US 10,891,384 B2
Blockchain transaction device and method
Douwe van de Ruit, The Hague (NL); and Rinze Cats, The Hague (NL)
Assigned to KONINKLIJKE KPN N.V., The Hague (NL)
Filed by Koninklijke KPN N.V., Rotterdam (NL)
Filed on Feb. 14, 2018, as Appl. No. 15/897,080.
Claims priority of provisional application 62/574,645, filed on Oct. 19, 2017.
Prior Publication US 2019/0121988 A1, Apr. 25, 2019
Int. Cl. H04L 9/32 (2006.01); G06F 21/60 (2013.01); G06Q 20/36 (2012.01); G06Q 20/38 (2012.01); G06Q 20/32 (2012.01); H04L 9/08 (2006.01)
CPC G06F 21/602 (2013.01) [G06Q 20/3229 (2013.01); G06Q 20/36 (2013.01); G06Q 20/3825 (2013.01); G06Q 20/3829 (2013.01); H04L 9/0825 (2013.01); H04L 9/0869 (2013.01); H04L 9/0894 (2013.01); H04L 9/3247 (2013.01); G06Q 2220/00 (2013.01); H04L 2209/38 (2013.01)] 13 Claims
OG exemplary drawing
 
1. A blockchain transaction device comprised in a mobile phone arranged to generate a transaction for a blockchain, the blockchain transaction device comprising:
an electronic memory system comprising a first electronic memory and a second electronic memory, the first and second memory being physically different memories, the electronic memory system further comprising:
a high security data area being part of the first memory and a low security data area being part of the second memory, the high security data area comprising data determining a private key of a public key and private key pair, and
a cryptographic kernel application and a transaction application, the cryptographic kernel application having access to the high security data area, the transaction application having access to the low security data area,
a processor circuit system comprising a first processor circuit and a second processor circuit, the first processor circuit being configured to execute the cryptographic kernel application, and the second processor circuit being configured to execute the transaction application, wherein the first memory and the first processor circuit are comprised in a Subscriber Identity Module (SIM), and wherein
the transaction application is configured to generate a transaction, said transaction comprising a signature, the transaction application being configured to call a signing interface of the cryptographic kernel application to obtain the signature,
the cryptographic kernel application comprises the signing interface and is configured to access the high security data area and compute the signature from the private key, and
a communication interface arranged to transmit the transaction for inclusion in the blockchain,
wherein a security domain is coupled to the transaction application and the cryptographic kernel application, the security domain linking the cryptographic kernel application having access to the high security data area in the SIM and the transaction application having access to the low security data area to each other.