| 发明名称 | Method for attribute based broadcast encryption with permanent revocation | ||
| 摘要 | The invention is a method for broadcast encryption that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt said data. The method comprises modifications to the four stages of the basic Cipher-text Policy Attribute-Based Encryption techniques. The method can be adapted to transform any Attribute-Based Encryption scheme that supports only temporary revocation into a scheme that supports the permanent revocation of users. | ||
| 申请公布号 | US9413528(B2) | 申请公布日期 | 2016.08.09 |
| 申请号 | US201214239580 | 申请日期 | 2012.08.22 |
| 申请人 | Ben-Gurion University of the Negev Research and Development Authority | 发明人 | Dolev Shlomi;Gilboa Niv;Kopeetsky Marina |
| 分类号 | H04L9/08;H04N21/2347;H04N21/266;H04N21/4405;H04N21/4623;H04L9/30 | 主分类号 | H04L9/08 |
| 代理机构 | Roach Brown McCarthy & Gruber, P.C. | 代理人 | Roach Brown McCarthy & Gruber, P.C. ;McCarthy Kevin D. |
| 主权项 | 1. A method of modifying the four stages of the Cipher-text Policy Attribute-Based Encryption (CP-ABE) method that allows a broadcaster to send encrypted data to a set of users such that only a subset of authorized users can decrypt the data, wherein the method supports permanent revocation of users; the modified CP-ABE method comprising: a) in the setup stage—the broadcaster adds a secret random component CTRεZp to random secrets α,βεZp included in a master key MK, which is used to produce a public key PK;b) in the key generation stage—a component Ei=e(g,g)ri·CTR, which securely encapsulates the random control component CTR, is added to a set of attributes of a user that encodes the state of each user Ui to generate the secret private key SK that the broadcaster sends to Ui, wherein g is a random generator of a bilinear group G0 of prime order p, e: G0×G0→G1 is a proper bilinear map, ri is a random number chosen from Zp is a different random integer for each user, and CTRεZp is the global state;c) in the encrypt stage: the broadcaster uses an algorithm that includes a random secret for sharing sεzp to construct a ciphertext, the global secret key is encrypted by the private keys of the subset of authorized users, the broadcaster updates the global state by CTR=CTR+s and the broadcaster updates s upon a revocation event as s2=−s−CTR mod p and shares s2 with non-revoked users from an updated set of attributes; and d) in the decrypt stage: user i computes a parameter Ai=e(g,g)ris and then user i updates its local state by Ei=Ei·Ai=e(g,g)riCTR·e(g,g)ris=e(g,g)ri(CTR+s). | ||
| 地址 | Beer Sheva IL | ||