Threshold Cryptography With MPC

Sepior is pioneering the productization of threshold cryptography with multiparty computation (MPC) to provide sustainably secure solutions which do not rely on any trusted third party to secure rapidly evolving online data and services. Sepior's world-renowned experts in cryptography have invented the essential protocols required for a practical implementation of threshold cryptography to provide virtualized key management systems which maintain security even when the harsh realities of real-world operations occur.

Sepior’s Threshold cryptography schemes use MPC to enable secure modes of operation even when one or possibly more participating systems become corrupted or otherwise unavailable. This is a very important differentiator from conventional cryptography models which assume an ideal world where all systems are available and their security has not been compromised.

Effective implementations of threshold cryptography provide the enhancement of a variety of security properties, such as confidentiality, integrity, and availability. These properties contribute to enabling a better and more compelling form of key management solutions.


Secret Sharing + Threshold = Greater Security

Secret sharing is a fundamental technique used in cryptography. It enables a secret, such as an encryption key used to sign-off or otherwise approve a transaction, to be split into multiple (n) shares which are distributed across multiple parties. This reduces the potential for a key to be stolen when one of the parties becomes compromised.

Verifiable secret sharing also enables the detection of misuse or corruption by a shareholder. The corruption of a single share could potentially affect the integrity of a recombined key. Sepior’s secret sharing model allows for the generation of a new share to replace any share, without having to create a new key and distribute new shares to all parties. This enables maximum system integrity and availability with operational simplicity.

With conventional cryptography models, all of the shares must be recombined to recreate a whole key which can then be used by for cryptographic functions. If one or more shares is unavailable, the key cannot be recreated from the partial shares and transaction approvals may become delayed or prevented. When all shares are recombined to form a whole key which is stored on a device, the key then becomes at risk to be copied or stolen.

Sepior’s threshold model provides the ability to reconstruct lost or corrupted key shares from a threshold (t) number of shares, but not from fewer than t shares. This approach protects the secrecy and the availability of the key, even if one or multiple parties with key shares become compromised, as long as fewer than n-t systems are affected. This results in increased integrity and availability of key management for increased security.

However, secrets and thresholds alone do not mitigate the risks of key theft when a whole key is recreated.


Threshold Cryptography With MPC Can Eliminate the Risk of Key Theft

Threshold cryptography using MPC can compute a particular result, such as the code used to encrypt or decrypt data by requiring just t of n shares, without having to reveal the secret shares between any of the parties. Threshold cryptography with MPC can use mathematical techniques to achieve NIST-approved algorithms such as RSA and DSA signatures, and AES enciphering and deciphering, without ever creating a conventional whole key. Eliminating the creation of a whole key on any physical or virtual machine, at any time, effectively eliminates the conventional risks of key theft from those devices.

Sepior’s implementations of threshold cryptography incorporate secret sharing, thresholds, and MPC to provide industry leading key management solutions that operate in completely virtualized environments, in concert with any physical or virtual client devices.


Distributed Threshold Security Module (TSM)

Enterprise grade key generation and management are historically provided using a hardware security module (HSM). In this scenario, keys are generated by and stored in an HSM appliance, which is maintained in a physically secured environment. Documents may be sent to the HSM for stream cipher operations such as encryption, decryption, and re-encryption in the physically secured environment. Alternatively, the HSM may generate keys derived from locally stored master keys, which are distributed to trusted end users to conduct cipher operations on their computers. This classic HSM model is expensive, but established and effective for many historic use cases. However, the increasingly distributed nature of data storage and the requirement for collaboration across multiple parties, often outside of an organization, renders this model problematic for newer and emerging applications.

Sepior’s patented threshold cryptographic solutions are based on the concept of a fully distributed, Threshold Security Module which might also be thought of as a virtual, distributed HSM. Many vendors offer a virtual HSM, but those are different from Sepior’s dvHSM model using threshold cryptography. A virtual HSM is simply a virtualized replication of a single HSM appliance, providing HSM functionality on a single VM. Virtual HSMs may replace proprietary HSM appliance hardware with a VM running on a dedicated or shared server, but it is operationally similar to a conventional HSM, and subject to the same vulnerabilities and constraints.

Sepior’s patented dvHSM model, using threshold cryptography, takes the concept of a single virtual HSM and then distributes portions of the system functions across multiple independent parties using MPC. Full HSM functionality does not reside on any single device or VM. Instead, the combination of multiple dvHSM instances comprise the full HSM functionality. These dvHSM participating parties may be running in one or multiple clouds, VMs, or in discrete user devices, or a combination thereof. This enables the distribution of HSM like functionality to deeply distributed devices, VMs, or clouds, to address the performance optimization needs of each given use case, without the vulnerability of distributing a full HSM in uncontrolled environments which could be subject to compromise.

This dvHSM functionality may be used to conduct signatures or stream cipher functions such as encrypting data natively on a mobile device without ever creating and possessing a whole key on the device, or it may be used to generate a key which is distributed to the mobile device to encrypt or decrypt a single data object in a blockchain file or a cloud service. This functionality can be implemented in virtually any configuration, across any physical or virtual device instances, to meet the needs of emerging services. Contact Sepior and let us know your requirements.


World Leaders within MPC

Our threshold cryptographic solutions are made possible through the application of multiparty computation (MPC). MPC is a cryptographic technology that allows a number of parties to compute on encrypted data, without sharing the data between parties.

The founders of Sepior have been at the frontier of R&D, implementation and commercial use of MPC for years. Chief cryptographer in Sepior is Professor Ivan B. Damgård, winner of the prestigious RSA Award for Excellence in the Field of Mathematics in 2015 and fellow of the IACR (International Association for Cryptologic Research) since 2010. Similarly, Sepior’s Chief Technology Officer, Jakob Pagter, as well as Ivan and others on the Sepior team were members of one of the first teams to implement MPC in live business operations as part of the Danish Sugar Beet Auctions beginning in 2008.

Since those early days, Sepior has expanded the scope and optimized the performance and scale of MPC as part of our threshold cryptographic solutions.