A METHOD FOR PROVIDING SECURITY USING SECURE COMPUTATION
First Claim
1. A method of securing data, the method comprising:
- dividing a secret key into a plurality of secret key shares;
storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers;
using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the secret key and to the secret key share stored in another of the servers; and
using the calculated value of the function to secure the data.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of securing data, the method comprising: dividing a secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers; using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the secret key and to the secret key share stored in another of the servers; and using the calculated value of the function to secure the data.
-
Citations
15 Claims
-
1. A method of securing data, the method comprising:
-
dividing a secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers; using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the secret key and to the secret key share stored in another of the servers; and using the calculated value of the function to secure the data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of authenticating a party for participation in an activity, the method comprising:
-
dividing a first secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server so that none of the servers has access to the secret key share stored in another of the servers; transmitting a challenge to the party and requesting that the party encrypt the challenge using a second key; receiving the encryption; using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the first secret key and to the secret key share stored in another of the servers; using the calculated value and the encryption to determine whether the second key is equal to the first key; and enabling the party to participate in the activity if and only if it was determined that the first and second keys are equal. - View Dependent Claims (11, 12)
-
-
13. Apparatus for authenticating access to data, the apparatus comprising:
-
a plurality of servers each having a different share of a same secret key; a password generated responsive to the secret key which if presented to a server of the plurality of servers allows access to the data; and an instruction set executable by a server of the plurality of servers to execute a secure computation protocol to determine responsive to all of the shares if a password received by a server was generated responsive to the secret key. - View Dependent Claims (14, 15)
-
Specification