METHOD AND APPARATUS FOR KEY REVOCATION IN AN ATTRIBUTE-BASED ENCRYPTION SCHEME
First Claim
1. A method for attribute revocation in an attribute-based encryption system, the method comprising the steps of:
- receiving a revocation request for a particular attribute;
updating an attribute string used for key creation in an attribute-based encryption for the particular attribute; and
providing the updated attribute string to an authorized system participant using the attribute-based encryption system.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for key revocation in an attribute-based encryption scheme is provided herein. Prior to operation, a key management service performs a randomized setup algorithm resulting in the generation of public parameters and the key management service'"'"'s master secret, MK. During operation, the key management service is provided with verified user attribute information. The key management service creates keys for users based on their list of attributes. The keys can then be used to decode appropriate ciphertext. During the key creation, each attribute is associated with a particular text string. As attributes are revoked, the text string is updated.
38 Citations
19 Claims
-
1. A method for attribute revocation in an attribute-based encryption system, the method comprising the steps of:
-
receiving a revocation request for a particular attribute; updating an attribute string used for key creation in an attribute-based encryption for the particular attribute; and providing the updated attribute string to an authorized system participant using the attribute-based encryption system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
logic circuitry receiving a revocation request for a particular attribute, updating an attribute string used for key creation in an attribute-based encryption, and the logic circuitry providing the updated attribute string to an authorized system participant; and a data store coupled to the logic circuitry for storing the updated attribute string. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for managing attribute revocation in an attribute-based encryption scheme, the system comprising:
-
an attribute authority responsible for maintaining a list of valid and revoked attribute strings and making that list available to an authorized system participant, wherein the attribute authority updates the attribute string used for a revoked attribute; and an encryption agent obtaining the attribute string used for the revoked attribute and using the attribute string when encrypting the data. - View Dependent Claims (18, 19)
-
Specification