Abstract: The subject matter discloses a computerized system for securing data, comprising a first node, comprising a first memory storage configured to store a first share of a cryptographic key and a communication module, a second node, in communication with the first node, comprising a second memory storage configured to store a second share of the cryptographic key, wherein the first share and the second share of the cryptographic key are required to perform a cryptographic operation using a multi-party computation (MPC) process, wherein the second node further comprises a control unit configured to change an operation mode of the second share from enable to disable, wherein the disable operation mode prevents performing the cryptographic operation using the MPC process.

Abstract: The present invention disclosed a method operable on a multiparty signing system for performing a multiparty signing act on a digital content. The multiparty signing system disclosed in the present invention comprises at least two multiparty signing servers configured with methods to perform the multiparty signing act of a digital content to sign. The multiparty signing system can be configured to perform the multiparty signing act by a private signing key split to at least two key shares, wherein each key share is held by each of the at least two multiparty signing servers. The multiparty signing system is also configured to communicate with at least one computerized node employed to conduct an approval process for approving the multiparty signing act. The approval process can be configured to conduct the approval process by employing a secure multiparty computation, wherein the approval process is configured to utilize secret shares held by the at least one computerized node.

Abstract: The claimed subject matter discloses system for securing a process of manufacturing an article, comprising a facility security node located in a manufacturing facility where the article is manufactured, a security server located remotely from the manufacturing facility, said security server communicates with the facility security node and comprises a key generation module configured to generate a certificate authority (CA) private key in a split manner, one share of the CA private key is stored at the security server and another share of the CA private key is stored at the manufacturing facility. The server also comprises a server Multi-Party Computation (MPC) module configured to perform an MPC process with an article MPC module stored at the article, the output of the MPC process is signing the certificate without reconstructing the entire CA private key.

Abstract: The present invention disclosed a method operable on a multiparty signing system for performing a multiparty signing act on a digital content. The multiparty signing system disclosed in the present invention comprises at least two multiparty signing servers configured with methods to perform the multiparty signing act of a digital content to sign. The multiparty signing system can be configured to perform the multiparty signing act by a private signing key split to at least two key shares, wherein each key share is held by each of the at least two multiparty signing servers. The multiparty signing system is also configured to communicate with at least one computerized node employed to conduct an approval process for approving the multiparty signing act. The approval process can be configured to conduct the approval process by employing a secure multiparty computation, wherein the approval process is configured to utilize secret shares held by the at least one computerized node.

Abstract: The subject matter discloses a method for securing personal information, comprising securing the personal information stored on a data server using a cryptographic secret, said cryptographic secret is unique to a user, storing a first share of the cryptographic secret on a secret storage server communicating with the data server and a second share of the cryptographic secret on a computerized device controlled by the user, detecting a request from the data server to perform an action on the personal information, transmitting the request to the computerized device controlled by the user to use the second share of the cryptographic secret to decrypt the personal information, decrypting the personal information using the first share and the second share, without storing both the first share and the second share in a single device concurrently and performing the action on the personal information on the data server.

Abstract: The subject matter discloses a method for securing personal information, comprising securing the personal information stored on a data server using a cryptographic secret, said cryptographic secret is unique to a user, storing a first share of the cryptographic secret on a secret storage server communicating with the data server and a second share of the cryptographic secret on a computerized device controlled by the user, detecting a request from the data server to perform an action on the personal information, transmitting the request to the computerized device controlled by the user to use the second share of the cryptographic secret to decrypt the personal information, decrypting the personal information using the first share and the second share, without storing both the first share and the second share in a single device concurrently and performing the action on the personal information on the data server

Abstract: The subject matter discloses a method for providing identity to a software module, comprising splitting a secret key using a split multi-party computation (MPC) process between the software module and a security server and storing one share of the secret key in the software module and another share of the secret in the security server, the security server receiving a request from the software module to access a resource, in response to the request, the security server encrypts a message, said encrypted message is obtained by the software module, the software module initiates a decryption multi-party computation (MPC) process to decrypt the message encrypted by the security server using according to the shares of the secret key, the security server receives the decrypted secret and the public key and the security server signs a certificate associated with the requested resource and the software module and sends the certificate to the software module.

Abstract: The subject matter discloses a computerized system for securing data, comprising a first node, comprising a first memory storage configured to store a first share of a cryptographic key and a communication module, a second node, in communication with the first node, comprising a second memory storage configured to store a second share of the cryptographic key, wherein the first share and the second share of the cryptographic key are required to perform a cryptographic operation using a multi-party computation (MPC) process, wherein the second node further comprises a control unit configured to change an operation mode of the second share from enable to disable, wherein the disable operation mode prevents performing the cryptographic operation using the MPC process.