DISTRIBUTED LEDGER BASED CRYPTOGRAPHIC SYSTEMS AND METHODS FOR IMPROVING DATA INTEGRITY

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Election/Restrictions Restriction is withdrawn due to applicant amendments. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-4,8-16 are rejected under 35 U.S.C. 103 as being unpatentable over RUECKRIEMEN (US 20210273819 A1) in view of Tran et al(US 20180117447 A1:IDS supplied) With regards to claim 1, RUECKRIEMEN discloses, A distributed ledger based cryptographic method for a network node manager to improve data integrity (FIG 1A, 1B and associated text;), comprising: receiving, from a data recording device managed by a user, an original device certificate signed by a manufacturer of the data recording device (Rueckriemen [0054] capturing the machine-readable code of the issued vehicle certificate with a reader of a checking computer system, [0247] This machine-readable code identifies the program module assigned to the vehicle and provides a private cryptographic key of an asymmetric key pair for reading the current values for the data in the vehicle certificate. By capturing the machine-readable code, the private cryptographic key may be extracted and used as proof of a read authorisation to read the corresponding values from the blockchain. [0219] This means that the program module 206 may be assigned to the vehicle manufacturer for personalisation, who from now on has the right of disposal of the program module 206, as he also does for the vehicle produced by him. The authenticity of the asymmetric key pair assigned to the vehicle manufacturer may also be proven by a certificate and/or a corresponding PKI. ), and a commitment stored in a distributed integrity ledger for verifying authenticity of a data piece recorded by the data recording device ([0074] The method for the tamper-proof saving of vehicle data of the vehicle comprises: [0075] receiving vehicle data of the vehicle by the vehicle computer system, [0076] creating a second data record for entry in the blockchain, wherein the second data record comprises the vehicle data of the vehicle and identifies the program module assigned to the vehicle, [0077] signing the second data record by the vehicle computer system with the private fourth cryptographic key, [0078] sending the signed second data record by the vehicle computer system via the mobile communications network to one of a plurality of blockchain servers of a blockchain network, the blockchain servers being configured to create additional blocks for the blockchain [0015-16] comprises a second private cryptographic key of a second asymmetric key pair, wherein a second public cryptographic key of the second asymmetric key pair is identified in the blockchain as a check value for checking a signature of a read request for reading vehicle data of the vehicle certificate from the blockchain. Note: checking signature with publics key verify authenticity data); verifying the original device certificate ([0012] executing, by the blockchain server, the second program instructions of the program module identified by the output instruction, wherein the execution of the second program instructions comprises checking the signature of the output instruction using the first public cryptographic key ;[0249] in block 958 a check of the vehicle certificate is carried out. For example, the vehicle data according to the vehicle certificate is compared with the read vehicle data. If there is a match, the vehicle certificate is valid; if there are discrepancies, the vehicle certificate is invalid. Pls see also [0106]); and RUECKRIEMEN does not exclusively but Tran teaches, a commitment generated by using a commitment string to lock a data signature (Tran[416-419] The access right may control the ability of a user or IOT device to access an application programming interface (API). The access right may control access to a particular file or set of files; for instance, the access right may lock access to confidential information, or information that could be used for identity theft, such as passport, social security, birth certificate data, permit data, data concerning licenses, data concerning escrowed property, legal documents such as wills, settlements or divorce decrees, or electronic access to physically locked devices such as safe-deposit boxes or the doors to vehicles or buildings. [0419] 4. A method according to claim 1, wherein receiving further comprises: transmitting a challenge to the first entity, and receiving a digital signature signing the challenge. Note: challenge(nonce) as commitment string , digital signature signed challenge locking the commitment ) verifying a user identification or generating the user identification in a distributed identity ledger (0125] Public keys are freely shared among nodes in the peer-to-peer network, for example by broadcasting one or more key-exchange messages. The transaction message, in various embodiments, is digitally signed by the sender's private key to authenticate the sender's identity to the network nodes, e.g., by decrypting the sender's digitally signed transaction message using the sender's public key to verify that the sender originated the transaction.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify RUECKRIEMEN’s method with teaching of Tran in order to facilitate secure operation by using Blockchain (Tran Abstract) With regards to claim 2, RUECKRIEMEN further discloses, generating an encryption private key and the encryption public key for the data recording device ([0035] Asymmetric key pairs are used for a variety of cryptosystems and also play an important role in the signature of electronic documents. An asymmetric key pair consists of a public key, which is used to encrypt and/or decrypt data and which may be passed on to third parties, for example to a service provider, and a private key, which is used to encrypt and/or decrypt data and which usually has to be kept secret. The public key enables anyone to encrypt data for the holder of the private key, to check digital signatures of his documents or to authenticate himself. A private key enables its holder to decrypt data encrypted with the public key or to create digital signatures for electronic documents. A signature created with a private key may be verified with the corresponding public key.). With regards to claim 3, RUECKRIEMEN further discloses, generating a user's device credential comprising an encryption public key, and a proof for the user's device credential ([0006]; By executing the first program instructions, an entry which contains vehicle data of the vehicle and which is assigned to the program module is generated in the blockchain, and, by executing the second program instructions, a vehicle certificate containing a first data record characterising the vehicle is created. The first data record comprises vehicle data saved in an entry of the blockchain assigned to the program module. The program module is assigned to a first public cryptographic key of a first asymmetric key pair of a first vehicle owner and a private cryptographic key of the first asymmetric key pair is saved in a memory of a computer system of a first owner of the vehicle. [0004] The object of the invention is therefore to provide an efficient and secure method for the tamper-proof creation of a vehicle certificate for a vehicle.). With regards to claim 4, 11, 16, RUECKRIEMEN in view of Tran further discloses, wherein the data recording device is a digital video recorder (Tran [0189] Particularly, the service or item may be a digital media item or analogue media item. In cases where the media item is in a digital form, it may be, among many others, one or more video files, one or more audio files, one or more electronic document files, one or more electronic books, one or more textual media files, one or more computer program files, computer gaming files or data, streaming media, and one or more image files. In cases where the media item is in analogue form, it may, for example, be one or more video recordings or one or more audio recordings. The media item may be textual media such as hypertexts, multimedia, digital art, e-mail, and the like.). Motivation would be same as stated in claim 1. With regards to claim 8, RUECKRIEMEN discloses A distributed ledger based cryptographic method for a data recording device to improve data integrity (FIG 1A and associated text;), comprising: signing a data piece recorded by the data recording device to generate a data signature ([0074] The method for the tamper-proof saving of vehicle data of the vehicle comprises: [0075] receiving vehicle data of the vehicle by the vehicle computer system, [0076] creating a second data record for entry in the blockchain, wherein the second data record comprises the vehicle data of the vehicle and identifies the program module assigned to the vehicle, [0077] signing the second data record by the vehicle computer system with the private fourth cryptographic key, [0078] sending the signed second data record by the vehicle computer system via the mobile communications network to one of a plurality of blockchain servers of a blockchain network, the blockchain servers being configured to create additional blocks for the blockchain Note: signing vehicle data as commitment and stored in distributed ledger); generating a commitment string which is a random number ([0226] For example, the vehicle computer system 100 or an authenticating electronic component generates a random number, in particular a pseudo-random number, which is encrypted with the public cryptographic key 152, 172, 192 of the electronic components 140, 160, 180 to be authenticated and sent via the network 276 to the corresponding electronic components 140, 160, 180 to be authenticated, for example the electronic component 140. Note: random number as “commitment string”, encrypted random number as “commitment”); generating a commitment to lock the data signature with the commitment string([0231] For example, to perform mutual cryptographic authentication, the vehicle computer system and/or the workshop's computer system generates a random number, in particular a pseudo-random number. The pseudo-random number(s) are exchanged between the vehicle computer system and the workshop's computer system in encrypted form using the corresponding private cryptographic key of the vehicle computer system and/or the workshop's computer system. In addition, the encrypted pseudo-random number is accompanied by a certificate containing the public key for decrypting the pseudo-random number. Therefore, the vehicle computer system and/or the workshop's computer system may be authenticated by the possession of the corresponding private key. Note:by decrypting with public key verify authenticity of commitment string )and RUECKRIEMEN does not but Tran discloses, storing the commitment in a distributed integrity ledger maintained by a first distributed transaction consensus network through a network node manager ( [00225]-[0226] Based on the orders, the described technology generates the appropriate transaction messages, which are broadcast to the network for authentication and verification. Once each transaction is sent to the network, in one or more embodiments, settlement is immediate; therefore, each trader must be prepared to make the trade arm. l have the assurance that the other trader is prepared to do the same. Various techniques are used by the described technology to coordinate the processes of trading Blockchain tokens for cryptographic currency (e.g., tokens) and/or for other Blockchain tokens. The described technology, in various embodiments, implements an atomic commitment protocol, such as a two-phase commitment protocol, to ensure that both traders are ready to send their respective transaction messages. A coordinator of the two-phase commitment is, in some embodiments, a trusted node, for example a node that both traders mutually agree to have act as coordinator (including each other). [0828] "Pubkey scripts and signature scripts combine secp256k1 pubkeys and signatures with conditional logic, creating a programmable authorization mechanism.); providing, to the network node manager, a device signing public key previously stored in the data recording device ([0234] FIG. 13G is a diagram 320 depicting an example transaction message 322. Transaction messages 322 are used by the system for changing Blockchain token 329 ownership. A transaction message 322 includes a transaction 303 and the sender's digital signature 332 of the transaction 323. The transaction 303 includes the recipient's address 324 (e.g., a hash value based on the receiver's public key), the Blockchain token 309 (i.e., a stock ID 328 and its position 326), past ownership information 331 (if any), and optional other information 310 (e.g., a market order type to indicate whether the transaction is to buy or sell a Blockchain token 329). The transaction 323 is digitally signed by the sender's private key to create a digital signature 332 for verifying the sender's identity to the network nodes. The network nodes decrypt the digital signature 332, via the sender's previously exchanged public key, and compare the unencrypted information to the transaction 323. If they match, the sender's authenticity is verified and, after a proper chain of ownership is verified via the ledgers (as explained above), the receiver is recorded in the ledgers as the new Blockchain token 329 owner.); and receiving, from the network node manager, an encryption public key and a user identification recorded in a distributed identity ledger maintained by a second distributed transaction consensus network ([0234]; The transaction 303 includes the recipient's address 324 (e.g., a hash value based on the receiver's public key), the Blockchain token 309 (i.e., a stock ID 328 and its position 326), past ownership information 331 (if any), and optional other information 310 (e.g., a market order type to indicate whether the transaction is to buy or sell a Blockchain token 329). The transaction 323 is digitally signed by the sender's private key to create a digital signature 332 for verifying the sender's identity to the network nodes. The network nodes decrypt the digital signature 332, via the sender's previously exchanged public key, and compare the unencrypted information to the transaction 323. If they match, the sender's authenticity is verified and, after a proper chain of ownership is verified via the ledgers (as explained above), the receiver is recorded in the ledgers as the new Blockchain token 329 owner.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify RUECKRIEMEN’s method with teaching of Tran in order to facilitate secure operation by using Blockchain (Tran Abstract) With regards to claim 9, RUECKRIEMEN in view of Tran discloses, providing, to a manufacturer of the data recording device, an original device certificate stored in the data recording device (Tran 0248] "Identities can be protected in a blockchain-based system, while still transferring other salient information. For example, manufacturers in the middle of the supply chain can securely pass a certificate with full authenticity downstream while keeping their identity private.); receiving, from the manufacturer of the data recording device, an updated device certificate, including the user identification and the encryption public key (para [0248] "Identities can be protected in a blockchain-based system, while still transferring other salient information. For example, manufacturers in the middle of the supply chain can securely pass a certificate wlth full authenticity downstream while keeping their identity private. " par a [0330] " A user; e.g. patient equipped with the appropriate application on a portable or handheld device can scan the certificate, mark, or seal and be provided with notifications regarding; A user; e.g. patient equipped with the appropriate application on a portable or handheld device and having the certification system can receive updated information (as a subscriber in a client/server relationship) on a continuing or as needed ad hoc basis (as permitted)"), including the user identification and the encryption public key (para [0227] "Public keys are freely shared among nodes in the peer-to-peer network, for example by broadcasting one or more key exchange messages. The transadiur1 message, In various embodiments, is digitally signed by the sender's private key to authenticate the sender's identity to the network nodes, e.g., by decrypting the sender's digitally signed transaction message using the sender's public key to verify that the sender originated the transaction."), signed by the manufacturer (Tran 0248] "Identities c-.;in be protected in a blockchain-bosod system, while still transferring other salient Information. For example, manufacturers in the middle of the supply chain can securely pass a certificate with full authenticity downstream while keeping their identity private. "); and wherein the device signing public key are provided to the network node manager through the manufacturer and the encryption public key and the user identification are received from the network node manager through the manufacturer (para [0248] "Identities can be protected in a blockchain-based system, while still transferring other salient information. For example, manufacturers in the middle of the supply chain can securely pass a certificate with full authenticity downstream while keeping their identity private. For customers, the described system provides the ability to check important attributes of purchased goods without necessarily seeing the full intricacies of the supply chain that created them. The system also allows for the trusted proof of ownership thanks to Public-Private Key Infrastructure (see box) without revealing their identity of owners to the system. In fact, customers can even use the system to sell a good on a secondary market, allowing the chain to continue post sale throughout the product lifecycle). With regards to claim 10, RUECKRIEMEN in view of Tran discloses, generating a data encryption key for a data piece (RUECKRIEMEN 0035] Asymmetric key pairs are used for a variety of cryptosystems and also play an important role in the signature of electronic documents. An asymmetric key pair consists of a public key, which is used to encrypt and/or decrypt data and which may be passed on to third partie); encrypting the data piece with the data encryption key (RUECKRIEMEN 0035] Asymmetric key pairs are used for a variety of cryptosystems and also play an important role in the signature of electronic documents. An asymmetric key pair consists of a public key, which is used to encrypt and/or decrypt data and which may be passed on to third partie); encrypting the data encryption key with the encryption public key (Tran [0234]; The transaction 303 includes the recipient's address 324 (e.g., a hash value based on the receiver's public key), the Blockchain token 309 (i.e., a stock ID 328 and its position 326), past ownership information 331 (if any), and optional other information 310 (e.g., a market order type to indicate whether the transaction is to buy or sell a Blockchain token 329). The transaction 323 is digitally signed by the sender's private key to create a digital signature 332 for verifying the sender's identity to the network nodes. The network nodes decrypt the digital signature 332, via the sender's previously exchanged public key, and compare the unencrypted information to the transaction 323. If they match, the sender's authenticity is verified and, after a proper chain of ownership is verified via the ledgers (as explained above), the receiver is recorded in the ledgers as the new Blockchain token 329 owner.); generating a data signature by signing the data piece with a device signing private key (RUECKRIEMEN [0074] The method for the tamper-proof saving of vehicle data of the vehicle comprises: [0075] receiving vehicle data of the vehicle by the vehicle computer system, [0076] creating a second data record for entry in the blockchain, wherein the second data record comprises the vehicle data of the vehicle and identifies the program module assigned to the vehicle, [0077] signing the second data record by the vehicle computer system with the private fourth cryptographic key, [0078] sending the signed second data record by the vehicle computer system via the mobile communications network to one of a plurality of blockchain servers of a blockchain network, the blockchain servers being configured to create additional blocks for the blockchain Note: signing vehicle data as commitment and stored in distributed ledger); generating a commitment string (RUECKRIEMEN [0226] For example, the vehicle computer system 100 or an authenticating electronic component generates a random number, in particular a pseudo-random number, which is encrypted with the public cryptographic key 152, 172, 192 of the electronic components 140, 160, 180 to be authenticated and sent via the network 276 to the corresponding electronic components 140, 160, 180 to be authenticated, for example the electronic component 140. Note: random number as “commitment string”, encrypted random number as “commitment”); generating a commitment to be recorded in a distributed integrity ledger maintained by a first distributed transaction consensus network, by providing the data signature and the commitment string (Tran para [00225]-[0226] "Based on the orders, the described technology generates the appropriate transaction messages, which are broadcast to the network for authentication and verification. Once each transaction is sent to the network, in one or more embodiments, settlement is immediate; therefore, each trader must be prepared to make the trade and have the assurance that the other trader is prepared to do the same. Various techniques are used by the described technology to coordinate the processes of trading Blockchain tokens for cryptographic currency (e.g., tokens) and/or for other Blockchain tokens. The described technology, in various embodiments, implements an atomic commitment protocol, such as a twophase commitment protocol, to ensure that both traders are ready to send their respective transaction messages. A coordinator of the twophase commitment is, in some embodiments, a trusted node, for example a node that both traders mutually agree to have act as coordinator (including each other).); and generating a commitment signature by signing the commitment with the device signing private key (Tran[0227] Blockchain stock ownership is transferred via one or more transaction messages. A transaction message includes a transaction and a digital signature. The transaction includes, for example, the Blockchain token, the receiver's (i.e., the new owner's) electronic address, and, in some embodiments, ownership history (i.e., a record of previous Blockchain token ownership used by the network to verify proper chain of title). Addresses are based, in various embodiments, on one or more cryptographic protocols (e.g., public-key cryptography). Public-key cryptography requires two separate keys, one of which is secret (i.e., a private key) and one of which is public (i.e., a public key)….. The transaction message, in various embodiments, is digitally signed by the sender's private key to authenticate the sender's identity to the network nodes, e.g., by decrypting the sender's digitally signed transaction message using the sender's public key to verify that the sender originated the transaction.). With regards to claim 12, RUECKRIEMEN, A distributed ledger based cryptographic method for a verifier to improve data integrity, comprising: receiving an encrypted data piece ([0094]; According to embodiments, the user authenticates himself to the vehicle with an ID token. The information summarised as an entry in the logbook is, for example, transmitted in fully or at least partially encrypted form to the blockchain and entered there. The encryption is carried out, for example, with a private or public cryptographic key of an asymmetric key pair which is assigned to the logbook. [0243] In block 912, for example, the vehicle data of the vehicle may now be checked by a prospective buyer. According to embodiments, vehicle data which are not public are encrypted and entered in the blockchain.), a data encryption key ([0094]; The encryption is carried out, for example, with a private or public cryptographic key of an asymmetric key pair which is assigned to the logbook. Thus, only those who have the second key of the asymmetric key pair, i.e. the public or private cryptographic key, may read the contents of the logbook entries in decrypted form and in plain text. According to embodiments, timestamps and mileages are saved in unencrypted form, while personal data such as place of departure and/or destination, driver's name or purpose of the journey are encrypted ), a data signature of a data piece ([0010] sending the signed output instruction by the computer system of the first owner via a first network to a blockchain server from a plurality of blockchain servers of the blockchain network configured to execute the program instructions of the program module [0011] receiving the signed output instruction by the blockchain server, [0012] executing, by the blockchain server, the second program instructions of the program module identified by the output instruction, wherein the execution of the second program instructions comprises checking the signature of the output instruction using the first public cryptographic key and, in the case of a valid signature, creating the vehicle certificate), a commitment, and a commitment string from a data center (([0226] For example, the vehicle computer system 100 or an authenticating electronic component generates a random number, in particular a pseudo-random number, which is encrypted with the public cryptographic key 152, 172, 192 of the electronic components 140, 160, 180 to be authenticated and sent via the network 276 to the corresponding electronic components 140, 160, 180 to be authenticated, for example the electronic component 140. Note: random number as “commitment string”, encrypted random number as “commitment”) and a data encryption key from a user ([0220]; To prove the authenticity of a corresponding data record containing the vehicle data 610, 630, it may be signed with the private cryptographic key 606, 626. Furthermore, the program module 206 may be assigned in the blockchain, for example, to an address which corresponds to the public cryptographic key 608, 628 of the vehicle owner. ), wherein the data piece is recorded by a data recording device (Rueckriemen [0054] capturing the machine-readable code of the issued vehicle certificate with a reader of a checking computer system, [0247] This machine-readable code identifies the program module assigned to the vehicle and provides a private cryptographic key of an asymmetric key pair for reading the current values for the data in the vehicle certificate. By capturing the machine-readable code, the private cryptographic key may be extracted and used as proof of a read authorisation to read the corresponding values from the blockchain.), the commitment string is a random number (([0226] For example, the vehicle computer system 100 or an authenticating electronic component generates a random number, in particular a pseudo-random number, which is encrypted with the public cryptographic key 152, 172, 192 of the electronic components 140, 160, 180 to be authenticated and sent via the network 276 to the corresponding electronic components 140, 160, 180 to be authenticated, for example the electronic component 140. Note: random number as “commitment string”, encrypted random number as “commitment”), and decrypting the encrypted data piece with the data encryption key to obtain the data piece ([0035]; A private key enables its holder to decrypt data encrypted with the public key or to create digital signatures for electronic documents. A signature created with a private key may be verified with the corresponding public key.); verifying authenticity of the data piece by using the data signature and a device signing public key ([0035]; A private key enables its holder to decrypt data encrypted with the public key or to create digital signatures for electronic documents. A signature created with a private key may be verified with the corresponding public key.); and verifying the commitment by using the data signature ([234] According to embodiments, the blockchain may also comprise certificates which contain corresponding public cryptographic keys for checking signatures and prove their authenticity. According to embodiments, the authenticity of corresponding certificates is verified, for example, by a PKI provided by the blockchain. ) and the commitment string ([0226]; According to embodiments, the electronic component 140 encrypts the pseudo-random number with the public cryptographic key 108 of the vehicle computer system 100. The vehicle computer system 100 receives the pseudo-random number from the electronic component 140 and decrypts it with its private cryptographic key 106 if necessary. Only if the pseudo-random number received from the vehicle computer system 100 matches the originally transmitted random number, the electronic component 140 is authenticated to the vehicle computer system 100, whereupon its identification 170 may be queried.). RUECKRIEMEN does not but Tran discloses, the commitment is generated by locking the data signature with the commitment string (Tran [0419] 4. A method according to claim 1, wherein receiving further comprises: transmitting a challenge to the first entity, and receiving a digital signature signing the challenge. Note: challenge is random number, singing it commitment is generated ); verifying that the commitment is recorded in a distributed integrity ledger maintained by a first distributed transaction consensus network (Tran [0123-125] Blockchain token ownership is immediately transferred to a new owner after authentication and verification, based on network ledgers within a peer-to-peer network, guaranteeing nearly instantaneous execution and settlement Operating at the edge ensures much faster response times, reduced risks, and lower overall costs. Maintaining close proximity to the edge devices rather than sending all data to a distant centralized cloud, minimizes latency allowing for maximum performance, faster response times, and more effective maintenance and operational strategies The system can determine, via a two-phase commit, whether the virtual wallet has a sufficient quantity of Blockchain tokens to purchase virtual assets (such as electricity only from renewable solar/wind/ ... sources, weather data or location data) and physical asset (such as gasoline for automated vehicles) at the purchase price. In various embodiments, in response to verifying via the two-phase commit that the virtual wallet has a sufficient quantity of Blockchain tokens, the loT machine purchases (or initiates a process in furtherance of purchasing) the asset with at least one of the Blockchain tokens.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify RUECKRIEMEN’s method with teaching of Tran in order to facilitate secure operation by using Blockchain (Tran Abstract) With regards to claim 13 , RUECKRIEMEN in view of Tran discloses, receiving an authorization from a user of the data recording device or a data center storing the encrypted data piece, the commitment, the data signature, and the commitment string (Tran [0225] Based on the orders, the described technology generates the appropriate transaction messages, which are broadcast to the network for authentication and verification. [0226] Once each transaction is sent to the network, in one or more embodiments, settlement is immediate; therefore, each trader must be prepared to make the trade and have the assurance that the other trader is prepared to do the same. Various techniques are used by the described technology to coordinate the processes of trading Blockchain tokens for cryptographic currency (e.g., tokens) and/or for other Blockchain tokens. The described technology, in various embodiments, implements an atomic commitment protocol, such as a two-phase commitment protocol, to ensure that both traders are ready to send their respective transaction messages. A coordinator of the two-phase commitment is, in some embodiments, a trusted node, for example a node that both traders mutually agree to have act as coordinator (including each other) [0828] Pubkey scripts and signature scripts combine secp256k1 pubkeys and signatures with conditional logic, creating a programmable authorization mechanism.); and verifying the authorization with a user's signing public key or a data center's signing public key ([0416] 1. A method for authentication by an IOT device, the method comprising: receiving, by the IOT device, from a first entity a private key; retrieving from an audit chain a transaction to an address associated with a public key corresponding to the private key; and authenticating the first entity. Then the IOT device can securely update with code from the first entity, or receive data from the first entity.). Motivation would be same as stated in claim 12 With regards to claim 14, RUECKRIEMEN discloses, A data recording device (FIG 2A 100), comprising: a recording module for recording a data piece (FIG 2A 110 and associated text; [0261] 110 vehicle data); a memory module for storing an original device certificate signed by a manufacturer (Rueckriemen [0013] sending the vehicle certificate through the blockchain server to the computer system of the first owner, [0014] receiving the vehicle certificate by the computer system of the first owner, [0054] capturing the machine-readable code of the issued vehicle certificate with a reader of a checking computer system, [0247] This machine-readable code identifies the program module assigned to the vehicle and provides a private cryptographic key of an asymmetric key pair for reading the current values for the data in the vehicle certificate. By capturing the machine-readable code, the private cryptographic key may be extracted and used as proof of a read authorisation to read the corresponding values from the blockchain.) , a device signing public key (FIG 2A 108 and associated text; ), and a device signing private key (FIG 2A 108 and associated text;); and a processor module for generating a data encryption key (0035] Asymmetric key pairs are used for a variety of cryptosystems and also play an important role in the signature of electronic documents. An asymmetric key pair consists of a public key, which is used to encrypt and/or decrypt data and which may be passed on to third partie), a commitment string and a commitment([0226] For example, the vehicle computer system 100 or an authenticating electronic component generates a random number, in particular a pseudo-random number, which is encrypted with the public cryptographic key 152, 172, 192 of the electronic components 140, 160, 180 to be authenticated and sent via the network 276 to the corresponding electronic components 140, 160, 180 to be authenticated, for example the electronic component 140. Note: random number as “commitment string”, encrypted random number as “commitment” ) , encrypting the data piece with the data encryption key (0035] Asymmetric key pairs are used for a variety of cryptosystems and also play an important role in the signature of electronic documents. An asymmetric key pair consists of a public key, which is used to encrypt and/or decrypt data and which may be passed on to third partie), encrypting the data encryption key with the an encryption public key([0047] According to embodiments, the second private cryptographic key is encrypted with a third public cryptographic key of a third asymmetric key pair identified in the blockchain.), RUECKRIEMEN does not but Tran discloses, the commitment is generated by locking the data signature with the commitment string (Tran [0419] 4. A method according to claim 1, wherein receiving further comprises: transmitting a challenge to the first entity, and receiving a digital signature signing the challenge.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify RUECKRIEMEN’s method with teaching of Tran in order to facilitate secure operation by using Blockchain (Tran Abstract) With regards to claim 15, wherein the processor module generates a data signature by signing the data piece with the device signing private key ([0077] signing the second data record by the vehicle computer system with the private fourth cryptographic key,), a commitment string ([0226] For example, the vehicle computer system 100 or an authenticating electronic component generates a random number, in particular a pseudo-random number, which is encrypted with the public cryptographic key 152, 172, 192 of the electronic components 140, 160, 180 to be authenticated and sent via the network 276 to the corresponding electronic components 140, 160, 180 to be authenticated, for example the electronic component 140. Note: random number as “commitment string”, encrypted random number as “commitment”), and a commitment to lock the data signature ([0231] For example, to perform mutual cryptographic authentication, the vehicle computer system and/or the workshop's computer system generates a random number, in particular a pseudo-random number. The pseudo-random number(s) are exchanged between the vehicle computer system and the workshop's computer system in encrypted form using the corresponding private cryptographic key of the vehicle computer system and/or the workshop's computer system. In addition, the encrypted pseudo-random number is accompanied by a certificate containing the public key for decrypting the pseudo-random number. Therefore, the vehicle computer system and/or the workshop's computer system may be authenticated by the possession of the corresponding private key.). Allowable Subject Matter Claims 5-7 are allowed based on Prior art of search record. The following is an examiner' s statement of reasons for allowance: The prior art of record does not teach or fairly suggest in combination of steps as recited in the Applicant' s independent claims as amended, receiving, from a data recording device managed by a user, an updated device certificate signed by a manufacturer of the data recording device and a commitment generated to lock a data signature that is generated by signing a data piece recorded by the data recording device with a device signing private key, and a commitment signature generated by signing the commitment with the device signing private key; verifying the updated device certificate by using a manufacturer's signing public key; verifying the commitment by using the commitment signature; and recording, if when both verifications are valid, the commitment in a distributed integrity ledger maintained by a first distributed transaction consensus network. The dependent claims, being definite, further limiting, and fully enabled by the specification are also allowed. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987. The examiner can normally be reached 8.30 to 430 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at 1-571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498