System and method for processing a shared secret
First Claim
1. In a network comprising a number of computing devices, each arranged to securely store at least one share in a secret k for which n shares are required to reconstruct the secret and to which access to a number m of said shares can be reliably provided at any given time, a method of constructing shares in a secret comprising the steps of:
- determining n shares for an n-of-n secret sharing scheme, each share comprising a value y;
storing at least some of said shares in said computing devices such that at least m of said n shares are reliably accessible;
determining the shared secret k according to said shares y;
characterised by m being less than n and by the steps of;
determining a further (n-m) shares consistent with the shared secret k and the shares y; and
storing the additional shares in a reliably accessible location.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of constructing shares in a secret is disclosed. The method operates in a network comprising a number of computing devices, each arranged to securely store at least one share in the secret k for which n shares are required to reconstruct the secret and to which access to a number m of the shares can be reliably provided at any given time. The method comprises the steps of: determining n shares for an n-of-n secret sharing sheme, each share comprising a value y; storing at least some of the shares in the computing devices such that at least m of the n shares are reliably accessible; determining the shared secret k according to the shares y; determining a further (n-m) shares consistent with the shared secret k and the shares y; and storing the additional shares in a reliably accessible location.
77 Citations
10 Claims
-
1. In a network comprising a number of computing devices, each arranged to securely store at least one share in a secret k for which n shares are required to reconstruct the secret and to which access to a number m of said shares can be reliably provided at any given time, a method of constructing shares in a secret comprising the steps of:
-
determining n shares for an n-of-n secret sharing scheme, each share comprising a value y;
storing at least some of said shares in said computing devices such that at least m of said n shares are reliably accessible;
determining the shared secret k according to said shares y;
characterised by m being less than n and by the steps of;
determining a further (n-m) shares consistent with the shared secret k and the shares y; and
storing the additional shares in a reliably accessible location. - View Dependent Claims (8, 10)
-
-
2. In a network comprising a number of computing devices, each arranged to securely store at least one share in a secret k for which n shares are required to reconstruct the secret and to which access to a number m of said shares can be reliably provided at any given time, a method of reconstructing said secret comprising the steps of:
-
securely obtaining m shares from one or more secret share holders including at least one of said computing devices;
characterised by m being less than n and by the steps of;
obtaining (n-m) shares from a reliably accessible location; and
constructing the shared secret k according to said obtained shares. - View Dependent Claims (3, 4, 5, 9)
-
-
6. Apparatus for constructing shares in a secret and operable within a network comprising a number of computing devices, each arranged to securely store at least one share in a secret k for which n shares are required to reconstruct the secret and to which access to a number m of said shares can be reliably provided at any given time, comprising:
-
means for determining n shares for an n-of-n secret sharing scheme, each share comprising a value y;
means for causing at least some of said shares to be stored in said computing devices such that at least m of said n shares are reliably accessible;
means for determining the shared secret k according to said shares y;
characterised by m being less than n and by;
means for determining a further (n-m) shares consistent with the shared secret k and the shares y; and
means for causing the additional shares to be stored in a reliably accessible location.
-
-
7. Apparatus for reconstructing a secret and operable in a network comprising a number of computing devices, each arranged to securely store at least one share in a secret k for which n shares are required to reconstruct the secret and to which access to a number m of said shares can be reliably provided at any given time, comprising:
-
means for securely obtaining m shares from one or more secret share holders including at least one of said computing devices;
characterised by m being less than n and by;
means for obtaining (n-m) shares from a reliably accessible location; and
means for constructing the shared secret k according to said obtained shares.
-
Specification