Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
First Claim
1. A computer-implemented method of determining, at a first node (C), a common secret (CS) that is common with the first node (C), and a second node (S), wherein the first node (C) is associated with a first asymmetric cryptography pair of a cryptography system having a homomorphic property, the first asymmetric cryptography pair having a first node master private key (V1C) and a first node master public key (P1C), and the second node (S) is associated with a second asymmetric cryptography pair of the cryptography system, the second asymmetric cryptography pair having a second node master private key (V1S) and a second node master public key (P1S), wherein the first node master public key and second node master public key are based on encryption of respective first node master private key and second node master private key using the cryptography system common with the first and second nodes, and wherein the method comprises:
- determining a first node second private key (V2C) based on at least the first node master private key (V1C) and a deterministic key (DK) common with the first and second nodes;
determining a second node second public key (P2S) based on at least the second node master public key (P1S) and encryption of the deterministic key (DK) using the common cryptography system; and
determining the common secret (CS) based on encryption of the first node second private key (V2C), using the common cryptography system, and the second node second public key (P2S),wherein the second node (S) has the same common secret (S) based on a first node second public key (P2C) and encryption of a second node second private key (V2S) using the common cryptography system, wherein;
the first node second public key (P2C) is based on at least the first node master public key (P1C) and encryption of the deterministic key (DK) using the common cryptography system; and
the second node second private key (V2S) is based on at least the second node master private key (V1S) and the deterministic key (DK).
3 Assignments
0 Petitions
Accused Products
Abstract
A method (300) and system (1) of determining a common secret for two nodes (3, 7). Each node (3, 7) has a respective asymmetric cryptography pair, each pair including a master private key and a master public key. Respective second private and public keys may be determined based on the master private key, master public key and a deterministic key. A common secret may be determined at each of the nodes based on the second private and public keys. In one example, a node (3, 7) may determine the common secret based on (i) a second private key based on the node'"'"'s own master private key and the deterministic key; and (ii) a second public key based on the other node'"'"'s master public key and the deterministic key. The invention may be suited for use with, but not limited to, digital wallets, blockchain (e.g. Bitcoin) technologies and personal device security.
93 Citations
47 Claims
-
1. A computer-implemented method of determining, at a first node (C), a common secret (CS) that is common with the first node (C), and a second node (S), wherein the first node (C) is associated with a first asymmetric cryptography pair of a cryptography system having a homomorphic property, the first asymmetric cryptography pair having a first node master private key (V1C) and a first node master public key (P1C), and the second node (S) is associated with a second asymmetric cryptography pair of the cryptography system, the second asymmetric cryptography pair having a second node master private key (V1S) and a second node master public key (P1S), wherein the first node master public key and second node master public key are based on encryption of respective first node master private key and second node master private key using the cryptography system common with the first and second nodes, and wherein the method comprises:
-
determining a first node second private key (V2C) based on at least the first node master private key (V1C) and a deterministic key (DK) common with the first and second nodes; determining a second node second public key (P2S) based on at least the second node master public key (P1S) and encryption of the deterministic key (DK) using the common cryptography system; and determining the common secret (CS) based on encryption of the first node second private key (V2C), using the common cryptography system, and the second node second public key (P2S), wherein the second node (S) has the same common secret (S) based on a first node second public key (P2C) and encryption of a second node second private key (V2S) using the common cryptography system, wherein; the first node second public key (P2C) is based on at least the first node master public key (P1C) and encryption of the deterministic key (DK) using the common cryptography system; and the second node second private key (V2S) is based on at least the second node master private key (V1S) and the deterministic key (DK). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 47)
-
-
26. A system for determining a common secret between a first node (C) and a second node (S), wherein:
-
the first node (C) is associated with a first asymmetric cryptography pair of a cryptography system having a homomorphic property, the first asymmetric cryptography pair having a first node master private key (V1C) and a first node master public key (P1C), and the second node (S) is associated with a second asymmetric cryptography pair of the cryptography system, the second asymmetric cryptography pair having a second node master private key (V1S) and a second node master public key (P1S), wherein the first node master public key and second node master public key are based on encryption of respective first node master private key and second node master private key using the cryptography system common with the first and second nodes, and the system comprising; a first processing device, associated with the first node (C), configured to; determine a first node second private key (V2C) based on at least the first node master private key (V1C) and a deterministic key (DK) common with the first and second nodes; determine a second node second public key (P2S) based on at least the second node master public key (P1S) and encryption of the deterministic key (DK) using the common cryptography system; and determine the common secret (CS) based on encryption of the first node second private key (V2C), using the common cryptography system, and the second node second public key (P2S); and a second processing device, associated with the second node (S), configured to; determine a first node second public key (P2C) based on at least the first node master public key (P1C) and encryption of the the deterministic key (DK) using the common cryptography system; and determine a second node second private key (V2S) based on at least the second node master private key (V1S) and the deterministic key (DK); determine the common secret based on the first node second public key (P2C) and encryption of a second node second private key (V2S) using the common cryptography system, wherein the first processing device and the second processing device determine the same common secret. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
Specification