| CPC H04L 9/0825 (2013.01) [H04L 9/0841 (2013.01); H04L 9/085 (2013.01); H04L 9/0894 (2013.01); H04L 9/3213 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01); H04L 2209/46 (2013.01)] | 20 Claims |
|
16. A system, comprising:
a first host computing device having a first processor subsystem and a first memory storing program instructions executable to implement a remote security controller (RSC); and
a second host computing device coupled to the first host computing device over a computer network, the second host computing device having a second processor subsystem and a second memory storing program instructions executable to implement a local security controller (LSC) and a client application;
wherein the client application and the LSC are executable to:
generate a private key via a Multiparty Computation (MPC) process, the private key composed of a first fragment and a second fragment stored by the client application and the LSC, respectively;
generate a CSR that includes:
a public key corresponding to the private key;
a first signature produced by an MPC signature process involving the client application and the LSC using the first and second fragments of the private key; and
a token returned by the LSC in response to a determination that the private key corresponding to the CSR was generated via an MPC process; and
wherein the RSC is executable to:
receive the CSR from the client application; and
issue a certificate to the client application in response to verifying the first signature and the token.
|