A key component that allows an assembly with a subset of the key component to decrypt the encrypted key, which is used to encrypt the key, the division of the encrypted key and the encryption key.

摘要

The system includes processor(s) and memory(s). When the encryption key(s) need to be generated to encrypt the key, the processor(s) securely generate the encryption key(s); Encrypt the key using the encryption key(s) to generate the encrypted key; Partitioning the encrypted key and encryption key(s) into a set(s) of key components-a subset of key components being used to reconstruct the encrypted key; And securely delete the key from the memory(s). When the encryption key(s) need to be used, the processor(s) is from the encrypted key and the subset(s) of users used to reconstruct the encryption key(s) used to securely decrypt the key from the encrypted key. Receive the set(s) of key components; When the set(s) of key components are received from the encrypted key and the subset(s) of users used to reconstruct the encrypted key(s), securely reconstruct the encrypted key and the encryption key(s); And when both the encrypted key and the encryption key(s) are reconstructed, the encrypted key(s) is used to securely decrypt the encrypted key with the key.