Identity-based-encryption system
First Claim
1. A method for using identity-based-encryption (IBE) to support secure communications, comprising:
- at a sender, using an IBE encryption engine implemented on computing hardware to encrypt plaintext to produce ciphertext, wherein the IBE encryption engine uses as inputs the plaintext, IBE public parameters, and an IBE public key associated with an intended recipient, wherein the IBE encryption engine produces the ciphertext using group multiplication operations and using group exponentiation operations, and wherein the group exponentiation operations are performed by computing an integer from the IBE public key and by using the computed integer as an exponent in the group exponentiation operations; and
at the recipient, using an IBE decryption engine implemented on computing hardware to decrypt the ciphertext to produce the plaintext, wherein the IBE decryption engine uses as inputs the ciphertext and an IBE private key corresponding to the IBE public key and wherein the IBE decryption engine performs decryption operations using a bilinear map.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for supporting symmetric-bilinear-map and asymmetric-bilinear-map identity-based-encryption (IBE) key exchange and encryption schemes are provided. IBE key exchange schemes use an IBE encapsulation engine to produce a secret key and an encapsulated version of the secret key. An IBE unencapsulation engine is used to unencapsulate the encapsulated key. IBE encryption schemes use an IBE encryption engine to produce ciphertext from plaintext. An IBE decryption engine is used to decrypt the ciphertext to reveal the plaintext. The IBE unencapsulation engine and decryption engines use bilinear maps. The IBE encapsulation and encryption engines perform group multiplication operations without using bilinear maps, improving efficiency. IBE private keys for use in decryption and unencapsulation operations may be generated using a distributed key arrangement in which each IBE private key is assembled from private key shares.
41 Citations
24 Claims
-
1. A method for using identity-based-encryption (IBE) to support secure communications, comprising:
-
at a sender, using an IBE encryption engine implemented on computing hardware to encrypt plaintext to produce ciphertext, wherein the IBE encryption engine uses as inputs the plaintext, IBE public parameters, and an IBE public key associated with an intended recipient, wherein the IBE encryption engine produces the ciphertext using group multiplication operations and using group exponentiation operations, and wherein the group exponentiation operations are performed by computing an integer from the IBE public key and by using the computed integer as an exponent in the group exponentiation operations; and at the recipient, using an IBE decryption engine implemented on computing hardware to decrypt the ciphertext to produce the plaintext, wherein the IBE decryption engine uses as inputs the ciphertext and an IBE private key corresponding to the IBE public key and wherein the IBE decryption engine performs decryption operations using a bilinear map. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for using identity-based-encryption (IBE) to support key exchange operations, comprising:
-
at a sender, using an IBE encapsulation engine implemented using computing hardware to produce a secret key and an encapsulated version of the key, wherein the IBE encapsulation engine uses as inputs IBE public parameters and an IBE public key associated with an intended recipient, wherein the IBE encapsulation engine produces the encapsulated key using group multiplication operations and using group exponentiation operations, and wherein the group exponentiation operations are performed by computing an integer from the IBE public key and by using the computed integer as an exponent in the group exponentiation operations; and at the recipient, using an IBE unencapsulation engine implemented on computing hardware to unencapsulate the encapsulated key to reveal the secret key, wherein the IBE unencapsulation engine uses as inputs the encapsulated key and an IBE private key corresponding to the IBE public key and wherein the IBE unencapsulation engine performs unencapsulation operations using a bilinear map. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification