U.S. patent application number 13/406821 was filed with the patent office on 2012-06-21 for techniques for validating and sharing secrets.
Invention is credited to H. B. Puthali, Vardhan Itta Vishnu.
Application Number | 20120159645 13/406821 |
Document ID | / |
Family ID | 41465261 |
Filed Date | 2012-06-21 |
United States Patent
Application |
20120159645 |
Kind Code |
A1 |
Vishnu; Vardhan Itta ; et
al. |
June 21, 2012 |
TECHNIQUES FOR VALIDATING AND SHARING SECRETS
Abstract
Techniques for validating and sharing secrets are presented. A
secret is divided into a plurality of parts. Each part is
represented by a unique value. Each value is distributed to a
unique user that shares in the secret. The secret is recreated when
each user presents each user's unique value. Each unique value is
then used to recreate its corresponding part of the key and when
all parts are present and validated, the secret is reproduced.
Inventors: |
Vishnu; Vardhan Itta;
(Peddapalli, IN) ; Puthali; H. B.; (Ittamadu,
IN) |
Family ID: |
41465261 |
Appl. No.: |
13/406821 |
Filed: |
February 28, 2012 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
12141286 |
Jun 18, 2008 |
8170216 |
|
|
13406821 |
|
|
|
|
Current U.S.
Class: |
726/27 |
Current CPC
Class: |
H04L 9/085 20130101 |
Class at
Publication: |
726/27 |
International
Class: |
G06F 21/24 20060101
G06F021/24 |
Claims
1. A machine-implemented method residing in a non-transitory
computer-readable storage medium for execution on a processing
device, comprising: dividing, by the processor, a secret into
shares, each share representing a different portion of the secret;
assigning, by the processor, each share to a unique user associated
with a group of users; calculating, by the processor, a share value
for each share, each share value represented as a particular
remainder obtained by dividing the secret by a particular pairwise
co-prime number associated with a particular user; executing, by
the processor, a Chinese Remainder Theorem (CRT) algorithm for each
share value and its pairwise co-prime to produce a single value for
each share that permits each share, via that share's single value
to be independently verified; and sending, by the processor, each
single value to the user associated with that single value.
2. The method of claim 1 further comprising, receiving, by the
processor, at different intervals each single value from each of
the users.
3. The method of claim 2 further comprising, validating, by the
processor, each single value.
4. The method of claim 3 further comprising, reproducing, by the
processor, each share value from each received single value to
re-assemble the secret.
5. The method of claim 4 further comprising, acquiring, by the
processor, a key from secure storage using the re-assembled
secret.
6. The method of claim 5 further comprising, delivering, by the
processor, the key to a resource for use in accordance with
evaluation of a policy.
7. The method of claim 1 further comprising, requesting, by the
processor, each user to deliver that user's single value for
verification and for re-assembling of the secret.
8. The method of claim 1, wherein dividing further includes
receiving an administrator instruction to divide the secret.
9. The method of claim 1, wherein assigning further includes
identifying the group of user based on evaluation of a policy.
10. A machine-implemented method residing in a non-transitory
computer-readable storage medium for execution on a processing
device, comprising: acquiring, by the processor, numeric values
from users, each use supplying a particular unique one of the
numeric values; processing, by the processor, a Chinese Remainder
Theorem (CRT) algorithm against each numeric value to produce a
portion of a secret; validating, by the processor, each portion of
the secret; assembling, by the processor, the portions into the
secret; and using, by the processor, the secret to deliver a key to
a resource.
11. The method of claim 10, wherein acquiring further includes
requesting that each user deliver that user's numeric value based
on evaluation of a policy.
12. The method of claim 10, wherein acquiring further includes
requesting that each user deliver that user's numeric value based
on an administrator instruction.
13. The method of claim 10, wherein acquiring further includes
obtaining each user's numeric value based on actions of the users
that are unsolicited.
14. The method of claim 10, wherein processing further includes
using a specific pairwise co-prime number associated with a
particular user and that particular user's numeric value as input
to the CRT algorithm.
15. The method of claim 10, wherein using further includes
accessing a secure storage with the secret to obtain the key.
16. The method of claim 10, wherein using further includes using,
by the resource, the key to access another secure resource that
requires the key for access.
17. A machine-implemented system, comprising: a machine having a
key dividing service implemented in a non-transitory
computer-readable storage medium, the key dividing service
executing on the machine; and the machine having a key
re-assembling service implemented in a non-transitory
computer-readable storage medium, the key re-assembling service
executing on the machine; wherein the key dividing service is
configured to divide a key into portions and derive a single value
representing each portion and then deliver each single value to a
particular user from a group of users; the key re-assembling
service is configured to reproduce each portion after validating
each received single value from each user and re-produce the
key.
18. The system of claim 17, wherein the key re-assembling service
is also configured to evaluate policy to deliver the re-produced
key to a particular resource.
19. The system of claim 17, wherein the key re-assembling service
is also configured to use the re-produced key to access a secure
storage for a different key accessible via the re-produced key and
then deliver the different key to a particular resource in
accordance with a policy.
20. The system of claim 17, wherein the key is divided and
re-produced by processing a Chinese Remainder Theorem (CRT)
algorithm.
Description
RELATED APPLICATIONS
[0001] The present application is a continuation of, claims
priority to, and is co-pending with U.S. Ser. No. 12/141,286,
entitled: "Techniques for Validating and Sharing Secrets," filed on
Jun. 18, 2008, and which presently stands allowed and the
disclosure of which is incorporated in its entirety herein.
BACKGROUND
[0002] Increasingly, the affairs of individuals and enterprises are
being conducted over the Internet and via the World-Wide Web (WWW).
This has provided for a geographically dispersed world economy and
created many opportunities, which previously did not exist.
[0003] One major issue associated with conducting affairs over the
WWW is security. Just as the WWW has grown, so too has the
sophistication of the criminals that lurk on the Internet
attempting to acquire passwords and other sensitive data of users
as that data becomes exposed on the Internet during network
transactions.
[0004] To address these concerns a variety of security mechanisms
are typically used, such as a Public and Private Key Infrastructure
(PKI) transactions, Virtual Private Networks (VPN's), and other key
distribution and encryption techniques. Still, even these
mechanisms are not full proof and each mechanism has its own
security issues that have to be addressed because of the increasing
sophistication of today's Internet hackers.
[0005] One particular approach, which is used for enhancing
security, is to split a key into multiple pieces. Key splitting is
particularly useful for a user when the user forgets his/her key.
The original key can be split into pieces and then escrowed with
multiple parties, such that each of the pieces from each escrow
agent is needed to reassemble the key. Should the user ever forget
the key and want to reacquire it, escrow agents supply their pieces
and the key is reassembled for the user. Key splitting is also
useful in other scenarios as well, such as when multiple parties
are needed to access a secure asset, where each party includes a
piece of an overall key needed to access that asset. Sometimes key
splitting should also be done in such a way that if the key is
divided into `n` pieces and escrowed with multiple parties, then
the original key should be able to be reassembled by using any `k`
escrow agents pieces, where k=n and should not be able to be
reassembled into the original key by any number of pieces less than
k.
[0006] However, conventional key splitting techniques do not
validate the individual key pieces; rather, the entire re-assembled
key having all the pieces is validated. The problem with this
approach is that it is not efficient and cannot detect a problem
before all the key pieces are acquired and reassembled; so, any
issue with a key is only noted once a final version of the key is
reassembled from all the individual pieces.
[0007] For these and other reasons, it can be seen that improved
and automated techniques are desirable for validating and sharing
secrets, such as keys.
SUMMARY
[0008] In various embodiments, techniques for validating and
sharing secrets are presented. More specifically and in an
embodiment, a method is provided for dividing a shared secret. A
decision is made to divide a secret among a number of users `n` and
a minimum number of shares `k` needed to reassemble the secret. A
single value is calculated for each share, the single value permits
each share to be independently validated from remaining shares and
permits each share to be re-assembled with any `k-1` remaining
shares to reform the secret. Finally, each single value for each
share is delivered to a particular one of the users. The users
share the secret via each user's single value.
BRIEF DESCRIPTION OF THE DRAWINGS
[0009] FIG. 1 is a diagram of a method for dividing a shared
secret, according to an example embodiment.
[0010] FIG. 2 is a diagram of a method for validating and
recreating a shared secret, according to an example embodiment.
[0011] FIG. 3 is a diagram of a secret validation and sharing
system, according to an example embodiment.
[0012] FIG. 4 is a diagram of another secret validation and sharing
system, according to an example embodiment.
DETAILED DESCRIPTION
[0013] A "resource" as used herein refers to a service, an
application, a processing environment, a user, a group of users, a
role associated with a user or groups of users, a policy, a
website, a proxy, a device, data or content, or various
combinations of these things. A "secure resource" is one that
requires authentication to permit access to it. The terms
"instructions," "application," and "service" may be used
interchangeably herein as a form of a resource that executes on a
machine (processing device, such as a computer, etc.).
[0014] Various embodiments of this invention can be implemented in
existing network architectures. For example, in some embodiments,
the techniques presented herein are implemented in whole or in part
in the Novelle network and proxy server products, directory
products, operating system (OS) products, and/or identity based
products, distributed by Novelle, Inc., of Provo, Utah.
[0015] Of course, the embodiments of the invention can be
implemented in a variety of architectural platforms, OS and server
systems, or applications. Any particular architectural layout or
implementation presented herein is provided for purposes of
illustration and comprehension only and is not intended to limit
aspects of the invention.
[0016] FIG. 1 is a diagram of a method 100 for dividing a shared
secret, according to an example embodiment. The method 100
(hereinafter "secret dividing service") is implemented in a
machine-accessible and readable medium. The secret dividing service
is operational over and processes within a network. The network may
be wired, wireless, or a combination of wired and wireless.
[0017] At 110, the secret dividing service decides to divide a
secret among a first total number of users. This can be done for a
variety of reasons. For example, at 111, the secret dividing
service may evaluate policy to determine when to divide the secret.
That is, policy decides when a secret is to be divided among the
users. In other cases, an administrator may specifically and
manually issue an instruction to divide the secret among the first
total number of users (hereinafter referred to as "N").
[0018] At 120, the secret dividing service separates the secret
into shares or portions. Each share represents a different piece of
the secret and a total number of the shares equals to N.
[0019] According to an embodiment, at 121, the secret dividing
service generates a share of `n` pairwise co-prime numbers. There
is one unique set of 2*m+1 where m=(n-k+1) pairwise co-prime
numbers per share of the secret and per user. A number is pairwise
co-prime with another number when the only common divisor between
the numbers is 1. So, as an example 7 and 10 are pairwise co-prime
because the only common divisor for 7 and 10 is 1. Next, the secret
dividing service produces an intermediate value for each share as a
remainder that is obtained when the secret is divided by the
share's pairwise co-prime number. Each intermediate value is then
retained for subsequent independent validation of each share when
the pieces of the key are presented for re-assembling and
validation at some later point in time.
[0020] Continuing with the embodiment at 121, and at 122, the
secret dividing service processes a Chinese Remainder Theorem (CRT)
algorithm for partial set of intermediate value set, and partial
set of shared set of pairwise co-prime numbers and a control value
for validation using the user's pairwise co-prime set. That is, a
single CRT value for each share and each user is produced in
response to processing the CRT algorithm. The single value when
divided by different pairwise co-prime numbers produce a user's
particular intermediate value set, partial set of the shared
pairwise co-prime number set and a control value used for
validation and discussed in greater detail below.
[0021] To do this, at 123, the secret dividing service generates
three equations where the first and second sets have `m` equations
and the third set has one equation. The first equation generated
via the CRT algorithm produces as a first remainder set, the
partial set of intermediate value set when the CRT value is divided
by the user's partial set of pairwise co-prime numbers set. The
second equation generated via the CRT algorithm produces as a
second remainder a partial set of shared pairwise co-prime numbers
set when the CRT value is divided by the users other partial set of
pairwise co-prime numbers set. The third equation generated via the
CRT algorithm produces as a third remainder a control value when
the CRT value is divided by the remaining single pairwise co-prime
number.
[0022] At 130, the secret dividing service calculates for each
share a single value the permits each share to be independently
validated from remaining shares and that permits each share to be
re-assembled with the remaining shares to reform the secret.
[0023] According to an embodiment, at 131 that extends the
embodiment discussed at 123, the secret dividing service
subsequently validates a particular share from a particular user
when that particular user presents a particular single value
(previously generated CRT value). The secret dividing service uses
the particular single value to process the first set of equations
and the second set of equations, this renders as remainder values
the particular share's intermediate value set and the partial set
of shared pairwise co-prime numbers set. The secret is then divided
by the derived pairwise co-prime number set and that remainder set
is compared against the derived intermediate value set. This
recreates a partial set of the shares of the secret.
[0024] In some cases, at 132, the secret dividing service
invalidates a particular share when the resulting remainder does
not equal the intermediate value. When the resulting remainder does
equal the intermediate value then the secret is delivered and
recreated for a requestor when each of the remaining shares of the
secret are presented and similarly validated in the manner
discussed herein and above for the particular share that was
presented at 131.
[0025] At 140, the secret dividing service delivers each single
value for each share to a particular one of the users. The users
share the secret via each user's single value that each user has
and maintains for subsequent presentment and processing when the
users desire to recreate the secret.
[0026] An example embodiment of the techniques presented above are
now presented for further illustration and comprehension of how a
CRT algorithm can be used to generate divide a secret and
distribute it as shares representing a single value to multiple
users. The techniques for validating and reconstructing the shared
secret are more completely discussed with reference to the FIG. 2
discussed below.
Chinese Remainder Theorem (CRT) Algorithm Example
[0027] The CRT algorithm is implemented in a computer-readable
storage medium as instructions that process on a machine of the
network to produce values that are used to divide a secret, such as
a key, and subsequently validate and reform that key.
[0028] Suppose n.sub.1, n.sub.2, . . . , n.sub.k are integers which
are pairwise co-prime. Then, for any given integers a.sub.1,
a.sub.2, . . . , a.sub.k, there exists an integer x solving the
system of simultaneous congruencies:
x .ident. a 1 ( mod n 1 ) ##EQU00001## x .ident. a 2 ( mod n 2 )
##EQU00001.2## ##EQU00001.3## x .ident. a k ( mod n k )
##EQU00001.4##
[0029] Furthermore, all solutions x to this system are congruent
modulo with the product N=n.sub.1 n.sub.2 . . . n.sub.k.
Processing the Secret Dividing Service
[0030] The secret dividing service uses a co-prime set which is
fixed for the entire system and is used to share the secret
data/keys that need to be shared; so, assume that set as being
defined as CP={C.sub.1, C.sub.2, . . . } and that the set is
sufficiently large enough.
Technique to Divide Secret `D `into` N Shares:
[0031] Say that D is the data that needs to be divided among `n`
users U.sub.1, U.sub.2, . . . U.sub.n.
[0032] Step 1: Generate `n` co-primes {P.sub.1, P.sub.2, . . .
P.sub.n} randomly where none of them belongs to CP (defined
above).
[0033] Step 2: Find D.sub.1, D.sub.2, . . . D.sub.n such that,
D.sub.1=D mod P.sub.i.
[0034] Step 3: This step is done for every user, i.e., for every U,
such that 1<=i<=n.
[0035] Consider a co-prime set CP.sub.i for user U.sub.i, such that
CP.sub.i is subset of CP and 2 m=|CP.sub.i|=2*(n-k+1) and say it is
represented as CP.sub.i={CP.sub.(i,1), CP.sub.(i,2), . . .
CP.sub.(i,2m)}
[0036] Form a set of equations as below:
SD.sub.i.ident.D.sub.[(i+j-2)modn+1](mod CP.sub.(i,j))
[0037] SD.sub.i.ident.P.sub.[(i+j-2)modn+1](mod CP.sub.(i,j+m))
SD.sub.i.ident.E.sub.i(mod CP.sub.validate)
[0038] where j takes values from 1 to m.
[0039] After applying the CRT algorithm on the above set of
equations, SD.sub.i is obtained and this is the shared data that is
given to the user U.sub.i. The last equation in the above set of
equations allows the algorithm to find out if user U.sub.i has
manipulated his/her shared piece of the secret at the time of
rebuilding the secret. Thus, this permits validation (as discussed
more completely below with reference to the FIG. 2).
[0040] It is now appreciate how a shared secret can be divided in a
novel manner and represented as a single CRT value that is then
given to each user. The user can subsequently represent the single
value for purposes of having that user's share of the secret
validated, recreated, and used to reform the entire secret (when
every remaining user also presents his/her single value for the
secret).
[0041] FIG. 2 is a diagram of a method 200 for validating and
recreating a shared secret, according to an example embodiment. The
method 200 (hereinafter "key validation and sharing service" is
implemented in a machine-accessible and readable medium and is
operational over a network. The network may be wired, wireless, or
a combination of wired and wireless.
[0042] In an embodiment, the key validation and sharing service
represents processing that takes place after a key or secret has
been divided and distributed to users in accordance with the
process of the secret dividing service represented by the method
100 of the FIG. 1.
[0043] At 210, the key validation and sharing service receives a
request to re-assemble a shared secret. The shared secret is
divided among a first number of users (N).
[0044] At 220, the key validation and sharing service acquires from
each user a specific single value. The significance and creation of
the single numeric value that represents a particular user's
portion of the secret was discussed in detail above with reference
to the method 100 of the FIG. 1 and the following illustration
using a CRT algorithm. The specific single value can be acquired in
a variety of manners.
[0045] For example, at 221, the key validation and sharing service
receives each specific single value in an unsolicited fashion from
each of the users that hold a piece of the shared secret.
[0046] In another case, at 222, the key validation and sharing
service proactively requests that each of the users supply each
user's specific single value when policy dictates that the secret
be validated and reformulated.
[0047] So, the key validation and sharing service can passively
acquire each user's specific single value on demand or can
proactively and dynamically acquire each user's specific single
value in accordance with policy evaluation.
[0048] At 230, the key validation and sharing service validates
each specific single value independent of remaining ones of the
specific single values. So, unlike convention key splitting
techniques, the key validation and sharing service validates each
individual portion of the secret (e.g., key, etc.) before the
secret is reformulated from the individual pieces held by different
users.
[0049] In an embodiment, at 231, the key validation and sharing
service divides each specific single value by a control pairwise
co-prime number to obtain a result value that is compared to an
expected validation value. When the comparison is equal, the key
validation and sharing service determines that the validation for
each specific single value was a success.
[0050] At 240, the key validation and sharing service uses each
specific single value to reproduce a portion of the shared secret.
That is, each specific value is used to recreate a specific portion
of the shared secret.
[0051] In an embodiment, at 241, the key validation and sharing
service divides each specific single value by a particular pairwise
co-prime number associated with a particular user that supplies the
specific single value. This is done to obtain a remainder. Next,
each specific single value is divided by another pairwise co-prime
number to obtain a calculated pairwise co-prime number. The key
validation and sharing service then determines that the particular
user has a valid portion of the shared secret when the remainder is
equal to a calculated remainder that results from dividing the
shared secret by the calculated pairwise co-prime number. An
example illustration of this processing is discussed more
completely below at the end of the discussion for the FIG. 2.
[0052] According to an embodiment, at 242, the key validation and
sharing service processes a CRT algorithm to reproduce each of the
portions of the shared secret.
[0053] At 250, the key validation and sharing service re-assembles
the secret to satisfy the request when each portion of the shared
secret is reproduced successfully and each specific value presented
by each user is independently validated.
[0054] In an embodiment, at 251, the key validation and sharing
service delivers the secret from secure storage to a resource in
response to policy evaluation once each portion of the secret was
re-created and each specific single value was successfully
validated.
[0055] Again, and example illustration of the secret validation
processing and the secret reformulation processing is presented
within the context of a CRT algorithm.
Condition to Validate the Shares of a Shared Secret
[0056] When user U.sub.i comes with his/her piece of shared data
SD.sub.i, the share is validated against the fixed prime or control
prime as follows:
[0057] If SD.sub.i mod CP.sub.validate is not equal to E.sub.i,
then the share is not valid, otherwise, it is valid.
Technique to Build the Secret Data D from the Provided `k` Shared
Pieces
[0058] Step 1: The shared data received from any `k` users
{U.sub.1, U.sub.2, . . . U.sub.k} is represented as {RD.sub.1,
RD.sub.2, . . . RD.sub.k}.
[0059] Step 2: This step is applied for every user, i.e., for every
U.sub.i of the above users set such that 1<=i<=k. Say CP, is
the co-prime set used for the user U.sub.i and
CP.sub.i={CP.sub.(i,1), CP.sub.(i,2), . . . CP.sub.(i,2m)} where 2
m=2*(n-k+1). (There is no need to remember that this is the set
used for a particular user. This can actually be incorporated into
the set of CRT equations in the same way as it is done to find the
validity of a response.)
[0060] Find the set of primes P.sub.i that are generated randomly
in the Step 1 and the set D.sub.i that are generated in the Step 2
of the previous algorithm as follows:
D.sub.[(i+j-2)modn+1]=RD.sub.i mod CP.sub.(i,j)
P.sub.[(i+j-2)modn+1]=RD.sub.i mod CP.sub.(i,j+m)
[0061] where j takes values from 1 to m.
[0062] After applying this step for all the users, the complete set
of primes P, and the set D.sub.i that are used in previous
algorithm are obtained.
[0063] If the number of shares provided to this algorithm is less
than `k`, it does not provide the complete set of primes P, and the
set D. If the number of shares provided to this algorithm is `r`
which is less than `n`, then, only a partial set of primes P, and
the set D.sub.i of size (r+n-k) are obtained. So, knowledge of any
(k-1) or less shares does not allow one to compute the secret `D`
and so one cannot proceed with the step 3.
[0064] Step 3: On obtaining the P.sub.i and D.sub.i, each of size
n, form the set of equations as follows:
D.ident.D.sub.i mod P.sub.i for 1<=i<=n
[0065] Solve the above set of equations using CRT for the secret
`D`, and thus, the desired shared secret data obtained.
[0066] FIG. 3 is a diagram of a secret validation and sharing
system 300, according to an example embodiment. The secret
validation and sharing system 300 is implemented in a
machine-accessible and readable medium as instructions that process
on one or more machines. Moreover, the secret validation and
sharing system 300 is operational over a network. The network may
be wired, wireless, or a combination of wired and wireless. In an
embodiment, the secret validation and sharing system 300
implements, among other things, the methods 100 and 200 of the
FIGS. 1 and 2, respectively.
[0067] The secret validation and sharing system 300 includes a key
dividing service 301 and a key validation service 302. Each of
these will now be discussed in turn.
[0068] The key dividing service 301 is implemented in a
computer-readable storage medium as instructions that process on a
machine (processor and memory enabled device, such as a computer).
Example processing associated with the key dividing service 301 was
presented in detail above with reference to the method 100 of the
FIG. 1.
[0069] The key dividing service 301 splits a shared key into
shares. Each share corresponds to a particular user and a total
number of shares is equal to a total number of users. The key
dividing service 301 supplies a unique value to each of the users
to represent each user's share of the shared key. So, the users
hold a token representation of a piece of the key and it is really
not a subset of the key, such that the users could not get together
and collaborate in an attempt to reformulate the key, since all the
users possess just a representative value that is meaningless
outside the context of the key dividing service 301 and the key
validation service 302.
[0070] In an embodiment, the key dividing service 301 processes a
CRT algorithm to produce each unique value for each user. The CRT
algorithm produces three equations. The first equation provides a
particular share of the shared key for a particular user. The
second equation provides a pairwise co-prime that when used as a
divisor to the shared key produces the particular share of the
shared key that is associated with the particular user. The third
equation provides a control value that validates each unique value
supplied to each user to ensure that no changes have occurred to
the unique value. The details of these equations were presented in
detail above with reference to the method 100 and the FIG. 1.
[0071] The key validation service 302 is implemented in a
computer-readable storage medium as instructions that process on
the same machine as the key dividing service 301 or that process on
a different machine of the network. Example processing associated
with the key validation service 302 was presented in detail above
with reference to the method 200 and the FIG. 2.
[0072] The key validation service 302 validates each unique value
presented by each user and reconstructs each share of the shared
key from each unique value. Also, the key validation service 302
reproduces the shared key when a configurable number of shares (K)
is successfully reconstructed and validated.
[0073] According to an embodiment, the key validation service 302
processes a CRT algorithm to validate each unique value and to
reconstruct each share of the shared key. Again, the details of
this were presented above with reference to the method 200 of the
FIG. 2.
[0074] Moreover, the key validation service 302 is configured such
that it is unable to reconstruct the shared key when less than the
total number of shares is received for processing. So, each share
of the shared key has to be validated and presented to the key
validation service 302 before the shared key is reproduced and
delivered.
[0075] In an embodiment, the key validation service 302 completely
reconstructs the shared secret for each unique value but that
shared secret is not supplied to a requestor unless the total
number of unique values are received representing the total number
of shares and that shared secret is not supplied to the requestor
unless each and every share is validated via its unique value
supplied by its user.
[0076] FIG. 4 is a diagram of another secret validation and sharing
system 400, according to an example embodiment. The secret
validation and sharing system 400 is implemented in a
machine-accessible and computer-readable storage medium and is
processed on machines by services of a network. The network may be
wired, wireless, or a combination of wired and wireless.
[0077] The secret validation and sharing system 400 includes a
secret divider 401 and a secret builder 402. Each of these and
their interactions with one another will now be discussed in
turn.
[0078] The secret divider 401 is implemented as instructions on a
computer-readable storage medium and the instructions are processed
on a machine, such as a computer. The processing associated with
the secret divider 401 was presented above with reference to the
method 100 of the FIG. 1 and with reference to the system 300 of
the FIG. 3.
[0079] The secret divider 401 divides a secret into portions. Each
portion corresponds to a user and each portion is represented by
the secret divider 401 as a unique value. Each unique value is
supplied to a particular one of the users.
[0080] The secret builder 402 is implemented as instructions on a
computer-readable storage medium and processes on the same machine
as the secret divider 401 or on an entirely different machine of
the network from that which is associated with the secret divider
401. Processing associated with the secret builder 402 was
presented in detail above with reference to the method 200 of the
FIG. 2 and with reference to the system 300 of the FIG. 3.
[0081] The secret builder 402 receives each unique value
(distributed by the secret divider 401 to particular users) and
recreates each portion of the shared secret that corresponds to
that particular unique value. When the secret builder 402 receives
all portions of the shared secret (via the unique values from the
users) and when all portions are validated, the secret builder 402
reproduces the secret.
[0082] According to an embodiment, both the secret divider 401 and
the secret builder 402 process a CRT algorithm to divide, validate,
and reproduce/redeliver the shared secret. To do this, the secret
divider 401 and the secret builder 402 maintain and manage two sets
of pairwise co-prime numbers with the CRT algorithm for use in
dividing, validating, and reproducing/redelivering the shared
secret. These sets of pairwise co-primes were described and
presented in detail above with reference to the illustrations that
followed the discussions of the FIGS. 1 and 2.
[0083] In some cases, at least one of the two sets of pairwise
co-prime numbers are randomly generated as part of a configuration
associated with configuring the secret divider 401 and the secret
builder 402.
[0084] It is now appreciated how key splitting can occur in a more
secure manner using single distributed values that can be used to
perform validation and reformation of the key pieces and can be
used to reform the shared key. In some specific cases this is
beneficially achieved using CRT-based algorithms.
[0085] The above description is illustrative, and not restrictive.
Many other embodiments will be apparent to those of skill in the
art upon reviewing the above description. The scope of embodiments
should therefore be determined with reference to the appended
claims, along with the full scope of equivalents to which such
claims are entitled.
[0086] The Abstract is provided to comply with 37 C.F.R.
.sctn.1.72(b) and will allow the reader to quickly ascertain the
nature and gist of the technical disclosure. It is submitted with
the understanding that it will not be used to interpret or limit
the scope or meaning of the claims.
[0087] In the foregoing description of the embodiments, various
features are grouped together in a single embodiment for the
purpose of streamlining the disclosure. This method of disclosure
is not to be interpreted as reflecting that the claimed embodiments
have more features than are expressly recited in each claim.
Rather, as the following claims reflect, inventive subject matter
lies in less than all features of a single disclosed embodiment.
Thus the following claims are hereby incorporated into the
Description of the Embodiments, with each claim standing on its own
as a separate exemplary embodiment.
* * * * *