Method for providing security using secure computation
First Claim
1. A method of authenticating a party for participation in an activity, the method comprising:
- dividing a first secret key into a plurality of secret key shares;
storing each of the plurality of the first secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key share stored in another of the servers;
transmitting a challenge to the party and requesting that the party encrypt the challenge using a second key;
after the party encrypts the challenge using the second key, receiving the encrypted challenge from the party;
executing at the plurality of servers a secure computation protocol to generate encryption of the challenge using the plurality of secret key shares without providing any of the plurality of servers with access to the first secret key and to the secret key share stored in another of the servers;
comparing the encrypted challenge received from the party and the encrypted challenge generated by the plurality of servers to determine whether the second key is equal to the first key; and
enabling the party to participate in the activity if and only if it was determined that the first and second keys are equal.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of securing data, the method comprising: dividing a secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers; using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the secret key and to the secret key share stored in another of the servers; and using the calculated value of the function to secure the data.
15 Citations
6 Claims
-
1. A method of authenticating a party for participation in an activity, the method comprising:
-
dividing a first secret key into a plurality of secret key shares; storing each of the plurality of the first secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key share stored in another of the servers; transmitting a challenge to the party and requesting that the party encrypt the challenge using a second key; after the party encrypts the challenge using the second key, receiving the encrypted challenge from the party; executing at the plurality of servers a secure computation protocol to generate encryption of the challenge using the plurality of secret key shares without providing any of the plurality of servers with access to the first secret key and to the secret key share stored in another of the servers; comparing the encrypted challenge received from the party and the encrypted challenge generated by the plurality of servers to determine whether the second key is equal to the first key; and enabling the party to participate in the activity if and only if it was determined that the first and second keys are equal. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification