GENERATING A SECURE SIGNATURE UTILIZING A PLURALITY OF KEY SHARES
First Claim
1. A method for a device of a distributed storage network (DSN) to generate a secure signature on an item without a locally stored private key of the device, the method comprises:
- selecting, by the device, a set of storage units of the DSN to perform the signature;
identifying, by the device and based on an association with the set of storage units, a key representation index for a key representation of the private key;
sending, by the device, a signature request, the key representation index, and an item to be signed to the set of storage units;
identifying, by each storage unit of the set of storage units, a key share of the key representation based on the key representation index;
generating, by each storage unit of the set of storage units, a signature contribution for the item to be signed using the key share; and
generating, by the device, a secure signature on the item based on the signature contributions of the set of storage units.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a module to generate a secure signature on an item by selecting a first key representation index of a set of key representation indexes, wherein a first mathematical encoding of a private key generates a first plurality of key shares as a first key representation. The method continues with the module determining whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of a first set of dispersed storage (DS) units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions and when the first plurality of signature contributions have been received, generating the secure signature on the item from the first plurality of signature contributions.
-
Citations
18 Claims
-
1. A method for a device of a distributed storage network (DSN) to generate a secure signature on an item without a locally stored private key of the device, the method comprises:
-
selecting, by the device, a set of storage units of the DSN to perform the signature; identifying, by the device and based on an association with the set of storage units, a key representation index for a key representation of the private key; sending, by the device, a signature request, the key representation index, and an item to be signed to the set of storage units; identifying, by each storage unit of the set of storage units, a key share of the key representation based on the key representation index; generating, by each storage unit of the set of storage units, a signature contribution for the item to be signed using the key share; and generating, by the device, a secure signature on the item based on the signature contributions of the set of storage units. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer readable storage medium comprises:
-
a first memory section storing operational instructions that, when executed by a computing device, causes the computing device to; select a set of storage units of the DSN to perform a secure signature on an item without the computing device having a locally stored private key; identify, based on an association with the set of storage units, a key representation index for a key representation of the private key; send a signature request, the key representation index, and an item to be signed to the set of storage units; a second memory section storing operational instructions that, when executed by a storage unit of the set of storage units, causes the storage unit to; identify a key share of the key representation based on the key representation index; generate a signature contribution for the item to be signed using the key share; and a third memory section storing operational instructions that, when executed by the computing device, causes the computing device to; generate a secure signature on the item based on the signature contributions of the set of storage units. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification