Identity-based-encryption system with district policy information
First Claim
1. A method for controlling communications in an identity-based encryption (IBE) system in which a message encrypted using an IBE public key of a recipient is to be sent over a communications network from a sender to the recipient, wherein the recipient is in a district associated with an IBE private key generator from which the recipient obtains an IBE private key for decrypting the message encrypted with the IBE public key, comprising:
- at the IBE private key generator, providing district policy information to the sender over the communications network; and
at the sender, using the district policy information in sending the message to the recipient.
11 Assignments
0 Petitions
Accused Products
Abstract
A system is provided that uses identity-based encryption (IBE) to allow a sender to securely convey information in a message to a recipient over a communications network. IBE public key information may be used to encrypt messages and corresponding IBE private key information may be used to decrypt messages. The IBE private keys may be provided to message recipients by an IBE private key generator. The IBE private key generator and the recipients who obtain their IBE private keys from that generator form a district. District policy information may be provided by the IBE private key generator that specifies which encryption and communications protocols are used by the district. The district policy information may also specify which authentication protocols are used by the district and may set forth how content-based protocols are implemented. This information may be used by senders in sending messages to recipients.
-
Citations
28 Claims
-
1. A method for controlling communications in an identity-based encryption (IBE) system in which a message encrypted using an IBE public key of a recipient is to be sent over a communications network from a sender to the recipient, wherein the recipient is in a district associated with an IBE private key generator from which the recipient obtains an IBE private key for decrypting the message encrypted with the IBE public key, comprising:
-
at the IBE private key generator, providing district policy information to the sender over the communications network; and
at the sender, using the district policy information in sending the message to the recipient. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for controlling communications in an identity-based encryption (IBE) system in which a message encrypted using an IBE public key of a recipient is to be sent over a communications network from a sender to the recipient, wherein the recipient is in a district associated with an IBE private key generator from which the recipient obtains an IBE private key for decrypting the message encrypted with the IBE public key, comprising:
-
at the sender, receiving district policy information for the district; and
at the sender, using the district policy information to determine whether to send the message to the recipient in the district. - View Dependent Claims (22, 23, 24)
-
-
25. A method for controlling communications in an identity-based encryption (IBE) system in which a message encrypted using an IBE public key of a recipient is to be sent over a communications network from a sender to the recipient, wherein the recipient is in a district associated with an IBE private key generator from which the recipient obtains an IBE private key for decrypting the message encrypted with the IBE public key, comprising:
-
at the sender, receiving district policy information for the district; and
at the sender, using the district policy information to determine how to send the message to the recipient in the district. - View Dependent Claims (26, 27, 28)
-
Specification