GB2416283A - Identifier Based Encryption system (IBE) in which a public key is generated using the identity of a trusted authority - Google Patents
Identifier Based Encryption system (IBE) in which a public key is generated using the identity of a trusted authority Download PDFInfo
- Publication number
- GB2416283A GB2416283A GB0415776A GB0415776A GB2416283A GB 2416283 A GB2416283 A GB 2416283A GB 0415776 A GB0415776 A GB 0415776A GB 0415776 A GB0415776 A GB 0415776A GB 2416283 A GB2416283 A GB 2416283A
- Authority
- GB
- United Kingdom
- Prior art keywords
- trusted authority
- secret
- identifier
- party
- identifier string
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims description 35
- 238000013507 mapping Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 2
- 238000009795 derivation Methods 0.000 claims 3
- 230000003750 conditioning effect Effects 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 3
- 230000001404 mediated effect Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000009960 carding Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 108090000623 proteins and genes Proteins 0.000 description 1
- 230000005236 sound signal Effects 0.000 description 1
- 238000011144 upstream manufacturing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3013—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the discrete logarithm problem, e.g. ElGamal or Diffie-Hellman systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H04L9/0802—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H04L9/3223—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/76—Proxy, i.e. using intermediary entity to perform cryptographic operations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Power Engineering (AREA)
- Physics & Mathematics (AREA)
- Algebra (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
A trusted authority 63 is provided for identity-based cryptography. The trusted authority 63 has a secret x and derives first and second elements g, y. At least the second element is made public. The first element is calculated as a cryptographic hash of an identifier IDTA associated with the trusted authority (step 2). The second element is a combination of the first element and the secret x (step 4). The trusted authority 63 provides a private-key generation service to a third party 62 who is the recipient of an encrypted message J. A private keys h<zx> is calculated (steps 15 and 16) in dependence on the secret x and an identifier string (STR) associated with the third party. Preferably the invention is El-Gamal based. The invention may not be based on bilinear maps. A Bilinear map embodiment is disclosed in GB 2401763 and GB 2390515.
Description
24 1 6283 Trusted Authority for identifier-Based Cryptography The present
invention relates to a trusted authority for identifier-based cryptography. As used herein, the term "trusted authority" means an entity that is trustable to make available an identifier-based private key to a third party, or its proxy, only when satisfied that the third party is entitled to the key (in certain cases, the trusted authority may itself act as a proxy for the third party).
Identifier-Based Cryptography (IBC) is an emerging cryptographic schema for data encryption and signing data. Figure 1 of the accompanying drawings illustrates an Identifier-Based Encryption (IBE) system in which a data provider 10 encrypts payload data 13 using both an encryption key string 14, and public data 15 provided by a trusted authorityl2. This public data 15 is related to private data held by the trusted authority, for example, the public data is derived by the trusted authority 12 from private data 17 using a ore-way function 18.. The date provider to then provides the encryptedpayloaddata<l3> to a recipient 11 who decrypts it, or has it decrypted, using a decryption key computed by the trusted authority 12 in dependence on the encryption key string and its own private data.
A feature of identifier-based encryption is that because the decryption key is generated from the encryption key string, its generation can be postponed until needed for decryption.
Another feature of identifier-based encryption is that the encryption key string is cryptographically unconstrained and can be any kind of string, that is, any ordered series of bits whether derived from a character string, a serialized image bit map, a digitized sound signal, or any other data source. The string may be made up of more than one component and may be formed by data already subject to upstream processing. In order to avoid cryptographic attacks based on judicious selection of a key string to reveal information about the encryption process, as part ofthe encryption process the encryption key string is passed through a one-way function (typically some sort of hash function) thereby making it impossible to choose a cryptographically-prejudicial encryption key string. In applications where defence against such attacks is not important, it would be possible to omit this processing of the string.
Frequently, the encryption key string serves to "identify' the intended message recipient and the trusted authority is arranged to provide the decryption key only to this identified intended recipient. This has given rise to the use ofthe label "identifier-based" or "identity- based" generally for cryptographic methods of the type under discussion. However, depending on the application to which such a cryptographic method is put, the string may serve a different purpose to that of identifying the intended recipient and may be used to convey other information to the trusted authority or, indeed, may be an arbitrary string having no other purpose than to form the basis of the cryptographic processes.
Accordingly, the use of the term "identifier-based" or "IBE" herein in relation to cryptographic methods and systems is to be understood simply as implying that the methods and systems are based on the use of a cryptographically unconstrained string whether or not the string serves to identify the intended recipient. Gene' ally, in the present specification, the term "encryption key string" or "EKS" is used rather than "identity string" or "identifier string"; the term "encryption key string" is also used in the shortened form "encryption key" for reasons of brevity.
A number of IBE algorithms are known and Figure 2 indicates, for three such algorithms, the following features, namely: - the form ofthe encryption parameters 5 used, that is, the encryption key string and the public data of the trusted authority (TA); - the conversion process 6 applied to the encryption key string to prevent attacks based on judicious selection of this string; - the primary encryption computation 7 effected; - the form of the encrypted output 8.
The three prior art [BE algorithms to which Figure 2 relates are: Quadratic Residuosity (QR) method as described in the paper: C. Cocks, "An identity based encryption scheme based on quadratic residues", Proceedings of the 8 1MA International Conference on Cryptography and Coding LNCS 2260, pp 360- 363, Springer-Verlag, 2001. A brief description of this form of IBE is given hereinafter.
- Bilinear Mappings p using, for example, a modified Tate pairing or modified Weil pairing for which: p:GxGr G2 where G' and G2 denote two algebraic groups of large prime order l in which the discrete logarithm problem is believed to be hard. Go is a [l]-torsion subgroup of a larger algebraic group Go and satisfies [l]P = 0 for all P G' where O is the identity element, l is a large prime, and [*cofactor = number of elements in Go. G2 is a subgroup of a multiplicative group of a finite field. For the Tate pairing, an asymmetric mapping is also possible: p:G,xGo G2 Generally, the elements of the groups Go and G' are points on an elliptic curve (typically, though not necessarily, a supersingular curve); however, this is not necessarily the case. A description of this form of IBE method, using modified Weil pairings is given in the paper: D. Boneh, M. Franklin - "Identity-based Encryption from the Weil Pairing" in advances in Cryptology - CRYPTO 2001, LNCS 2139, pp. 213-229, Springer-Verlag, 2001.
- RSA-Based methods The RSA public key cryptographic method is well known and in its basic form is a two-party method in which a first party generates a public/private key pair and a second party uses the first party's public key to encrypt messages for sending to the first party, the latter then using its private key to decrypt the messages. A variant of the basic RSA method, known as "mediated RSA", requires the involvement of a security mediator in order for a message recipient to be able to decrypt an encrypted message, this being achieved by dividing the decryption key between the recipient and security mediator. An IBE method based on mediated RSA is described in the paper "Identity based encryption using mediated RSA", D. Boneh, X. Ding and G. Tsudik, 3rd Workshop on Information Security Application, Jeju Island, Korea, Aug. 2002. An RSA-based IB method that does not require dividing the decryption key is described in US patent 6,275,936; here, the decryption key is dynamically computed from the encryption key, the latter being a hash of the sender-chosen string.
An IB encryption method based on the ElGamal cryptosystem is described in our UK patent applicationNo.: GB 0413056.3 filed 11 June 2004. In the described embodiment of this IB method, the trusted authority carries out the decryption acting as a proxy for the intended recipient (in fact, this is also the case for the RSA method described in the above- referenced US patent).
In our published UK patent application GB 2,390,515A there are described IBC methods and apparatus using hierarchical arrangements of trusted authorities; these methods and apparatus are based on the bilinear mappings and typically employ points on elliptic curves. As is well known by persons skilled in the art, in lBC using bilinear mappings and points on an elliptic curve, the encryption key string is converted into a point by a "mapToPoint" hash function (as depicted in Figure 2 of the present application). For various reasons explained in our published application GB 2,390,515A, there is a need in l 5 the embodiments there described for the master public points of the non-root trusted authorities to be provably un-related. Since the mapToPoint hash provides a convenient way of achieving this when applied to non-identical strings, the required unrelated points are generated by applying the mapToPoint hash to the respective identity strings of the non-root trusted authorities. Furthermore, it was noted in passing that the master public point of the root trusted authority could also be generated in the same way (this being a convenience as it meant that all trusted authorities derived their points in the same way).
It has now been found that there are good reasons for generating public key elements of trusted authorities of other forms of IBC from strings by means of hash functions, notwithstanding that such functions may only tee usable for such purposes and not possess the general usability of the mapToPoint hash in IBC based on bilinear mappings.
According to a first aspect of the present invention, there is provided an identifier-based cryptographic method, comprising a trusted authority, with a secret and an associated identifier string, carding out operations of: deriving a first element from said identifier string using a one-way mapping function; deriving a second element using the secret and the first element; s making at least the second element publicly available; and providing a private-key generation service comprising generating a private key for a third party in dependence on said secret s and on an identifier string associated with that third party; the method being otherwise than one based on bilinear maps.
The present invention also encompasses apparatus and computer program products.
Embodiments of the invention will now be described, by way of nonlimiting example, with reference to the accompanying diagrammatic drawings, in which: Figure 1 is a diagram illustrating the operation of a prior art encryption schema known as Identifier-Based Encryption (IBE); Figure 2 is a diagram illustrating how certain IBE operations are implemented by
three different prior art IBE methods; and
Figure 3 is a diagram of an embodiment of the invention involving ElGamalbased IB cryptography.
The Figure 3 embodiment is an ElGamal identifier-based encryption system and involves three parties, namely a message sender A acting through computing entity 61, a message receiver B acting through computing entity 62, and a trusted authority TA acting through computing entity 62. The computing entities 61, 62 and 63 are typically based around programcontrolled processors though some or all of the cryptographic fimctions may be implemented in dedicated hardware. Furthermore, the entities 61, 62 and 63 inter communicate, for example, via the internet or other computer network though it is also possible that two or all three entities actuallyreside on the same computing platform or that a portable storage medium is used for data transfer between the entities. For convenience, the following description is given in terms ofthe parties A, B and TA, it being understood that these parties act through their respective computing entities.
In general trims, the TA has a private key x and public keys g, p and y where y=gx mod p and g is derived from an identifier IDTA by use of a hash function H4. The TA is arranged to decrypt for B a message encrypted by the sender A. The encryption process effected by the sender A involves the use of a sender-chosen "identifier" string (typically, though not necessarily, identifying the intended recipient B). The string is provided to the trusted party TA and is a required component of the decryption process whereby any change in the string will result in a failure to correctly decrypt the message. The detailed steps of the Figure 3 method are set out below.
Initial Set Up Phase 1. TA chooses random prime p. 2. TA generates g as H4(IDTA) where g is in the range 2 to (p-1).
3. TA chooses a secret x.
4. TA computes y= gx mod p. 5. TA publishes (g, p, y) and keeps x secret.
Message Transfer Phase Message Encryption by Sender A 6. A chooses an identifier string STR.
7. A computes z = Hs(STR) where H5 is a hash fimction (for example, SHA-1) .
8. A computes y' = yZ mod p 9. A chooses a secret r.
10. A computes h = gr mod p 11. A computes J = (y'r)*m mod p 12. A sends (STR, h, J) to B and destroys r.
(Steps 8 and 11 can be merged to have A compute J as: (yZ r)*m mod p) Message Decryption for Recipient B by Trusted Authority TA 13. B forwards (STR, h, J) to TA.
14. TA checks that B meets the conditions set out in STR.
14. TA computes z = Hs(STR).
15. TA computes J/ h (Z a) mod p to recover the message m.
16. TA returns message m to B. 17. B receives recovered message m.
The transmissions are preferably integrity protected in any suitable manner. A potential drawback of the Figure 3 embodiment is that the TA can read the messages m. In order to prevent this, B can blind the encrypted message before sending it to TA for decryption, B subsequently un-blinding the decrypted, but still blinded, message returned by the TA to recover the message m.
As noted above, the public key element g is formed from an identifier string IDTA of the trusted authority using the hash function H4(). This identifier string can be chosen at random or, preferably, as any meaningful information ofthe trusted authority (for example, a contact address such as the URL of a website of the trusted authority) together with a definition of the identifier string (e.g. encryption key string) formats that it accepts from users for private key generation. Providing such meaningful information in the string from which g can be generated by any party gives a convenient way of distributing such information. Other advantages also arise from having the trusted authority generate the element g from a string, including that since the trusted authority cannot control the outcome of the H40 hash function, it is not possible for the trusted authority to maliciously choose g for cryptographic (dis) advantage.
It will be appreciated by persons skilled in the art that H4 should be such that: g9 = 1 mod p where q is a large prime that divides (p-l). A suitable implementation of H4() is of the form: H4(IDTA) = ( #(IOTA) ) where # is a hash function such as SHA- 1 and #(IOTA) is converted to integer form for raising to the power (p-l)/q.
It will be appreciated by persons skilled in the art that in the same way it is possible for the trusted authorities of other IBC cryptosystems to derive public key elements from their respective identifiers. The applicability or otherwise ofthis approach to anyparticular IBC cryptosystem will be readily apparent to a skilled person on inspection having regard to what randomly-chosen key elements, if any, of the trusted authority can be made public.
It will be understood that in the foregoing, reference to an element being public simply means that it is made available to all parties that are authorised to participate in the cryptographic scheme concemed.
Claims (11)
1. An identifier-based cryptographic method, comprising a trusted authority, with a secret and an associated identifier string, carrying out operations of: deriving a first element from said identifier string using a one-way mapping function; deriving a second element using the secret and the first element; making at least the second element publicly available; and providing a private-key generation service comprising generating a private key for a third party in dependence on said secret- and on an identifier string associated with that third party; the method being otherwise than one based on bilinear maps.
2. A method according to claim 1, wherein the method is based on the ElGamal cryptosystem with the second element being of the form: gx mod p where g is the first element, x is said secret, and p is a random prime.
3. A method according to claim 2, wherein said mapping function is ofthe form: ( #(IDEA) ) where: # is a hash function, IDrA is the identifier string of the trusted authority, and q is a prime that divides (p-l); the result of #(1DJA) being converted to integer form for raising to the power (p-1)/q.
4. A method according to claim 1, wherein the identifier string associated with the trusted authority comprises a contact address for the trusted authority.
5. A method according to claim 1, wherein the identifier string associated with the trusted authority comprises data specifying a format to be used for the third-party identifier strings.
6. Apparatus for use as a trusted authority in respect of identifierbased cryptographic methods otherwise than ones based on bilinear maps, the apparatus comprising: a store for holding a secret; a first derivation arrangement for deriving a first element from an identifier string ofthe trusted authority using a one-way mapping function; a second derivation arrangement for deriving a second element using the secret and the first element; a distribution arrangement for making at least the second element publicly available; and a private-key generation arrangement for generating a private key for a third party in dependence on said secret and on an identifier string associated with that third party.
7. Apparatus according to claim 6 for use as a trusted authority in an ElGamal-based cryptosystem, the second derivation arrangement being arranged to derive the second element as: gx mod p where g is the first element, x is said secret, and p is a random prime.
8. Apparatus according to claim 7, wherein said mapping function is of the form: ( #(IOTA) ) where: # is a hash function, IDTA iS the identifier string of the trusted authority, and q is a prime that divides (p-1); the result of #(1DTA) being converted to integer form for raising to the power (p-l)/q.
9. Apparatus according to claim 6, wherein the identifier string of the trusted authority comprises a contact address for the trusted authority.
10. Apparatus according to claim 6, wherein the identifier string ofthe trusted authority comprises data specifying a format to be used for the third-party identifier strings.
11. A computer program product for conditioning programmable apparatus to provide a trusted authority apparatus according to any one of claims 6 to 10.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0415776A GB2416283B (en) | 2004-07-15 | 2004-07-15 | Trusted authority for identifier-based cryptography |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0415776A GB2416283B (en) | 2004-07-15 | 2004-07-15 | Trusted authority for identifier-based cryptography |
Publications (3)
Publication Number | Publication Date |
---|---|
GB0415776D0 GB0415776D0 (en) | 2004-08-18 |
GB2416283A true GB2416283A (en) | 2006-01-18 |
GB2416283B GB2416283B (en) | 2007-03-07 |
Family
ID=32893573
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB0415776A Expired - Fee Related GB2416283B (en) | 2004-07-15 | 2004-07-15 | Trusted authority for identifier-based cryptography |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2416283B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104836657A (en) * | 2015-05-27 | 2015-08-12 | 华中科技大学 | Identity anonymity-based broadcast encryption method having efficient decryption characteristic |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SG10201606165SA (en) * | 2016-07-26 | 2018-02-27 | Huawei Int Pte Ltd | A key generation and distribution method based on identity-based cryptography |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2384406A (en) * | 2002-01-21 | 2003-07-23 | Hyun Ku Yeun | Three party cryptosystem having pairs of private keys |
GB2390515A (en) * | 2002-07-05 | 2004-01-07 | Hewlett Packard Development Co | Verifying An Association Between Two Parties |
GB2395872A (en) * | 2002-09-17 | 2004-06-02 | Hewlett Packard Development Co | Implementing a policy controlling data output/printing using identifier based encryption |
GB2401763A (en) * | 2002-07-05 | 2004-11-17 | Hewlett Packard Development Co | Trusted Authority for Identifier-Based Cryptography |
-
2004
- 2004-07-15 GB GB0415776A patent/GB2416283B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2384406A (en) * | 2002-01-21 | 2003-07-23 | Hyun Ku Yeun | Three party cryptosystem having pairs of private keys |
GB2390515A (en) * | 2002-07-05 | 2004-01-07 | Hewlett Packard Development Co | Verifying An Association Between Two Parties |
GB2401763A (en) * | 2002-07-05 | 2004-11-17 | Hewlett Packard Development Co | Trusted Authority for Identifier-Based Cryptography |
GB2395872A (en) * | 2002-09-17 | 2004-06-02 | Hewlett Packard Development Co | Implementing a policy controlling data output/printing using identifier based encryption |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104836657A (en) * | 2015-05-27 | 2015-08-12 | 华中科技大学 | Identity anonymity-based broadcast encryption method having efficient decryption characteristic |
CN104836657B (en) * | 2015-05-27 | 2018-01-26 | 华中科技大学 | A kind of identity-based anonymity broadcast encryption method with efficient decryption features |
Also Published As
Publication number | Publication date |
---|---|
GB2416283B (en) | 2007-03-07 |
GB0415776D0 (en) | 2004-08-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8589679B2 (en) | Identifier-based signcryption with two trusted authorities | |
EP1379024B1 (en) | Method and apparatus for generating a cryptographic key | |
EP1471680B1 (en) | Identifier-Based Encryption method and apparatus | |
EP1378821B1 (en) | Authentication method and apparatus using pairing functions for the elliptic curves based cryptosystems | |
US7246379B2 (en) | Method and system for validating software code | |
US7986778B2 (en) | Cryptographic method and apparatus | |
US8510789B2 (en) | Data output method, system and apparatus | |
US20040139029A1 (en) | Apparatus and method for generating and verifying ID-based blind signature by using bilinear parings | |
GB2401014A (en) | Identifier based encryption method using an encrypted condition and a trusted party | |
US20040240666A1 (en) | Directoryless public key cryptographic system and method | |
CN107086912B (en) | Ciphertext conversion method, decryption method and system in heterogeneous storage system | |
US20050089173A1 (en) | Trusted authority for identifier-based cryptography | |
US7305093B2 (en) | Method and apparatus for securely transferring data | |
US7382877B2 (en) | RSA cryptographic method and system | |
Jeng et al. | An ECC-based blind signature scheme | |
US20050135610A1 (en) | Identifier-based signcryption | |
US20050021973A1 (en) | Cryptographic method and apparatus | |
Owens et al. | An identity based encryption system | |
Ch et al. | Identity-based cryptosystem based on tate pairing | |
Elkamchouchi et al. | A new proxy identity-based signcryption scheme for partial delegation of signing rights | |
GB2416283A (en) | Identifier Based Encryption system (IBE) in which a public key is generated using the identity of a trusted authority | |
US7801302B2 (en) | Cryptographic method and apparatus | |
Omondi et al. | Elliptic-Curve Cryptosystems | |
Krishna | A randomized cloud library security environment | |
Sahu et al. | Encryption & Decryption of Text Data with RSA cryptography using MATLAB |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PCNP | Patent ceased through non-payment of renewal fee |
Effective date: 20140715 |