System and method for transferring the right to decode messages
First Claim
Patent Images
1. A method for encrypting an original message to be passed to a recipient by way of a grantor, the method comprising the steps of:
- obtaining an encrypted message representative of the original message, the encrypted message having been encrypted with a public key corresponding to the grantor according to a public key encryption scheme;
generating a public proxy key based on a private key corresponding to the recipient and on the private key corresponding to said grantor, wherein said grantor'"'"'s private key and said recipient'"'"'s private key are combined, and the combination of the private keys is based on said public key encryption scheme and provides that it is computationally difficult to recover the recipient'"'"'s private key from the public proxy key even with the knowledge of the grantor'"'"'s private key; and
applying the public proxy key to the encrypted message to transform the encrypted message into a transformed message, wherein the transformed message is decryptable by the recipient using information selected from the private key corresponding to the recipient and the available public key information, and wherein the encrypted message remains in an encrypted state while being transformed into the transformed message and is not decrypted to the original message and re-encrypted at any point during the transformation.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods for transferring among key holders in encoding and cryptographic systems the right to decode and decrypt messages in a way that does not explicitly reveal decoding and decrypting keys used and the original messages. Such methods are more secure and more efficient than typical re-encoding and re-encryption schemes, and are useful in developing such applications as document distribution and long-term file protection.
173 Citations
31 Claims
-
1. A method for encrypting an original message to be passed to a recipient by way of a grantor, the method comprising the steps of:
-
obtaining an encrypted message representative of the original message, the encrypted message having been encrypted with a public key corresponding to the grantor according to a public key encryption scheme; generating a public proxy key based on a private key corresponding to the recipient and on the private key corresponding to said grantor, wherein said grantor'"'"'s private key and said recipient'"'"'s private key are combined, and the combination of the private keys is based on said public key encryption scheme and provides that it is computationally difficult to recover the recipient'"'"'s private key from the public proxy key even with the knowledge of the grantor'"'"'s private key; and applying the public proxy key to the encrypted message to transform the encrypted message into a transformed message, wherein the transformed message is decryptable by the recipient using information selected from the private key corresponding to the recipient and the available public key information, and wherein the encrypted message remains in an encrypted state while being transformed into the transformed message and is not decrypted to the original message and re-encrypted at any point during the transformation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 24, 25, 26, 27, 28, 29)
-
-
15. A method for encrypting an original message to be passed to a recipient by way of a grantor, the method comprising the steps of:
-
obtaining an encrypted message representative of the original message, the encrypted message having been encrypted with a public key corresponding to the grantor according to a public key encryption scheme; generating a public proxy key based on a public key corresponding to the recipient and on the private key corresponding to the public key of said grantor, wherein said grantor'"'"'s private key and said recipient'"'"'s public key are combined, and the combination of said grantor'"'"'s private key and said recipient'"'"'s public key is based on said public key encryption scheme; and applying the public proxy key to the encrypted message to transform the encrypted message into a transformed message, wherein the transformed message is decryptable by the recipient using information selected from the private key corresponding to the recipient'"'"'s public key and the available public key information, and wherein the encrypted message remains in an encrypted state while being transformed into the transformed message and is not decrypted to the original message and re-encrypted at any point during the transformation. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 30, 31)
-
Specification