Secure private key distribution between endpoint instances

Assignee

• International Business Machines Corporation · US

Inventors

• Michael Beck · Lauderdale, US
• Martin Smolny · Hessenhöfe, DE
• Thomas Dürr · Magstadt, DE
• Georg Ochs · Metzingen, DE
• Gerald Francis McBrearty · Austin, US
• Stephen SooHoo · Round Rock, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3073
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.