New pending patent applications are published by the USPTO on Thursdays. We continue the theme of blockchain (distributed ledger, smart contracts) and DRM broadly construed. The first of today's Spotlight Applications discloses techniques for key distribution in a distributed computing environment. Assigned to Wal-Mart, the second application discloses techniques for verifying authenticity of computer readable information using the blockchain.
20180183774, "Key distribution in a distributed computing environment," assigned to Amazon.
A key distribution service operated by a signature authority distributes one-time-use cryptographic keys to one or more delegates that generate digital signatures on behalf of the signature authority. The key distribution service uses a root seed value to generate subordinate seeds. The subordinate seeds are used to generate a set of cryptographic keys. Hashes are generated for each key, and the hashes are arranged into a Merkle tree with a root hash controlled by the signature authority. In response to a request from a delegate, the signature authority provides a subordinate seed to the delegate. The delegate uses the subordinate seed to generate one or more cryptographic keys. The cryptographic keys are used to generate digital signatures which are verifiable up to the root hash of the Merkle tree. Additional subordinate seeds may be distributed to entities by the signature authority when appropriate.
20180183606, "Verifying authenticity of computer readable information using the blockchain," assigned to Wal-Mart.
A method for ensuring that a computer readable information is authentic, including: generating a public key associated with the computer readable information, hashing the computer readable information to obtain a hashed computer readable information, encrypting the hashed computer readable information with a private key to create a digital signature, wherein the hashed computer readable information and the digital signature are stored on a block of a blockchain, authenticating the user computing device in response to a request from the user computing device to download the computer readable information, transmitting the public key and the digital signature to an authenticated user computing device, and instructing the authenticated user computing device to decrypt the digital signature using the public key to obtain the hashed computer readable information, and download the hashed computer readable information to the authenticated user computing system to retrieve the computer readable information.