Using a second device as a decryption source. Like 2FA but not for authentication
I don't have a completely clear idea about this so apologies if the question is a bit unclear. 2 factor authentication is well known. We see it as involving a second device in order to answer a yes/no question. It is based on the second device being trusted by the requestor. What I'd like is a method to use a second device to decrypt a secret, or provide some indication that a challenge can have a response that is equivalent.
So an example might be a server containing encrypted data and some script invoked that makes a call to another device saying 'decrypt this' which is then used to decrypt the data on the original server. Does this make sense? I've tried thinking about it in terms of the yes/no of authentication, like get the 'yes' it's ok to decrypt back from the second device but the actual decryption secret is on the original server and thus vulnerable to compromise; the second device is not essential as far as I can think it.
Does such an app or service exist to solve this? Do we know if adapting 2FA to provide this has been done or is in fact possible?
Many thanks.
