US 11,658,827 B2
Selective disclosure of attributes and data entries of a record
Adriaan Joris H. Larmuseau, Shanghai (CN)
Assigned to Koninklijke Philips N.V., Eindhoven (NL)
Filed by KONINKLIJKE PHILIPS N.V., Eindhoven (NL)
Filed on Jun. 26, 2020, as Appl. No. 16/913,641.
Claims priority of application No. 19182989 (EP), filed on Jun. 27, 2019.
Prior Publication US 2020/0412546 A1, Dec. 31, 2020
Int. Cl. H04L 9/32 (2006.01); G06F 16/23 (2019.01); H04L 9/30 (2006.01)
CPC H04L 9/3247 (2013.01) [G06F 16/2379 (2019.01); H04L 9/30 (2013.01); H04L 9/3218 (2013.01); H04L 9/3231 (2013.01)] 13 Claims
OG exemplary drawing
 
1. A system comprising an issuer device, a selector device, and a receiver device, wherein the issuer device is configured to provide a record to the selector device for selective disclosure to the receiver device,
the issuer device comprising:
an issuer memory configured to store:
an issuer private key, the issuer private key forming a public-private key pair with a corresponding issuer public key;
the record, the record comprising one or more attributes and comprising multiple data entries, wherein the one or more attributes and the multiple data entries correspond to two different data types;
an issuer processor configured to:
determine a secret record identifier;
generate a digital signature on an attribute message using the issuer private key, the attribute message comprising all of the one or more attributes and the secret record identifier;
generate multiple digital signatures on multiple data messages for the multiple data entries using the issuer private key, each data message for each data entry comprising the data entry and the secret record identifier;
provide the record, the secret record identifier, the digital signature on the attribute message, and the digital signatures on the data messages to the selector device;
wherein the selector device is configured to:
receive a request for one or more selected attributes and one or more selected data entries from the receiver device, and
disclose the selected attributes and the selected data entries to the receiver device,
the selector device comprising:
a selector memory configured to store: the record, the secret record identifier, the digital signature on the attribute message and the digital signatures on the data messages;
a selector processor configured to:
determine the selected attributes to be disclosed as a subset of the one or more attributes, and the selected data entries to be disclosed as a subset of the multiple data entries;
provide the selected attributes and the selected data entries to the receiver device;
perform a zero-knowledge proof with the receiver device, wherein the selector device proves knowledge of:
the secret record identifier;
the digital signature on the attribute message as being a digital signature on a message comprising at least the selected attributes and the secret record identifier, signed with a private key corresponding to the issuer public key;
the digital signatures on the data messages for the selected data entries as being digital signatures on messages comprising the selected data entries and each comprising the secret record identifier, signed with a private key corresponding to the issuer public key;
wherein the receiver device is configured to obtain the selected attributes and selected data entries from the selector device, the receiver device comprising:
a receiver memory configured to store the issuer public key;
a receiver processor configured to:
obtain from the selector device the selected attributes and the selected data entries;
perform the zero-knowledge proof with the selector device with respect to the obtained selected attributes and selected data entries to ascertain that the obtained selected attributes and selected data entries belong to the record of the issuer device.