Threshold oblivious pseudorandom function in a key management system
US-2019356475-A1 · Nov 21, 2019 · US
Distributed symmetric encryption
US11438152B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11438152-B2 |
| Application number | US-202016779422-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 31, 2020 |
| Priority date | Jan 31, 2020 |
| Publication date | Sep 6, 2022 |
| Grant date | Sep 6, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit the commitment to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitment and their respective secret share, and likewise generate a partial signature based on the commitment and their respective verification share. The partial computations and partial signatures may be transmitted to the client computer. The client computer may use the partial computations and partial signatures to generate a cryptographic key and verification signature respectively. The client computer may use the cryptographic key to encrypt or decrypt a message.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising performing, by a computer system: generating a commitment using a message and a random value; transmitting a request including the commitment to each of a plurality of cryptographic devices, the plurality of cryptographic devices storing a plurality of secret shares that are generated from a secret value and a plurality of verification shares generated from a verification value, the request indicating that each of the plurality of cryptographic devices are to perform a cryptographic function corresponding to encryption; receiving from the plurality of cryptographic devices, a plurality of partial computations, wherein the plurality of partial computations were generated by the plurality of cryptographic devices using the plurality of secret shares and the commitment; receiving, from the plurality of cryptographic devices, a plurality of partial signatures, wherein the plurality of partial signatures were generated by the plurality of cryptographic devices using the plurality of verification shares and the commitment; generating a cryptographic key based on the plurality of partial computations; generating a verification signature based on the plurality of partial signatures; generating a ciphertext by encrypting the message and the random value using the cryptographic key; generating a payload comprising the ciphertext, the verification signature, and the commitment; and transmitting the verification signature and the commitment to the plurality of cryptographic devices or to a plurality of additional cryptographic devices for verifying the verification signature using a verification key and the commitment. 2. The method of claim 1 , wherein: transmitting the commitment to the plurality of cryptographic devices comprises transmitting the commitment to a proxy device, wherein the proxy device transmits the commitment to the plurality of cryptographic devices; receiving the plurality of partial computations from the plurality of cryptographic devices comprises receiving, from the proxy device, the plurality of partial computations, wherein the proxy device receives the plurality of partial computations from the plurality of cryptographic devices; and receiving the plurality of partial signatures from the plurality of cryptographic devices comprises receiving, from the proxy device, the plurality of partial signatures, wherein the proxy device receives the plurality of partial signatures from the plurality of cryptographic devices. 3. The method of claim 1 , wherein the plurality of cryptographic devices comprises at least a predetermined threshold number of cryptographic devices, and wherein the predetermined threshold number of cryptographic devices is less than a total number of cryptographic devices. 4. The method of claim 1 , wherein generating the cryptographic key based on the plurality of partial computations comprises: generating a key generation seed based on the plurality of partial computations; and generating the cryptographic key by using the key generation seed as an input to a key generation function. 5. The method of claim 1 , wherein generating the commitment comprises generating a hash value of the message and the random value using a hash function. 6. The method of claim 1 , further comprising selecting the plurality of cryptographic devices from a network of cryptographic devices. 7. The method of claim 1 , further comprising: receiving a plurality of additional partial computations, wherein the plurality of additional partial computations were generated by the plurality of cryptographic devices or the plurality of additional cryptographic devices using a plurality of additional secret shares and the commitment; generating a second cryptographic key based on the plurality of additional partial computations; and decrypting the ciphertext using the second cryptographic key to produce the message and the random value. 8. The method of claim 7 , wherein one or more cryptographic devices of the plurality of cryptographic devices are the same as one or more additional cryptographic devices of the plurality of additional cryptographic devices, wherein one or more secret shares of the plurality of secret shares are the same as one or more additional secret shares of a plurality of additional secret shares. 9. A method comprising performing, by a computer system: transmitting a verification signature and a commitment to a plurality of cryptographic devices, wherein the plurality of cryptographic devices verify the verification signature using a verification key and the commitment; receiving a plurality of partial computations, wherein the plurality of partial computations were generated by the plurality of cryptographic devices using a plurality of secret shares and the commitment; generating a cryptographic key based on the plurality of partial computations; decrypting a ciphertext using the cryptographic key to produce a message and a random value; and transmitting an indicator to the plurality of cryptographic devices, wherein the indicator indicates to the plurality of cryptographic devices that the computer system intends to perform decryption. 10. The method of claim 9 , wherein the verification signature indicates to the plurality of cryptographic devices that the computer system intends to perform decryption, and wherein the plurality of cryptographic devices verify the verification signature by: decrypting the verification signature using the verification key to produce an additional commitment; and determining if the additional commitment is the same as the commitment. 11. The method of claim 9 , wherein: transmitting the commitment to the plurality of cryptographic devices comprises transmitting the commitment to a proxy device, wherein the proxy device transmits the commitment to the plurality of cryptographic devices; transmitting the verification signature to the plurality of cryptographic devices comprises transmitting the verification signature to the proxy device, wherein the proxy device transmits the verification signature to the plurality of cryptographic devices; and receiving the plurality of partial computations from the plurality of cryptographic devices comprises receiving, from the proxy device, the plurality of partial computations, wherein the proxy device receives the plurality of partial computations from the plurality of cryptographic devices. 12. The method of claim 9 , wherein the plurality of cryptographic devices comprises at least a predetermined threshold number of cryptographic devices, wherein the predetermined threshold number of cryptographic devices is less than a total number of cryptographic devices. 13. The method of claim 9 , wherein generating the cryptographic key based on the plurality of partial computations comprises: generating a key generation seed based on the plurality of partial computations; and generating the cryptographic key by using the key generation seed as an input to a key generation function. 14. The method of claim 9 , further comprising selecting the plurality of cryptographic devices from a network of cryptographic devices. 15. A method comprising performing, by a cryptographic device: receiving from a client computer, a request including a commitment generated using a message and a random value; determining that the client computer intends to encrypt the message based on contents of the request; generating a partial computation based on a secret share and the commitment; generating a partial signature based on a verification share and the commitment;
Assignees
Inventors
Classifications
- H04L9/085Primary
Secret sharing or secret splitting, e.g. threshold schemes · CPC title
Secure multiparty computation, e.g. millionaire problem · CPC title
using group based signatures, e.g. ring or threshold signatures · CPC title
involving digital signatures · CPC title
using cryptographic hash functions · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11438152B2 cover?
- Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification H04L9/085. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 06 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).