US 12,341,760 B2
Sourcing information for a zero-knowledge data management network
Brett Shockley, Bonita Springs, FL (US); Alexander John Shockley, Denver, CO (US); Michael Joseph Frendo, Boulder, CO (US); Shmuel Shaffer, Palo Alto, CA (US); Kenneth Keiter, Portland, OR (US); and James M. Behmke, Duxbury, MA (US)
Assigned to Journey.ai, Denver, CO (US)
Filed by Journey.ai, Denver, CO (US)
Filed on Dec. 13, 2023, as Appl. No. 18/538,178.
Application 18/538,178 is a continuation of application No. 17/711,698, filed on Apr. 1, 2022, granted, now 11,888,830.
Application 17/711,698 is a continuation of application No. 16/703,847, filed on Dec. 4, 2019, granted, now 11,323,424, issued on May 3, 2022.
Claims priority of provisional application 62/852,850, filed on May 24, 2019.
Claims priority of provisional application 62/775,302, filed on Dec. 4, 2018.
Prior Publication US 2024/0205201 A1, Jun. 20, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 3/06 (2006.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01); G06F 21/64 (2013.01); G06Q 20/38 (2012.01); G06Q 20/40 (2012.01); H04L 9/06 (2006.01); H04L 9/08 (2006.01); H04L 9/14 (2006.01); H04L 9/30 (2006.01); H04L 9/32 (2006.01)
CPC H04L 63/0471 (2013.01) [G06F 3/062 (2013.01); G06F 3/0655 (2013.01); G06F 3/067 (2013.01); G06F 21/602 (2013.01); G06F 21/62 (2013.01); G06F 21/645 (2013.01); G06Q 20/38215 (2013.01); G06Q 20/3829 (2013.01); G06Q 20/383 (2013.01); G06Q 20/401 (2013.01); H04L 9/0643 (2013.01); H04L 9/0819 (2013.01); H04L 9/0825 (2013.01); H04L 9/083 (2013.01); H04L 9/0833 (2013.01); H04L 9/0891 (2013.01); H04L 9/14 (2013.01); H04L 9/30 (2013.01); H04L 9/3218 (2013.01); H04L 9/3236 (2013.01); H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01); H04L 9/3265 (2013.01); H04L 9/3268 (2013.01); H04L 63/0421 (2013.01); H04L 63/0442 (2013.01); H04L 63/083 (2013.01); H04L 63/101 (2013.01); H04L 63/102 (2013.01)] 50 Claims
OG exemplary drawing
 
1. A method, comprising:
obtaining, at a source, source data;
encrypting, by the source, the source data with a source encryption key of the source to form source-encrypted source data;
sending, from the source, the source-encrypted source data to a storage server, wherein the storage server is unable to decrypt the source-encrypted source data;
establishing, by the source, a recipient-based rekeying key through an encrypting combination of a source decryption key of the source and a recipient public key of a particular recipient; and
sending, from the source, the recipient-based rekeying key to the storage server, wherein a request sent to the storage server to share the source data with the particular recipient causes the storage server to i) re-encrypt the source-encrypted source data with the recipient-based rekeying key, the re-encrypting resulting in recipient-based encrypted source data that is the source data encrypted with the recipient public key of the particular recipient, wherein the storage server is unable to decrypt the recipient-based encrypted source data, and ii) send the recipient-based encrypted source data to the particular recipient to cause the particular recipient to decrypt the recipient-based encrypted source data using a recipient private key of the particular recipient to obtain the source data, wherein an attestation server is configured to attest to the source data and wherein the attestation server is a first particular recipient to obtain the source data and attest to the source data for one or more subsequent particular recipients of the source data, and wherein the method further comprises:
establishing an attestation-server-based rekeying key through an encrypting combination of the source decryption key of the source and an attestation server public key; and
sending the attestation-server-based rekeying key to the storage server.