Identifier based encryption (IBE) scheme where trusted authority public/private keys are associated with particular access time periods

摘要

In order to regulate access to a service provided by a service provider (30), a service authoriser (40) generates for each of multiple service time periods a different respective data set comprising private data (eg private key) and public data derived (eg public key) using the private data. The service provider (30) uses the public data for a current time period and an encryption key string to generate encrypted data which a party (20) wanting to receive the service must decrypt. The service authoriser (40) provides a decryption key to the party (20) after determining that the party is entitled to receive the service for a particular service time period; the decryption key is generated using the aforesaid encryption key string and the private data of the data set for the service period concerned. The party (20) can then decrypt the encrypted data it receives from the service provider (30) provided that the current time period for which the data has been encrypted is the same time period as that for which the decryption key was generated. The system use identify/identifier based encryption (IBE) methodology.