Method and apparatus for encrypting/decrypting data using timed-release keys

US 7,321,660 B2
Filed: 03/03/2003
Issued: 01/22/2008
Est. Priority Date: 04/18/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A security method, comprising:

first operations, effected by a discloser of data, comprising encrypting the data and providing the encrypted data to a recipient, the encryption process using both an encryption key comprising a future time value, and public data provided by a trusted party, the public data being derived thereby from private data; and

second operations effected by the trusted party where the trusted party is arranged to perform at specific time intervals in response to signals from a clock, the second operations comprising;

using both said private data and further data in order to determine, at the specific time intervals, a decryption key which is then output andoutputting the decryption key by publishing it via a distribution system;

said further data comprising, at each determination of the decryption key, a current time value derived independently of said encryption key, the decryption key being so determined that, for said current time value equalling the future time value used by the data discloser for its encryption key, the decryption key is useful to decrypt the discloser'"'"'s encrypted data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system comprises a first computer entity arranged to encrypt data using an encryption key comprising a time value, and a second computer entity arranged to generate, at intervals, a decryption key using a current time value. The encryption and decryption processes are such that the decryption key generated using a current time value corresponding to that used for the encryption key, is apt to decrypt the encrypted s data.

30 Citations

View as Search Results

27 Claims

1. A security method, comprising:
- first operations, effected by a discloser of data, comprising encrypting the data and providing the encrypted data to a recipient, the encryption process using both an encryption key comprising a future time value, and public data provided by a trusted party, the public data being derived thereby from private data; and
  
  second operations effected by the trusted party where the trusted party is arranged to perform at specific time intervals in response to signals from a clock, the second operations comprising;
  
  using both said private data and further data in order to determine, at the specific time intervals, a decryption key which is then output andoutputting the decryption key by publishing it via a distribution system;
  
  said further data comprising, at each determination of the decryption key, a current time value derived independently of said encryption key, the decryption key being so determined that, for said current time value equalling the future time value used by the data discloser for its encryption key, the decryption key is useful to decrypt the discloser'"'"'s encrypted data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method according to claim 1, wherein said current time value is derived from a real-time clock associated with the trusted party.
  - 3. A method according to claim 1, wherein the decryption key is determined at regular time intervals.
  - 4. A method according to claim 1, wherein said current time value corresponds to a date.
  - 5. A method according to claim 1, wherein the future time value used as the encryption key is chosen from amongst time values known to be ones that will be used as current time values in determining the decryption key.
  - 6. A method according to claim 1, wherein the cryptographic processes effected in respect of the said encryption and decryption keys are cryptographic processes utilising quadratic residuosity.
  - 7. A method according to claim 1, wherein the cryptographic processes effected in respect of the said encryption and decryption keys are cryptographic processes utilising Weil or Tate pairings.
  - 8. A method according to claim 1, wherein the distribution system includes the Internet and wherein the decryption key by is made publicly available via the Internet.

9. A computer system comprising:
- a first computing entity arranged to encrypt, for output, first data according to an encryption process involving both an encryption key comprising a future time value and second data provided by a trusted party;
  
  a second computing entity associated with the trusted party and arranged to determine, at specific time intervals in response to signals from a clock, a decryption key using both third data and private fourth data and to output the decryption key, said second data having been derived from said fourth data;
  
  the second computing entity being arranged to determine said decryption key at the specific time intervals using as said third data, at each determination, a current time value derived independently of said encryption key,the second computing entity also being coupled to a distribution system for making decryption keys generated thereby publicly available; and
  
  a third computing entity arranged to receive both the encrypted first data and the decryption key, and to decrypt the received encrypted first data using the received decryption key determined using as said third data a current time value equalling the future time value used by the first computing entity for its encryption key.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. A computer system according to claim 9, wherein the second computing entity comprises tamper resistant means to inhibit tampering.
  - 11. A computer system according to claim 9, wherein the second computing entity includes a real-time clock from which said current time values are generated.
  - 12. A computer system according to claim 9, wherein said current time value corresponds to a date.
  - 13. A computer system according to claim 9, wherein the second computing entity is arranged to determine the decryption key at regular time intervals.
  - 14. A computer system according to claim 9, wherein the first computing entity is arranged to select as said future time value, a time value that it expects is one for which the second computing entity will use as said current time value for determining the decryption key.
  - 15. A computer system according to claim 9, wherein the cryptographic processes effected by the first, second and third computing entities in respect of the said encryption and decryption keys are cryptographic processes utilising quadratic residuosity.
  - 16. A computer system according to claim 9, wherein the cryptographic processes effected by the first, second and third computing entities in respect of the said encryption and decryption keys are cryptographic processes utilising Weil or Tate pairings.
  - 17. A computer system according to claim 9, wherein the distribution system includes the Internet.

18. Apparatus for generating a decryption key, comprising a memory for holding private data, a clock, and a processor for generating, at specific time intervals in response to signals from the clock, a decryption key using both said private data and a current time value from the clock, each decryption key generated being useful to decrypt data encrypted using both public data derived from said private data and a time value corresponding to the current time value used in generating the decryption key.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. Apparatus according to claim 18, further comprising tamper resistant means to inhibit tampering with the apparatus.
  - 20. Apparatus according to claim 18, wherein said current time value corresponds to a date.
  - 21. Apparatus according to claim 18, wherein the decryption key is generated by a cryptographic process utilising quadratic residuosity.
  - 22. Apparatus according to claim 18, wherein the decryption key is generated by a cryptographic process utilising Weil or Tate pairings.
  - 23. Apparatus according to claim 18, wherein the decryption key is made publicly available via the Internet.
  - 24. Apparatus according to claim 18, wherein the decryption key is made available to a group of people.

25. A method of controlling access to data, where a provider of the data wishes to restrict access to the data until a particular future time and upon the occurrence of said particular future time, third parties are then provided access to the data, said method comprising:
- i. using a encryption key to encrypt the data where the encryption key is derived using information that is at least partially based upon said particular future time,ii. generating decryption keys periodically, each periodic decryption key being associated with a then-current time;
  
  iii. making the periodic decryption keys automatically available to one or more third parties; and
  
  iv. the one or more third parties being able to decrypt the data only after a particular periodic decryption key is made available to them, said particular periodic decryption key having its associated then-current time equal to said particular future time.
- View Dependent Claims (26, 27)
- - 26. A method according to claim 25, wherein the periodic decryption keys are made automatically available to one or more third parties at specific time intervals in response to signals from a clock.
  - 27. A method according to claim 25, wherein the periodic decryption keys are made publicly available by publishing them via the Internet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Mont, Marco Casassa, Harrison, Keith Alexander, Sadler, Martin
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Simitoski; Michael J

Application Number

US10/379,455
Publication Number

US 20030198348A1
Time in Patent Office

1,786 Days
Field of Search

380/35, 380/277, 713/175
US Class Current

380/277
CPC Class Codes

H04L 9/3073 involving pairings, e.g. id...

Method and apparatus for encrypting/decrypting data using timed-release keys

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for encrypting/decrypting data using timed-release keys

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others