Identity-based-encryption system with hidden public key attributes
First Claim
1. A method for using multi-layer identity-based encryption (IBE) to securely convey a message containing message data over a communications network from a sender to a recipient, comprising:
- at the sender, encrypting the message using at least two layers of IBE encryption by using an inner layer of message encryption having an associated inner-layer IBE public key to encrypt the message data and by using an outer layer of message encryption having an associated outer-layer IBE public key to encrypt the inner-layer IBE public key;
sending the encrypted message to the recipient; and
at the recipient, decrypting the encrypted message using an outer-layer IBE private key corresponding to the outer-layer IBE public key and using an inner-layer IBE private key corresponding to the inner layer IBE public key.
17 Assignments
0 Petitions
Accused Products
Abstract
A system is provided that uses identity-based encryption (IBE) to allow a sender to securely convey information in a message to a recipient over a communications network. IBE public key information may be used to encrypt messages and corresponding IBE private key information may be used to decrypt messages. Information on which IBE public key information was used in encrypting a given message may be provided to the message recipient with the message. Multiple IBE public keys may be used to encrypt a single message. A less sensitive IBE public key may be used to encrypt a more sensitive public key, so that the more sensitive public key can remain hidden as it is sent to the recipient.
-
Citations
28 Claims
-
1. A method for using multi-layer identity-based encryption (IBE) to securely convey a message containing message data over a communications network from a sender to a recipient, comprising:
-
at the sender, encrypting the message using at least two layers of IBE encryption by using an inner layer of message encryption having an associated inner-layer IBE public key to encrypt the message data and by using an outer layer of message encryption having an associated outer-layer IBE public key to encrypt the inner-layer IBE public key; sending the encrypted message to the recipient; and at the recipient, decrypting the encrypted message using an outer-layer IBE private key corresponding to the outer-layer IBE public key and using an inner-layer IBE private key corresponding to the inner layer IBE public key. - View Dependent Claims (2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
3. A method for using multi-layer identity-based encryption (IBE) to securely convey a message containing message data over a communications network from a sender to a recipient, comprising:
-
at the sender, encrypting the message using at least two layers of IBE encryption by using an inner layer of message encryption having an associated inner-layer IBE public key to encrypt the message data and by using an outer layer of message encryption having an associated outer-layer IBE public key to encrypt the inner-layer IBE public key; sending the encrypted message to the recipient; and at the recipient, decrypting the encrypted message using an outer-layer IBE private key corresponding to the outer-layer IBE public key and using an inner-layer IBE private key corresponding to the inner layer IBE public key, wherein using the outer layer of message encryption to encrypt the inner-layer IBE public key comprises encrypting the inner-layer IBE public key with a symmetric key and encrypting the symmetric key with the outer-layer IBE public key. - View Dependent Claims (4)
-
-
21. A method for using identity-based-encryption (IBE) to securely convey a message having message data M from a sender to a recipient over a communications network, comprising:
-
encrypting the message by performing at least an inner layer of IBE encryption and an outer layer of IBE encryption at the sender, wherein; performing the inner layer of IBE encryption includes encrypting the message data M using a symmetric key S to produce encrypted message data Ms and encrypting the symmetric key S using an IBE public key QG associated with the inner layer of IBE encryption to produce an IBE-encrypted symmetric message key SQG, and performing the outer layer of IBE encryption includes using a layer of message encryption having an associated IBE public key QL to encrypt the IBE public key QG, wherein the IBE public key QL is less sensitive than the IBE public key QG; and sending at least the encrypted message data MS, the IBE-encrypted symmetric message key SQG, and an encrypted version of the IBE public key QG to the recipient. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
Specification