Method and apparatus for encrypting data
First Claim
1. A method for encrypting first data such that the participation of t out of n trusted authorities is required to decrypt the encrypted first data, the method comprising executing instructions on a computer apparatus for:
- dividing the first data into t elements where t>
1;
setting the value of each coefficient of a polynomial in x of order (t−
1) in dependence on a respective one of said elements;
deriving n share values by evaluating said polynomial for n different values of x where n≧
t;
encrypting each share value using as encryption parameters both public data of a respective trust authority and a key string that serves, in relation to that trust authority, as a public key of an intended recipients;
providing the encrypted shares, and the values of x used in deriving the shares, to said intended recipient;
providing to the intended recipient, from each of t said trust authorities, a private key corresponding to the said public key of the intended recipient in respect of that trust authority;
using the private keys to decrypt t encrypted shares;
using the decrypted shares to recover the coefficients of said polynomial; and
combining the polynomial coefficients to recover the first data.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for encrypting data comprising dividing a first data set into a second data set and a third data set; deriving a first value using the second data set as an input into a polynomial equation; deriving a second value using the third data set as an input into the polynomial equation; deriving a first encryption key associated with a first party; deriving a second encryption key associated with a second party; encrypting the first value with the first encryption key; encrypting the second value with the second encryption key.
-
Citations
9 Claims
-
1. A method for encrypting first data such that the participation of t out of n trusted authorities is required to decrypt the encrypted first data, the method comprising executing instructions on a computer apparatus for:
-
dividing the first data into t elements where t>
1;setting the value of each coefficient of a polynomial in x of order (t−
1) in dependence on a respective one of said elements;deriving n share values by evaluating said polynomial for n different values of x where n≧
t;encrypting each share value using as encryption parameters both public data of a respective trust authority and a key string that serves, in relation to that trust authority, as a public key of an intended recipients; providing the encrypted shares, and the values of x used in deriving the shares, to said intended recipient; providing to the intended recipient, from each of t said trust authorities, a private key corresponding to the said public key of the intended recipient in respect of that trust authority; using the private keys to decrypt t encrypted shares; using the decrypted shares to recover the coefficients of said polynomial; and combining the polynomial coefficients to recover the first data. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. Computer apparatus for encrypting first data such that the participation of t out of n trusted authorities is required to decrypt the encrypted first data, the apparatus comprising:
-
a processor arranged to divide the first data into t elements where t>
1 , set the value of each coefficient of a polynomial in x of order (t−
1) in dependence on a respective one of said elements, derive n share values by evaluating said polynomial for n different values of x where n≧
t, and encrypt each share value using as encryption parameters both public data of a respective trust authority and a key string that serves, in relation to that trust authority, as a public key of an intended recipient; andcommunication means for providing the encrypted shares to a third parry for decryption and recovery of the first data. - View Dependent Claims (8, 9)
-
Specification