WO2008026184A3 - Method of key management - Google Patents
Method of key management Download PDFInfo
- Publication number
- WO2008026184A3 WO2008026184A3 PCT/IB2007/053498 IB2007053498W WO2008026184A3 WO 2008026184 A3 WO2008026184 A3 WO 2008026184A3 IB 2007053498 W IB2007053498 W IB 2007053498W WO 2008026184 A3 WO2008026184 A3 WO 2008026184A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- leaf node
- group
- key
- party
- private key
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
A method of key management for group-based controlled access to encrypted data, in which a decryption key for the encrypted data can be obtained by a party if the party is a member of at least one group which is authorized to access the data, the groups being organized in a hierarchical tree in which each non-leaf node represents a group and each leaf node represents a member of all groups represented by nodes hierarchically superior to the leaf node in question, characterized in that the leaf nodes are each assigned a respective arbitrarily chosen private key and corresponding public key, in that the private key associated with a particular non-leaf node is obtained by executing a key agreement protocol using a private key associated with a first child of the particular non- leaf node and a public key associated with a second child of the particular non-leaf node, and in that the private key for a group associated with a particular node is obtained by recursively obtaining the group private keys of the nodes on a path from the leaf node corresponding to the party in question and the node corresponding to the authorized group.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06119878.4 | 2006-08-31 | ||
EP06119878 | 2006-08-31 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2008026184A2 WO2008026184A2 (en) | 2008-03-06 |
WO2008026184A3 true WO2008026184A3 (en) | 2008-06-26 |
Family
ID=39136356
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2007/053498 WO2008026184A2 (en) | 2006-08-31 | 2007-08-30 | Method of key management |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2008026184A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109995786B (en) * | 2019-04-08 | 2020-11-13 | 北京深思数盾科技股份有限公司 | Method and device for authorizing data in organization |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102009001719B4 (en) | 2009-03-20 | 2011-02-10 | Compugroup Holding Ag | Method for generating asymmetric cryptographic key pairs |
CN110213228B (en) * | 2019-04-25 | 2021-09-07 | 平安科技(深圳)有限公司 | Method, device, storage medium and computer equipment for authenticating communication |
CN117195300B (en) * | 2023-09-20 | 2024-03-29 | 全拓科技(杭州)股份有限公司 | Big data safety protection method, device and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19847941A1 (en) * | 1998-10-09 | 2000-04-13 | Deutsche Telekom Ag | Common cryptographic key establishment method for subscribers involves successively combining two known secret values into a new common value throughout using Diffie-Hellmann technique |
US20040146015A1 (en) * | 2003-01-27 | 2004-07-29 | Cross David B. | Deriving a symmetric key from an asymmetric key for file encryption or decryption |
EP1505594A2 (en) * | 2003-07-31 | 2005-02-09 | Sony United Kingdom Limited | Access control for digital content |
US20060015514A1 (en) * | 2004-06-03 | 2006-01-19 | Canon Kabushiki Kaisha | Information processing method and information processing apparatus |
-
2007
- 2007-08-30 WO PCT/IB2007/053498 patent/WO2008026184A2/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19847941A1 (en) * | 1998-10-09 | 2000-04-13 | Deutsche Telekom Ag | Common cryptographic key establishment method for subscribers involves successively combining two known secret values into a new common value throughout using Diffie-Hellmann technique |
US20040146015A1 (en) * | 2003-01-27 | 2004-07-29 | Cross David B. | Deriving a symmetric key from an asymmetric key for file encryption or decryption |
EP1505594A2 (en) * | 2003-07-31 | 2005-02-09 | Sony United Kingdom Limited | Access control for digital content |
US20060015514A1 (en) * | 2004-06-03 | 2006-01-19 | Canon Kabushiki Kaisha | Information processing method and information processing apparatus |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109995786B (en) * | 2019-04-08 | 2020-11-13 | 北京深思数盾科技股份有限公司 | Method and device for authorizing data in organization |
Also Published As
Publication number | Publication date |
---|---|
WO2008026184A2 (en) | 2008-03-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007149850A3 (en) | Hierarchical deterministic pairwise key predistribution scheme | |
Acín et al. | Device-independent security of quantum cryptography against collective attacks | |
Torkaman et al. | Innovative approach to improve hybrid cryptography by using DNA steganography | |
WO2008121157A3 (en) | Cryptographic key management system facilitating secure access of data portions to corresponding groups of users | |
TW202019120A (en) | Service data encryption method and device based on block chain | |
WO2007009066A3 (en) | Secure key management for scalable codestreams | |
Zhou et al. | Privacy enhanced data outsourcing in the cloud | |
WO2007094751A3 (en) | System and method for a variable key ladder | |
Li et al. | Privacy-preserving data utilization in hybrid clouds | |
WO2005122630A3 (en) | Arrangement in a network node for secure storage and retrieval of encoded data distributed among multiple network nodes | |
Liu et al. | Practical ciphertext-policy attribute-based encryption: traitor tracing, revocation, and large universe | |
WO2004102918A3 (en) | Key agreement and transport protocol | |
CN108038184A (en) | A kind of date storage method and system based on block chain, a kind of intelligent block chain | |
EA201100887A1 (en) | METHOD OF FORMATION OF A DIGITAL / CALCULAR KEY | |
Huang et al. | EABDS: Attribute‐Based Secure Data Sharing with Efficient Revocation in Cloud Computing | |
Mor et al. | Toward a global data infrastructure | |
ATE422131T1 (en) | NETWORK INFORMATION ON A PEER-TO-PEER NETWORK | |
WO2008026184A3 (en) | Method of key management | |
EP1353470A3 (en) | Method for deployment of a workable public key infrastructure | |
Jost et al. | Overcoming impossibility results in composable security using interval-wise guarantees | |
Xu et al. | Revocable policy-based chameleon hash | |
CN105915333B (en) | A kind of efficient key distribution method based on encryption attribute | |
WO2019215262A3 (en) | Method for securing a data exchange in a distributed infrastructure | |
Maldonado-Ruiz et al. | 3BI-ECC: a decentralized identity framework based on blockchain technology and elliptic curve cryptography | |
Alwen et al. | Grafting key trees: efficient key management for overlapping groups |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07826209 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
NENP | Non-entry into the national phase |
Ref country code: RU |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07826209 Country of ref document: EP Kind code of ref document: A2 |