Guaranteed partial key-escrow
First Claim
1. A method for escrowing secret decryption keys useful in decrypting ciphertexts, comprising the steps of:
- providing a set of trustees a guarantee that a secret decryption key is the composition of a first subkey and a second subkey; and
providing each trustee of the set pieces of information enabling each trustee to verify that the piece of information includes a share of the first subkey.
0 Assignments
0 Petitions
Accused Products
Abstract
A given decryption key is decomposed into at least two parts, for example, a first subkey and a second subkey. The first subkey may be verifiably secret-shared among a set of one or more trustees, whereas the trustees preferably receive no information at all about the second subkey. Reconstruction of the first subkey by the trustees does not yield a decryption key useful by itself in decrypting ciphertexts. The trustees, however, also receive a guarantee that once they reveal their shares to a given entity, the entity has the capability of determining the second subkey. Generally, the generation of the second subkey will be carried out by the entity using a brute force technique, although the calculation may be performed by still another party (or even the trustees themselves in cooperation with the entity). Once the second subkey is determined, the guarantee ensures that combination of the first and second subkeys yields a given decryption key that may then be used to decrypt ciphertexts.
-
Citations
23 Claims
-
1. A method for escrowing secret decryption keys useful in decrypting ciphertexts, comprising the steps of:
-
providing a set of trustees a guarantee that a secret decryption key is the composition of a first subkey and a second subkey; and providing each trustee of the set pieces of information enabling each trustee to verify that the piece of information includes a share of the first subkey. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for escrowing secret decryption keys useful in decrypting ciphertexts, wherein a given secret decryption key is guaranteed to be a combination of a first and second subkey, comprising the steps of:
-
having each of a set of trustees hold guaranteed shares of a first subkey of a given secret decryption key; and upon a predetermined request, having the trustees reveal their shares to a predetermined entity so as to enable the reconstruction of the first subkey. - View Dependent Claims (11, 12)
-
-
13. A method for escrowing secret keys, comprising the steps of:
-
having a secret key be the composition of a first subkey and a second subkey; providing a trustee a piece of data that is guaranteed to be the first subkey of a secret key. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for escrowing secret keys, wherein a given secret key is guaranteed to be a combination of a first and second subkey, comprising the steps of:
-
having a trustee hold a piece of data guaranteed to be a first subkey of the given secret key; and upon a predetermined request, having the trustee reveal the piece of data to enable reconstruction of the given secret key. - View Dependent Claims (22, 23)
-
Specification