• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The present invention relates to a method for exchanging data between actors (5) of a network (10), said method comprising a step of cryptographic data by an asymmetric cryptographic method with double keys, each actor (5) being associated with a double key comprising a private key and a public key. A block chain (20) is implemented, a block (25) comprising a digital footprint of the preceding block in the block chain (20) and at least one transaction (35). During a creation step, at least one block of the block chain called "initialization block" is created, for each actor at least one "initialization block" comprising a transaction called "identification transaction (36)" each identification transaction (36) comprising data called "identification data" of this actor, said identification data including the public key of the double keys of this actor and at least one information identifying this actor.
    公开号:FR3063406A1
    申请号:FR1700195
    申请日:2017-02-28
    公开日:2018-08-31
    发明作者:Julien Touzeau;Stephane CHOPART
    申请人:Airbus Helicopters SAS;
    IPC主号:
    专利说明:

    ® FRENCH REPUBLIC
    NATIONAL INSTITUTE OF INDUSTRIAL PROPERTY © Publication number: 3,063,406 (to be used only for reproduction orders)
    ©) National registration number: 17 00 195
    COURBEVOIE © Int Cl 8 : H 04 L 9/32 (2017.01), G 06 F21 / 51, 21/64
    A1 PATENT APPLICATION
    ©) Date of filing: 28.02.17.(© Priority: © Applicant (s): AIRBUS HELICOPTERS — RR. ©) Date of public availability of the request: 31.08.18 Bulletin 18/35. @ Inventor (s): TOUZEAU JULIEN and CHOPART STEPHANE. ©) List of documents cited in the preliminary search report: See the end of this booklet (© References to other related national documents: ® Holder (s): AIRBUS HELICOPTERS. ©) Extension request (s): (© Agent (s): GPI & ASSOCIES.
    P4J METHOD AND DEVICE FOR EXCHANGING INTEGRATED DATA.
    FR 3,063,406 - A1 (£ /) The present invention relates to a method for exchanging data between actors (5) of a network (10), said method comprising a step of encrypting the data by an asymmetric double cryptographic method keys, each actor (5) being associated with a double key comprising a private key and a public key. A blockchain (20) being implemented, a block (25) comprising a digital fingerprint of the block which precedes it in the blockchain (20) and at least one transaction (35). During a creation step, at least one block of the block chain called "initialization block" is created, for each actor at least one "initialization block" comprising a transaction called "identification transaction (36)" , each identification transaction (36) comprising data called “identification data” of this actor, said identification data including the public key of the double key of this actor and at least one piece of information identifying this actor.
    U □
    Method and device for exchanging integrity data
    The present invention relates to a method and a device for exchanging integrated data, in particular in the aeronautical and space field.
    In the aeronautics and space sector, all kinds of data are exchanged between various natural or legal persons. In particular, data can be exchanged between an aircraft and a system present outside the aircraft.
    This data can take various forms. For example, this data may take the form of software to be downloaded to an on-board system in an aircraft, flight data stored on recorders more commonly called “black boxes”, data relating to the use of the aircraft. and used for maintenance purposes, data received on board an aircraft for the management of aircraft fleets and known by the acronym "ATC" which corresponds to the expression "Air Traffic Control" in English.
    The data exchanged can be traced to identify their sources and recipients. This data may have to be available for several different actors, for example various aircraft, various airlines, various government agencies ... In addition, this data must be reliable.
    These three conditions prove difficult to obtain. Indeed, computer attacks can aim to modify the data, and can have an impact on the reliability and / or the traceability of the exchanged data.
    Furthermore, on an aircraft in flight, data is subject to a risk of loss in the event of a breakdown or accident.
    When the data is stored on an aircraft storage medium before being transferred to the ground to other actors, inadvertent destruction of the storage medium can lead to the loss of the stored data.
    Certain technical solutions consist in guaranteeing the reliability and traceability of the data transmitted by using encryption methods. A known method for verifying the authenticity of a computer file is to use asymmetric cryptographic techniques using common algorithms and a public key infrastructure. These solutions call on a trusted third party who is recognized by the various players in the network. Such a trusted third party is sometimes called a "Certification Authority", with reference to the notion of "digital certificate" used by the technical standard applicable in the matter known by the acronym "PKIX".
    According to a solution of this type, a pair of keys including a public key and a private key is generated for a user. In addition, a trusted third party issues a certificate to attest that this pair of keys belongs to this user. A certificate can for example contain a serial number, the type of signature used, the identification of the trusted third party, dates of issue and validity, the identification of the owner of the keys ... For example, a certificate can be established in accordance with standard X509.
    For example, a solution of this type is known by the acronym "PKI" corresponding to the English expression "public key infrastructure".
    The documents FR 2912578, FR 2922702 illustrate such solutions.
    Although attractive, these technical solutions can prove to be difficult to implement. One difficulty lies in the difficulty of finding a trusted third party who satisfies all the players, in particular in an international / intercontinental context.
    In fact, the trusted third party must be judiciously chosen since the trusted third party is responsible for managing the life cycle of the cryptographic elements used by all of the players.
    In addition, the field of aeronautics and space industry should be considered on a global scale. The various actors involved in aeronautical and space data exchanges come from all countries of the world. Convincing all of these actors that an authority can be a true trusted third party for all the actors involved can be difficult.
    In addition, national provisions governing the means of cryptography vary from state to state. These differences can be an obstacle to defining a technical solution applicable by actors from various countries.
    The technical solutions of making available collected data, for example from aircraft, are more conventional. These solutions can consist in memorizing this data in several physically distinct places. Access to data is guaranteed even in the event of destruction of a storage location. For example, each actor can have their own copy.
    However, synchronizing all the data can be tricky. Ensuring that the databases of different actors are up to date can be difficult and expensive.
    The document FR3018379 does not belong to the field of the invention, and does not provide any solution to the problem posed. This patent is cited for informational purposes only. Likewise, document US 2016/0283920 is known.
    The object of the present invention is therefore to propose a method particularly suited to the aeronautical and space environment.
    The invention thus relates to a method for exchanging data between actors of a network, the method comprising a step of encrypting the data by an asymmetric cryptographic method with double keys, each actor being associated with a double key comprising a private key and a public key.
    A blockchain being implemented, a block comprising a digital fingerprint of the block which precedes it in the blockchain and at least one transaction which includes data to be shared, said method comprises a creation step during which at least one block of the blockchain called "initialization block" is created, for each actor at least one "initialization block" comprising a transaction called "identification transaction", each identification transaction comprising data called "data d 'identification' of this actor, said identification data including the public key of the double keys of this actor and at least one piece of information identifying this actor.
    The expression "each actor being associated with a double key comprising a private key and a public key" means that each actor has a private key which is specific to him, and a public key which corresponds to the private key.
    The expression "block comprising a digital fingerprint of the block which precedes it" means that with the exception of the first block of the block chain, each block comprises the digital fingerprint of the block which precedes it in the block chain.
    As a reminder, a blockchain is known by the English term "BlockChain". A blockchain is notably used in the financial field and in particular in the bitcoin currency exchange system. Details on BlockChain technology can be found on the internet, for example at the following addresses:
    - https://blockchainfrance.net/
    - https://fr.wikipedia.org/wiki/Cha%C3%AEne_de_blocs
    - https://fr.wikipedia.Org/wiki/Bitcoin#La_cha.C3.AEne_de_bl ocs
    A blockchain is a distributed database that maintains a list of data protected against tampering or modification. The transactions represent the exchanges between the users of the network, and are stored within the blocks of the block chain. The different transactions recorded are grouped in blocks. After recording recent transactions, a new block is generated and analyzed. If the block is valid, the block can be time stamped and added to the block chain. The transactions are then visible throughout the network. Once added to the blockchain, a block can no longer be modified or deleted, which guarantees the authenticity and security of the network.
    The present invention uses blockchain technology not to exchange currencies but to at least manage the double keys of actors in a network. This network can be a private network and can bring together players in the aeronautics and space sector, each player representing a node of the network.
    Some asymmetric dual key cryptographic systems always use trusted third parties for key management which is likely to be difficult.
    Conversely, the invention uses a block chain which can be qualified as an “aero” block chain when used within a network of actors in the aeronautics and space sector.
    This block chain can be constructed in the usual way. The block construction protocol can be a protocol known to those skilled in the art implementing a computer. This protocol can be combined with a consensus method. A new block is inserted into the block chain only if a referencing number of actors have validated the block
    According to the invention, the block chain comprises at least identification blocks. Consequently, the actors of the network can refer directly to the block chain to obtain the public keys of the different actors as well as the information identifying them. Such information can include an address of an actor, the name of an actor whether this actor is a legal or natural person, an actor's registration number ... Consequently, the notion of trusted third party can disappear completely, or partially.
    All the actors of the network can moreover manage themselves the reliability and the authenticity of the electronic transactions emitted, without having recourse to third parties intermediaries who market a service of delegation of confidence, whose recognition, impartiality and cost can be disputed by all the actors.
    This process may further include one or more of the following characteristics.
    If for an actor at least two blocks of the block chain contain the identification data of this actor, said at least two blocks having been inserted in the block chain at different times, the identification data of this actor which are in force at a current time correspond to the identification data contained in said at least two most recent blocks.
    The identification data of an actor may change. Therefore, to obtain the valid identification data at a given time, it suffices to access the block chain. The most recent identification data is in fact the identification data in force.
    In addition, an actor can always have access to the old identification data of an actor if necessary, for example to decrypt the data contained in a transaction prior to the issuance of the new identification data.
    According to another aspect, the block chain can be initialized for example by an actor who assigns a double key to each of the other actors of the network.
    Alternatively, in an identification transaction initializing the identification data of an actor, the identification data can be digitally signed with a private key of a double key which belongs to a recognized authority of said network, each actor of said network having access to the public key of this double key of the recognized authority.
    The expression "identification transaction initializing the identification data" refers to the first transaction comprising the identification data of an actor. The term "initialization" thus refers to the initialization of the identification data of an actor.
    According to this alternative, the first double key assigned to an actor can be it by a recognized authority, such as EASA or the actor having set up the network for example. The process can possibly recognize several different authorities, for example a recognized authority on the North American continent, a recognized authority in Europe, a recognized authority in Asia ...
    This authority can be requested only at the initialization of the process for the allocation of each double key, which facilitates the application of this process.
    The method may include a modification step during which an actor modifies his identification data by replacing the identification data in force of this actor, called “old identification data” with identification data, called “new data from”. identification ”, said modification step comprising the following operations:
    - creation and transmission to the network of an identification transaction comprising said new digitally signed identification data, the new identification data being digitally signed with the private key of this actor corresponding to the old identification data,
    - insertion of said identification transaction in a new block in the block chain.
    The modification of a double key can be carried out without the intervention of a trusted third party. Indeed, the use of the blockchain makes it possible to be certain that the modification has indeed been undertaken by the actor concerned, the blockchain technology making it possible to obtain the transmission of honest and reliable data.
    The process may include a revocation step during which a predetermined body dismisses an actor, the revocation step comprising the following operations:
    - creation and transmission to the network of a transaction called "revocation transaction" containing the revocation of an actor digitally signed, the revocation transaction indicating the revocation of an actor being digitally signed with the private key of a double key of this organization, each actor of said network having access to the public key of this double key of the recognized organization,
    - insertion of said revocation transaction in a new block of the block chain.
    According to this alternative, the keys of an actor can be revoked. Such a revocation can for example be undertaken if an actor loses his private key.
    The organization can be one of the actors, the recognized authority mentioned above ...
    According to another aspect, for digitally encrypting data and transmitting them to a so-called “recipient” actor, the data being contained in a transaction called “data transaction”, the method can include the following steps: consultation of the block chain for obtain the current public key assigned to the recipient of the data, and encryption of the data with said public key of the recipient.
    The expression "to obtain the key" means, that an actor uses a computer to access the blockchain, and extract the desired public key from it.
    To digitally sign data, an actor called "sender" uses his private key to digitally sign the data, another actor says "recipient" consulting said blockchain to obtain the public key of the sender in order to decrypt the data signed by the sender.
    In another aspect, the blockchain can be used only to issue identification transactions.
    Alternatively, the blockchain can include data to be exchanged which differs from said identification data.
    The blockchain can be used to issue identification transactions, but also to exchange and store data of another order called "data to be exchanged". For example, this data may take the form of software to be downloaded to an on-board system in an aircraft, flight data measured in flight of the type stored in “black boxes”, data relating to the use of the aircraft and used for maintenance purposes such as periods of use of on-board equipment, data received on board an aircraft known by the acronym "ATC" ...
    According to another aspect, the data to be exchanged and entered in a transaction can be digitally signed or digitally encrypted, for example.
    To record in the block chain a transaction called "signed data transaction", the signed data transaction comprising data to be exchanged which are digitally signed, this data to be exchanged including original data or a digital fingerprint of the original data called "first emission footprint ”obtained by a hashing method, the process can include the following operations:
    - encryption of the data to be exchanged which is to be digitally signed by signing it with the private key of an actor called "sender", to obtain said data to be exchanged which is digitally signed,
    - sends to the network of the signed data transaction including the data to be exchanged which are digitally signed,
    - creation of a block called "new block" by an actor called "minor", said new block comprising at least one digital fingerprint of the last block in the block chain, said signed data transaction, and a measurement of a quantity of work that was required to produce the new block,
    - validation of the new block by at least one actor,
    - insertion of the new block in the block chain.
    Original data can be processed to be entered in one or more blocks according to their sizes.
    Alternatively, the original data is transmitted in the form of a digital fingerprint, for example by applying a known hashing algorithm such as the SHA256 algorithm. In this case, it is not the original signed data which is written in a block but a signed digital imprint of this original data. Optionally, the original data can be transmitted by another communication channel, possibly not secure, or with the digital fingerprint.
    Regardless of the nature of the data to be exchanged, these data to be exchanged are signed and stored in this form in the block chain. This signed data to be exchanged is accessible to all actors in the network and can be decrypted and verified by all actors in the network. An actor can therefore query the blockchain at any time to verify the integrity and authenticity of all the information ensuring the traceability and reliability of this data, or even to access the data themselves.
    This process allows the distribution of critical data while guaranteeing their authenticity and integrity through the signature procedure. Critical data such as avionics software can thus be exchanged.
    This process can also help ensure the availability of flight data in the event of an accident without the need for a flight recorder, by systematically storing the relevant flight data in the blockchain. This data is thus accessible to all actors (manufacturer, operator, State, supplier) with a high level of assurance on their reliability.
    Optionally and for performance reasons, a low persistence delay in the blockchain can be implemented in order not to unnecessarily keep obsolete data.
    Furthermore, when the data to be exchanged includes said first transmission fingerprint, said sender can transmit the original data that is not digitally signed to an actor called "recipient", possibly by a channel different from the blockchain, or insert the original data. , not digitally signed, in said signed data transaction.
    According to another aspect, each transaction can be registered in a new block in a manner analogous to the principle of verification of “bitcoin” transactions for example.
    When the data to be exchanged takes the form of a said first transmission fingerprint, said miner having received said original data, the method may include a verification step carried out before building the new block, the verification step comprising the operations of:
    - consultation of said blockchain to obtain the current public key of the sender,
    - decryption with the sender's public key in force of the data to be exchanged which is digitally signed to obtain the said first transmission fingerprint,
    - creation of a digital fingerprint known as the "control fingerprint" of the original data,
    - comparison of the control print and said first transmission print.
    A transaction can thus be validated before insertion into a block by verifying the signature and the address of the owner through this procedure. If the control fingerprint and said first transmission fingerprint differ, the minor can deduce that the data to be exchanged were not correctly signed. The minor then rejects the transaction, for example by memorizing it elsewhere.
    Optionally, the minor can also verify that the transaction date corresponds to the current date.
    When the data to be exchanged takes the form of said first transmission fingerprint, said recipient can do the following:
    - verification of said signed data transaction:
    o by consulting said blockchain to obtain the current public key of the sender, o by decrypting, with the current public key of the sender, the data to be exchanged which are digitally signed to obtain said first emission fingerprint , o by making a digital fingerprint known as the "control fingerprint" of the original data, o by comparing the control fingerprint and said first transmission fingerprint,
    - verification that the block of the block chain containing said signed data transaction has been validated,
    - disregarding said signed data transaction if the control fingerprint and said first transmission fingerprint are different or if said block of the block chain containing said signed data transaction has not been validated.
    The recipient can receive the original data and the signed data to be exchanged. The previous process can allow this recipient to ensure the reliability and integrity of the data before taking it into account.
    Furthermore, to record in the block chain a transaction called "encrypted data transaction", said encrypted data transaction comprising data to be exchanged which is digitally encrypted, the data to be exchanged to be encrypted including original data or a fingerprint of the original data known as the “second transmission fingerprint” obtained by a hashing method, the transaction of encrypted data being intended for an actor called the “recipient”, the method can include the following steps:
    - consultation of the blockchain to obtain the current public key assigned to the recipient,
    - creation of a symmetric key and encryption of the data to be exchanged with this symmetric key to obtain data to be exchanged digitally encrypted with said symmetric key,
    encryption of the symmetric key with the recipient's public key, to obtain a symmetric key digitally encrypted with said public key,
    sends the encrypted data transaction to the network, said encrypted data transaction including the data to be exchanged digitally encrypted with said symmetric key and the symmetric key encrypted digitally with said public key of the recipient,
    - creation of a block called "new block" by an actor called "minor", said new block comprising at least one imprint of the last block of the block chain, said transaction of encrypted data, and a measurement of a quantity of work that was required to produce the new block,
    - validation of the new block by at least one actor,
    - insertion of the new block in the block chain.
    When the data to be exchanged takes the form of the second transmission fingerprint, said recipient having received the original data, the method can include the following operations;
    - verification of said encrypted data transaction by:
    o decryption, using the recipient's current private key, of the symmetric key which has been encrypted with said recipient's public key, o decryption, with said symmetric key, of the data to be exchanged which has been encrypted with said symmetric key to obtain the second transmission fingerprint, o production of a digital fingerprint known as the “verification fingerprint” of the original data, o comparison of the verification fingerprint and said second transmission fingerprint,
    - not taking into account said encrypted data transaction if the verification fingerprint and said second transmission fingerprint are different.
    In another aspect, at least one data transaction includes the identity of the sender.
    In another aspect, at least one block can be dated.
    At least one transaction can be dated.
    Common time stamping algorithms can be applied.
    In addition to a method, the invention relates to a data exchange system. This data exchange system comprises for each actor of the network at least one computer for implementing this method, at least one actor memorizing the block chain.
    The invention and its advantages will appear in more detail in the context of the description which follows with an example given by way of illustration with reference to the single figure. This single figure represents a data exchange system according to the invention.
    FIG. 1 shows a data exchange system 1 within a network 2. This network 2 can be a private network. According to the example illustrated, network 2 brings together actors 5 from the aeronautics and space field. However, the invention is applicable to other fields, and for example to the automobile field, to the maritime field ...
    Within the framework of a network of the aeronautical and space domain, the actors 5 can be manufacturers of aircraft, operators using these aircraft, State organizations, suppliers of manufacturers, aircraft ...
    Each actor 5 can comprise at least one computer 10 provided with suitable software for implementing the method according to the invention.
    This process implements blockchain technology. Thus, the network uses a block chain 20. This block chain 20 is stored in a memory of the computer 10 of actors called "miners". According to a variant, all the actors represent nodes of the network 2 and memorize the block chain 20. In addition, each actor 5 can use a computer program to consult the block chain 20, independently of the place where this block chain is memorized .
    Conventionally, the block chain 20 comprises a plurality of blocks 25, one after the other. According to the example shown, the block chain 20 comprises at a current instant five blocks 251, 252, 253, 254, 255 extending from a first block 251 to the last block 255 created.
    Each block 25 includes at least one transaction 35. Each transaction 35 includes data made available to the network. This data can take the form of data as such, or a digital fingerprint of this data. A computer 10 of an actor can indeed transform a data item to obtain a digital fingerprint of this data item by applying a conventional hashing algorithm. Such a digital fingerprint is sometimes referred to as a "hash". Thus, the data can take the form of a computer file for example, or of a digital imprint of this computer file.
    When transaction 35 includes the digital fingerprint of a data item, the data as such can also be included in the transaction. For example, a transaction includes computer software to be carried on an aircraft and a digital fingerprint of this computer software.
    In addition, at least one transaction 35 can include information dating from the issue of transaction 35, and / or the identity of the actor 5 who issued the transaction with his computer.
    Furthermore, at least one block 25 can include information 40 dating from the creation of this block 25.
    Common software and time stamping methods can be used.
    In addition, each block 25 has a measure 50 of an amount of work that was required to produce the new block. The creation of a block can be undertaken by a computer 10 of the network 2 using a conventional consensus method, for example the method called "proof of work" in English or the method called "proof of stake" in English. Such a measure is sometimes called "nonce".
    Furthermore, each different block of the first block 251 has a digital imprint 30 of the previous block. Thus, the second block 252 includes a digital imprint of the first block 251, and so on.
    According to the method of the invention, the network can make it possible to encrypt the data exchanged between the actors, by digitally signing the data according to a usual method using the computers 10 or by digitally encrypting the data according to a usual method. using computers 10. In particular, the method may aim to use an asymmetric cryptographic method with two keys. Each actor 5 is thus in possession of a private key which corresponds to a public key, the private key / public key pair forming the asymmetric double key granted to this actor. The private key of an actor is except incident known only to this actor, while the public key can be known by the other actors.
    Therefore, a transaction 35 can take the form of a transaction called “identification transaction 36” for convenience, the identification transaction 36 comprising identification data of an actor.
    The method applied by the data exchange system 1 then includes a creation step STP1. During this creation step STP1, at least one block of the block chain called "initialization block 26" for convenience is created. An initialization block includes at least one "identification transaction 36" which presents the identification data of an actor. This identification data includes the public key of the double key of this actor and at least one piece of information identifying this actor. For each actor, at least one identification block includes the identification data of this actor.
    Thus, the first block 251 of the block chain 20 can be an identification block.
    To initialize the blockchain and generate identification data for a new actor, the identification data can be digitally signed with a private key of a double key which belongs to a recognized authority of said network. For example, this authority creates the double keys of the new actor by implementing an algorithm on a computer, such as a common double key generation algorithm. The authority then transmits the actor’s private key to the actor concerned. In addition, the authority transmits in the network, using a computer 10, an identification transaction containing the public key and the information identifying the actor by signing them digitally. The digital signature can be performed using a computer implementing an algorithm, such as a usual signature algorithm.
    A block containing the transaction is then generated in the block chain in a conventional manner.
    In addition, each actor in the network has access to the public key of this double key of the recognized authority. From then on, each actor can use a computer to access the blockchain, extract the signed public key and the information identifying the actor signed from the other actors, and decrypt them using the public key of the authority. having signed this data.
    The identification data can also be modified according to an embodiment.
    Thus, the method can include an STP2 modification step. During this modification step STP2, an actor can modify his identification data by replacing the identification data in force of this actor, called for convenience "old identification data", by identification data called for convenience "new identification data ”.
    During the modification step, an actor can create and send, with a computer, to the network an identification transaction comprising the new digitally signed identification data, the new identification data being digitally signed with the private key of this actor corresponding to the old identification data. The identification transaction can then be inserted in the usual way into a new block in the block chain.
    Therefore, the identification data of this actor which is in force at a current time corresponds to the identification data contained in the most recent block. According to the example shown, the first block 251 contains the origin identification data of an actor. In the fourth block 252 is the new identification data of this actor in force at the current time.
    The method can also include a STP3 revocation step to revoke an actor. For example, a recognized organization creates and transmits, with a computer, to the network a transaction called for convenience "revocation transaction 38". The revocation transaction 38 contains the revocation of an actor digitally signed with the private key of this organization. The revocation transaction can then be inserted in the usual way into a new block in the block chain.
    Each actor in the network has access to the public key of this double key of the organization recognized to have access to the revocation.
    If necessary, the recognized organization and the recognized authority mentioned above can be actors of the network, and therefore can have public keys stored in a block of the block chain.
    The blockchain can also store data to be exchanged which differs from the identification data.
    Thus, a transaction called "data transaction 37" for convenience may contain data called "data to be exchanged" of another order, for example aeronautical data.
    To digitally sign data, an actor called "sender" requests a computer using his private key to digitally sign the data, using a usual algorithm for example. Another actor called "recipient" can then consult said block chain with a computer program of a computer 10 to obtain the public key of the sender in order to decrypt the data signed by the sender.
    For example, the method makes it possible to record in the block chain a transaction called "signed data transaction". The signed data transaction includes digitally signed data to be exchanged, the data to be exchanged including original data or a digital fingerprint of the original data known as the "first transmission fingerprint".
    A sender can then encrypt the data to be exchanged by signing it with his private key to obtain data called "signed data to be exchanged".
    According to an option, a sender can sign the original data to obtain the signed data to be exchanged.
    Another option is for the sender to use a common hash algorithm with a calculator to get the first broadcast fingerprint. The sender then signs this first transmission fingerprint to obtain the signed data to be exchanged. The signed data transaction can then include the signed data to be exchanged in the form of a first signed transmission fingerprint. The original unsigned data can also be included in the transaction or transmitted by another channel to a recipient, for example from hand to hand, by mail ...
    The sender then sends the signed data transaction including the signed data to be exchanged to the network with a computer.
    A so-called “minor” actor in the network then creates a so-called “new block” for convenience using a usual algorithm and a computer, this new block comprising at least one digital fingerprint of the last block in the chain. blocks, said signed data transaction, and a measure of an amount of work that was required to produce the new block.
    This new block is issued according to the arrows F1 in the network for validation according to usual methods by at least one actor. Validation by a predetermined number of actors may be required. For example, the validation of a block may require the validation of the block by at least two actors housed on two different continents.
    When the new block is validated by an actor, this actor sends this information according to the arrows F2.
    After validation, the new block is inserted in the last position in the block chain.
    When the data to be exchanged is of the "first transmission footprint" type and if the minors have received the original data in parallel, the process may include a verification step carried out before building the new block.
    Therefore, a minor can consult with a computer program of a calculator the blockchain to obtain the current public key of the sender. The miner decrypts the data to be exchanged signed with this public key, by applying a usual algorithm for example, to obtain the first transmission fingerprint.
    At the same time, the miner makes a digital fingerprint known as the "control fingerprint" of the original data with a computer and compares the control fingerprint and the first transmission fingerprint.
    If there is a difference (s) between the control print and the first transmission print, the new block is not created, for example.
    If the block is created, a user can request the block chain to access the signed data transaction.
    Thus, the recipient requests a computer program from a computer to consult the blockchain in order to extract the public key in force from the sender, namely the public key in force when the transaction concerned is issued.
    The recipient implements a decryption algorithm to decrypt the data to be exchanged signed with this public key, in order to obtain the data to be exchanged unsigned.
    When the data to be exchanged takes the form of the first transmission fingerprint, the unsigned data to be exchanged takes the form of the first transmission fingerprint.
    In addition, the recipient can verify the signed data transaction before using the data concerned.
    In fact, the recipient can make a digital fingerprint of the original data received, also known as the "control fingerprint" for convenience, and compare the control fingerprint and the first transmission fingerprint.
    This recipient also observes the block chain to verify that the block of the block chain containing the signed data transaction has been validated.
    Consequently, the recipient ignores the encrypted data transaction if the control fingerprint and the first transmission fingerprint are different and / or if said block of the block chain containing said signed data transaction has not been validated.
    For example, if the original data relates to software to be carried on an aircraft, an operator does not install the software.
    According to another aspect, the method can allow data to be digitally encrypted and transmitted to a so-called "recipient" actor.
    A sender can then consult the blockchain with a computer program of a calculator to extract the current public key assigned to the recipient of the data.
    In addition, the sender creates a symmetric key, for example from a usual method and its double keys. Such a symmetric key is sometimes called the “transfer key”,
    The sender then encrypts the data to be exchanged with the symmetric key, using a possibly standard encryption algorithm, which minimizes computation times.
    In addition, the sender encrypts the symmetric key with the recipient's public key using an encryption algorithm, for example usual, to obtain a digitally encrypted symmetric key.
    According to an option, a sender can then encrypt original data to obtain the encrypted data to be exchanged.
    According to another option, the sender uses a usual algorithm with a calculator to obtain a so-called "second emission footprint" of the original data. The sender then encrypts this second transmission fingerprint with the symmetric key to obtain the encrypted data to be exchanged.
    The encrypted data to be exchanged is possibly sent by another channel to the recipient.
    The encrypted data to be exchanged and the encrypted symmetric key are also sent to the network to record the transaction in the block chain. Such a transaction is said for convenience “encrypted data transaction”. The encrypted data transaction can thus include the data to be exchanged encrypted with said symmetric key and the symmetric key encrypted with said recipient's public key. The original data can be included in the transaction or transmitted by another channel to a recipient, for example from hand to hand, by mail ...
    The sender then sends the encrypted data transaction including the data to be exchanged and the encrypted symmetric key to the network with a computer.
    A so-called “minor” actor in the network then creates a so-called “new block” block by a so-called “minor” actor, this new block comprising at least one digital fingerprint of the last block in the block chain, said encrypted data transaction, and a measure of the amount of work that was required to produce the new block.
    This new block is issued according to the arrows F1 in the network for validation according to usual methods by at least one actor. When the new block is validated by an actor, this actor sends this information according to the arrows F2.
    After validation, the new block is inserted in the last position in the block chain.
    Thus, the recipient can request the blockchain to access the encrypted data transaction. The recipient implements a decryption algorithm to decrypt the symmetric key contained in the transaction with his private key. Then, the recipient decrypts the encrypted data to be exchanged present in the transaction with said symmetric key.
    When the data to be exchanged takes the form of the second transmission fingerprint, the recipient thus obtains the second transmission fingerprint.
    In addition, the recipient can make a digital fingerprint of the original data received, also known as the "verification fingerprint" for convenience, and compare the verification fingerprint and the second transmission fingerprint.
    This recipient also observes the block chain to verify that the block of the block chain containing the signed data transaction has been validated.
    Consequently, the recipient ignores the encrypted data transaction if the verification fingerprint and said second transmission fingerprint are different or if said block of the block chain containing said encrypted data transaction has not been validated.
    According to an example of use of the method and of the data exchange system of the invention, a supplier sends a new version of software to an aircraft manufacturer. This new version of the software is in the form, for example, of a computer file sent by post or electronic mail to the aircraft manufacturer.
    Simultaneously, a data transaction is sent over the network. This data transaction contains the identity of the provider, a date of the data transaction and a transmission fingerprint digitally signed from the sent file.
    This data transaction is assembled in a block of active network members. For example, transaction dating is used to assemble a predetermined number of block transactions to obtain, for example, a chronological block chain. The block construction protocol can be of a known type. For example, a new block is inserted into a blockchain only if a significant number of actors, possibly a predetermined number of actors spread over at least three continents, has validated the new block.
    The recipient of the file verifies that the control fingerprint recreated from the received file corresponds to the fingerprint present in the block chain. In addition, the recipient of the file verifies that the transaction is validated by at least a predetermined number of actors in the private network.
    The latest software update to be applied is then the most recent.
    Naturally, the present invention is subject to numerous variations as to its implementation. Although several embodiments have been described, it is understood that it is not conceivable to identify exhaustively all the possible modes. It is of course conceivable to replace a means described by an equivalent means without departing from the scope of the present invention.
    权利要求:
    Claims (18)
    [1" id="c-fr-0001]
    1. Method for exchanging data between actors (5) of a network, said method comprising a step of encrypting data by an asymmetric cryptographic method with double keys, each actor (5) being associated with a double key comprising a key private and a public key, characterized in that, a block chain (20) being implemented, a block (25) comprising a digital fingerprint (30) of the block which precedes it in the block chain (20) and at at least one transaction (35) which includes data to be shared, said method comprises a creation step (STP1) during which at least one block of the block chain called "initialization block (26)" is created, for each actor at least one "initialization block" comprising a transaction called "identification transaction (36)", each identification transaction (36) comprising data called "identification data" of this actor, said identification data including the public key of the doubl e keys of this actor and at least one piece of information identifying this actor.
    [2" id="c-fr-0002]
    2. Method according to claim 1, characterized in that if for a said actor at least two blocks (251, 254) of said block chain contain said identification data of this actor, said at least two blocks having been inserted into said chain of blocks at different times, the identification data of this actor which are in force at a current time correspond to the identification data contained in said at least two most recent blocks (254).
    [3" id="c-fr-0003]
    3. Method according to any one of claims 1 to 2, characterized in that in an identification transaction (361) initializing the identification data of a said actor, said identification data are digitally signed with a key deprived of a double key which belongs to a recognized authority of said network, each actor of said network having access to the public key of this double key of the recognized authority.
    [4" id="c-fr-0004]
    4. Method according to any one of claims 1 to 3, characterized in that the method comprises a modification step (STP2) during which a said actor modifies his identification data by replacing the identification data in force of this actor called "old identification data" by identification data called "new identification data", said modification step comprising the following operations:
    - creation and transmission to the network of an identification transaction comprising said new digitally signed identification data, the new identification data being digitally signed with the private key of this actor corresponding to the old identification data,
    - insertion of said identification transaction in a new block in the block chain.
    [5" id="c-fr-0005]
    5. Method according to any one of claims 1 to 4, characterized in that the method comprises a revocation step (STP3) during which a predetermined body revokes a said actor, said revocation step comprising the following operations:
    - creation and transmission to the network of a transaction called "revocation transaction (38)" containing the revocation of an actor digitally signed, the revocation transaction indicating the revocation of said actor being digitally signed with the private key d '' a double key for this organization, each actor in said network having access to the public key for this double key for this organization,
    - insertion of said revocation transaction in a new block of the block chain.
    [6" id="c-fr-0006]
    6. Method according to any one of claims 1 to 5, characterized in that for digitally encrypting data and transmitting them to a said actor called "recipient", the data being contained in a transaction called "data transaction (37) », The method includes the following steps: consultation of the block chain to obtain the current public key assigned to the recipient of the data, and encryption with said recipient's public key.
    [7" id="c-fr-0007]
    7. Method according to any one of claims 1 to 5, characterized in that to digitally sign data, an actor called "sender" uses his private key to digitally sign the data, another actor called "recipient" consulting said channel blocks to obtain the sender's public key in order to decrypt the data signed by the sender.
    [8" id="c-fr-0008]
    8. Method according to any one of claims 1 to 7, characterized in that said block chain includes data to be exchanged which differs from said identification data.
    [9" id="c-fr-0009]
    9. Method according to any one of claims 1 to 8, characterized in that in order to record in the block chain a transaction called "signed data transaction", said signed data transaction comprising data to be exchanged which are digitally signed, the data to be exchanged including original data or a digital fingerprint of the original data known as the “first transmission fingerprint” obtained by a hashing method, the method comprises the following operations:
    - encryption of the data to be exchanged which is to be digitally signed by signing it with the private key of a so-called actor called "sender", to obtain said data to be exchanged which is digitally signed,
    - sends to the network of the signed data transaction including the data to be exchanged which are digitally signed,
    - Creation of a block called "new block" by a said actor called "minor", said new block comprising at least one digital fingerprint of the last block in the block chain, said signed data transaction, and a measurement of a amount of work that was required to produce the new block,
    - validation of the new block by at least one said actor,
    - insertion of the new block in the block chain.
    [10" id="c-fr-0010]
    10. Method according to claim 9, characterized in that, the data to be exchanged including said first transmission fingerprint, said sender transmits the original data to a said actor called "recipient" or inserts the original data into said signed data transaction .
    [11" id="c-fr-0011]
    11. Method according to claim 9, characterized in that, the data to be exchanged taking the form of a said first transmission imprint, said miner having received said original data, the method comprises a verification step carried out before constructing the new block, the verification step comprising the operations of:
    - consultation of said blockchain to obtain the current public key of the sender,
    - decryption, with the sender's current public key, of the data to be exchanged which is digitally signed to obtain the said first transmission fingerprint,
    - creation of a digital fingerprint known as the "control fingerprint" of the original data,
    - comparison of the control print and said first transmission print.
    [12" id="c-fr-0012]
    12. Method according to claim 10, characterized in that, the data to be exchanged taking the form of a so-called first transmission imprint, said recipient performs the following operations:
    - verification of said signed data transaction:
    o by consulting said blockchain to obtain the current public key of the sender, o by decrypting, with the current public key of the sender, the data to be exchanged which are digitally signed to obtain said first emission fingerprint , o by making a digital fingerprint known as the "control fingerprint" of the original data, o by comparing the control fingerprint and said first transmission fingerprint,
    - verification that the block of the block chain containing said signed data transaction has been validated,
    - disregarding said signed data transaction if the control fingerprint and said first transmission fingerprint are different or if said block of the block chain containing said signed data transaction has not been validated.
    [13" id="c-fr-0013]
    13. Method according to any one of claims 1 to
    12, characterized in that in order to record in the block chain a transaction called "encrypted data transaction", said encrypted data transaction comprising data to be exchanged which are digitally encrypted, the data to be exchanged including original data or a digital fingerprint of the original data known as the “second transmission fingerprint” obtained by a hashing method, the encrypted data transaction being intended for a said actor called “recipient”, the method comprises the following steps:
    - consultation of the blockchain to obtain the current public key assigned to the recipient,
    - creation of a symmetric key and encryption of the data to be exchanged with this symmetric key to obtain data to be exchanged digitally encrypted with said symmetric key
    encryption of the symmetric key using the recipient's public key to obtain a symmetric key digitally encrypted with said public key,
    sends the encrypted data transaction to the network, said encrypted data transaction including said digitally encrypted exchange data with said symmetric key and said symmetric encrypted key digitally with said recipient's public key,
    - creation of a block called "new block" by an actor called "minor", said new block comprising at least one imprint of the last block of the block chain, said transaction of encrypted data, and a measurement of a quantity of work that was required to produce the new block,
    - validation of the new block by at least one actor,
    - insertion of the new block in the block chain.
    [14" id="c-fr-0014]
    14. Method according to claim 13, characterized in that, the data to be exchanged taking the form of the second transmission imprint, said recipient having received the original data, said method comprises the following operations;
    - verification of said encrypted data transaction by:
    o decryption using the recipient's current private key of the symmetric key encrypted with said recipient's public key, o decryption using said symmetric key of the data to be exchanged encrypted with said symmetric key to obtain the second transmission fingerprint, o creation of a digital fingerprint known as the "verification fingerprint" of the original data,
    10 o comparison of the verification fingerprint and said second emission fingerprint,
    - not taking into account said encrypted data transaction if the verification fingerprint and said second transmission fingerprint are different.
    [15" id="c-fr-0015]
    15. Method according to any one of claims 9 to 14, characterized in that at least one data transaction comprises the identity of the sender.
    [16" id="c-fr-0016]
    16. Method according to any one of claims 1 to 15, characterized in that at least one block is dated.
    20
    [17" id="c-fr-0017]
    17. Method according to any one of claims 1 to 16, characterized in that at least one transaction is dated.
    [18" id="c-fr-0018]
    18. Data exchange system (1), characterized in that said data exchange system (1) comprises for each actor (5) of the network (2) at least one
    25 computer (10) for implementing said method according to any one of claims 1 to 17, at least one actor (5) memorizing said block chain.
    1/1
    类似技术:
    公开号 | 公开日 | 专利标题
    EP3590223B1|2021-01-13|Integrated method and device for storing and sharing data
    EP3547203A1|2019-10-02|Method and system for managing access to personal data by means of an intelligent contract
    JP4788212B2|2011-10-05|Digital signature program and digital signature system
    KR20090015026A|2009-02-11|Peer-to-peer contact exchange
    CN101496019B|2012-07-18|Method for access authentication for distributed file system and distributed file system
    FR2922702A1|2009-04-24|SECURING TELECHARGEABLE COMPUTER FILE DATA ON AN AIRCRAFT BASED ON IDENTITY OF ENTITIES, AUTHENFICATION METHOD, SYSTEM AND AIRCRAFT
    US20100005318A1|2010-01-07|Process for securing data in a storage unit
    US8631235B2|2014-01-14|System and method for storing data using a virtual worm file system
    US20100205660A1|2010-08-12|System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
    FR3079323A1|2019-09-27|METHOD AND SYSTEM FOR ACCESSING ANONYMIZED DATA
    FR3063406A1|2018-08-31|METHOD AND DEVICE FOR EXCHANGING INTEGRATED DATA
    KR20110140122A|2011-12-30|Methods for producing products which contain certificates and keys
    JP2007028015A|2007-02-01|Program, system and method for time stamp verification, and time stamp generation request method
    JP2022515467A|2022-02-18|Key security management systems and methods, media, and computer programs
    WO2007045745A1|2007-04-26|Method and device for creating a group signature and related method and device for verifying a group signature
    EP1011223A1|2000-06-21|Method and system for creating and managing at least one cryptographic key
    CA2844762C|2020-07-28|Method for managing and checking data from different identity domains organized into a structured set
    CN109447809A|2019-03-08|A kind of video active identification method of combination block chain
    US9276738B2|2016-03-01|Digital tachograph
    JP2021536698A|2021-12-27|Method and device for managing user identification authentication data
    CN106254341B|2019-03-19|For the data fingerprint extracting method and system of centralized electronic data safety system
    FR3073111A1|2019-05-03|METHOD AND DEVICE FOR STORING AND SHARING INTEGRATED DATA
    JP2015064767A|2015-04-09|Document storage management system and document storage management method
    US20210135877A1|2021-05-06|Methods, systems, and devices for managing digital assets
    US20200177561A1|2020-06-04|Techniques for improving security of encrypted vehicle software updates
    同族专利:
    公开号 | 公开日
    FR3063406B1|2021-08-06|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US20160330027A1|2015-05-05|2016-11-10|ShoCard, Inc.|Identity Management Service Using A Blockchain Providing Certifying Transactions Between Devices|EP3671598A1|2018-12-21|2020-06-24|Thales|Distributed registers for data sharing in aviation|
    EP3712798A1|2019-03-21|2020-09-23|Thales|Distributed registers for managing the life cycle of data in aeronautics|
    WO2021170305A1|2020-02-27|2021-09-02|Thales|Manipulation of databases by distributed registers|
    法律状态:
    2018-02-23| PLFP| Fee payment|Year of fee payment: 2 |
    2018-08-31| PLSC| Publication of the preliminary search report|Effective date: 20180831 |
    2020-02-19| PLFP| Fee payment|Year of fee payment: 4 |
    2021-02-24| PLFP| Fee payment|Year of fee payment: 5 |
    2022-02-16| PLFP| Fee payment|Year of fee payment: 6 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1700195|2017-02-28|
    FR1700195A|FR3063406B1|2017-02-28|2017-02-28|METHOD AND DEVICE FOR EXCHANGING INTEGRATED DATA|FR1700195A| FR3063406B1|2017-02-28|2017-02-28|METHOD AND DEVICE FOR EXCHANGING INTEGRATED DATA|
    PCT/EP2018/054046| WO2018158102A1|2017-02-28|2018-02-19|Integrated method and device for storing and sharing data|
    CN201880002670.3A| CN109792381B|2017-02-28|2018-02-19|Method and device for storing and sharing comprehensive data|
    EP18704578.6A| EP3590223B1|2017-02-28|2018-02-19|Integrated method and device for storing and sharing data|
    US16/313,582| US11005653B2|2017-02-28|2018-02-19|Integrated method and device for storing and sharing data|
    [返回顶部]