Method and system for securely registering cryptographic keys on a physical medium for cryptographic keys, and physical medium produced

Abstract

The present invention relates to a method and a system for inscribing and securely storing cryptographic keys on a physical medium, and to a corresponding physical medium, comprising the following steps: from a first management entity (31), generating (1) a first pair of asymmetric cryptographic keys comprising a first user public key (pub1) and a first user private key (priv1), inscribing (2) the first user private key (priv1) onto a physical medium, and affixing (4) a first tamper-evident concealing element (hol1) to the physical medium in order to conceal the first user private key (priv1) and seal same, said first user private key (priv1) being accessible only by visibly breaking said first tamper-evident concealing element (hol1); from the second management entity (32), generating (6) a second pair of asymmetric cryptographic keys comprising a second user public key (pub2) and a second user private key (priv2), inscribing (7) the second user private key (priv2) onto the physical medium and affixing (9) a second tamper-evident concealing element (hol2) to the physical medium in order to conceal the second user private key (priv2) and seal same, said second user private key (priv2) being accessible only by visibly breaking said second tamper-evident concealing element (hol2); generating (10) at least one last user public key (pub0) and/or at least one cryptographic address (adr, adr-mult) from the first user public key (pub1) and the second user public key (pub2), inscribing (11) said at least one last public user key (pub0) and/or said at least one cryptographic address (adr, adr-mult) onto the physical medium, and verifying (12, 13) same, and finally recovering the private keys (priv1, priv2) comprising the generation of a last user private key (priv0) corresponding to the last user public key (pub0) and/or to said at least one cryptographic address (adr, adr-mult).

Claims

1. A method for inscribing and securely storing cryptographic keys on a physical medium (100, 200), said method comprising the following steps: a) at a first management entity (31), generating (1) a first pair of asymmetric cryptographic keys comprising a first user public key (pub1) and a first user private key (priv1), comprising: storing (1) the first user public key (pub1) in a first recording memory (41); inscribing (2) the first user private key (priv1) onto the physical medium (100, 200), and verifying (3) the first user private key (priv1) inscribed onto the physical medium and affixing (4) a first tamper-evident concealing element (hol1) to the physical medium in order to conceal and to seal the first user private key (priv1), said first user private key (priv1) being accessible only by visibly breaking said first tamper-evident concealing element (hol1); b) generating (6) a second pair of asymmetric cryptographic keys comprising a second user public key (pub2) and a second user private key (priv2), comprising: storing the second user public key (pub2) in a second recording memory (42); inscribing (7) the second user private key (priv2) onto the physical medium, and verifying (8) the second user private key (priv2) inscribed onto the physical medium and affixing (9) a second tamper-evident concealing element (hol2) to the physical medium in order to conceal and to seal the second user private key (priv2), said second user private key (priv2) being accessible only by visibly breaking said second tamper-evident concealing element (hol2); c) sending (5) the physical medium to a second management entity (32), the generation (6) of the second pair of asymmetric cryptographic keys being carried out at said second management entity (32), said method further comprises the following steps: d) generating (10) at least one last user public key (pub0) and/or at least one cryptographic address (adr, adr-mult) from the first user public key (pub1) and the second user public key (pub2), e) inscribing (11) said at least one last public user key (pub0) and/or said at least one cryptographic address (adr, adr-mult) onto the physical medium, and verifying (12, 13) said at least one last public user key (pub0) and/or said at least one cryptographic address, and f) finally recovering private keys (priv1, priv2) comprising the generation of a last user private key (priv0) corresponding to the at least one last user public key (pub0) inscribed onto the physical medium and/or to said at least one cryptographic address (adr, adr-mult) inscribed onto the physical medium.

2. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein the first user private key (priv1) is engraved (3) on the physical medium (100, 200) by a first engraving apparatus (51) and the second user private key (priv2) is engraved (7) on the physical medium (100, 200) by a second engraving apparatus (52) distinct from the first engraving apparatus (51).

3. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein said at least one last user public key (pub0) is engraved (11) on the physical medium (100, 200) and/or said at least one cryptographic address (adr, adr-mult) is engraved (11) on the physical medium (100, 200).

4. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein the at least one last user public key (pub0) is part of a third asymmetric cryptographic pair comprising the at least one last user public key (pub0) and the last user private key (priv0).

5. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein the step of recovering private keys comprises: verifying (14) the integrity of the first tamper-evident concealing element (hol1) and second tamper-evident concealing element (hol2), reading (15) the first and second user private keys (priv1, priv2) by removing the first tamper-evident concealing element (hol1) and second tamper-evident concealing element (hol2), and then, from the first and second user private keys (priv1, priv2) inscribed onto the medium, generating (16) the last user private key (priv0) corresponding to the at least one last user public key (pub0).

6. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein the at least one last user public key (pub0) is used to generate said at least one cryptographic address (adr), this address (adr) being calculated from the at least one last user public key (pub0) and being inscribed onto the physical medium.

7. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein said at least one cryptographic address (adr-mult) is a multi-signature address (adr-mult) generated (10) from the first user public key (pub1) and the second user public key (pub2), this multi-signature address (adr-mult) being engraved (11) on the physical medium.

8. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 6, wherein said method comprises a step of recovering private keys which comprises: verifying the integrity of the first tamper-evident concealing element (hol1) and second tamper-evident concealing element (hol2), reading the first and second user private keys (priv1, priv2) by removing the first tamper-evident concealing element (hol1) and second tamper-evident concealing element (hol2), and from the first and second user private keys (priv1, priv2) inscribed onto the medium, recalculating said at least one cryptographic address (adr) and then verifying whether said at least one cryptographic address matches cryptographic address (adr) inscribed onto the physical medium to use to access and/or withdraw cryptocurrency from an account.

9. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein said method comprises: f) sending the physical medium (100, 200) to a third management entity (33), g) from the third management entity (33), generating (6) a third pair of asymmetric cryptographic keys comprising a third user public key (pub3) and a third user private key (priv3), comprising: storing the third user public key (pub3) in a third recording memory (43); inscribing (7) the third user private key (priv3) onto the physical medium, and verifying (8) the third user private key (priv3) inscribed onto the physical medium and affixing (9) a third tamper-evident concealing element (hol3) to the physical medium in order to conceal and to seal the third user private key (priv3), said third user private key (priv3) being accessible only by visibly breaking said third tamper-evident concealing element (hol3); h) generating (10) at least one last user public key (pub0) and/or at least one cryptographic address (adr, adr-mult) from the first user public key (pub1), the second user public key (pub2), and the third user public key (pub3), and i) inscribing (11) said at least one last public user key (pub0) and/or said at least one cryptographic address (adr, adr-mult) onto the physical medium, and verifying (12, 13) said at least one last public user key and/or said at least one cryptographic address.

10. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 9, wherein the step of recovering private keys comprises: verifying (16) the integrity of the first tamper-evident concealing element (hol1), second tamper-evident concealing element(hol2) and third tamper-evident concealing element(hol3), reading the first, second and third user private keys (priv1, priv2, priv3) by removing the first concealing element, second concealing element and third concealing element, and then, from the first, second and third user private keys (priv1, priv2, priv3) inscribed onto the medium, generating the last user private key (priv0) corresponding to the at least one last user public key (pub0) and/or to said at least one cryptographic address (adr, adr-mult).

11. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 9, wherein the at least one last user public key (pub0) is used to generate said at least one cryptographic address (adr), this address (adr) being calculated from the at least one last user public key (pub0) and being engraved on the physical medium.

12. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein each of concealing elements (hol1, hol2, hol3) is a tamper-evident holographic sticker (hol1, hol2, hol3).

13. The method for inscribing and securely storing cryptographic keys on the physical medium according to claim 1, wherein the method comprises generating a plurality of n asymmetric cryptographic keys, from n distinct management entities, wherein n>2, said plurality of n asymmetric cryptographic keys each comprising a combination of a user public key with a user private key, and/or a public key address, and/or a multi-signature address of multiple public keys, n−1 first management entities of the n distinct management entities performing steps (1) to (5) one after the other and n.sup.th management entity of the n distinct management entities performing steps (6) to (13).

14. A system for inscribing and securely storing cryptographic keys on a physical medium in order to implement the method according to claim 1, the system comprising: a first management entity (31) configured to generate a first pair of asymmetric cryptographic keys comprising a first user public key (pub1) and a first user private key (priv1), the first management entity (31) comprising: a first computer (41) in which program instructions are stored, which instructions, when read by a first data processor, cause the first computer to generate the first user private key (priv1) and store the first user public key (pub1) in a first recording memory, a first device (51) associated with the first computer configured to inscribe the first user private key (priv1) onto a physical medium (100, 200), and a first means for verifying the first user private key (priv1) inscribed and affixing a first tamper-evident concealing element (hol1) to the physical medium in order to conceal the first user private key (priv1) and make it non-visible, the system further comprising: a second management entity (32) configured to generate a second pair of asymmetric cryptographic keys comprising a second user public key (pub2) and a second user private key (priv2), the second management entity (32) comprising: a second computer (42) in which program instructions are stored, which instructions, when read by a second data processor, cause the second computer (42) to be configured to store the second user public key (pub2) in a second recording memory; a second device (52) associated with the second computer for inscribing the second user private key (priv2) onto the physical medium, and a second means for verifying the second user private key (priv2) inscribed and affixing a second tamper-evident concealing element (hol2) to the physical medium in order to conceal the second user private key (priv2) and make it non-visible, characterized in that: the second computer (42) is further configured to generate a last user public key (pub0) from the first user public key (pub1) and the second user public key (pub2), and to allow the inscription of the last user public key (pub0) onto the physical medium by the second device (52) and the verification of same.

15. The system for inscribing and securely storing cryptographic keys on the physical medium of claim 14, wherein said first device (51) comprises a first engraving apparatus (51) configured to engrave the first user private key (priv1) on the physical medium (100, 200), and said second device (52) comprises a second engraving apparatus (52) distinct from the first engraving apparatus (51) configured to engrave the second user private key (priv2) on the physical medium (100, 200).

16. The system for inscribing and securely storing cryptographic keys on the physical medium of claim 14, the system further comprising: a third management entity (33) configured to generate a third pair of asymmetric cryptographic keys comprising a third user public key (pub3) and a third user private key (priv3), the third management entity (33) comprising: a third computer (43) in which program instructions are stored, which instructions, when read by a third data processor, cause the third computer to store the third user public key (pub3) in a third recording memory and to generate the third first user private key (priv3), a third device (53) associated with the third computer (43) configured to inscribe the third user private key (priv3) onto the physical medium (100, 200), and a third means for verifying the third user private key (priv3) inscribed onto the physical medium and affixing a third tamper-evident concealing element (hol3) to the physical medium in order to conceal the third user private key (priv3) and make the third user private key non-visible, the third computer (43) being further configured to generate the last user public key (pub0) from the first user public key (pub1), the second user public key (pub2) and the third user public key (pub3), and to allow inscription of the last user public key (pub0) onto the physical medium by the third device (53).

17. A physical medium (100, 200) produced according to the method for inscribing and securely storing cryptographic keys on a physical medium according to claim 1, said medium (100, 200) being characterized in that it comprises: a first user private key (priv1) inscribed onto the medium, the first user private key (priv1) being associated with a first user public key (pub1) to form a first pair of asymmetric cryptographic keys, a first tamper-evident concealing element (hol1) for concealing first user private key (priv1) and sealing same, said first user private key (priv1) being accessible only by visibly breaking said first tamper-evident concealing element (hol1); a second user private key (priv2) inscribed onto the medium, the second user private key (priv2) being associated with a second user public key (pub2) to form a second pair of asymmetric cryptographic keys, a second tamper-evident concealing element (hol2) for concealing second user private key (priv2) and sealing same, said second user private key (priv2) being accessible only by visibly breaking said second tamper-evident concealing element (hol2); and at least one last user public key (pub0) and/or at least one cryptographic address (adr, adr-mult) inscribed onto the medium, which is generated from the first user public key (pub1) and the second user public key (pub2).

18. The physical medium according to claim 17, said medium (100, 200) further comprises a third user private key (priv3) inscribed onto the medium, the third user private key (priv3) being associated with a third user public key (pub3) to form a third pair of asymmetric cryptographic keys, a third tamper-evident concealing element (hol3) for concealing and sealing third user private key (priv3), said third user private key (priv3) being accessible only by visibly breaking said third tamper-evident concealing element (hol3); and the at least one last user public key (pub0) and/or the at least one cryptographic address (adr, adr-mult) inscribed onto the medium being generated from the first user public key (pub1), the second user public key (pub2) and the third user public key (pub3).

19. The physical medium according to claim 17, said medium (100, 200) being made of metal, wood, glass, stone, plastic, ceramic, leather, fabric or paper.

20. The physical medium according to claim 17, said medium (100, 200) being formed of a bar of metal or metal alloy, such as a gold, platinum, silver or steel bar.

21. The physical medium according to claim 17, said medium (100, 200) being further formed of one or more moving metal parts, various public keys, private keys or addresses being inscribed onto said one or more moving metal parts.

22. The physical medium according to claim 17, said medium (200) being formed of a plurality of separate elements (210, 220, 230, 240) and a base (250), each separate element (bar1-bar4) has its own private keys (priv1, priv2) and its own public key (pub1), a multi-signature cryptocurrency address common to the separate elements (210, 220, 230, 240) being generated and inscribed onto the base (250).

23. The physical medium according to claim 17, said medium (100, 200) comprising a plurality of n asymmetric cryptographic keys, wherein n>2, said cryptographic keys each comprising a combination of a user public key with a user private key and/or with a public key address and/or with a multi-signature address of multiple public keys, the n private user keys being inscribed onto the medium, a plurality of n tamper-evident concealing elements for concealing each of n private user keys, of the plurality of n asymmetric cryptographic keys, inscribed onto the medium and sealing said each of said n private user keys, said n private user keys being accessible only by visibly breaking said plurality of n tamper-evident concealing elements, and an n+1th user public key and/or an n+1th cryptographic address (adr, adr-mult) inscribed onto the medium, which is generated from n user public keys of the plurality of n asymmetric cryptographic keys.

24. The physical medium according to claim 17, said medium (100, 200) further comprising one or more of the following pieces of information: the name of a management entity (31, 22, 33), a serial number, a production year, a name and an amount of cryptocurrency.

Description

BRIEF DESCRIPTION OF THE FIGURES

(1) Other characteristics and advantages of the invention will become apparent on reading the detailed description which follows. Also, in order to allow a clearer understanding of the invention, several preferred embodiments will be described below, by way of example, with particular reference to the appended figures, among which:

(2) FIG. 1 shows a diagram of a representative embodiment of the invention using two management entities to provide a last user public key (pub0),

(3) FIG. 2 shows a diagram of another representative embodiment of the invention using two management entities to provide a last user public key (pub0) and a cryptographic address,

(4) FIG. 3 shows a diagram of another representative embodiment of the invention using two management entities to provide a multi-signature address,

(5) FIG. 4 shows a diagram of another representative embodiment of the invention using three management entities to provide a last user public key (pub0),

(6) FIG. 5 shows a diagram of another representative embodiment of the invention using three management entities to provide a last user public key (pub0) and a cryptographic address,

(7) FIG. 6 shows a diagram of another representative embodiment of the invention using three management entities to provide a multi-signature address,

(8) FIG. 7 is a schematic view of a management entity representative of the system of the invention,

(9) FIG. 8 is a schematic view of a physical medium in one embodiment of the invention, and

(10) FIG. 9 is a schematic view of a physical medium in another embodiment of the invention,

(11) The present invention is described with particular embodiments and references to figures, but the invention is not limited by these. The described drawings or figures are only schematic and are not limiting.

First Embodiment of the Invention

(12) FIG. 1 shows a representative embodiment of the invention using two management entities 31 and 32 to provide a last user public key (pub0).

(13) The system for inscribing and securely storing cryptographic keys on a physical medium includes:

(14) a first management entity (31) configured to generate a first pair of asymmetric cryptographic keys comprising a first user public key (pub1) and a first user private key (priv1),

(15) the first management entity (31) comprising: a first computer (41) in which program instructions are stored, which instructions, when read by a first data processor, cause the first computer to generate the first user private key (priv1) and store the first user public key (pub1) in a first recording memory, a first device (51) associated with the first computer configured to inscribe the first user private key (priv1) onto a physical medium, and a first means for verifying the first user private key (priv1) inscribed and affixing a first tamper-evident concealing element (hol1) to the physical medium in order to conceal the first user private key (priv1) and make it non-visible,

(16) a second management entity (32) configured to generate a second pair of asymmetric cryptographic keys comprising a second user public key (pub2) and a second user private key (priv2), the second management entity (32) comprising: a second computer (42) in which program instructions are stored, which instructions, when read by a second data processor, cause the second computer (42) to be configured to store the second user public key (pub2) in a second recording memory; a second device (52) associated with the second computer for inscribing the second user private key (priv2) onto the physical medium, and a second means for verifying the second user private key (priv2) inscribed and affixing a second tamper-evident concealing element (hol2) to the physical medium in order to conceal the second user private key (priv2) and make it non-visible, the second computer (42) being further configured to generate a last user public key (pub0) from the first user public key (pub1) and the second user public key (pub2), and to allow the inscription of the last user public key (pub0) onto the physical medium by the second device (52).

(17) Hardware and Software

(18) The process for inscribing cryptographic keys requires at least two different management entities 31 and 32.

(19) The management entities 31 and 32 can be associated, for example, with an individual, with a group of people, such as the employees of a company, or with a system such as a service provider.

(20) As shown in FIG. 7, the entities 31 and 32 comprise an engraving machine 51, 52 connected to a computer 41, 42 for inscribing onto the metal bar. This computer 41, 42 is not connected to any network, in order to avoid cyberattacks. It is also advisable to have a computer 41, 42 with electromagnetic protection in order to avoid attacks using electromagnetic waves to damage or spy on the equipment. The software used for generating private keys is installed on this computer. The entities 31 and 32 can use the same type of hardware and software. Each entity has different holograms which it will affix to the metal bar.

(21) The software makes it possible to carry out cryptographic calculations for generating, verifying and signing asymmetric key pairs. It also makes it possible to generate a cryptocurrency address from a key or from multiple public keys. It is possible to use a computer 41, 42 with electromagnetic protection in order to avoid attacks using electromagnetic waves to damage or spy on the equipment. The software used for generating private keys is installed on this computer 41, 42. Each entity has different holograms which it will affix to the metal bar.

(22) If there are two entities, four employees may be involved, for example: Alice and Albert, employees of the first entity 31. Bob and Brian, employees of the second entity 32.

(23) Inscribing the Cryptographic Keys

(24) The steps of generating and inscribing the public and private keys are shown in the diagram of FIG. 1.

(25) (1) Alice generates a public/private key pair on the computer 41 using the software.

(26) (2) Alice takes a metal bar 100 and inscribes the private key (priv1).

(27) (3) Albert enters this private key into the software. The latter re-generates the public key (pub1). Albert verifies that the public key generated from the private key and the public key (pub1) generated by Alice are the same.

(28) (4) Once this verification has been carried out, Alice and Albert affix the tamper-evident holographic sticker (hol1) of their entity 31 over the private key (priv1).

(29) (5) Alice and Albert send the metal bar and the public key (pub1) to the second entity.

(30) The second entity 32 then performs a similar process.

(31) (6) Brian generates a public/private key pair,

(32) (7) Brian inscribes the private key (priv2), then

(33) (8) Bob verifies with the software that the engraved key has the same public key (pub2) as that of Brian.

(34) (9) Bob and Brian affix the tamper-evident holographic sticker (hol2) of their entity 32 over the private key (priv2).

(35) (10) Then, using the two public keys pub1 and pub2, Brian uses the software to derive a third public key (pub0).

(36) (11) Brian inscribes this public key (pub0) onto the metal bar 100.

(37) (12) In the last step Bob verifies, using the public keys pub1 and pub2, that the public key pub0 has been correctly engraved on the metal bar 100. For this, he enters, in turn, the public keys pub1 and pub2 into the software and makes sure that the public key engraved on the metal bar 100 is the correct one. Bob and Brian send the metal bar and the public key (pub2) to the first entity.

(38) (13) Employees Alice and Albert of the entity 31 must also calculate the public key (pub0) using the public keys pub1 and pub2 and verify that the public key (pub0) inscribed onto the metal bar 100 is the same as the one they calculated.

(39) Then, once the engraving process has been completed correctly, the employees of the entity 31 seal the metal bar 100 in plastic protection.

(40) This process makes it possible to create a metal bar 100 on which two private keys (priv1 and priv2) are inscribed by two different entities, hidden by two tamper-evident holographic stickers (hol1 and hol2), as well as a public key (pub0) corresponding to the combination of the two hidden private keys (priv1 and priv2). At no time were the two private keys (priv1 and priv2) visible to one person at the same time.

(41) Recovering the Private Key

(42) (14) The owner of the metal bar 100 can verify that the secrets (priv1 and priv2) of the bar 100 have not been revealed by verifying the integrity of the tamper-evident holographic stickers (hol1 and hol2).

(43) (15) When the owner wishes to recover the private key priv0 corresponding to the public key pub0 engraved on their bar 100, they must remove the two tamper-evident holographic stickers (hol1 and hol2). The secrets (priv1 and priv2) are then visible.

(44) (16) The software for recovering private keys asks the owner of the bar 100 to enter the secrets (priv1 and priv2) inscribed onto the metal bar 100. The software then generates the private key priv0 corresponding to the public key pub0. It was only at the recovery stage that the private key priv0 was calculated. It has never been present on any computer before, which means that neither the employees of the entity 31 nor the employees of the entity 32 could have seen this private key priv0.

Second Embodiment

(45) FIG. 2 shows a representative embodiment of the invention using two management entities 31 and 32 to provide a last user public key (pub0) and a cryptographic address (adr).

(46) In this variant, a last user public key (pub0) is generated and a cryptographic address (adr) is engraved (11) on the physical medium. The last user public key (pub0) is used to generate the cryptographic address (adr), this address (adr) being calculated from the last user public key (pub0) and being engraved on the physical medium.

(47) In this variant of the method, the steps for generating and inscribing the public and private keys presented in the diagram of FIG. 2 are similar to those presented in the diagram of FIG. 1.

(48) If the cryptographic keys are used in the context of cryptocurrencies, it is possible to inscribe the address (adr) corresponding to the public key (pub0) rather than the public key (pub0) itself.

(49) In this variant, the steps (11) and (12) of the method are different. This time, instead of writing the public key pub0, Brian inscribes the address (adr) corresponding to the public key pub0. The calculation of the address (adr) depends on the cryptocurrency used but the address (adr) always depends on the public key pub0.

(50) The verification carried out by the 1st entity 31 in step (13) is modified, because it is no longer the public key pub0 that is inscribed but rather the cryptocurrency address (adr). Consequently, the verification carried out consists in recalculating this address (adr) and verifying that the inscribed address (adr) matches the calculated address.

(51) The verification carried out in (16) by the owner is also different because in this case, the owner of the physical medium 100 verifies the address pub0 and not the public key pub0.

Third Embodiment

(52) FIG. 3 shows a representative embodiment of the invention using two management entities 31 and 32 to provide a multi-signature address (adr-mult).

(53) In this variant, a multi-signature address (adr-mult) is generated from the first user public key (pub1) and the second user public key (pub2), this multi-signature address (adr-mult) being engraved (11) on the physical medium.

(54) In this variant of the method, the steps for generating and inscribing the public and private keys presented in the diagram of FIG. 3 are similar to those presented in the diagram of FIG. 2.

(55) Remaining on the subject of cryptocurrencies, it is possible to make the address (adr-mult) depend directly on the public keys pub1 and pub2 without having to generate a third public key pub0. In this case the address (adr-mult) inscribed onto the physical medium is a 2-of-2 “multi-signature” address, which means that to sign a transaction, the two private keys priv1 and priv2 inscribed under the hidden portions are used directly to sign a transaction. There is no generation of a 3rd private key, derived from the private keys priv1 and priv2.

(56) The different steps of this preferred embodiment are, as for the variant of FIG. 2, steps (11), (12), (13) and (16). Steps (11) and (12) are different because it is not the public key pub0 that is inscribed onto the medium, but the multi-signature address (adr-mult) corresponding to the two public keys pub1 and pub2. In step (11), Brian inscribes the address (adr-mult) corresponding to the public keys pub1 and pub2. And in step (12) Bob verifies this address (adr-mult).

(57) The verification carried out by the 1st entity 31 in step (13) is modified, because it is no longer the public key pub0 that needs to be verified, but rather the multi-signature cryptocurrency address (adr-mult). Consequently, as with the variant of FIG. 2, the verification carried out consists in recalculating the address (adr-mult) and verifying that the inscribed address (adr-mult) matches the calculated address.

(58) The verification carried out in (16) is different because in this case, the owner of the physical medium 100 does not verify the public key pub0 but rather the multi-signature address (adr-mult) corresponding to the public keys pub1 and pub2.

Fourth Embodiment

(59) FIG. 4 shows a representative embodiment of the invention using three management entities 31, 32 and 33 to provide a last user public key (pub0).

(60) In this variant, the system further comprises:

(61) a third management entity (33) configured to generate a third pair of asymmetric cryptographic keys comprising a third user public key (pub3) and a third user private key (priv3),

(62) the third management entity (33) comprising: a third computer (43) in which program instructions are stored, which instructions, when read by a third data processor, cause the third computer (43) to store the third user public key (pub3) in a third recording memory and to generate the third first user private key (priv3), a third device (53) associated with the third computer (43) configured to inscribe the third user private key (priv3) onto the physical medium, and a third means for verifying the third user private key (priv3) inscribed and affixing a third tamper-evident concealing element (hol3) to the physical medium in order to conceal the third user private key (priv3) and make it non-visible, the third computer (43) being further configured to generate the last user public key (pub0) from the first user public key (pub1), the second user public key (pub2) and the third user public key (pub3), and to allow the inscription of the last user public key (pub0) onto the physical medium by the third device (53).

(63) As shown in FIG. 7, the entities 31, 32 and 33 each need an engraving machine 51, 52, 53 connected to a computer 41, 42, 43 in order to inscribe onto the metal bar. This computer 41, 42, 43 is not connected to any network, to avoid cyberattacks. Entities 31, 32 and 33 can use the same type of hardware 41, 42, 43, 51, 52, 53 and software.

(64) Each entity 31, 32 and 33 has different holograms which it will affix to the metal bar.

(65) If there are three entities, there may be six employees involved, as an example: Alice and Albert, employees of the first entity 31. Charlie and Clara, employees of the second entity 32. Bob and Brian, employees of the third entity 33.

(66) Inscribing the Cryptographic Keys

(67) The steps of generating and inscribing the public and private keys are shown in the diagram of FIG. 4.

(68) (1) Alice generates a public/private key pair on the computer using the software.

(69) (2) Alice takes a metal bar 100 and inscribes the private key (priv1).

(70) (3) Albert enters this private key into the software. The latter re-generates the public key (pub1). Albert verifies that the public key generated from the private key and the public key (pub1) generated by Alice are the same.

(71) (4) Once this verification has been carried out, Alice and Albert affix the tamper-evident holographic sticker (hol1) of their entity 31 over the private key (priv1).

(72) (5) Alice and Albert send the metal bar and the public key (pub1) to the second entity 32.

(73) The second entity 32 then performs a similar process.

(74) (1′) Charlie generates a public/private key pair,

(75) (2′) Charlie inscribes the private key (priv2), then

(76) (3′) Clara verifies with the software that the engraved key has the same public key (pub2) as that of Brian.

(77) (4′) Charlie and Clara affix the tamper-evident holographic sticker (hol2) of their entity 32 over the private key (priv2).

(78) (5′) Then Charlie and Clara send the metal bar and the public keys (pub1 and pub2) to the third entity 33.

(79) The third entity 33 then performs a similar process.

(80) (6) Brian generates a public/private key pair (priv3, pub3),

(81) (7) Brian inscribes the private key (priv3), then

(82) (8) Bob verifies with the software that the engraved key has the same public key (pub3) as that of Brian.

(83) (9) Bob and Brian affix the tamper-evident holographic sticker (hol3) of their entity 33 over the private key (priv3).

(84) (10) Then using the three public keys pub1, pub2 and pub3, Brian uses the software to derive a fourth public key (pub0).

(85) (11) Brian inscribes this public key (pub0) onto the metal bar 100.

(86) (12) In the last step Bob verifies, using the public keys pub1, pub2 and pub3, that the public key pub0 has been correctly engraved on the metal bar 100. For this, he enters, in turn, the public keys pub1, pub2 and pub3 into the software and makes sure that the public key pub0 engraved on the metal bar 100 is the correct one. Bob and Brian send the metal bar and public key (pub3) to the second entity.

(87) (13′) Employees Charlie and Clara of the entity 32 must calculate the public key (pub0) using the public keys pub1, pub2 and pub3 and verify that the public key (pub0) inscribed onto the metal bar 100 is the same as the one they calculated. Charlie and Clara send the metal bar and the public keys (pub2 and pub3) to the first entity.

(88) (13) Employees Alice and Albert of the entity 31 must also calculate the public key (pub0) using the public keys pub1, pub2 and pub3 and verify that the public key (pub0) inscribed onto the metal bar 100 is the same as the one they calculated.

(89) Then, once the engraving process has been completed correctly, the employees of the entity 31 seal the metal bar 100 in plastic protection.

(90) This process creates a metal bar 100 on which three private keys (priv1, priv2 and priv3) are inscribed by three different entities, hidden by three tamper-evident holographic stickers (hol1, hol2 and hol3), as well as a public key (pub0) corresponding to the combination of the three hidden private keys (priv1, priv2 and priv3). At no time were the three private keys (priv1, priv2 and priv3) visible to one person at the same time.

(91) Recovering the Private Key

(92) (14) The owner of the metal bar 100 can verify that the secrets (priv1, priv2 and priv3) of the bar 100 have not been revealed by verifying the integrity of the tamper-evident holographic stickers (hol1, hol2 and hol3).

(93) (15) When the owner wishes to recover the private key priv0 corresponding to the public key pub0 engraved on their bar 100, they must remove the three tamper-evident holographic stickers (hol1, hol2 and hol3). The secrets (priv1, priv2 and priv3) are then visible.

(94) (16) The software for recovering private keys asks the owner of the bar 100 to enter the secrets (priv1, priv2 and priv3) inscribed onto the metal bar 100. The software then generates the private key priv0 corresponding to the public key pub0. It was only at the recovery stage that the private key priv0 was calculated. It has never been present on any computer before, which means that neither the employees of the entity 31 nor the employees of the entities 32 or 33 could have seen this private key priv0.

Fifth Embodiment

(95) FIG. 5 shows a representative embodiment of the invention using two management entities 31, 32 and 33 to provide a last user public key (pub0) and a cryptographic address (adr).

(96) In this variant, a last user public key (pub0) is generated and a cryptographic address (adr) is engraved (11) on the physical medium. The last user public key (pub0) is used to generate the cryptographic address (adr), this address (adr) being calculated from the last user public key (pub0) and being engraved on the physical medium.

(97) In this variant of the method, the steps for generating and inscribing the public and private keys presented in the diagram of FIG. 5 are similar to those presented in the diagram of FIG. 4.

(98) If the cryptographic keys are used in the context of cryptocurrencies, it is possible to inscribe the address (adr) corresponding to the public key (pub0) rather than the public key (pub0) itself.

(99) In this variant, the steps (11) and (12) of the method are different. This time, instead of writing the public key pub0, Brian inscribes the address (adr) corresponding to the public key pub0. The calculation of the address (adr) depends on the cryptocurrency used but the address (adr) always depends on the public key pub0.

(100) The verification carried out by the first and second entities 31 and 32 in step (13′ and 13) is modified, because it is no longer the public key pub0 that is inscribed, but rather the cryptocurrency address (adr). Consequently, the verification carried out consists in recalculating this address (adr) and verifying that the inscribed address (adr) matches the calculated address.

(101) The verification carried out in (16) by the owner is also different because in this case, the owner of the physical medium 100 verifies the address (adr) and not the public key pub0.

Sixth Embodiment

(102) FIG. 6 shows a representative embodiment of the invention using three management entities 31, 32 and 33 to provide a multi-signature address (adr-mult).

(103) In this variant, a multi-signature address (adr-mult) is generated from the first user public key (pub1), the second user public key (pub2) and the third user public key (pub3), this multi-signature address (adr-mult) being engraved (11) on the physical medium.

(104) In this variant of the method, the steps for generating and inscribing the public and private keys presented in the diagram of FIG. 6 are similar to those presented in the diagram of FIG. 5.

(105) Remaining on the subject of cryptocurrencies, it is possible to make the address (adr-mult) depend directly on the public keys pub1, pub2 and pub3 without having to generate a fourth public key pub0. In this case the address (adr-mult) inscribed onto the physical medium is a 3-of-3 “multi-signature” address, which means that to sign a transaction, the three private keys priv1, priv2 and priv3 inscribed under the hidden portions are used directly to sign a transaction. There is no generation of a 4th private key, derived from the private keys priv1, priv2 and priv3.

(106) The different steps of this preferred embodiment are, as for the variant of FIG. 5, steps (11), (12), (13) and (16). Steps (11) and (12) are different because it is not the public key pub0 that is inscribed onto the medium, but rather the multi-signature address (adr-mult) corresponding to the three public keys pub1, pub2 and pub3. In step (11), Brian inscribes the address (adr-mult) corresponding to the public keys pub1, pub2 and pub3. And in step (12) Bob verifies this address (adr-mult).

(107) The verification carried out by the first and second entities 31 and 32 in step (13′,13) is modified, because it is no longer the public key pub0 that needs to be verified, but rather the multi-signature cryptocurrency address (adr-mult). Consequently, as with the variant of FIG. 5, the verification carried out consists in recalculating the address (adr-mult) and verifying that the inscribed address (adr-mult) matches the calculated address.

(108) The verification carried out in (16) is different because in this case, the owner of the physical medium 100 does not verify the public key pub0 but rather the multi-signature address (adr-mult) corresponding to the public keys pub1, pub2 and pub3.

(109) Other Embodiments with Multiple Secrets

(110) The number of secrets of the preferred embodiment involves two or three entities, each with a signature. However, the number of entities involved in the execution may be greater. This number is only limited by the space available on the physical medium.

(111) In this case the process is very similar. If n entities are involved in the execution, the n−1 first entities perform steps (1) to (5) one after the other and the last entity completes the execution with steps (6) to (12).

(112) The step (13) of verifying the public key or the address inscribed onto the physical medium must be carried out by all the entities which have generated a private key.

(113) In this variant, the step of verification by the owner is also different, because this time it requires the combination of n private keys.

(114) The n secrets can be used to generate:

(115) 1. A public key (as in the embodiment of FIG. 1),

(116) 2. The address of a public key (as in the variant of FIG. 2),

(117) 3. The multi-signature address of multiple public keys (as in the variant of FIG. 3).

(118) Physical Medium

(119) FIG. 8 is a schematic view of a physical medium 100 in one embodiment of the invention,

(120) This physical medium 100 comprises: a first user private key (priv1) inscribed onto the medium, the first user private key (priv1) being associated with a first user public key (pub1) to form a first pair of asymmetric cryptographic keys, a first tamper-evident concealing element (hol1) for concealing first user private key (priv1) and sealing same, said first user private key (priv1) being accessible only by visibly breaking said first tamper-evident concealing element (hol1); a second user private key (priv2) inscribed onto the medium, the second user private key (priv2) being associated with a second user public key (pub2) to form a second pair of asymmetric cryptographic keys, a second tamper-evident concealing element (hol2) for concealing second user private key (priv2) and sealing same, the second user private key (priv2) being accessible only by visibly breaking the second tamper-evident concealing element (hol2); and a last user public key (pub0) inscribed onto the medium, which is generated from the first user public key (pub1) and the second user public key (pub2).

(121) Instead of the last user public key (pub0), a cryptographic address can also be inscribed onto the medium.

(122) The medium 100 can be formed from a bar of metal or metal alloy, such as a gold, platinum, silver or steel bar. Any other medium can be used to inscribe the private keys. For example, wood, glass, stone, plastic, ceramics, paper, etc.

(123) The inscription can use alphanumeric characters, barcodes, QR codes or any other possible representation.

(124) Instead of inscribing the codes directly onto a metal bar, it is possible to inscribe the different codes (public keys, private keys or addresses) onto one or more moving metal part(s).

(125) Other variants of the process are possible and are described in the following section.

(126) Multiple Media

(127) FIG. 9 is a schematic view of a physical medium 200 in another embodiment of the invention.

(128) This alternative embodiment is an extension of the preferred embodiment described in FIG. 1 to 6 (or the variant with multiple secrets for a public key). It uses the preceding methods to create a plurality of physical media 210, 220, 230, 240.

(129) The medium 200 is formed by a plurality of separate elements 210, 220, 230, 240 and a base 250, each separate element 210, 220, 230, 240 has its own private keys (priv1, priv2) and its own public key (pub1), a multi-signature cryptocurrency address common to the separate elements 210, 220, 230, 240 being generated and inscribed onto the base 250.

(130) Since each medium 210, 220, 230, 240 has its own public key, it is possible to generate a multi-signature cryptocurrency address common to a plurality of physical media. For example, if three elements of physical media are used, it is possible to generate a multi-signature address (2-of-3) corresponding to the three public keys. This address can therefore now be inscribed onto a 4th element or base of the physical medium.

(131) In this case, the process is as follows: (1) n elements of physical media are created by the two or three entities in accordance with the preferred embodiment described in FIG. 1 (or variant with multiple secrets).

(132) (2) Alice of the entity 31 enters the n public keys and indicates the required number of signatures s into the software that generates the multi-signature cryptocurrency address.

(133) Alice inscribes this address onto a physical medium.

(134) (3) Albert enters the public keys and the required number of signatures into the software that generates the address. Albert verifies that the address is the same as that inscribed by Alice onto the physical medium.

(135) (4) The second entity verifies that the address inscribed onto the physical medium matches the public keys inscribed onto the n physical media as well as the number s of signatures required.

(136) The phase of recovering cryptocurrency tokens deposited at the multi-signature address requires the same steps of the preferred embodiment presented in detail above in FIG. 1.

(137) In the case of an s-of-n multi-signature address, these steps must be carried out by s owners of physical media whose public keys were used to generate the multi-signature address.

(138) That is to say if there are three physical media and the multi-signature address requires two out of three signatures, steps (13), (14) and (15) must be carried out by two of the owners of the physical media. An additional step (16) is added, after the private keys have been recovered. The two owners of the physical media must generate a transaction (knowing the three public keys) and each of them must sign this transaction in order to transfer the cryptocurrency tokens.

(139) The present invention is in no way limited to the embodiments described by way of example and shown in the figures. Many modifications of details, shapes and dimensions can be made without departing from the scope of the invention. The present invention has been described in relation to specific embodiments, which have a purely illustrative value and should not be considered as limiting. For example, other uses of the method, system and physical medium of the invention are possible in industries such as automotive, luxury, shipping, real estate, legal, IP (Internet Protocol), etc. The reference numbers in the claims do not limit their scope.

Method and system for securely registering cryptographic keys on a physical medium for cryptographic keys, and physical medium produced

Assignee

Inventors

Cpc classification

Classification Explorer

G06Q20/3829

PHYSICS

Classification Explorer

H04L9/085

ELECTRICITY

Classification Explorer

H04L9/3236

ELECTRICITY

Classification Explorer

H04L9/3255

ELECTRICITY

Classification Explorer

G06Q20/3552

PHYSICS

Classification Explorer

G06Q30/0185

PHYSICS

Classification Explorer

G06Q20/3674

PHYSICS

Classification Explorer

H04L9/50

ELECTRICITY

Classification Explorer

H04L2209/56

ELECTRICITY

Classification Explorer

G06Q20/3678

PHYSICS

Classification Explorer

G06Q20/3672

PHYSICS

Classification Explorer

G06Q2220/00

PHYSICS

Classification Explorer

G06Q20/065

PHYSICS

Classification Explorer

H04L9/10

ELECTRICITY

Classification Explorer

H04L9/0894

ELECTRICITY

Classification Explorer

H04L9/0897

ELECTRICITY

International classification

Classification Explorer

H04L9/08

ELECTRICITY

Classification Explorer

G06Q20/36

PHYSICS

Classification Explorer

G06Q30/00

PHYSICS

Classification Explorer

H04L9/32

ELECTRICITY

Classification Explorer

H04L9/10

ELECTRICITY

Abstract

Claims

Description