Attribute based encryption using lattices
First Claim
1. A computer implemented method of transmitting data using a computer with a processor, comprising:
- receiving, with the processor, a set of attributes S in an access structure A, a master public key that includes a lattice B generated for the set of attributes S and a vector y generated for the set of attributes S, as well as a master secret key that includes a trapdoor lattice T generated for the set of attributes S, wherein the access structure A identifies a type of information that can be decrypted by an entity having the set of attributes S in the access structure A;
generating, with the processor, a user secret key for the set of attributes S in the access structure A, the user secret key comprising a vector e that satisfies a reconstruction function for lattice B, given vector y by;
outputting, with the processor, the user secret key by secret sharing the vector y with the reconstruction function for lattice B for use in decrypting a message m encrypted, using the master public key, to the set of attributes S in the access structure A;
generating values for the vector e that satisfy the reconstruction function eB=y for a given attribute, where eB is a multiplication of vector e with lattice B;
receiving the message m, a subset of the attributes S to which message m is to be encrypted, and the master public key;
selecting a random vector s; and
encrypting the message m to the subset of attributes S using the master public key and the random vector s.
2 Assignments
0 Petitions
Accused Products
Abstract
A master public key is generated as a first set of lattices based on a set of attributes, along with a random vector. A master secret key is generated as a set of trap door lattices corresponding to the first set of lattices. A user secret key is generated for a user'"'"'s particular set of attributes using the master secret key. The user secret key is a set of values in a vector that are chosen to satisfy a reconstruction function for reconstructing the random vector using the first set of lattices. Information is encrypted to a given set of attributes using the user secret key, the given set of attributes and the user secret key. The information is decrypted by a second user having the given set of attributes using the second user'"'"'s secret key.
-
Citations
8 Claims
-
1. A computer implemented method of transmitting data using a computer with a processor, comprising:
-
receiving, with the processor, a set of attributes S in an access structure A, a master public key that includes a lattice B generated for the set of attributes S and a vector y generated for the set of attributes S, as well as a master secret key that includes a trapdoor lattice T generated for the set of attributes S, wherein the access structure A identifies a type of information that can be decrypted by an entity having the set of attributes S in the access structure A; generating, with the processor, a user secret key for the set of attributes S in the access structure A, the user secret key comprising a vector e that satisfies a reconstruction function for lattice B, given vector y by; outputting, with the processor, the user secret key by secret sharing the vector y with the reconstruction function for lattice B for use in decrypting a message m encrypted, using the master public key, to the set of attributes S in the access structure A; generating values for the vector e that satisfy the reconstruction function eB=y for a given attribute, where eB is a multiplication of vector e with lattice B; receiving the message m, a subset of the attributes S to which message m is to be encrypted, and the master public key; selecting a random vector s; and encrypting the message m to the subset of attributes S using the master public key and the random vector s. - View Dependent Claims (2, 3, 4)
-
-
5. A hardware computer readable storage medium storing computer executable instructions which, when executed by a computer, cause the computer to perform a computer implemented method of transmitting data using a computer with a processor, comprising:
-
receiving, with the processor, a set of attributes S in an access structure A, a master public key that includes a lattice B generated for the set of attributes S and a vector y generated for the set of attributes S, as well as a master secret key that includes a trapdoor lattice T generated for the set of attributes S, wherein the access structure A identifies a type of information that can be decrypted by an entity having the set of attributes S in the access structure A; generating, with the processor, a user secret key for the set of attributes S in the access structure A, the user secret key comprising a vector e that satisfies a reconstruction function for lattice B, given vector y by; outputting, with the processor, the user secret key by secret sharing the vector y with the reconstruction function for lattice B for use in decrypting a message m encrypted, using the master public key, to the set of attributes S in the access structure A; generating values for the vector e that satisfy the reconstruction function eB=y for a given attribute, where eB is a multiplication of vector e with lattice B; receiving the message m, a subset of the attributes S to which message m is to be encrypted, and the master public key; selecting a random vector s; and encrypting the message m to the subset of attributes S using the master public key and the random vector s. - View Dependent Claims (6, 7, 8)
-
Specification