| CPC H04L 9/3247 (2013.01) | 4 Claims |
|
1. A multi-signature security account control system comprising:
an offline hardware security module (HSM) configured to generate a private key and a public key offline for a second participating account of a multi-signature security account in which at least three participating accounts have management authority;
wherein the participating accounts comprise a first participating account corresponding to a user terminal, a second participating account corresponding to an HSM management server, and a third participating account corresponding to an exchange server,
wherein the HSM management server is configured to receive the generated private key and public key from the offline HSM, store the private key in the database, generate a key encryption key (KeK) and a data key (DK), encrypt the data key using the KeK, and store the same in the database, and output signature information encrypted using the data key,
wherein the database is configured to store the private key, the KeK, and the data key (DK),
wherein the HSM management server configures a multi-signature security account in which the second participating account, the first participating account of the user terminal, and the third participating account of the exchange server have management authority, and determines the shares of the multi-signature security account through weights held by the participating subjects, and
wherein the HSM management server controls management authority for a certain account through authentication of multi-signature information where a sum of the shares allocated to the first to third participating accounts exceeds a predetermined reference value.
|