ATTRIBUTE BASED ENCRYPTION USING LATTICES
First Claim
1. A computer implemented method of transmitting data using a computer with a processor, comprising:
- receiving, with the processor, a set of attributes S in an access structure A, a master public key that includes a lattice B generated for the set of attributes S and a vector y generated for the set of attributes S, as well as a master secret key that includes a trapdoor lattice T generated for the set of attributes, wherein the access structure identifies a type of information that can be decrypted by an entity having the set of attributes S in the access structure A;
generating, with the processor, a user secret key for the set of attributes S in the access structure A, the user secret key comprising a vector e that satisfies a reconstruction function for B, given y; and
outputting, with the processor, the user secret key for use in decrypting a message m encrypted, using the master public key, to the set of attributes S in the access structure A.
2 Assignments
0 Petitions
Accused Products
Abstract
A master public key is generated as a first set of lattices based on a set of attributes, along with a random vector. A master secret key is generated as a set of trap door lattices corresponding to the first set of lattices. A user secret key is generated for a user'"'"'s particular set of attributes using the master secret key. The user secret key is a set of values in a vector that are chosen to satisfy a reconstruction function for reconstructing the random vector using the first set of lattices. Information is encrypted to a given set of attributes using the user secret key, the given set of attributes and the user secret key. The information is decrypted by a second user having the given set of attributes using the second user'"'"'s secret key.
-
Citations
18 Claims
-
1. A computer implemented method of transmitting data using a computer with a processor, comprising:
-
receiving, with the processor, a set of attributes S in an access structure A, a master public key that includes a lattice B generated for the set of attributes S and a vector y generated for the set of attributes S, as well as a master secret key that includes a trapdoor lattice T generated for the set of attributes, wherein the access structure identifies a type of information that can be decrypted by an entity having the set of attributes S in the access structure A; generating, with the processor, a user secret key for the set of attributes S in the access structure A, the user secret key comprising a vector e that satisfies a reconstruction function for B, given y; and outputting, with the processor, the user secret key for use in decrypting a message m encrypted, using the master public key, to the set of attributes S in the access structure A. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for performing attribute based encryption of information, comprising:
-
a setup component that receives a set of allowed attributes to which the information can be encrypted and, for each attribute in the set of allowed attributes, generates a lattice B and a trap door lattice T as well as a random vector y, and outputs the lattice B and vector y as a master public key and maintains the trap door lattice as a master secret key; a key generator component that receives a set of user attributes that corresponds to a user, in an access structure, the access structure identifying a type of information the user can decrypt, the key generator secret sharing the vector y with the user and generating a user secret key for the access structure and the set of user attributes, based on the master public key and the master secret key, the user secret key including a set of values in a vector e that satisfies a reconstruction function for reconstructing y, given lattice B, the user secret key being output for encrypting messages; and a computer processor, being a functional part of the system, and activated by the setup component and the key generator component to facilitate outputting the master public key and the user secret key. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for performing attribute based decryption, comprising:
-
a decryption component that receives a user secret key, a ciphertext and a value c and performs decryption on the ciphertext to obtain a message m, the value c being a multiplication of a first random vector s chosen during encryption for each attribute in a subset of attributes to which m is encrypted and a lattice B generated for each of the subset of attributes to which m is encrypted, and the ciphertext being an inner product of the first random vector s and a second random vector y plus the message m, the second random vector y and the lattice B being generated as a master public key for each of the attributes in the subset of attributes, the user secret key including a set of values for a vector e that satisfies a reconstruction function for reconstructing y, given B; a computer processor being a functional part of the system and activated by the decryption component to facilitate decryption to obtain the message m. - View Dependent Claims (16, 17, 18)
-
Specification