UTILIZING ERROR CORRECTION (ECC) FOR SECURE SECRET SHARING

US 20170250801A1
Filed: 09/24/2014
Published: 08/31/2017
Est. Priority Date: 09/24/2014
Status: Active Grant

First Claim

Patent Images

1. A method for utilizing error correction (ECC) for secure secret sharing, the method comprising:

computing an encrypted key using a key and a number of random values;

computing, based on a first error correction (ECC) scheme, an encrypted key ECC for the encrypted key and the random values; and

storing a number of key fragments on a number of storage servers, the number of key fragments comprising the encrypted key, the random values, and the encrypted key ECC.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Utilizing error correction (ECC) for secure secret sharing includes computing an encrypted key using a key and a number of random values, computing, based on a first ECC scheme, a key ECC for the encrypted key and the random values, and storing a number of key fragments on a number of storage servers, the number of key fragments includes the encrypted key, the random values, and the key ECC.

Citations

15 Claims

1. A method for utilizing error correction (ECC) for secure secret sharing, the method comprising:
- computing an encrypted key using a key and a number of random values;
  
  computing, based on a first error correction (ECC) scheme, an encrypted key ECC for the encrypted key and the random values; and
  
  storing a number of key fragments on a number of storage servers, the number of key fragments comprising the encrypted key, the random values, and the encrypted key ECC.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - computing an encrypted object with the key;
      
      computing, based on a second ECC scheme, an object ECC for the encrypted object; and
      
      storing a number of object fragments on the number of storage servers, the number of object fragments comprising the encrypted object and the object ECC.
  - 3. The method of claim 2, in which computing, based on the second ECC scheme, the object ECC for the encrypted object comprises:
    - receiving an object;
      
      encrypting the object with the key, the key randomly chosen using a high entropy random number generator to create the encrypted object; and
      
      calculating, based on the second ECC scheme, the object ECC for the encrypted object with the key, the object ECC enabling the encrypted object to be reconstructed from a threshold number of the storage servers.
  - 4. The method of claim 1, in which computing, based on the first ECC scheme, the encrypted key ECC for the encrypted key and the random values comprises:
    - selecting the number of random values using a high entropy random number generator, the number of random values being the same length as the key;
      
      computing, based on the random values and the key, an exclusive or (XOR) cipher to create the encrypted key;
      
      calculating the encrypted key ECC for the encrypted key, the encrypted key ECC enabling the encrypted key to be reconstructed from a threshold number of the storage servers;
      
      concatenating the encrypted key ECC to the encrypted key;
      
      calculating a random value ECC for each of the random values, the random value ECC enabling the random values to be reconstructed from the threshold number of the storage servers; and
      
      splitting the encrypted key, the encrypted key ECC, the number of random values, and the random value ECC into the number of key fragments.
  - 5. The method of claim 1, further comprising reconstructing an encrypted object, the encrypted key, and the random values from a threshold number of the storage servers.

6. The method of claim 6, in which reconstructing the encrypted object, the encrypted key, and the random values from the threshold number of the storage servers comprises:
- reconstructing the encrypted object from a number of object fragments from the threshold number of the storage servers;
  
  reconstructing the encrypted key from the number of key fragments from the threshold number of the storage servers;
  
  reconstructing the random values from the key fragments from the threshold number of the storage servers;
  
  decrypting, based on the encrypted key and the random values, the encrypted key to obtain the key; and
  
  decrypting the encrypted object using the key to obtain an object.

7. A system for utilizing error correction (ECC) for secure secret sharing, the system comprising:
- an encrypted key computing engine to compute an encrypted key using a key and a number of random values;
  
  an encrypted key error correction (ECC) computing engine to compute, based on a first ECC scheme, an encrypted key ECC for the encrypted key and the random values;
  
  a key fragment storing engine to store a number of key fragments on a number of storage servers, the number of key fragments comprising the encrypted key, the random values, and the encrypted key ECC;
  
  an encrypted object computing engine to compute an encrypted object with the key;
  
  an encrypted object ECC computing engine to compute, based on a second ECC scheme, an object ECC for the encrypted object;
  
  an object fragment storing engine to store a number of object fragments on the number of storage servers, the number of object fragments comprising the encrypted object and the object ECC; and
  
  a reconstructing engine to reconstruct the encrypted object, the encrypted key, and the random values from a threshold number of the storage servers.
- View Dependent Claims (8, 9, 10)
- - 8. The system of claim 7, in which the encrypted object ECC computing engine computes, based on the second ECC scheme, the object ECC for the encrypted object by:
    - receiving an object;
      
      encrypting the object with the key, the key randomly chosen using a high entropy random number generator to create the encrypted object; and
      
      calculating, based on the second ECC scheme, the object ECC for the encrypted object with the key, the object ECC enabling the encrypted object to be reconstructed from the threshold number of the storage servers.
  - 9. The system of claim 7, in which the encrypted key ECC computing engine computes, based on the first ECC scheme, the encrypted key ECC for the encrypted key and the random values by:
    - selecting the number of random values using a high entropy random number generator, the number of random values being the same length as the key;
      
      computing, based on the random values and the key, an exclusive or (XOR) cipher to create the encrypted key;
      
      calculating the encrypted key ECC for the encrypted key, the encrypted key ECC enabling the encrypted key to be reconstructed from a threshold number of the storage servers;
      
      concatenating the encrypted key ECC to the encrypted key;
      
      calculating a random value ECC for each of the random values, the random value ECC enabling the random values to be reconstructed from the threshold number of the storage servers; and
      
      splitting the encrypted key, the encrypted key ECC, the number of random values, and the random value ECC into the number of key fragments.
  - 10. The system of claim 7, in which the reconstructing engine reconstructs the encrypted object, the encrypted key, and the random values from the threshold number of the storage servers by:
    - reconstructing the encrypted object from the number of object fragments from the threshold number of the storage servers;
      
      reconstructing the encrypted key from the number of key fragments from the threshold number of the storage servers;
      
      reconstructing the random values from the key fragments from the threshold number of the storage servers;
      
      decrypting, based on the encrypted key and the random values, the encrypted key to obtain the key; and
      
      decrypting the encrypted object using the key to obtain an object.

11. A computer program product for utilizing error correction (ECC) for secure secret sharing, comprising:
- a tangible computer readable storage medium, said tangible computer readable storage medium comprising computer readable program code embodied therewith, said computer readable program code comprising program instructions that, when executed, causes a processor to;
  
  compute an encrypted key using a key and a number of random values;
  
  compute, based on a first error correction (ECC) scheme, an encrypted key ECC for the encrypted key and the random values;
  
  store a number of key fragments on a number of storage servers, the number of key fragments comprising the encrypted key, the random values, and the encrypted key ECC;
  
  compute an encrypted object with the key;
  
  compute, based on a second ECC scheme, an object ECC for the encrypted object; and
  
  store a number of object fragments on the number of storage servers, the number of object fragments comprising the encrypted object and the object ECC.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The product of claim 11, further comprising computer readable program code comprising program instructions that, when executed, cause said processor to reconstruct the encrypted object, the encrypted key, and the random values from a threshold number of the storage servers.
  - 13. The product of claim 11, further comprising computer readable program code comprising program instructions that, when executed, cause said processor to:
    - receive an object;
      
      encrypt the object with the key, the key randomly chosen using a high entropy random number generator to create the encrypted object; and
      
      calculate, based on the second ECC scheme, the object ECC for the encrypted object with the key, the object ECC enabling the encrypted object to be reconstructed from a threshold number of the storage servers.
  - 14. The product of claim 11, further comprising computer readable program code comprising program instructions that, when executed, cause said processor to:
    - select the number of random values using a high entropy random number generator, the number of random values being the same length as the key;
      
      compute, based on the random values and the key, an exclusive or (XOR) cipher to create the encrypted key;
      
      calculate the encrypted key ECC for the encrypted key, the encrypted key ECC enabling the encrypted key to be reconstructed from a threshold number of the storage servers;
      
      concatenate the encrypted key ECC to the encrypted key;
      
      calculate a random value ECC for each of the random values, the random value ECC enabling the random values to be reconstructed from the threshold number of the storage servers; and
      
      split the encrypted key, the encrypted key ECC, the number of random values, and the random value ECC into the number of key fragments.
  - 15. The product of claim 11, further comprising computer readable program code comprising program instructions that, when executed, cause said processor to:
    - reconstruct the encrypted object from the number of object fragments from a threshold number of the storage servers;
      
      reconstruct the encrypted key from the number of key fragments from the threshold number of the storage servers;
      
      reconstruct the random values from the key fragments from the threshold number of the storage servers;
      
      decrypt, based on the encrypted key and the random values, the encrypted key to obtain the key; and
      
      decrypt the encrypted object using the key to obtain an object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Inventors
CHEN, Liqun, CAMBLE, Peter Thomas, WATKINS, Mark Robert, HENRY, Ieuan James

Granted Patent

US 10,721,062 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 7/588   Random number generators, i...

H04L 2209/08   Randomization, e.g. dummy o...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0869   involving random numbers or...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/304   based on error correction c...

UTILIZING ERROR CORRECTION (ECC) FOR SECURE SECRET SHARING

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

UTILIZING ERROR CORRECTION (ECC) FOR SECURE SECRET SHARING

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links