Computer system employing a split-secret cryptographic key linked to a password-based cryptographic key security scheme
First Claim
Patent Images
1. A cryptographic system in a computer system, comprising:
- at least one server; and
at least one secret value including a master key, the master key being split into two or more parts wherein fewer than all the parts are required for reassembling the master key, the parts being encrypted by a password-derived or token-based key, each part being associated with a password wherein the at least one server can update the master key by requiring only some of the passwords to be revealed.
4 Assignments
0 Petitions
Accused Products
Abstract
In computer environments where passwords are used to compute retained secrets by methods such as password-based encryption, a need often arises to update these secrets. Retaining the password value, or the keys computed from the password, would be unwise; and requiring each password owner to type in their password would be cumbersome. The present invention describes a method that allows a fully operational system to modify the retained secrets without retaining passwords or requiring human intervention.
-
Citations
7 Claims
-
1. A cryptographic system in a computer system, comprising:
-
at least one server; and
at least one secret value including a master key, the master key being split into two or more parts wherein fewer than all the parts are required for reassembling the master key, the parts being encrypted by a password-derived or token-based key, each part being associated with a password wherein the at least one server can update the master key by requiring only some of the passwords to be revealed. - View Dependent Claims (2, 3, 4)
-
-
5. A method used in a cryptographic system, comprising:
-
providing at least one secret value including a master key;
splitting the master key into two or more parts wherein fewer than all the parts are required for reassembling the master key; and
encrypting the parts by a password-derived or token-based key, each part being associated with a password, wherein the master key can be reassembled by requiring only some of the passwords to be revealed. - View Dependent Claims (6, 7)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
Original AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
InventorsKurn, David Michael
-
Application NumberUS09/735,215Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current380/281CPC Class CodesH04L 2209/56 Financial cryptography, e.g...H04L 63/062 for key distribution, e.g. ...H04L 9/083 involving central third par...H04L 9/085 Secret sharing or secret sp...
