GB2622006A - System and method of encryption and generating encryption keys - Google Patents

System and method of encryption and generating encryption keys Download PDF

Info

Publication number
GB2622006A
GB2622006A GB2212534.8A GB202212534A GB2622006A GB 2622006 A GB2622006 A GB 2622006A GB 202212534 A GB202212534 A GB 202212534A GB 2622006 A GB2622006 A GB 2622006A
Authority
GB
United Kingdom
Prior art keywords
attribute
key
data object
combining
retrieving
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
GB2212534.8A
Other versions
GB202212534D0 (en
Inventor
Francis Patrick
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Airbus Defence and Space Ltd
Original Assignee
Airbus Defence and Space Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Airbus Defence and Space Ltd filed Critical Airbus Defence and Space Ltd
Priority to GB2212534.8A priority Critical patent/GB2622006A/en
Publication of GB202212534D0 publication Critical patent/GB202212534D0/en
Publication of GB2622006A publication Critical patent/GB2622006A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

Encryption schemes based on Lattice primitives are not yet proven to be quantum resistant. Such schemes also involve relatively large data expansion as larger keys are required for lattice-based functions. The invention encrypts a data object by: defining an encryption policy P using at least a first system attribute, retrieving a first attribute key AK1 associated with the first system attribute, applying a one-way function f1 to the first attribute key AK1 to produce an immediate value IV1, generating a random value MI1, combining MI1 and IV1 using an operator such that a key K is generated, and encrypting the data object using the key K to produce an encrypted data object. Different system attributes may be defined for users such as military, government or private sector attributes. The one-way function f1 is chosen such that entropy is lost when applied to the attribute keys. For example, if the attribute keys have 1000 bits, the one-way function reduces this to 500 bits when the intermediate value IV1 is generated. As the attribute keys are larger than the intermediate value, it is not possible to work backwards from the intermediate value to the attribute keys.

Description

System and method of encryption and generating encryption keys
Field of the Invention
The present invention concerns a system and method of encryption and generating encryption keys. More particularly, but not exclusively, this invention concerns a system and method of encryption and decryption. The invention also concerns a system and method of generating keys for attribute based encryption and decryption to provide secure communication of potentially sensitive information.
Background of the Invention
Existing encryption techniques include ciphertext-policy attribute-based encryption (CP-ABE). CP-ABE schemes are typically based on the mathematics of Bi-Linear pairing over a public key cryptographic primitive, such as an elliptical curve or lattice. While some of these schemes based on Lattice primitives claim to be quantum resistant, others are not and none are yet proven to be quantum resistant. Such schemes also involve relatively large data expansion, in particular as larger keys are required for lattice-based functions.
The present invention takes a different approach and seeks to mitigate the above-mentioned problems by deterministic policy based generation of symmetric keys using demonstrably quantum safe primitives that can then be used for policy based in encryption. Alternatively or additionally, the present invention seeks to provide an improved system and method of encryption.
Summary of the Invention
The present invention provides, according to a first aspect, a method of encrypting a data object comprising the following steps: defining an encryption policy P using at least a first system attribute retrieving a first attribute key AlCi associated with the first system attribute, applying a one-way function fl to the first attribute key AK' to produce an immediate value IV1, generating a random value MI1, combining ML and IVi using an operator such that a key K is generated, encrypting the data object using the key K to produce an encrypted data object The method according to the invention allows the encryption process to be applied in existing symmetric encryption systems. The method may also result in lower data expansion than existing encryption methods.
The step of combining MI1 and 1V1 may comprise applying an XOR operator, or any other suitable function which is capable of combining MI1 and IV' to generate a key.
The method may include the additional steps of defining the encryption policy P using a first system attribute AND second system attribute; retrieving the second attribute key AK2 associated with the second system attribute; combining the first attribute key AK1 and second attribute key AK2 with a one way function fl to produce the intermediate value IVI.
Advantageously, the method provides a method of encryption which does not require the key K to be distributed in order to allow for decryption of a data object.
Instead, the method relies on the key being recreated by authorised users, who possess the required system attributes, and consequently associated attribute keys. If a user does not possess the required system attributes, they will not be able to recreate the key K, and thus the encrypted data object remains secure. The key K is also unique for each encryption requirements, as each time a key is generated, a random value MI is used. Therefore, even when the same encryption policy is used, a unique key is generated.
The one-way function fl is chosen such that the intermediate value 'VI is smaller in size than the attribute key or keys to which the one way function is applied. For example, the output of the one-way function may be 500 bits, with the input of the one or more attribute keys being 1000 bits. The difference in size of input and output, for example, at least double the input to the output, means there is a loss of entropy. As a result, there are a large number of inputs which may produce a known output. The arrangement as set out in the present invention prevents the attribute key or keys being determined when starting at the intermediate value 11/4. Therefore, even if the intermediate value lvi is seen or intercepted when it should not be, the attribute key or keys cannot be determined by an unauthorised user, thereby preventing the encrypted data object from being decrypted.
The method may further comprise the steps of: defining the encryption policy P using a first system attribute OR a second system attribute, retrieving a second attribute key AK2 associated with the second system attribute, applying the one way funct on fl to the second attribute key AK9 to create an intermediate value IV., combining the key K and the intermediate value 1V11 to produce a value MIn. In such a method, in order to decrypt the encrypted data object, the user must possess either the first attribute and associated attribute key, or the second attribute and second attribute key.
The method may comprise defining the encryption policy P using at least a third system attribute AND a fourth system attribute, wherein at least one of the first system attribute and second system attribute is different to the third system attribute and fourth system attribute, retrieving a third attribute key AK3 associated with the third system attribute and a fourth attribute key AK4 associated with the fourth system attribute, combining the third attribute key AK3 and fourth attribute key AK4 using the one-way function fl to create an intermediate value IV., combining the key K and the intermediate value IV11 to produce a value MI..
In such a method, in order to decrypt the encrypted data object, the user must possess either the first attribute and second attribute, or the third attribute and fourth attribute.
The key K and the intermediate value IV, may be combined with an XOR operator.
The value MI11 may be attached to the encrypted data object as metadata shared via secure wired or wireless electronic communication, or via a token. Alternatively, the value MI11 may be transmitted in clear, for example tagged to the data, placed in an open server, or shared by any convenient mechanism. Even if an -4 -unauthorised user discovers the value Min they will still fail to generate the key K as they will be lacking the required attribute keys.
The system attributes may include a security classification of "restricted", and departmental information of ITV, and also "confidential' and "finance'. The encryption policy may be chosen to encrypt the data object so that only users with the system attributes of "restricted" AND 'HR", OR users with the system attributes of "confidential" AND "finance" may decrypt the data. If a user does not possess at least one combination of the required attributes, they will not have access to the attribute keys associated with those attributes. Without the required attribute keys, the unauthorised user will not be able to decrypt the data, even if the unauthorised user is able to obtain the value MI1 or Mla The one-way function fl means that a brute force attack to try and work backwards to the various attribute keys will be more difficult than attacking the key directly. Instead, in order to obtain the key K, it is necessary to first know those attribute keys.
Example one-way functions which may be used by the invention include one-way functions where the input is larger than the output, many of which are known to the person skilled in the art. For example, the one-way function may be a secure hash function, such as MD5, SHA1, SHA2 amongst others.
A hash function is an algorithm that maps data of an arbitrary size to a bit array which has a fixed size. Hash functions are deterministic, so the same data results in the same hash. As the input is larger than the output, hash functions are particularly well suited to the present method.
The method requires the secure distribution of attribute keys, and suitable methods of secure distribution may be chosen appropriately. For example, secure delivery of attribute keys in a physical medium or token, such as a computer readable storage device. However, once the attribute keys have been securely distributed, the data objects may be communicated or distributed under less stringent provisions. Even if an encrypted data object is intercepted, unless a user possesses the required attribute keys, the key K cannot be recreated, and the data object will remain encrypted.
The system attributes may comprise any or all of security classifications, departmental information, organisation information, codes words, and user seniority (e.g. rank) or position. For example, the system attributes may include a security -5 -classification of "restricted-, and departmental information of "finance". The encryption policy may be chosen to encrypt the data object so that only users with the system attributes of "restricted" AND "finance" may decrypt the data.
The method may further comprise the step of attaching the encryption policy P and the random number MU to the encrypted data object as metadata.
The method may further comprise the step of distributing the encryption policy P to authorised users via a token.
The method may further comprise the step of distributing the encryption policy P to authorised users via a secure electronic communication channel.
The present invention provides, according to a second aspect, a method of decrypting a data object encrypted according to the first aspect of the invention, the method comprising the steps of: retrieving the encryption policy P and the value Mli, retrieving at least one attribute key according to the encryption policy P, combining attribute key with the one way function fl to provide the intermediate value IVI, combining N411 and IVI using an operator to create the key K, and decrypting the encrypted data object with the key K. The method of decrypting a data object may comprise retrieving the encryption policy from the encrypted data metadata. The method of decrypting data may comprise retrieving the encryption policy from a token or an electronic memory.
If the user's attributes do not match an allowed attribute or set of attributes, they will not have access to the relevant attribute keys. In the absence of these attribute keys, the encrypted data object cannot be decrypted. The policy may comprise a plurality of allowed attribute keys or combinations of attribute keys. The user only has to possess one allowed attribute key or set of attribute keys in order to decrypt the encrypted data object.
According to a third aspect, the invention provides a method of decrypting a data object encrypted as described above, wherein the encryption policy P comprises a plurality of allowed user attributes, the method comprising the steps of: retrieving a user's attributes, retrieving the encryption policy P. -6 -parsing the encryption policy to find a user attribute function or functions (e.g. an AND function) which matches the user's attributes, retrieving the attribute keys associated with the user's attributes matched to the user attribute function or functions, combining the retrieved attribute keys using the one-way function fl to produce an intermediate value IV,,, retrieving, a value ML associated with the user attribute function or functions which matches the user's attributes, combining Min and IVn with an operator to produce the key K, and decrypting the encrypted data object with the key K. According to a fourth aspect, the invention provides a method of generating a cryptographic key comprising the following steps: defining an encryption policy P using at least a first system attribute retrieving a first attribute key AK' associated with the first system attribute, applying a one-way function fl to the first attribute key MCI to produce an immediate value IVI, generating a random value combining ML and IVi with an operator such that a key K is generated. The method may further comprise the steps of: defining the encryption policy P using a first system attribute AND second system attribute; retrieving the second attribute key AK) associated with the second system attribute; combining the first attribute key AK' and second attribute key AK, with a one way function fl to produce the intermediate value IV!.
The method may further comprise the steps of: defining the encryption policy P using at least a third system attribute AND a fourth system attribute, wherein at least one of the first system attribute and second system attribute is different to the third system attribute and fourth system attribute, retrieving a third attribute key AK1 associated with the third system attribute and a fourth attribute key AK( associated with the fourth system attribute, combining the third attribute key and fourth attribute key using the one-way function fl to create an intermediate value IV, -7 -adding the key K to the intermediate value IV. with an XOR operator to produce a value MIn.
The data object may be any data object for which it is desirable to transmit securely. For example, the data object may comprise a text file, audio file, video file, image file, or a stream of data, such as a video or audio stream.
The present invention provides, according to a further aspect, a computer program product comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of any preceding aspect of the invention.
The present invention provides, according to a further aspect, a computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the method of any preceding aspect of the invention.
It will of course be appreciated that features described in relation to one aspect of the present invention may be incorporated into other aspects of the present invention. For example, the method of the invention may incorporate any of the features described with reference to the apparatus of the invention and vice versa.
Description of the Drawings
Embodiments of the present invention will now be described by way of example only with reference to the accompanying schematic drawings of which: Figure 1 shows an initialisation process of a method of encryption according to an embodiment of the invention; Figure 2 shows an AND based policy encryption and decryption method according to an embodiment of the invention; Figure 3 shows and AND/OR based policy encryption and decryption method according to an embodiment of the invention, and Figure 4 shows a communications system according to an embodiment of the invention
Detailed Description -8 -
Figure 1 shows an initialisation process of a method of encryption according to the invention. Once the initialisation has been triggered 100, a set of system attributes is defined 102. The system attributes may, for example, include one or more of the seniority (e.g. rank) of a user, the job role of a user, and whether that user has been vetted, for example for classified information. The skilled person will appreciate that many different system attributes may be defined, as determined by the various users of a communications system using the method of encryption. For example, the system attributes may be military based, or may be based on government or private sector attributes. Each user of such a system may possess one or more of the defined system attributes, and a user profile for each user is created 104 based on those system attributes. An attribute key is created for each attribute 106, such at first attribute key AK' is created for the first attribute, a second attribute key AK7 is created for the second attribute, and so on, such that AK, is created for the nth attribute key. The attribute keys are then distributed to users, in accordance with their user profiles 108. For example, if a user possesses the first attribute, the first attribute key AK1 is distributed to that user. If a user does not possess the first attribute, the first attribute key AK1 is not distributed to that user. The distribution of the attribute keys may take place via a secure token exchange, or via a secure electronic communication. Once the various attribute keys have been distributed as required, the initialisation process is complete 110.
Figure 2 shows an encryption method according to an embodiment of the invention, where attribute keys have been distributed to users as set out with reference to figure 1. In particular, figure 2 shows a method of encryption using AND based policy encryption. The method starts by defining an AND based policy for the data object being encrypted 202. The AND based policy may be any suitable combination of system attributes, the combination of which will be required in order for the encrypted data object to be decrypted. For example, the attributes may include a data object classification, such as SECRET, a department, such as FINANCE, and a seniority, such as DEPARTMENT HEAD. The attribute keys for each of the chosen attributes are then retrieved and combined using a one-way function fl to produce an intermediate value 204.
(AK; AK2; AK) -> fi -> 1V1 The one-way function fi is chosen such that entropy is lost when applied to the attribute keys. For example, if the attribute keys have 1000 bits, the one-way function reduces this down to 500 bits when the intermediate value IVI is generated. As the attribute keys are larger than the intermediate value, it is not possible to work backwards from the intermediate value to the attribute keys. Typically, a hash function is chosen as the one-way function, and the skilled person will be aware of many suitable example hash functions that could be used.
A random number MI is generated, and Modulo 2 added to the intermediate value to create an encryption key K206.
VI -> modulo 2, MI -> K The data object is then encrypted with the key K 208 to provide an encrypted data object. In this embodiment, the encryption policy P and the value MI are attached to the encrypted data object as metadata 210. In other embodiments, the encryption policy P and value MI may be distributed by other means, for example via tokens or secure electronic communication.
The encrypted data object is then transmitted, for example via a wired or wireless communications medium. When a user receives the encrypted data object, they perform an AND based policy decryption method. This includes the steps of the user retrieving the encryption policy P and the value MI from the encrypted object metadata 212. The user then retrieves the various attribute keys specified in the policy P214. If the user does not have access to all of the specified attribute keys, the encrypted data object cannot be decrypted 216. If the user does have access to all of the specified attribute keys, the user combines the various attribute keys using the one-way function ti 218 to recreate the intermediate value IV].
(AK AK2; AK) -> fi -> 1V1 The user then modulo 2 adds the random number MI to the intermediate value IVi to recreate the encryption key K 220.
-10 - -> modulo 2, MI K The user may then use the key to decrypt the encrypted data object 222, such that a decrypted object 224 is provided.
In the method described with reference to figure 2, the policy P comprises an AND based combination of two attributes, with two attribute keys being retrieved and combined. In an alternative embodiment, the policy P may comprise a single attribute, with a single attribute key being retrieved. The one way function fi is the applied to the single attribute key, and the remainder of the encryption and decryption process remains as described with reference to figure 2.
Figure 3 shows an encryption method according to an embodiment of the invention, where attribute keys have been distributed to users as set out with reference to figure 1. In particular, figure 3 shows a method of encryption using AND/OR based policy encryption. The method starts by defining an AND/OR based policy for the data objection being encrypted 302. The AND/OR based policy may be any suitable combination of system attributes, the combination of which will be required in order for the encrypted data object to be decrypted. For example, the attributes may include a first set of attributes comprising a data object classification, such as CONFIDENTIAL, and a department, such as HR, or a second set of attributes comprising a department, such as INTELLIGENCE, and a seniority, such as DEPARTMENT HEAD. The initial creation of the key K and the encryption of the data object matches that as described with reference to figure 2. The attribute keys for each of the chosen first set of attributes are then retrieved 304 and combined using a one-way function fl to produce an intermediate value 306.
(AK; AK2; AK) -> fi -> IVi The one-way function f1 is chosen such that entropy is lost when applied to the attribute keys. For example, if the attribute keys have 1000 bits, the one-way function reduces this down to 500 bits when the intermediate value lvi is generated. As the attribute keys are larger than the intermediate value, it is not possible to work backwards from the intermediate value to the attribute keys. Typically, a hash function is chosen as the one-way function, and the skilled person will be aware of many suitable example hash functions that could be used.
A random number MI is generated, and Modulo 2 added to the intermediate value to create an encryption key 1(308.
-> modulo 2, MI -> K The data object is then encrypted with the key K 310, and the policy and the value MI is attached to the encrypted data object as metadata 312.
Once the first set of attributes has been processed, the method includes the step of checking whether all of the AND functions have been processed 314. If yes, the data object is fully encrypted and ready for transmission. In this embodiment, the encryption policy P and the value MI are attached to the encrypted data object as metadata. In other embodiments, the encryption policy P and value MI may be distributed by other means, for example via tokens or secure electronic communication.
If there are more AND functions to be processed, in this case the second set of attributes, the attribute keys for the second set of attributes are retrieved 316. The second set of attribute keys are combined using the one way function fi in order to produce an intermediate value IV. 318.
(AK; AK.H) -> fi The key K is then modulo 2 added to the intermediate value IV11 to produce 25 MI. 320. The lvii -> modulo 2, K MI. is then attached to the encrypted data object as metatdata 322. Once all of the AND functions have been processed, the encrypted object is transmitted, for example via a wired or wireless communications medium. When a user receives the encrypted data object, they perform an AND based policy decryption method 324 The first step is retrieving the encryption policy P from the encrypted object metadata -12 - 326. The method then comprises parsing the policy to find the first AND function which matches a user's profile, and for which that user will have all of the required attribute keys 328. If a suitable AND function is not found, then the object cannot be decrypted 330. If a suitable AND function is found, the required attribute keys for each attribute used in that AND function are retrieved 332. The attribute keys are then combined using the one way function fi in order to produce an intermediate value TV. 334. The MI0 value associated with the selected AND function is retrieved from the metadata of the encrypted data object 336. The method then comprises Modulo 2 adding NM11 to the intermediate value IV., to produce the encryption key K 338. The data object is then decrypted using the encryption key K 340.
Figure 4 shows an example system according to the invention. A central processor 400 is configured to execute the initialisation process as described with reference to figure 1. Various users 402, 404, and 406, possess various attributes, and the central processor transmits the relevant attribute keys to the users. In this case, user 402 is sent attribute keys AKI and AK), user 404 is sent attribute keys 41C2 and 41(3, and user 406 is sent attribute keys 41(3 and AKi. The central processor 400 then creates a policy P. which in this case is an AND/OR policy of (AKI AND AK2) OR (41(2 AND AK°. The central processor then creates the encryption key IC and produces an encrypted data object as described with reference to figure 3. The encrypted data object is transmitted, and the decryption process also described with reference to figure 3 occurs, with the users 402 and 404 possessing the required attribute keys to decrypt the encrypted data object, and user 406 not possessing the required attribute keys, so being unable to decrypt the encrypted data object. In this case, a single central processor 400 is shown, but the skilled person will appreciate that various different computing entities, including local or cloud processors, may be used to complete different steps in the method. The skilled person will also appreciate that the communication medium between the various aspects of the system may be wired or wireless, and the various components of the system will be configured to have the appropriate receiving and/or transmitting abilities as required.
Whilst the present invention has been described and illustrated with reference to particular embodiments, it will be appreciated by those of ordinary skill in the art that the invention lends itself to many different variations not specifically illustrated herein.
Where in the foregoing description, integers or elements are mentioned which have known, obvious or foreseeable equivalents, then such equivalents are herein incorporated as if individually set forth. Reference should be made to the claims for determining the true scope of the present invention, which should be construed so as to encompass any such equivalents. It will also be appreciated by the reader that integers or features of the invention that are described as preferable, advantageous, convenient or the like are optional and do not limit the scope of the independent claims. Moreover, it is to be understood that such optional integers or features, whilst of possible benefit in some embodiments of the invention, may not be desirable, and may therefore be absent, in other embodiments.

Claims (14)

  1. -14 -Claims 1. A method of encrypting a data object comprising the following steps: defining an encryption policy P using at least a first system attribute retrieving a first attribute key AK1 associated with the first system attribute, applying a one-way function fl to the first attribute key AK 1 to produce an immediate value TV!, generating a random value combining Mil and WI using an operator such that a key K is generated, encrypting the data object using the key K to produce an encrypted data object.
  2. 2. A method as claimed in claim 1, wherein the step of combining MI and WI comprises applying an XOR operator. 15
  3. 3. A method of encrypting a data object as claimed in claim t or claim 2, including the additional steps of: defining the encryption policy P using a first system attribute AND second system attribute; retrieving the second attribute key AK2 associated with the second system attribute; combining the first attribute key AK1 and second attribute key AK, with a one way function ft to produce the intermediate value IVI.
  4. 4 A method of encrypting data as claimed in claim 1 or claim 2, including the additional step of defining the encryption policy P using a first system attribute OR a second system attribute, retrieving a second attribute key AK2 associated with the second system attribute, applying the one way function fl to the second attribute key AK2 to create an intermediate value IV., combining the key K and the intermediate value IVn to produce a value MI.
  5. 5. A method of encrypting data according to claim 3 or 4, further comprising the steps of: defining the encryption policy P using at least a third system attribute AND a fourth system attribute, wherein at least one of the first system attribute and second system attribute is different to the third system attribute and fourth system attribute, retrieving a third attribute key AK3 associated with the third system attribute and a fourth attribute key AK4 associated with the fourth system attribute, combining the third attribute key AK3 and fourth attribute key AK4 using the one-way function fl to create an intermediate value IV., combining the key K and the intermediate value IV,, to produce a value NII,,.
  6. 6. A method as claimed in any preceding claim, further comprising the step of attaching the encryption policy P and/or the random value Mb to the encrypted data object as metadata.
  7. 7. A method as claimed in any of claims 1 to 5, further comprising the step of distributing the encryption policy P and/or the random value Mk to authorised users via a token.
  8. 8. A method as claimed in any of claims 1 to 5, further comprising the step of distributing the encryption policy P and/or the random value Mb to authorised users via a secure electronic communication channel
  9. 9. A method of decrypting a data object encrypted according to claim 1, the method comprising the steps of: retrieving the encryption policy P and the value NIL, retrieving at least one attribute key according to the encryption policy P, combining the at least one attribute key with the one way function fl to provide the intermediate value IVi, combining Mli and IVi using an operator to create the key K, and decrypting the encrypted data object with the key K. -16 -
  10. 10. A method of decrypting a data object encrypted according to the method of claim 3, the method comprising the steps of: retrieving a user's attributes, retrieving the encryption policy P. parsing the encryption policy to find an AND function which matches the user's attributes, retrieving the attributes keys associated with the matching attributes, combining the retrieved attribute keys using the one-way function fl to produce an intermediate value IV., retrieving, a value NII,, associated with the AND function, combining MI, and IV, with an operator to produce the key K, and decrypting the encrypted data object with the key K.
  11. 11. A method of generating a cryptographic key comprising the following steps: defining an encryption policy P using at least a first system attribute retrieving a first attribute key AKA associated with the first system attribute, applying a one-way function fl to the first attribute key AKI to produce an immediate value IV!, generating a random value Mli, combining Mb and IVI with an operator such at a key K is generated.
  12. 12. A method of generating a cryptographic key according to claim 11, further comprising the steps of defining the encryption policy P using a first system attribute AND second system attribute; retrieving the second attribute key AK2 associated with the second system attribute; combining the first attribute key AK, and second attribute key AK, with a one way function ft to produce the intermediate value IVI.
  13. 13. A method of generating a cryptographic key according to claim 12, further comprising the steps of -17 -defining the encryption policy P using at least a third system attribute AND a fourth system attribute, wherein at least one of the first system attribute and second system attribute is different to the third system attribute and fourth system attribute, retrieving a third attribute key AK3 associated with the third system attribute and a fourth attribute key AK4 associated with the fourth system attribute, combining the third attribute key and fourth attribute key using the one-way function 11 to create an intermediate value IV., combining the key K and the intermediate value 1V11 to produce a value MI.
  14. 14. A computer program product comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of any preceding claim.A computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the method of any of claims I to 13.
GB2212534.8A 2022-08-30 2022-08-30 System and method of encryption and generating encryption keys Pending GB2622006A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB2212534.8A GB2622006A (en) 2022-08-30 2022-08-30 System and method of encryption and generating encryption keys

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB2212534.8A GB2622006A (en) 2022-08-30 2022-08-30 System and method of encryption and generating encryption keys

Publications (2)

Publication Number Publication Date
GB202212534D0 GB202212534D0 (en) 2022-10-12
GB2622006A true GB2622006A (en) 2024-03-06

Family

ID=83690329

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2212534.8A Pending GB2622006A (en) 2022-08-30 2022-08-30 System and method of encryption and generating encryption keys

Country Status (1)

Country Link
GB (1) GB2622006A (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210152351A1 (en) * 2019-04-09 2021-05-20 Mark Rodney Anson Computer System Implemented Method for Generating a Symmetric Encryption Key Used for Encrypting and Decrypting a Computer System User's Hidden Data

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210152351A1 (en) * 2019-04-09 2021-05-20 Mark Rodney Anson Computer System Implemented Method for Generating a Symmetric Encryption Key Used for Encrypting and Decrypting a Computer System User's Hidden Data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2007, JOHN BETHANCOURT ET AL "Ciphertext-Policy Attribute-Based Encryption", pages 321-334 *

Also Published As

Publication number Publication date
GB202212534D0 (en) 2022-10-12

Similar Documents

Publication Publication Date Title
US11063754B2 (en) Systems, devices, and methods for hybrid secret sharing
US10810315B2 (en) Enabling access to data
US8630421B2 (en) Cryptographic key backup and escrow system
CN103812854B (en) Identity authentication system, device and method and identity authentication requesting device
WO2000031917A1 (en) Data encrypting and decrypting apparatus and methods
JPH11239124A (en) Method and device for restoring secret key
CN103780607A (en) Repeating-data deleting method based on different permissions and system thereof
Mahalakshmi et al. Effectuation of secure authorized deduplication in hybrid cloud
US20240063999A1 (en) Multi-party cryptographic systems and methods
US11270012B2 (en) Encryption key shares to different devices for rendering
Barukab et al. Secure communication using symmetric and asymmetric cryptographic techniques
GB2622006A (en) System and method of encryption and generating encryption keys
EP3644545B1 (en) Apparatus and method for encryption and decryption
CN111541652B (en) System for improving security of secret information keeping and transmission
Mathur et al. The Evolution and Impact of Cryptography in Ensuring Data Privacy
EP2680486A1 (en) Key management
Venkatesh et al. Secure authorised deduplication by using hybrid cloud approach
Dodmane A new hybrid symmetric-key technique to enhance data security of textual information using random number generator
Pawar et al. Survey of cryptography techniques for data security
Ghorpade et al. Notice of Violation of IEEE Publication Principles: Towards Achieving Efficient and Secure Way to Share the Data
Reddy et al. Data Storage on Cloud using Split-Merge and Hybrid Cryptographic Techniques
Deepika Data access control for multiauthority storage system
Muniyal et al. Multi user authentication protocol using visual sceret sharing
Rajeshwaran et al. Secured Cryptosystem for Key Exchange
CN115865335A (en) Information encryption method and decryption method