Systems and methods for distributing and securing data
First Claim
1. A method for securing a data set from unauthorized use by verifying a share of data of the data set, the method comprising:
- receiving, from a storage device, a fragment comprising data to be verified, a decommittal value, and a plurality of committal values, wherein the data to be verified comprises a string of characters;
determining a consensus committal value from the plurality of committal values;
calculating a hash value using the string of characters;
comparing the calculated hash value to the consensus committal value;
in response to determining that the calculated hash value equals the consensus committal value, storing to memory an indication that the data to be verified is a valid share of data;
in response to determining that the calculated hash value does not equal the consensus committal value, storing to the memory an indication that the data to be verified is not a valid share of data; and
securing the data set from unauthorized access or use by allowing recovery of the data set using a predetermined number of shares of data that are verified as valid.
3 Assignments
0 Petitions
Accused Products
Abstract
A robust computational secret sharing scheme that provides for the efficient distribution and subsequent recovery of a private data is disclosed. A cryptographic key may be randomly generated and then shared using a secret sharing algorithm to generate a collection of key shares. The private data may be encrypted using the key, resulting in a ciphertext. The ciphertext may then be broken into ciphertext fragments using an Information Dispersal Algorithm. Each key share and a corresponding ciphertext. Fragment are provided as input to a committal method of a probabilistic commitment scheme, resulting in a committal value and a decommittal value. The share for the robust computational secret sharing scheme may be obtained by combining the key share, the ciphertext fragment, the decommittal value, and the vector of committal values.
106 Citations
20 Claims
-
1. A method for securing a data set from unauthorized use by verifying a share of data of the data set, the method comprising:
-
receiving, from a storage device, a fragment comprising data to be verified, a decommittal value, and a plurality of committal values, wherein the data to be verified comprises a string of characters; determining a consensus committal value from the plurality of committal values; calculating a hash value using the string of characters; comparing the calculated hash value to the consensus committal value; in response to determining that the calculated hash value equals the consensus committal value, storing to memory an indication that the data to be verified is a valid share of data; in response to determining that the calculated hash value does not equal the consensus committal value, storing to the memory an indication that the data to be verified is not a valid share of data; and securing the data set from unauthorized access or use by allowing recovery of the data set using a predetermined number of shares of data that are verified as valid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for securing a data set from unauthorized use by verifying a share of data of the data set, comprising:
a hardware processor configured to; receive, from a storage device, a fragment comprising data to be verified, a decommittal value, and a plurality of committal values, wherein the data to be verified comprises a string of characters; determine a consensus committal value from the plurality of committal values; calculating a hash value using the string of characters; comparing the calculated hash value to the consensus committal value; in response to determining that the calculated hash value equals the consensus committal value, store to memory an indication that the data to be verified is a valid share of data; in response to determining that the calculated hash value does not equal the consensus committal value, store to the memory an indication that the data to be verified is not a valid share of data; and secure the data set from unauthorized access or use by allowing recovery of the data set using a predetermined number of shares of data that are verified as valid. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
Specification