Iterative data secret-sharing transformation

US 9,819,659 B2
Filed: 07/15/2016
Issued: 11/14/2017
Est. Priority Date: 05/14/2010
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving an input stream of bits of data;

secret-sharing transforming the received bits of the input stream of data, said secret-sharing transforming including splitting each received bit of the bits of the input stream of data, on a bit by bit basis, into a pair of secret-sharing bits; and

separating the secret-sharing bits of each pair of secret-sharing bits into separate streams of secret-sharing bits so that one secret-sharing bit of each pair of secret-sharing bits is in one stream of secret-sharing bits and the other secret-sharing bit of each pair is in another stream of secret-sharing bits different from the one stream of secret-sharing bits and wherein a secret sharing bit is shared by adjacent pairs of secret sharing bits, wherein the separating the streams of secret-sharing bits includes storing the plurality of streams of secret-sharing bits of data on separate storage media at separate locations so that the secret sharing bits of each of said pairs of secret sharing bits are stored on different storage media at different locations.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided are a method, system, and article of manufacture for iterative data secret-sharing transformation and reconversion. In one aspect, data secret-sharing transformation and reconversion is provided in which each bit of an input stream of bits of data is split, on a bit by bit basis, into a pair of secret-sharing bits, and the secret-sharing bits of each pair of secret-sharing bits are separated into separate streams of secret-sharing bits. In this manner, one secret-sharing bit of each pair of secret-sharing bits may be placed in one stream of secret-sharing bits and the other secret-sharing bit of each pair may be placed in another stream of secret-sharing bits different from the one stream of secret-sharing bits. Confidentiality of the original input stream may be protected in the event one but not both streams of secret-sharing bits is obtained by unauthorized personnel. In another aspect, for an input stream of N bits, each received bit of the N bits of the input stream of data, may be interatively split, on a bit by bit basis, into a pair of secret-sharing bits, to generate as few as N+1 secret-sharing bits from the input stream of bits N bits. Other features and aspects may be realized, depending upon the particular application.

25 Citations

17 Claims

1. A method, comprising:
- receiving an input stream of bits of data;
  
  secret-sharing transforming the received bits of the input stream of data, said secret-sharing transforming including splitting each received bit of the bits of the input stream of data, on a bit by bit basis, into a pair of secret-sharing bits; and
  
  separating the secret-sharing bits of each pair of secret-sharing bits into separate streams of secret-sharing bits so that one secret-sharing bit of each pair of secret-sharing bits is in one stream of secret-sharing bits and the other secret-sharing bit of each pair is in another stream of secret-sharing bits different from the one stream of secret-sharing bits and wherein a secret sharing bit is shared by adjacent pairs of secret sharing bits, wherein the separating the streams of secret-sharing bits includes storing the plurality of streams of secret-sharing bits of data on separate storage media at separate locations so that the secret sharing bits of each of said pairs of secret sharing bits are stored on different storage media at different locations.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the separating the streams of secret-sharing bits includes:
    - transmitting the plurality of streams of secret-sharing bits of data in separate communication channels so that the secret sharing bits of each of said pairs of secret sharing bits are transmitted in different transmission channels.
  - 3. The method of claim 1 wherein the splitting is a function of the exclusive-OR function such that each received bit of the input stream of bits of data is equal to the exclusive-OR function of the associated pair of secret-sharing bits.
  - 4. The method of claim 3 wherein a first received bit of the input stream of bits of data has a value of 0 and wherein said splitting includes assigning either the values 0, 0 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, or the values 1, 1 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, as a function of a randomization function.
  - 5. The method of claim 3 wherein a first received bit of the input stream of bits of data has a value of 1 and wherein said splitting includes assigning either the values 0, 1 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, or the values 1, 0 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, as a function of a randomization function.
  - 6. The method of claim 1 further comprising:
    - receiving the streams of secret-sharing bits; and
      
      reconverting the received streams of secret-sharing bits as a first restored stream of bits of data, said reconverting including recombining the one stream of secret-sharing bits and the other stream of secret-sharing bits of data, on a bit by bit basis, wherein each recombined bit of the restored stream of bits of data is equal to the exclusive-OR function of an associated pair of secret-sharing bits, one secret-sharing bit from the one stream of secret-sharing bits, and the other secret-sharing bit from the other stream of secret-sharing bits.
  - 7. The method of claim 1 wherein the splitting is a function of the exclusive-OR function such that a first received bit of the input stream of bits is equal to the exclusive-OR function of a first associated pair of secret-sharing bits, one secret-sharing bit being in the one stream of secret-sharing bits, and the other secret-sharing bit of the first associated pair being in the other stream of secret-sharing bits, and a second received bit of the input stream of bits is equal to the exclusive-OR function of a second associated pair of secret-sharing bits, one secret-sharing bit of the second associated pair being in the one stream of secret-sharing bits of data, and the other secret-sharing bit of the second associated pair being in the other stream of secret-sharing bits, and wherein one bit is shared between the first associated pair of secret-sharing bits and the second associated pair of secret-sharing bits so that the total number of secret-sharing bits of the first and second associated pairs of secret-sharing bits is three secret-sharing bits and wherein the separating of the three secret-sharing bits of the first and second associated pairs of secret-sharing bits, includes placing the shared secret-sharing bit in one stream of secret-sharing bits, and placing the other two secret-sharing bits of the three secret-sharing bits in one or more streams of secret-sharing bits different from the one stream of the shared secret-sharing bit;
    - andwherein the input stream of bits has N bits, and wherein the splitting of each received bit of the N bits of the input stream of data, on a bit by bit basis, into a pair of secret-sharing bits, is performed iteratively, to generate a total of N+1 secret-sharing bits from the input stream of bits N bits.

8. A computer program product comprising a non-transitory computer readable storage medium storing computer readable program code that, when executed on a processor of a computer, causes the computer to perform operations, comprising:
- receiving an input stream of bits of data;
  
  secret-sharing transforming the received bits of the input stream of data, said secret-sharing transforming including splitting each received bit of the bits of the input stream of data, on a bit by bit basis, into a pair of secret-sharing bits; and
  
  separating the secret-sharing bits of each pair of secret-sharing bits into a plurality of separate streams of secret-sharing bits so that one secret-sharing bit of each pair of secret-sharing bits is in one stream of secret-sharing bits and the other secret-sharing bit of each pair is in another stream of secret-sharing bits different from the one stream of secret-sharing bits and wherein a secret sharing bit is shared by adjacent pairs of secret sharing bits, wherein the separating the streams of secret-sharing bits includes storing the plurality of streams of secret-sharing bits of data on separate storage media at separate locations so that the secret sharing bits of each of said pairs of secret sharing bits are stored on different storage media at different location.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, wherein the separating the streams of secret-sharing bits includes:
    - transmitting the plurality of streams of secret-sharing bits of data in separate communication channels so that the secret sharing bits of each of said pairs of secret sharing bits are transmitted in different transmission channels.
  - 10. The computer program product of claim 8 wherein the splitting is a function of the exclusive-OR function such that each received bit of the input stream of bits of data is equal to the exclusive-OR function of the associated pair of secret-sharing bits.
  - 11. The computer program product of claim 10 wherein a first received bit of the input stream of bits of data has a value of 0 and wherein said splitting includes assigning either the values 0, 0 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, or the values 1, 1 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, as a function of a randomization function.
  - 12. The computer program product of claim 10 wherein a first received bit of the input stream of bits of data has a value of 1 and wherein said splitting includes assigning either the values 0, 1 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, or the values 1, 0 to the associated pair of secret-sharing bits of the one and the other streams of secret-sharing bits, respectively, as a function of a randomization function.
  - 13. The computer program product of claim 8 further comprising:
    - receiving the streams of secret-sharing bits; and
      
      reconverting the received streams of secret-sharing bits as a first restored stream of bits of data, said reconverting including recombining the one stream of secret-sharing bits and the other stream of secret-sharing bits of data, on a bit by bit basis, wherein each recombined bit of the restored stream of bits of data is equal to the exclusive-OR function of an associated pair of secret-sharing bits, one secret-sharing bit from the one stream of secret-sharing bits, and the other secret-sharing bit from the other stream of secret-sharing bits.
  - 14. The computer program product of claim 8 wherein the splitting is a function of the exclusive-OR function such that a first received bit of the input stream of bits is equal to the exclusive-OR function of a first associated pair of secret-sharing bits, one secret-sharing bit being in the one stream of secret-sharing bits, and the other secret-sharing bit of the first associated pair being in the other stream of secret-sharing bits, and a second received bit of the input stream of bits is equal to the exclusive-OR function of a second associated pair of secret-sharing bits, one secret-sharing bit of the second associated pair being in the one stream of secret-sharing bits of data, and the other secret-sharing bit of the second associated pair being in the other stream of secret-sharing bits, and wherein one bit is shared between the first associated pair of secret-sharing bits and the second associated pair of secret-sharing bits so that the total number of secret-sharing bits of the first and second associated pairs of secret-sharing bits is three secret-sharing bits and wherein the separating of the three secret-sharing bits of the first and second associated pairs of secret-sharing bits, includes placing the shared secret-sharing bit in one stream of secret-sharing bits, and placing the other two secret-sharing bits of the three secret-sharing bits in one or more streams of secret-sharing bits different from the one stream of the shared secret-sharing bit;
    - andwherein the input stream of bits has N bits, and wherein the splitting of each received bit of the N bits of the input stream of data, on a bit by bit basis, into a pair of secret-sharing bits, is performed iteratively, to generate a total of N+1 secret-sharing bits from the input stream of N bits.

15. A system, comprising:
- a plurality of separate storage media at separate locations;
  
  a data input; and
  
  a processing unit adapted to transform for secret-sharing bits of an input stream of data received at the data input, said processing unit including a data splitter adapted to split each received bit of the bits of the input stream of data, on a bit by bit basis, into a pair of secret-sharing bits, and a data separator adapted to separate the secret-sharing bits of each pair of secret-sharing bits into separate streams of secret-sharing bits so that one secret-sharing bit of each pair of secret-sharing bits is in one stream of secret-sharing bits and the other secret-sharing bit of each pair is in another stream of secret-sharing bits different from the one stream of secret-sharing bits and wherein a secret sharing bit is shared by adjacent pairs of secret sharing bits, and wherein the processing unit data separator is further adapted to store the plurality of streams of secret-sharing bits of data on said separate storage media at separate locations so that the secret sharing bits of each of said pairs of secret sharing bits are stored on different storage media at different locations.
- View Dependent Claims (16, 17)
- - 16. The system of claim 15 for use with a plurality of separate communication channels, the system further comprising a data transmission unit having said data input and said processing unit, wherein said processing unit separator is adapted to:
    - transmit the plurality of streams of secret-sharing bits of data in said separate communication channels so that the secret sharing bits of each of said pairs of secret sharing bits are transmitted in different transmission channels.
  - 17. The system of claim 15 wherein the processing unit is adapted to perform an exclusive-OR function and wherein the splitting is a function of the exclusive-OR function such that each received bit of the input stream of bits of data is equal to the exclusive-OR function of the associated pair of secret-sharing bits, and wherein the processing unit has a data input configured to receive the streams of secret-sharing bits, and is adapted to reconvert the received streams of secret-sharing bits as a first restored stream of bits of data, said processing unit include a data recombinor adapted to recombine the one stream of secret-sharing bits and the other stream of secret-sharing bits of data, on a bit by bit basis, wherein each recombined bit of the restored stream of bits of data is equal to the exclusive-OR function of an associated pair of secret-sharing bits, one secret-sharing bit from the one stream of secret-sharing bits, and the other secret-sharing bit from the other stream of secret-sharing bits.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Jennas, II, Paul A., Peipelman, Jason L., Rhoades, Joshua M., Ward, Matthew J.
Primary Examiner(s)
CHIANG, JASON

Application Number

US15/212,181
Publication Number

US 20160330021A1
Time in Patent Office

487 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 63/0485   Networking architectures fo...

H04L 9/065   Encryption by serially and ...

H04L 9/0827   involving distinctive inter...

H04L 9/085   Secret sharing or secret sp...

Iterative data secret-sharing transformation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

25 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Iterative data secret-sharing transformation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links