DISTRIBUTED SIGNING SYSTEM
A system and method for signing or encrypting data is disclosed. The method comprises providing, from a first device, data signing information for storage in a first database, the data signing information having at least one key comprising a signing key Ks, wherein the signing key Ks is encrypted ac...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | A system and method for signing or encrypting data is disclosed. The method comprises providing, from a first device, data signing information for storage in a first database, the data signing information having at least one key comprising a signing key Ks, wherein the signing key Ks is encrypted according to a wrapping key Kw before storage in the first database; receiving a data signing request comprising a representation of the data; retrieving, in a second device communicatively coupled to an hardware security module (HSM) storing the wrapping key Kw, the stored data signing information from a second database, wherein at least a portion of the second database including the stored signing information is pushed from the first database to the second database; decrypting, in the HSM, the encrypted signing key according to the wrapping key Kw stored in the HSM to recover the signing key Ks; and signing the representation of the data according to the recovered signing key. |
|---|