摘要:
In one embodiment, the present invention is a method and apparatus for encrypting data for fine-grained access control. One embodiment of a method for encrypting data includes encrypting the data as a ciphertext, labeling the ciphertext with a set of one or more descriptive attributes, generating a decryption key for decrypting the ciphertext, associating an access structure with the decryption key, such that the data is recoverable from the ciphertext using the decryption key only if the set of one or more descriptive attributes satisfies the access structure, and outputting the ciphertext and the decryption key.
摘要:
A system and method for providing a conjunctive keyword search over encrypted data is presented. A plurality of encrypted data is maintained. Each encrypted data includes a plurality of keyword fields that each contain a keyword. The keywords for the keyword fields are encrypted for each encrypted data. A capability is generated for two or more such encrypted keywords that includes a plurality of parameters defining a conjunctive keyword search. The capability is sent from a requestor to a server. The capability is applied to the encrypted keywords with the server to generate a result and the result is provided to the requestor.
摘要:
Systems and methods for attribute-based encryption systems that support more efficient decryption are provided. The disclosed systems and methods can be configured to decrypt data using a constant number of pairings while the number of attributes used during encryption or decryption can be selected and scaled arbitrarily.
摘要:
A system and method for providing a conjunctive keyword search over encrypted data is presented. A plurality of encrypted data is maintained. Each encrypted data includes a plurality of keyword fields that each contain a keyword. The keywords for the keyword fields are encrypted for each encrypted data. A capability is generated for two or more such encrypted keywords that includes a plurality of parameters defining a conjunctive keyword search. The capability is sent from a requestor to a server. The capability is applied to the encrypted keywords with the server to generate a result and the result is provided to the requestor.
摘要:
The present invention relates to a method for traitor tracing. One embodiment of a method for determining at least one traced private key used by a decoder to decrypt an encrypted message includes defining an input ciphertext, the input ciphertext being associated with a tracing private key and having a sublinear size, calling the decoder on the input ciphertext, and associating the tracing private key with a set of traced private keys if the decoder is able to correctly decrypt the encrypted message in accordance with the input ciphertext, the set of traced private keys including at least one private key.
摘要:
A method for secure transmission of a message encrypted under an attribute based encryption scheme is provided. A first and a second authority parameter may be received from one or more authorities. A policy is generated based on the parameters. The generated policy comprises a flexible access control structure. A ciphertext is constructed based on the policy. To decrypt the ciphertext, key components are received from one or more authorities, the key components associated with a decryptor identifier. A decryption key is generated based on the policy and the key components. A plaintext is generated by decrypting the ciphertext.
摘要:
Systems and methods for functional encryption systems that support regular languages and, thereby strings of arbitrary length, are provided. The disclosed systems and methods can encrypt data using public parameters and an arbitrary string. The arbitrary string can be included within the ciphertext as plaintext. A decryption key is generated that includes a representation of a regular language. The encrypted message can be decrypted only if the arbitrary string in the ciphertext is in the set of strings that comprise the regular language associated with the decryption key being used.
摘要:
The present invention relates to a method for traitor tracing. One embodiment of a method for determining at least one traced private key used by a decoder to decrypt an encrypted message includes defining an input ciphertext, the input ciphertext being associated with a tracing private key and having a sublinear size, calling the decoder on the input ciphertext, and associating the tracing private key with a set of traced private keys if the decoder is able to correctly decrypt the encrypted message in accordance with the input ciphertext, the set of traced private keys including at least one private key.