private key from the first master key share and the decrypted second master key share using a secret sharing method;
  
  determine, via the at least one processor, by the first HSM, a transaction hash and a keychain path associated with the transaction signing request message;
  
  generate, via the at least one processor, by the first HISM, a signing private key for the determined keychain path using the recovered master private key;
  
  sign, via the at least one processor, by the first HSM, the determined transaction hash using the generated signing private key to generate a signature; and
  
  return, via the at least one processor, the generated signature.

16. A processor-implemented transaction signing method, comprising:
- executing processor-implemented secure firmware transaction signing component instructions implemented by a first hardware security module (HSM), wherein the first HSM is a Peripheral Component Interconnect Express (PCIe) appliance, to;
  
  receive, via at least one processor, by the first HSM, a transaction signing request message for a transaction from a transaction signing server (TSS), wherein the transaction signing request message includes an encrypted second master key share associated with a second HSM, wherein the second HSM is a Universal Serial Bus (USB) appliance communicatively coupled to the TSS via USB;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a private key decryption key corresponding to a public key encryption key previously provided by the first HSM to the TSS for the second HSM, wherein the encrypted second master key share is encrypted using the public key encryption key by the second HSM;
  
  decrypt, via the at least one processor, by the first HSM, the encrypted second master key share using the retrieved private key decryption key;
  
  retrieve, via the at least one processor, from the first HSM'"'"'s tamper-proof storage, a first master key share;
  
  recover, via the at least one processor, by the first HSM, a master private key from the first master key share and the decrypted second master key share using a secret sharing method;
  
  determine, via the at least one processor, by the first HSM, a transaction hash and a keychain path associated with the transaction signing request message;
  
  generate, via the at least one processor, by the first HISM, a signing private key for the determined keychain path using the recovered master private key;
  
  sign, via the at least one processor, by the first HSM, the determined transaction hash using the generated signing private key to generate a signature; and
  
  return, via the at least one processor, the generated signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
FMR LLC
Original Assignee
FMR LLC
Inventors
Cheng, Gang, Tsitrin, Vladimir, McGuire, Thomas Stephen
Primary Examiner(s)
Rahman, Mahfuzur
Assistant Examiner(s)
Cruz-Franqui, Richard W

Application Number

US15/984,280
Publication Number

US 20180367316A1
Time in Patent Office

851 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/602   Providing cryptographic fac...

G06F 21/64   Protecting data integrity, ...

G06F 21/72   in cryptographic circuits

H04L 2209/12   Details relating to cryptog...

H04L 2209/127   Trusted platform modules [TPM]

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0897   involving additional device...

H04L 9/3234   involving additional secure...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

97 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links