| CPC H04L 9/3236 (2013.01) [H04L 9/0643 (2013.01); H04L 9/0656 (2013.01); H04L 9/0877 (2013.01)] | 11 Claims |
|
1. A method, comprising:
storing at least one of cryptographic secret of at least two cryptographic secrets in a read-protected manner in at least one secure system; and
checking the at least two cryptographic secrets for equality,
wherein the at least one secure system has a cryptographic hash value interface,
wherein the checking of the at least two cryptographic secrets involves outputting, via the cryptographic hash value interface 1) a hash value of the at least one cryptographic secrets provided with a salt for comparison with a corresponding hash value of another one of the at least two cryptographic secrets provided, or 2) a hash value of a salt for comparison with the hash value of the salt,
wherein the salt is a multi-part salt, wherein a salt portion is self-determined by the at least one secure system and other salt portions are transmitted to the secure system and
wherein when checking several cryptographic secrets stored in different secure systems for equality, the method further comprises
in a first secure system, the self-determined salt portion is requested, after which the self-determined salt portion is transmitted to a further secure system,
the further secure system transmits its self-determined salt portion together with a hash value of its cryptographic secret and the two salt portions,
wherein the self-determined salt portion of the further secure system is reported back to the first secure system as an externally determined salt portion, wherein the first secure system determines a hash value from its cryptographic secret and the two salt portions, after which the respective hash values of the cryptographic secrets and the two salt portions transmitted by the first and further secure systems for checking are compared.
|