Multi-party threshold authenticated encryption
US-2020259651-A1 · Aug 13, 2020 · US
Method for checking cryptographic secrets for equality
US12438726B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12438726-B2 |
| Application number | US-202218276279-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 27, 2022 |
| Priority date | Feb 9, 2021 |
| Publication date | Oct 7, 2025 |
| Grant date | Oct 7, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for checking cryptographic secrets for equality involves at least one of the secrets being stored in a read-protected manner in a secure system. The at least one secure system has a cryptographic hash value interface. For checking purposes, a hash value of the secret provided with a salt or with the hash value of a salt is output via the interface for comparison with a corresponding hash value of another secret provided with the salt or with the hash value of the salt.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method, comprising: storing at least one of cryptographic secret of at least two cryptographic secrets in a read-protected manner in at least one secure system; and checking the at least two cryptographic secrets for equality, wherein the at least one secure system has a cryptographic hash value interface, wherein the checking of the at least two cryptographic secrets involves outputting, via the cryptographic hash value interface 1) a hash value of the at least one cryptographic secrets provided with a salt for comparison with a corresponding hash value of another one of the at least two cryptographic secrets provided, or 2) a hash value of a salt for comparison with the hash value of the salt, wherein the salt is a multi-part salt, wherein a salt portion is self-determined by the at least one secure system and other salt portions are transmitted to the secure system and wherein when checking several cryptographic secrets stored in different secure systems for equality, the method further comprises in a first secure system, the self-determined salt portion is requested, after which the self-determined salt portion is transmitted to a further secure system, the further secure system transmits its self-determined salt portion together with a hash value of its cryptographic secret and the two salt portions, wherein the self-determined salt portion of the further secure system is reported back to the first secure system as an externally determined salt portion, wherein the first secure system determines a hash value from its cryptographic secret and the two salt portions, after which the respective hash values of the cryptographic secrets and the two salt portions transmitted by the first and further secure systems for checking are compared. 2. The method of claim 1 , further comprising: disclosing the self-determined salt portion before the hash value of the secret provided with the salt portions is formed. 3. The method of claim 1 , wherein an order in which the self-determined and other salt portions and the secret are concatenated in the at least one secure system is specified in the at least one secure system itself or is specified externally of the at least one secure system. 4. The method of claim 1 , wherein in an order of concatenation of the first secure system, the two salt portions are swapped with respect to order of concatenation which the further secure system used, and at least the first secure system uses the order of concatenation as a received external specification. 5. The method of claim 4 , wherein the further secure system defines the order of concatenation itself and discloses the order of concatenation. 6. The method of claim 4 , wherein the at least one cryptographic secret is provided with a hash value of the concatenated salt portions instead of the salt and the comparison is based on the hash value of this combination. 7. The method of claim 1 , wherein the self-determined salt portion is always newly generated by a secure random number generator. 8. The method of claim 1 , wherein the at least one self-determined salt portion is always used. 9. The method of claim 1 , the hash value is generated using a complex cryptographic one-way function based on hash functions. 10. The method of claim 1 , wherein the at least one secure system is a hardware security module. 11. The method of claim 1 , wherein the at least one secure system is provided with a communication interface via which the cryptographic hash interface is configurable in a tamper-proof manner with regard to at least one of the following partial functions: using a self-determined salt portion; disclosing the self-determined salt portion to the environment before the hash value is created; using an externally determined salt portion; using a number of externally determined salt portions; defining the order of concatenation the secure system or defining the order of concatenation externally; the secret always coming at a specified point in the order of concatenation; using the salt consisting of the concatenated salt portions pre-hashed; and using the secret pre-hashed.
Assignees
Inventors
Classifications
using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM] · CPC title
Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher · CPC title
Hash functions, e.g. MD5, SHA, HMAC or f9 MAC · CPC title
involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC · CPC title
- H04L9/3236Primary
using cryptographic hash functions · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12438726B2 cover?
- A method for checking cryptographic secrets for equality involves at least one of the secrets being stored in a read-protected manner in a secure system. The at least one secure system has a cryptographic hash value interface. For checking purposes, a hash value of the secret provided with a salt or with the hash value of a salt is output via the interface for comparison with a corresponding ha…
- Who is the assignee on this patent?
- Mercedes Benz Group Ag
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3236. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 07 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).