Multifactor split asymmetric crypto-key with persistent key security
First Claim
1. A system for generating an asymmetric crypto-key associated with a user, comprising:
- a storage device configured to store a random number generation function having a constant; and
a processor configured with logic to (i) generate an asymmetric crypto-key associated with the user, the asymmetric crypto-key including a private key and a public key, (ii) compute a first key portion based on the stored random number generation function and a first value of the constant, and compute the second key portion based on the computed first key portion and one of the private key and the public key, wherein the computed first key portion and the computed second key portion form a first split of the one key of the user asymmetric crypto-key, and (iii) compute another first key portion based on the stored random number generation function and a second value of the constant, different than the first constant value, and compute another second key portion based on the computed other first key portion and the one key, wherein the computed other first key portion and the computed other second key portion form a second split of the one key of the user asymmetric crypto-key.
5 Assignments
0 Petitions
Accused Products
Abstract
A processor generates an asymmetric crypto-key, such as an RSA crypto-key, which is associated with the user and includes a private key and a public key. It computes a first key portion based on a stored random number generation function, which has one or more constants such as a salt and/or iteration count, and a first value of a constant, and a second key portion based on the computed first key portion and one of the private key and the public key. It additionally computes another first key portion based on the stored random number generation function and a second value of that constant, and another second key portion based on the computed other first key portion and the one key. The computed first and second key portions and the computed other first and second key portions form first and second splits of the one key of the asymmetric crypto-key.
66 Citations
20 Claims
-
1. A system for generating an asymmetric crypto-key associated with a user, comprising:
-
a storage device configured to store a random number generation function having a constant; and a processor configured with logic to (i) generate an asymmetric crypto-key associated with the user, the asymmetric crypto-key including a private key and a public key, (ii) compute a first key portion based on the stored random number generation function and a first value of the constant, and compute the second key portion based on the computed first key portion and one of the private key and the public key, wherein the computed first key portion and the computed second key portion form a first split of the one key of the user asymmetric crypto-key, and (iii) compute another first key portion based on the stored random number generation function and a second value of the constant, different than the first constant value, and compute another second key portion based on the computed other first key portion and the one key, wherein the computed other first key portion and the computed other second key portion form a second split of the one key of the user asymmetric crypto-key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for generating an asymmetric crypto-key associated with a user, comprising:
-
generating an asymmetric crypto-key associated with the user, the asymmetric crypto-key including a private key and a public key; computing a first key portion based on a random number generation function having a constant, and a first value of the constant; computing the second key portion based on the computed first key portion and one of the private key and the public key; computing another first key portion based on the random number generation function and a second value of the constant, different than the first constant value; and computing another second key portion based on the computed other first key portion and the one key; wherein the computed first key portion and the computed second key portion form a first split of the one key of the asymmetric crypto-key, and the computed other first key portion and the computed other second key portion form a second split of the one key of the asymmetric crypto-key. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification