Secure manifold loss prevention of cryptographic keys for block-chain-based systems associated with wallet management systems Storage and transmission

摘要

The present invention provides a computer-implemented solution for controlling access to computer-related resources such as, for example, digital wallets. In one or more embodiments, the wallet may be implemented using a block chain, such as a bit coin block chain, but the invention is not so limited. Using the present invention during initial set-up of a wallet, subsequent tasks such as wallet transactions can be handled in a secure manner on unsecured channels such as the Internet. A method according to an embodiment of the present invention includes dividing a verification element (such as a private key of an asymmetric cipher pair) into a plurality of shares; Determining a common secret at two or more nodes in the network; And transmitting at least one share of the verification element between the two or more nodes using the common secret. SHARE can itself be split so that it is not enough to derive the verification factor. That is, no one can enforce key security because one party does not store the entire private key. To restore a key, you need two or more shares. Shares are stored in a separate location, one of which is an independent backup or secure storage location. If one of the other shares becomes unavailable, you can still retrieve the key from the backup and continue to access that key (and thus the controlled resource). To ensure secure transmission of the share (s), the common secret is generated independently of each other at two different nodes and then used to generate the encryption key. The encryption key may be used to encrypt at least one share of the verification element or a message containing it to ensure that the share is securely transmitted.