Method, apparatus, and program product for revealing redacted information

US 7,861,096 B2
Filed: 12/15/2006
Issued: 12/28/2010
Est. Priority Date: 07/12/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A computer controlled method for revealing sensitive information in a selectively encrypted data unit comprising:

accessing said selectively encrypted data unit, comprising an encrypted version of said sensitive information, an attribute vector associated with said encrypted version, and a plurality of auxiliary values computed directly using the attribute vector and a random number, said encrypted version capable of being decrypted into said sensitive information;

accessing a unique capability key, said unique capability key associated with a key descriptor which is determined based at least on part on the attribute vector, said unique capability key responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares;

determining whether said attribute vector is filtered by said key descriptor;

acquiring, responsive to determining, a protection key responsive to said cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key;

decrypting the encrypted version with said protection key to generate said sensitive information; and

presenting said sensitive information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A selectively encrypted data unit includes an encrypted version of sensitive information (capable of being decrypted to reveal the sensitive information), a plurality of auxiliary values, and an attribute vector associated with the encrypted version of the sensitive information. The selectively encrypted data unit and a unique capability key are accessed. The unique capability key is associated with a key descriptor and is responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares of a master secret. Next the technology determines whether the attribute vector is filtered or enabled by the key descriptor. If so, a protection key is acquired that is responsive to the one or more cryptosystem parameters, the plurality of auxiliary values, the key descriptor and the unique capability key. Once acquired, the protection key is used to decrypt the encrypted version to generate the sensitive information which is presented.

34 Citations

View as Search Results

33 Claims

1. A computer controlled method for revealing sensitive information in a selectively encrypted data unit comprising:
- accessing said selectively encrypted data unit, comprising an encrypted version of said sensitive information, an attribute vector associated with said encrypted version, and a plurality of auxiliary values computed directly using the attribute vector and a random number, said encrypted version capable of being decrypted into said sensitive information;
  
  accessing a unique capability key, said unique capability key associated with a key descriptor which is determined based at least on part on the attribute vector, said unique capability key responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares;
  
  determining whether said attribute vector is filtered by said key descriptor;
  
  acquiring, responsive to determining, a protection key responsive to said cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key;
  
  decrypting the encrypted version with said protection key to generate said sensitive information; and
  
  presenting said sensitive information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 32, 33)
- - 2. The computer controlled method of claim 1, wherein said one or more shares are of a master secret.
  - 3. The computer controlled method of claim 1, wherein said one or more shares are responsive to a polynomial, a master secret, and a specified user.
  - 4. The computer controlled method of claim 1, wherein said selectively encrypted data unit is one of a collection of data units, and said attribute vector is also associated with said collection of data units.
  - 5. The computer controlled method of claim 4, wherein said collection of data units is a document collection, said unencrypted data unit is an electronic document, a sequence of non-encrypted data is a cleartext string, said encrypted version is ciphertext of said sensitive information, and said selectively encrypted data unit is a redacted electronic document.
  - 6. The computer controlled method of claim 1, further comprising receiving said unique capability key, said unique capability key being one of one or more capability keys.
  - 7. The computer controlled method of claim 1, wherein said selectively encrypted data unit comprises a sequence of non-encrypted data.
  - 8. The computer controlled method of claim 1, wherein said unencrypted data unit includes, one or more of a group consisting of scanned document image data, audio data, video data, graphical data, personally identifiable data, image data, and textual data.
  - 9. The computer controlled method of claim 1, wherein said one or more attributes specify one or more of a group consisting of personally identifiable data, one or more restricted numbers, one or more restricted topics, one or more metadata values, one or more text characteristics, one or more identified ranges of restricted data, or one or more restricted images.
  - 10. The computer controlled method of claim 1, wherein said attribute vector is a compressed Boolean array.
  - 11. The computer controlled method of claim 1, wherein said key descriptor is represented as one of the group consisting of a compressed Boolean array, a Boolean array, and a Boolean function.
  - 12. The computer controlled method of claim 1, further comprising accessing a protection map configured to locate said encrypted version within said selectively encrypted data unit.
  - 13. The computer controlled method of claim 1, wherein acquiring said protection key further comprises:
    - computing an access key responsive to said one or more cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key;
      
      preparing to send said access key over a network to a trusted third party; and
      
      receiving said protection key responsive to preparing to send.
  - 14. The computer controlled method of claim 13, wherein said trusted third party records receipt of said access key.
  - 15. The computer controlled method of claim 1, wherein acquiring said protection key further comprises:
    - computing a polynomial interpolation using said one or more cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key, said polynomial interpolation responsive to one or more values where the polynomial is interpolated, and wherein said one or more values are obtained from one or more of the group consisting of said one or more cryptosystem parameters, said key descriptor and said unique capability key.
  - 16. The computer controlled method of claim 15, wherein determining further comprises:
    - applying a threshold operator to said attribute vector and said key descriptor to determine whether said attribute vector satisfies a threshold relationship.
  - 32. The method of claim 1, wherein the cryptosystem parameters include a lambda security parameter and a master key.
  - 33. The method of claim 1, wherein the attribute vector contains attribute tags that associate sub-ranges in the document as having a particular set of attributes.

17. An apparatus comprising:
- a central processing unit (CPU),a memory coupled to said CPU,a data access logic configured to access said selectively encrypted data unit, comprising an encrypted version of said sensitive information, an attribute vector associated with said encrypted version, and a plurality of auxiliary values computed directly using the attribute vector and a random number, said encrypted version capable of being decrypted into said sensitive information;
  
  a key access logic configured to access a unique capability key, said unique capability key associated with a key descriptor which is determined based at least on part on the attribute vector, said unique capability key responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares;
  
  an attribute filter logic configured to determine whether said attribute vector is filtered by said key descriptor;
  
  a key acquisition logic configured to acquire, responsive to the attribute filter logic, a protection key, said protection key responsive to said cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key;
  
  a decryption logic configured to decrypt the encrypted version with said protection key to generate said sensitive information; and
  
  a presentation logic configured to present said sensitive information.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 18. The apparatus of claim 17, wherein said one or more shares are of a master secret.
  - 19. The apparatus of claim 17, wherein said one or more shares are responsive to a polynomial, a master secret, and a specified user.
  - 20. The apparatus of claim 17, wherein said selectively encrypted data unit is one of a collection of data units, and said attribute vector is also associated with said collection of data units.
  - 21. The apparatus of claim 17, wherein the key access logic further comprises a network logic configured to receive said unique capability key, said unique capability key being one of one or more capability keys.
  - 22. The apparatus of claim 17, wherein said selectively encrypted data unit comprises a sequence of non-encrypted data.
  - 23. The apparatus of claim 17, wherein said unencrypted data unit includes one or more of a group consisting of scanned document image data, audio data, video data, graphical data, personally identifiable data, image data, and textual data.
  - 24. The apparatus of claim 17, wherein said one or more attributes specify one or more of a group consisting of personally identifiable data, one or more restricted numbers, one or more restricted topics, one or more metadata values, one or more text characteristics, one or more identified ranges of restricted data, or one or more restricted images.
  - 25. The apparatus of claim 17, wherein said attribute vector is a compressed Boolean array.
  - 26. The apparatus of claim 17, wherein said key descriptor is represented as one of the group consisting of a compressed Boolean array, a Boolean array, and a Boolean function.
  - 27. The apparatus of claim 17, further comprising a directory logic configured to access a protection map to locate said encrypted version within said selectively encrypted data unit.
  - 28. The apparatus of claim 17, wherein the key acquisition logic further comprises:
    - a key generation logic configured to compute an access key responsive to said one or more cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key;
      
      a transmission preparation logic configured to prepare said access key for transmission over a network to a trusted third party; and
      
      a receiver logic configured to receive said protection key responsive to said transmission preparation logic.
  - 29. The apparatus of claim 17, wherein the key acquisition logic further comprises:
    - an interpolation logic configured to compute a polynomial interpolation using said one or more cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key, said polynomial interpolation responsive to one or more values where the polynomial is interpolated, and wherein said one or more values are obtained from one or more of the group consisting of said one or more cryptosystem parameters, said key descriptor and said unique capability key.

30. A computer program product comprising:
- a non-transitory computer-usable data carder providing instructions that, when executed by a computer, cause said computer to perform a method to reveal sensitive information in a selectively encrypted data unit, said method comprising;
  
  accessing said selectively encrypted data unit, comprising an encrypted version of said sensitive information, an attribute vector associated with said encrypted version, and a plurality of auxiliary values computed directly using the attribute vector and a random number, said encrypted version capable of being decrypted into said sensitive information;
  
  accessing a unique capability key, said unique capability key associated with a key descriptor which is determined based at least on part on the attribute vector, said unique capability key responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares;
  
  determining whether said attribute vector is filtered by said key descriptor;
  
  acquiring, responsive to determining, a protection key responsive to said cryptosystem parameters, said plurality of auxiliary values, said key descriptor and said unique capability key;
  
  decrypting the encrypted version with said protection key to generate said sensitive information; and
  
  presenting said sensitive information.
- View Dependent Claims (31)
- - 31. The apparatus of claim 30, wherein the attribute filter logic further comprises:
    - a threshold logic configured to apply a threshold operator to said attribute vector and said key descriptor to determine whether said attribute vector satisfies a threshold relationship.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Majandro LLC (IP Edge LLC)
Original Assignee
Palo Alto Research Center, Inc. (Xerox Holdings Corp.)
Inventors
Staddon, Jessica N., Golle, Philippe Jean-Paul
Primary Examiner(s)
Ustaris; Joseph G
Assistant Examiner(s)
RICHARDS, KEVIN T

Application Number

US11/611,848
Publication Number

US 20080016372A1
Time in Patent Office

1,474 Days
Field of Search

380/44, 380/277, 707/3, 713/165, 713/167
US Class Current

713/193
CPC Class Codes

G06F 21/6209   to a single file or object,...

H04L 2209/60   Digital content management,...

H04L 9/085   Secret sharing or secret sp...

Method, apparatus, and program product for revealing redacted information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method, apparatus, and program product for revealing redacted information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links