GENERATING A SECURE SIGNATURE UTILIZING A PLURALITY OF KEY SHARES
First Claim
1. A method for a device of a distributed storage network (DSN) to generate a secure signature on an item without a locally stored private key of the device, the method comprises:
- selecting a first key representation index of a set of key representation indexes,wherein the first key representation index includes information regarding a first key representation of a set of key representations,wherein a first mathematical encoding of the private key generates a first plurality of key shares as the first key representation, which is stored in a first set of dispersed storage (DS) units of the DSN, and a second mathematical encoding of the private key generates a second plurality of key shares as a second key representation of the set of key representations, which is stored in a second set of dispersed storage (DS) units of the DSN;
determining whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of the first set of DS units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions; and
when the first plurality of signature contributions have been received, generating the secure signature on the item from the first plurality of signature contributions.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a module to generate a secure signature on an item by selecting a first key representation index of a set of key representation indexes, wherein a first mathematical encoding of a private key generates a first plurality of key shares as a first key representation. The method continues with the module determining whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of a first set of dispersed storage (DS) units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions and when the first plurality of signature contributions have been received, generating the secure signature on the item from the first plurality of signature contributions.
57 Citations
18 Claims
-
1. A method for a device of a distributed storage network (DSN) to generate a secure signature on an item without a locally stored private key of the device, the method comprises:
-
selecting a first key representation index of a set of key representation indexes, wherein the first key representation index includes information regarding a first key representation of a set of key representations, wherein a first mathematical encoding of the private key generates a first plurality of key shares as the first key representation, which is stored in a first set of dispersed storage (DS) units of the DSN, and a second mathematical encoding of the private key generates a second plurality of key shares as a second key representation of the set of key representations, which is stored in a second set of dispersed storage (DS) units of the DSN; determining whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of the first set of DS units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions; and when the first plurality of signature contributions have been received, generating the secure signature on the item from the first plurality of signature contributions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A module to enable a device of a distributed storage network (DSN) to generate a secure signature on an item without a locally stored private key of the device, the module comprises:
-
a first module operable to select a first key representation index of a set of key representation indexes, wherein the first key representation index includes information regarding a first key representation of a set of key representations, wherein a first mathematical encoding of the private key generates a first plurality of key shares as the first key representation, which is stored in a first set of dispersed storage (DS) units of the DSN, and a second mathematical encoding of the private key generates a second plurality of key shares as a second key representation of the set of key representations, which is stored in a second set of dispersed storage (DS) units of the DSN; a second module operable to determine whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of the first set of DS units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions; and when the first plurality of signature contributions have been received, a third module operable to generate the secure signature on the item from the first plurality of signature contributions. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification