公开(公告)号：WO2018208787A1

公开(公告)日：2018-11-15

申请号：PCT/US2018/031615

申请日：2018-05-08

Applicant: ZERODB, INC.

Inventor： EGOROV, Mikhail ,  WILKISON, MacLane Scott ,  NUǸEZ, David ,  AGUDO, Isaac

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L67/2809 ,  H04L63/0442 ,  H04L63/0464 ,  H04L67/2842

Abstract: Provided is a computer system and method that enables delegated access to encrypted information for distributed messaging and queuing frameworks, or in general, to publish/subscribe architectures. In said frameworks and architectures, data is published by data producers and organized in channels or queues, which consumer applications can subscribe to, and that are managed by one or multiple broker entities.

公开(公告)号：WO2018102382A1

公开(公告)日：2018-06-07

申请号：PCT/US2017/063658

申请日：2017-11-29

Applicant: ZERODB, INC.

Inventor： NUÑEZ, David ,  AGUDO, Isaac ,  EGOROV, Mikhail ,  WILKISON, MacLane Scott

IPC: G06F21/62 ,  H04L29/06 ,  H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  H04L9/16

CPC classification number: G06F21/62 ,  G06F21/602 ,  H04L9/0841 ,  H04L9/088

Abstract: Provided is a process, including: obtaining a first ciphertext; obtaining the field size with which the first ciphertext was encrypted; obtaining a first private encryption key of the first encryption key pair; receiving a request to delegate access to the first ciphertext to a second recipient; obtaining a second private encryption key; determining a key-switching key based on the field size, the first private encryption key, and the second private encryption key; in response to the request, delegating access by forming a second ciphertext from which the plaintext is accessible with the second private encryption key; and storing the second ciphertext in memory.

公开(公告)号：WO2018208786A1

公开(公告)日：2018-11-15

申请号：PCT/US2018/031614

申请日：2018-05-08

Applicant: ZERODB, INC.

Inventor： EGOROV, Mikhail ,  WILKISON, MacLane Scott ,  NUǸEZ, David ,  AGUDO, Isaac

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14

CPC classification number: H04L9/14 ,  H04L9/0825 ,  H04L2209/76

Abstract: Provided is a process including: encrypting each of a plurality of data encryption keys with a first public cryptographic key to form encrypted data encryption keys; obtaining a second public cryptographic key; generating a transformation key based on the first public-private cryptographic key pair and the second public cryptographic key; and transforming the encrypted data encryption keys with proxy re-encryption based on the transformation key; and obtaining the second private cryptographic key and the transformed encrypted data encryption keys.