Personal device security using elliptic curve cryptography for secret sharing
First Claim
1. A computer implemented method of encrypting data at an electronic device (S), the electronic device being associated with a key device (C), wherein the electronic device is further associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S), and the key device is associated with a second asymmetric cryptography pair having a first key device private key (V1C) and a first key device public key (P1C);
- the method comprising;
determining, at the electronic device, a deterministic key (DK);
receiving, at the electronic device, the first key device public key (P1C) from the key device;
determining, at the electronic device, a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK), anddetermining, at the electronic device, a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK);
determining a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C);
encrypting the data at the electronic device using the determined secret or an encryption key that is based on the determined secret; and
sending information indicative of the deterministic key (DK) to the key device where the information can be stored.
4 Assignments
0 Petitions
Accused Products
Abstract
A method (400) of encrypting data at an electronic device (3) where the electronic device is associated with a key device (5). Each device is associated with an asymmetric cryptography pair, each pair including a first private key and a first public key. Respective second private and public keys may be determined based on the first private key, first public key and a deterministic key. A secret may be determined based on the second private and public keys. The data at the electronic device (3) may be encrypted using the determined secret or an encryption key that is based on the secret. Information indicative of the deterministic key may be sent to the key device (5) where the information may be stored.
98 Citations
27 Claims
-
1. A computer implemented method of encrypting data at an electronic device (S), the electronic device being associated with a key device (C), wherein the electronic device is further associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S), and the key device is associated with a second asymmetric cryptography pair having a first key device private key (V1C) and a first key device public key (P1C);
- the method comprising;
determining, at the electronic device, a deterministic key (DK); receiving, at the electronic device, the first key device public key (P1C) from the key device; determining, at the electronic device, a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK), and determining, at the electronic device, a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK); determining a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C); encrypting the data at the electronic device using the determined secret or an encryption key that is based on the determined secret; and sending information indicative of the deterministic key (DK) to the key device where the information can be stored. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- the method comprising;
-
25. A computer system for encrypting data at an electronic device, the computer system comprising:
-
the electronic device being associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S); and a key device being associated with a second asymmetric cryptography pair having a first key device private key (V1C) and a first key device public key (P1C), wherein the electronic device comprises a processor configured to; determine a deterministic key (DK); receive the first key device public key (P1C) from the key device; determine a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK); determine a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK); determine a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C); and encrypt the data on the electronic device using the determined secret or an encryption key that is based on the determined secret; and wherein information indicative of the deterministic key (DK) is stored on the key device. - View Dependent Claims (26)
-
-
27. An electronic device for encrypting data, the electronic device being associated with a key device, wherein the electronic device is associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S), and the key device is associated with a second asymmetric cryptography pair having a first key device private key (V1C) and a first key device public key (P1C);
- the electronic device comprising a processing device configured to;
determine a deterministic key (DK); receive the first key device public key (P1C) from the associated key device; determine a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK); determine a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK); determine a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C); and encrypt the data on the electronic device using the determined secret or an encryption key that is based on the determined secret; wherein information indicative of the deterministic key (DK) is sent to the key device where it can be stored.
- the electronic device comprising a processing device configured to;
Specification