System, Apparatus and Method for Decentralizing Attribute-Based Encryption Information
First Claim
Patent Images
1. A method comprising:
- receiving a first authority parameter from a first authority;
receiving a second authority parameter from a second authority;
generating a policy based on the first authority parameter and the second authority parameter, wherein the policy comprises a flexible access control structure; and
constructing a ciphertext based on the policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for secure transmission of a message encrypted under an attribute based encryption scheme is provided. A first and a second authority parameter may be received from one or more authorities. A policy is generated based on the parameters. The generated policy comprises a flexible access control structure. A ciphertext is constructed based on the policy. To decrypt the ciphertext, key components are received from one or more authorities, the key components associated with a decryptor identifier. A decryption key is generated based on the policy and the key components. A plaintext is generated by decrypting the ciphertext.
61 Citations
24 Claims
-
1. A method comprising:
-
receiving a first authority parameter from a first authority; receiving a second authority parameter from a second authority; generating a policy based on the first authority parameter and the second authority parameter, wherein the policy comprises a flexible access control structure; and constructing a ciphertext based on the policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 22)
-
-
10. A method comprising:
-
receiving a ciphertext comprising a policy; transmitting a request to a first authority, the request comprising a first attribute identifier and a first decryptor identifier; receiving a first key from the first authority in response to the request to the first authority; transmitting a request to a second authority, the request comprising a second attribute identifier and a second decryptor identifier; receiving a second key from the second authority in response to the request to the second authority; generating a decryption key based on the policy, the first key and the second key; and decrypting the ciphertext with the decryption key. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A method comprising:
-
receiving a ciphertext comprising a policy; transmitting a request to a first authority, the request comprising an identifier; receiving a first certificate from the first authority in response to the request to the first authority; transmitting a request to a second authority, the request comprising the identifier; receiving a second certificate from the second authority in response to the request to the second authority; transmitting the first certificate and the second certificate to a third authority; receiving a decryption key in response to the first certificate and the second certificate; and decrypting the ciphertext using the decryption key.
-
-
19. An encryption method comprising
receiving a first authority parameter from a first authority; -
receiving a second authority parameter from a second authority; generating a message; generating a policy; constructing a first ciphertext component based on the policy, the message, and the first authority parameter, wherein the first ciphertext component comprises a first confounding factor; and constructing a second ciphertext component based on the policy, the message, and the second authority parameter, wherein the second ciphertext component comprises a second confounding factor. - View Dependent Claims (20, 21, 23, 24)
-
Specification