Certify and split system and method for replacing cryptographic keys

摘要

A feature is provided that facilitates securely creating and/or replacing cryptographic keys. A first key pair is created comprising first private key and first public key. A second (spare) key pair is created comprising second private key and second public key. The second key pair is associated with the first private key. The second key pair is divided into shares and distributed to at least two shareholders. When the first key pair is to be replace, the second key pair is recreated and authenticated with at least a portion of the distributed shares. A trust level is associated with the second key pair corresponding to a trust level of the first key pair. The first key pair may be invalidated upon authentication of the second key pair. Further configurations provide for the creation of additional spare key pairs.

主权项

1. A method operational on a token device for replacing asymmetric cryptographic keys, comprising:
generating at the token device a pseudorandom first key pair that comprises a first private key and a corresponding first public key; storing the first private key in a storage device of the token device; generating at the token device a pseudorandom spare second key pair that comprises a second private key and a second public key, signing the second public key with the first private key stored in the storage device to obtain a signed certificate adapted to authenticate the second public key when the first public key is replaced with the second public key; dividing the second key pair and signed certificate into n shares, where n is an integer; and distributing the n shares to at least two shareholders for safekeeping.