Method for attribute based broadcast encryption with permanent revocation
First Claim
Patent Images
1. A method of modifying the four stages of the Cipher-text Policy Attribute-Based Encryption (CP-ABE) method that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt the data, wherein the method supports permanent revocation of users;
- the modified CP-ABE method comprising;
a) in the setup stage—
the broadcaster adds a secret random component CTRε
Zp to random secrets α
,β
ε
Zp included in a master key MK, which is used to produce a public key PK;
b) in the key generation stage—
a component Ei=e(g,g)ri·
CTR, which securely encapsulates the random control component CTR, is added to a set of attributes of a user that encodes the state of each user Ui to generate the secret private key SK that the broadcaster sends to Ui, wherein g is a random generator of a bilinear group G0 of prime order p, e;
G0×
G0→
G1 is a proper bilinear map, ri is a random number chosen from Zp is a different random integer for each user, and CTRε
Zp is the global state;
c) in the encrypt stage;
the broadcaster uses an algorithm that includes a random secret for sharing sε
zp to construct a ciphertext, the global secret key is encrypted by the private keys of the subset of authorized users, the broadcaster updates the global state by
CTR=CTR+s and the broadcaster updates s upon a revocation event as
s2=−
s−
CTR mod p and shares s2 with non-revoked users from an updated set of attributes; and
d) in the decrypt stage;
user i computes a parameter
Ai=e(g,g)ris and then user i updates its local state by
Ei=Ei·
Ai=e(g,g)riCTR·
e(g,g)ris=e(g,g)ri(CTR+s).
2 Assignments
0 Petitions
Accused Products
Abstract
The invention is a method for broadcast encryption that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt said data. The method comprises modifications to the four stages of the basic Cipher-text Policy Attribute-Based Encryption techniques. The method can be adapted to transform any Attribute-Based Encryption scheme that supports only temporary revocation into a scheme that supports the permanent revocation of users.
7 Citations
2 Claims
-
1. A method of modifying the four stages of the Cipher-text Policy Attribute-Based Encryption (CP-ABE) method that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt the data, wherein the method supports permanent revocation of users;
-
the modified CP-ABE method comprising; a) in the setup stage—
the broadcaster adds a secret random component CTRε
Zp to random secrets α
,β
ε
Zp included in a master key MK, which is used to produce a public key PK;b) in the key generation stage—
a component Ei=e(g,g)ri ·
CTR, which securely encapsulates the random control component CTR, is added to a set of attributes of a user that encodes the state of each user Ui to generate the secret private key SK that the broadcaster sends to Ui, wherein g is a random generator of a bilinear group G0 of prime order p, e;
G0×
G0→
G1 is a proper bilinear map, ri is a random number chosen from Zp is a different random integer for each user, and CTRε
Zp is the global state;c) in the encrypt stage;
the broadcaster uses an algorithm that includes a random secret for sharing sε
zp to construct a ciphertext, the global secret key is encrypted by the private keys of the subset of authorized users, the broadcaster updates the global state by
CTR=CTR+sand the broadcaster updates s upon a revocation event as
s2=−
s−
CTR mod pand shares s2 with non-revoked users from an updated set of attributes; and d) in the decrypt stage;
user i computes a parameter
Ai=e(g,g)ri sand then user i updates its local state by
Ei=Ei·
Ai=e(g,g)ri CTR·
e(g,g)ri s=e(g,g)ri (CTR+s). - View Dependent Claims (2)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBen Gurion University of The Negev, Sami Shamoon College Of Engineering
-
Original AssigneeBen Gurion University of The Negev
-
InventorsDolev, Shlomi, Gilboa, Niv, Kopeetsky, Marina
-
Primary Examiner(s)Kim, Jung
-
Assistant Examiner(s)NGUYEN, NGOC THACH D
-
Application NumberUS14/239,580Publication NumberTime in Patent Office1,448 DaysField of Search380/255US Class Current1/1CPC Class CodesH04L 2209/601 Broadcast encryptionH04L 9/0816 Key establishment, i.e. cry...H04L 9/0833 involving conference or gro...H04L 9/0866 involving user or device id...H04L 9/088 Usage controlling of secret...H04L 9/0891 Revocation or update of sec...H04L 9/3073 involving pairings, e.g. id...H04N 21/2347 involving video stream encr...H04N 21/26606 for generating or managing ...H04N 21/4405 involving video stream decr...H04N 21/4623 Processing of entitlement m...
