KR20150034591A - Cloud server for re-encrypting the encrypted data and re-encrypting method thereof - Google Patents
Cloud server for re-encrypting the encrypted data and re-encrypting method thereof Download PDFInfo
- Publication number
- KR20150034591A KR20150034591A KR20140060366A KR20140060366A KR20150034591A KR 20150034591 A KR20150034591 A KR 20150034591A KR 20140060366 A KR20140060366 A KR 20140060366A KR 20140060366 A KR20140060366 A KR 20140060366A KR 20150034591 A KR20150034591 A KR 20150034591A
- Authority
- KR
- South Korea
- Prior art keywords
- data
- key
- encryption
- cloud server
- decryption
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
This disclosure relates to cloud storage services and relates to techniques for enabling encrypted data to be decrypted and viewed even if the user loses the password. A cloud server according to the present invention is a cloud server that provides a cloud storage service to a plurality of user equipments and includes a communication unit for performing communication between a plurality of user equipments and the cloud server and a communication unit for communicating data received from at least one user equipments And a processing unit for generating new data by re-encrypting the stored data, wherein the stored data is encrypted data decrypted by the first decryption key into original data, and the new data is decrypted by the second decryption key The processing unit refers to a re-encryption key different from the first and second decryption keys, and performs re-encryption without decoding the original data by the first decryption key.
Description
The present disclosure relates to a cloud server providing cloud storage service, and more particularly, to a cloud server for re-encrypting encrypted data and a re-encryption method thereof.
Cloud services are a mix of computing and communication services, such as virtualization, utility, and on demand computing. Typically, virtualized computer systems are used to provide users with a variety of software, security solutions, or computing resources. Means the service provided.
In particular, the cloud service can provide a wide range of data storage services to the user, allowing the user to store programs or documents individually stored in the personal computer device in an Internet-based cloud server. And, the user can drive or browse a program or a document stored in the cloud server through various terminals such as a personal computer or a smart phone. This cloud service has the advantage of allowing the user to freely access the stored data without being affected by the place, and to utilize a richer computing resource than the user can personally provide.
On the other hand, as the data storage service using the cloud is widely used, secret data such as personal information, private data, and business secrets of the enterprise are increasingly stored in the cloud server. To this end, some cloud services encrypt stored data to prevent data from being leaked to a third party. Some of them are not to store the encryption information separately in the cloud server (for example, spideroak or boxcryptor) so that the cloud service provider can not arbitrarily browse the data stored in the cloud server, In such a system, only the user can have the encryption information or decrypt the encrypted data. However, in this case, the user's confidence in the security of the stored data may be improved, but when the user loses the encryption information (or encryption means), either the cloud server (or the service provider) There is a problem that the user can not decrypt the encrypted data again.
An object of the present invention is to provide a cloud server and a re-encryption method thereof for re-encrypting data encrypted with existing encryption information in a cloud storage service as new encryption information without a decryption process.
It is another object of the present invention to provide a cloud storage service configured so that a service provider can not also browse stored data, in which a user newly renews encryption information in place of lost encryption information, A cloud server capable of decrypting data, and a re-encryption method thereof.
A cloud server for providing a cloud storage service to a plurality of user devices according to embodiments of the present invention includes a communication unit for performing communication between the plurality of user devices and the cloud server; A data storage unit for storing data received from at least one of the plurality of user devices; And a processor for re-encrypting the stored data to generate new data, wherein the stored data is encrypted data decoded into original data by a first decryption key, and the new data is decrypted by the second decryption key, And the processing unit performs the re-encryption without decoding the original data by the first decryption key with reference to a re-encryption key different from the first and second decryption keys .
In an embodiment, the first decryption key and the second decryption key are different from each other.
As an embodiment, the decoding to the original data by the first decoding key and the decoding to the original data by the second decoding key are performed by the same decoding algorithm.
In an embodiment, the second decryption key is stored exclusively in the at least one user device.
In an embodiment, the stored data is data obtained by encrypting the original data with an encryption key corresponding to the first decryption key.
In an embodiment, the encryption key and the other encryption key corresponding to the second decryption key are stored exclusively in the at least one user device.
As an embodiment, the encryption of the original data by the encryption key is performed by an encryption algorithm represented by the formula M enc = (C, Z) = (M x e (g 1 , k e ) r , g 1 r ) Wherein M enc is the encrypted data, C and Z are two parameters included in the encrypted data, M is the original data, e is e (u a , v b ) = e (u, v) ab , k e is the encryption key, g1 is a factor value provided for encryption, and r is a random number.
As an embodiment, the decoding to the original data by the first decoding key is performed by a decoding algorithm using a function h expressed by the equation h (C, Z) = C / [e (Z, g 2 ) kd ] and the k d is the independent variable in the first decryption key, and wherein g 2 is a factor value, and wherein the C and Z is the decryption algorithm, each of the encrypted data that is provided for decoding by the first decoding key Is substituted into the function h.
By way of example, re-encryption of the stored data, the formula M enc '= (A, B ) = is performed by the re-encryption algorithm represented by the (C × e (Z, k re), Z), wherein M enc' Is the new data re-encrypted, A and B are two parameters included in the re-encrypted new data, and k re is the re-encryption key.
In an embodiment, the at least one user device determines the re-encryption key with reference to the encryption key and the other encryption key, and provides the determined re-encryption key to the cloud server.
In an embodiment, the at least one user device comprises one or more participating clients or non-participating clients.
A method of re-encrypting data in a cloud server providing cloud storage services to a plurality of user devices according to embodiments of the present invention includes: checking a password lost message from at least one user device among the plurality of user devices; Providing a seed key to the at least one user device in accordance with the confirmation result; Generating a re-encryption key based on the seed key and the new password; And re-encrypting the first encrypted data decrypted with the first decryption key with the original data, with the second decryption key, with the second decrypted data decrypted with the original data with reference to the re-encryption key, And the re-encrypting step re-encrypts the first encrypted data with the second encrypted data without decoding the original data by the first decryption key.
In an embodiment, the second decryption key is stored exclusively in the at least one user device.
In an embodiment, the second encrypted data is stored in the cloud server and is provided to the at least one user device upon request of the at least one user device.
In an embodiment, the first decryption key and the second decryption key are different from each other.
As an embodiment, the decoding to the original data by the first decoding key and the decoding to the original data by the second decoding key are performed by the same decoding algorithm.
According to the embodiment of the present disclosure, the encryption information for the data is not shared with the service provider. Therefore, only the user can decrypt the data, and the security of the data is improved.
Also, the user can re-encrypt the data encrypted with the existing encryption information into new encryption information without a separate decryption process.
Further, even when the user loses the encryption information, the user can newly update the encryption information in place of the lost encryption information, and can freely decrypt and browse the data encrypted with the lost encryption information through the updated encryption information.
1 is a conceptual diagram illustrating a cloud system, in accordance with embodiments of the present disclosure;
2 is a block diagram showing a specific configuration of the cloud server shown in FIG.
FIGS. 3 and 4 are diagrams illustrating a method of generating encryption information in a cloud system according to embodiments of the present invention. FIG.
5 is a flowchart illustrating a data encryption method of a cloud system according to embodiments of the present invention.
6 is a flowchart showing a data decoding method of a cloud system according to embodiments of the present invention.
7 is a block diagram schematically illustrating a method of re-encryption of a cloud server according to embodiments of the present invention.
8 and 9 are diagrams illustrating a method for generating new encryption information in a cloud system according to embodiments of the present invention.
10 is a flowchart specifically illustrating a data re-encryption method of a cloud system according to embodiments of the present invention.
The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the disclosure may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the specification. It should be understood that the various embodiments herein are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the disclosure in relation to one embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the disclosure. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of this specification is principally defined in the appended claims, encompassing the possible claims within the claims and their possible equivalents . Where similar reference numerals are used in the figures, similar reference numerals used refer to the same or similar functions for various embodiments.
In the cloud storage service, even if the data stored in the cloud server is leaked, the data must be encrypted to ensure the confidentiality of the data. Furthermore, in order to more fully secure the confidentiality of data, the provider of the cloud service also needs to hold the encryption information for encrypting or decrypting the data alone, not shared with the service provider, so that the stored data can not be opened .
However, in this case, since the encryption information can not be obtained again from the service provider, if the user loses the encryption information, the encrypted data stored in the cloud can not be decrypted or browsed again. Thus, in this specification, a means is provided for freely decrypting or browsing stored data even if the user loses the encrypted information by renewing the encryption information in lieu of the lost encryption information and re-encrypting the stored data with the updated encryption information do.
Prior to the earliest description of the specification, the terms used throughout the specification are defined.
Definition of Terms
Cloud server: A device that connects to clients through wired / wireless communication and provides cloud storage services to users. And stores various user information or data.
Participating client: A user device that stores a user's encryption key and decryption key as encryption information, and is a client registered in advance in the cloud server. For example, a computer with a cloud server sync program or a smartphone with a cloud app installed can be a participating client.
Sync program: It is a program that synchronizes the file and folder structure stored in the cloud server with the file and folder structure of the client as an application linked to the cloud storage service.
Non-participating client: A user device that does not store the user's encryption key and decryption key, and is not previously registered with the cloud server. For example, a public computer that does not have a sync program installed can be a non-participating client.
M: The data that the user stores in the cloud. When stored in the cloud, it is stored in encrypted form (Menc).
k s : The seed key that the cloud server has.
ID, pw log : Login ID and password for the user to connect to the cloud server. The user knows both the login ID and the password, and the cloud stores the hash value of the login ID and login password.
pw enc : Encryption password to generate encryption information. The password used to encrypt or decrypt the data stored in the cloud, only the user knows it and is not shared with the cloud server.
f (x, y): Generation function for generating encryption information. From the two input values, a predetermined result that is calculated in the polynomial time is calculated (i.e., the result is calculated within a predetermined time). However, when z = f (x, y), it is very difficult to find the other one of x and y even if x and y and z are known. It is shared with both the cloud server and the client.
g 1 ∈ G 1 , g 2 ∈ G 2 : any value that the cloud server generates. Here, the set G 1 in which g 1 and g 2 are generated or selected, G 2 may be different from each other, and g 1 and g 2 are values used for encrypting and decrypting data. g 2 is also used as a method for generating a user's encryption key.
e: Bilinear map mapped as G 1 × G 2 → G T. e (u a, v b) = e (u, v) is a function having the characteristics ab.
k d : decryption key for decrypting the encrypted data (Menc). is calculated by substituting the encryption secret and the seed key as two input values of k d = f (pw enc , k s ), that is, f (x, y).
k e : An encryption key for encrypting data. k e = g 2 kd , that is, g 2 and k d , and k e has only the user. In the public key cryptosystem, k e is paired with k d and can be derived from the k d in polynomial time. On the other hand, k e is derived very easily from k d , but it is difficult to derive k d from k e .
r: random number
A '(where A is an arbitrary value): A is updated or updated.
In the following, the embodiments of the present invention will be described in detail with the assumption that the terms are defined as above.
1 is a conceptual diagram illustrating a cloud system, in accordance with embodiments of the present disclosure; Referring to FIG. 1, a
The
The specific configuration, function, and operation method of the
The
The specific configuration, function, and operating method of the
The
The
In the embodiments herein, the
In addition, when the encrypted password pw enc is lost, the
The method by which the user device updates the encryption key and decryption key, generates the re-encryption key, and the specific method by which the
According to the above configuration, the encryption information for the stored data is not shared with the service provider. Therefore, only the user can decrypt the data, and the security of the data is improved.
Also, since the user can re-encrypt the data encrypted with the existing encryption information into new encryption information without performing a separate decryption process, data stored in the cloud server can be decrypted and browsed freely even if encryption information is lost.
2 is a block diagram showing a specific configuration of the cloud server shown in FIG. Referring to FIG. 2, the
The
The
The
The
FIGS. 3 and 4 are diagrams illustrating a method of generating encryption information in a cloud system according to embodiments of the present invention. FIG. FIG. 3 shows a method of generating an encryption information when the user apparatus is a participating client, and FIG. 4 shows a method of generating encryption information when the user apparatus is a non-participating client.
3 and 4, the decryption key (k d ) generated according to the encryption information generating method is stored only in the user (participating client or non-participating client) and not in the
Referring to FIG. 3, a
The participating
The
The user or participating
A concrete embodiment for generating the encryption information from the encryption secret (pw enc ) and the seed key (k s ) will be described later in conjunction with FIG.
As an embodiment, participating
As an example, the
However, if the user's login ID and login password (pw log ) are already registered in the
According to the above configuration, the participating
Referring to FIG. 4, a
The
The
Then, the user or
A concrete embodiment for generating the encryption information from the encryption secret (pw enc ) and the seed key (k s ) will be described later in conjunction with FIG.
As an embodiment,
Here, it is assumed that the user's login ID and login password (pw log ) are already registered in the
According to the above configuration, the
5 is a flowchart illustrating a data encryption method of a cloud system according to embodiments of the present invention. Referring to FIG. 5, the data encryption method of the cloud system 1000 (see FIG. 1) includes steps S110 to S130.
In FIG. 5, the
In step S110, the
k d = f (pw enc , k s ) ... Equation (1)
Here, the encrypted password pw enc is a password used for data encryption or decryption, and is a value determined and known by the user. As an example, the seed key (k s ) may be pre-stored in the
In step S120, the
k e = g 2 kd ... Equation (2)
In step S130, the
M enc = (M x e (g 1 , k e ) r , g 1 r ) = (C, Z) Equation (3)
That is, the
5, it is assumed that the
Further, in the embodiment of FIG. 5, the
Further, in the embodiment of FIG. 5, the
According to the above configuration, the
6 is a flowchart showing a data decoding method of a cloud system according to embodiments of the present invention. Referring to FIG. 6, the data decoding method of the cloud system 1000 (see FIG. 1) includes steps S210 to S220.
In Figure 6, the
In step S210, the
In step S220, the
First, a function h with h (C, Z) = C / [e (Z, g 2 ) kd ]
In the decoding process, two parameters of M enc = (C, Z) = (M × e (g 1 , k e ) r , g 1 r ) are substituted into the input value of the function h.
h (C, Z) = h (M × e (g 1, k e) r, g 1 r) = M × e (g 1, k e) r) / [e (g 1 r, g 2) kd ]
= M × e (g 1 , g 2 ) kd × r / [e (g 1 , g 2 ) kd × r ] = M Equation (4)
That is, in step S220, the
6, the
In addition, the decoding method of FIG. 6 is paired with the encryption method described in FIG. Therefore, when the encryption method of FIG. 5 is the public key encryption method or the symmetric key encryption method, the decryption method of FIG. 6 may be a decryption method of the corresponding method.
According to the above configuration, the
On the other hand, Fig. 7 or the encrypted immediately re without decoding the data (M enc) encrypted with which encryption key (k e), the encrypted data (M enc) to another encryption key (k e ') data (M enc ').
This method provides a means for restoring the original data M even if the user loses the means (e. G. , Pw enc ) for decrypting the encrypted data M enc . At this time, after setting a new password pw enc 'and generating a decryption key k d ' corresponding thereto, the user sets the previous data M enc to be decryptable with the new decryption key k d ' Encryption (M enc ').
On the other hand, in the following embodiments, a method of responding to the case where the login ID and the login password (pw log ) are lost is not discussed. The login information (login ID and login password) is information stored in the
7 is a block diagram schematically illustrating a method of re-encryption of a cloud server according to embodiments of the present invention. (See 1100, Fig. 1) 7, a cloud server to the first encryption information (ke, kd) to re-encrypt the
The
The
In FIG. 7, the
8 and 9 are diagrams illustrating a method for generating new encryption information in a cloud system according to embodiments of the present invention. 8 shows a method of generating new encryption information when the user apparatus 1200 (see FIG. 1) is a participating client, and FIG. 9 shows a method of generating new encryption information when the
8 and 9, a new decryption key (k d ') generated according to the new encryption information generation method is stored only in the user device 1200 (participating client or non-participating client), and is stored in the
In the embodiment of Figures 8 and 9, the user assumes that the encrypted password pw enc has been lost. 8 and 9, the user sets a new encryption key pw enc 'and generates new encryption information (k e ', k d ') and re-encryption key (k re ) accordingly.
Referring to FIG. 8, a new encryption
The participating
The
The user decides (340) a new encrypted secret (pw enc ') through the participating
The participating
The participating
The specific method by which the
9, a
The
The
The user in the new encrypted password by the method in the same manner to determine the (pw enc ') and generate (440), the encrypted information (k d, k e), generates a function (f) via a non-participating client 1220 A new decryption key (k d ') and a new encryption key (k e ') are sequentially generated (450) by substituting the new encryption key (pw enc ') and the new seed key (k s ').
The
The
The specific method by which the
10 is a flowchart specifically illustrating a data re-encryption method of a cloud system according to embodiments of the present invention. 10, the data re-encryption method of the cloud system 1000 (see FIG. 1) includes steps S310 to S360.
In step S310, the user reports the loss of the encrypted password pw enc through the user device 1200 (see FIG. 1). At this time, the
In step S320, the
In step S330, the user determines a new encrypted password pw enc '. The
In step S340, the
In step S350, the
k re = k e '/ k e ... Equation (5)
The generated re-encryption key (k re ) is provided to the
In step S360, the
First, a re-encryption function p: G T × G 1 × G 2 → G T × G 1 , where p (A, B, C) = (A × e (B, C), B) is defined. Then, the re-encryption function p (A, B, C) three input values assigned to the two parameters and the re-encryption key (k re) of the encrypted data (M enc) and, as a result, the re-encrypted data as the (M enc ').
That is, M enc = (C, Z), k re ? P (A, B, C)
p (C, Z, k re ) = (C x e (Z, k re ), Z) = M enc '.
(C, Z) = (M x e (g 1 , k e ) r , g 1 r ) and k re = k e '/ k e in the equations (3) Z, k re ) are transformed as shown in equations (6) and (7).
p (C, Z, k re ) = (C × e (Z, k re), Z) = (M × e (g 1, k e) r × e (g 1 r, k re), g 1 r ) ... Equation (6)
On the other hand, in equation (2), k e = g 2 kd , Since k e '= g 2 kd ,
p (C, Z, k re ) = (M × e (g 1, k e) r × e (g 1 r, k re), g 1 r)
= (M × e (g 1 , g 2 kd) r × e (g 1 r, g 2 kd'- kd), g 1 r)
= (M × e (g 1 , g 2) kd × r × e (g 1, g 2) (kd'- kd) × r, g 1 r)
= (M × e (g 1 , g 2) kd' × r, g 1 r)
= (M x e (g 1 , k e ') r , g 1 r ) = M enc ' Equation (7)
Referring to Equations (6) and (7), the re-encrypted data M enc 'is generated by replacing the original data M with a new encryption key k e ' ). ≪ / RTI > That is, the re-encrypted data M enc 'can be decrypted according to the method described in equation (4) using the new decryption key (k d ').
The
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments.
Also, although specific terms are used herein, they are used for the purpose of describing the invention only and are not used to limit the scope of the present disclosure as defined in the claims or the claims. Therefore, the scope of the present specification should not be limited to the above-described embodiments, but should be defined by the appended claims and their equivalents.
1000: Cloud system 1100: Cloud server
1200: user device 1300: communication network
1210: participating client 1220: non-participating client
1310: Mobile communication network 1320: Wireless LAN
1110: Processing section 1120: Data storage section
1130:
Claims (16)
A communication unit for performing communication between the plurality of user equipments and the cloud server;
A data storage unit for storing data received from at least one of the plurality of user devices; And
And a processor for re-encrypting the stored data to generate new data,
The stored data is encrypted data decoded into original data by a first decryption key,
The new data is encrypted data decrypted with the original data by the second decryption key,
The processing unit refers to a re-encryption key different from the first and second decryption keys, and performs the re-encryption without decryption to the original data by the first decryption key.
Wherein the first decryption key and the second decryption key are different from each other.
Wherein decoding of the original data by the first decoding key and decoding of the original data by the second decoding key are performed by the same decoding algorithm.
Wherein the second decryption key is stored exclusively in the at least one user device.
Wherein the stored data is data obtained by encrypting the original data with an encryption key corresponding to the first decryption key.
Wherein the encryption key and the other encryption key corresponding to the second decryption key are stored exclusively in the at least one user device.
The encryption of the original data by the encryption key is performed by an encryption algorithm represented by the formula M enc = (C, Z) = (M x e (g 1 , k e ) r , g 1 r )
Wherein M enc is the encrypted data, C and Z are two parameters included in the encrypted data, M is the original data, e is e (u a , v b ) = e (u , v) ab , where k e is the encryption key, g 1 is an argument value provided for encryption, and r is a random number.
The decoding to the original data by the first decoding key is performed by a decoding algorithm using a function h expressed by the equation h (C, Z) = C / [e (Z, g 2 ) kd ]
K d is the first decryption key, g 2 is a factor value provided for decryption by the first decryption key,
Wherein the C and Z of the encrypted data are respectively assigned to the function h as independent variables in the decoding algorithm.
The re-encryption of the stored data is performed by a re-encryption algorithm expressed by the formula M enc '= (A, B) = (C x e (Z, k re ), Z)
Wherein M enc 'is the re-encrypted new data, A and B are two parameters included in the re-encrypted new data, and k re is the re-encryption key.
Wherein the at least one user device determines the re-encryption key by referring to the encryption key and the other encryption key, and provides the determined re-encryption key to the cloud server.
Wherein the at least one user device comprises one or more participating clients or non-participating clients.
Checking a password lost message from at least one of the plurality of user devices;
Providing a seed key to the at least one user device in accordance with the confirmation result;
Generating a re-encryption key based on the seed key and the new password; And
And re-encrypting the first encrypted data decrypted with the first decryption key with the original data with the second decryption key with the second decrypted key decrypted with the original data with reference to the re-encryption key,
Wherein the re-encrypting step re-encrypts the first encrypted data with the second encrypted data without decryption to the original data by the first decryption key.
Wherein the second decryption key is stored exclusively in the at least one user device.
Wherein the second encrypted data is stored in the cloud server and is provided to the at least one user device upon request of the at least one user device.
Wherein the first decryption key and the second decryption key are different from each other.
Wherein the decoding of the original data by the first decryption key and the decryption of the original data by the second decryption key are performed by the same decoding algorithm.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20130114652 | 2013-09-26 | ||
KR1020130114652 | 2013-09-26 |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20150034591A true KR20150034591A (en) | 2015-04-03 |
Family
ID=53031375
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR20140060366A KR20150034591A (en) | 2013-09-26 | 2014-05-20 | Cloud server for re-encrypting the encrypted data and re-encrypting method thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20150034591A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019103360A1 (en) * | 2017-11-21 | 2019-05-31 | 순천향대학교 산학협력단 | Data management method and system based on proxy re-encryption in iot lightweight terminal environment |
US20210135853A1 (en) * | 2019-10-31 | 2021-05-06 | Samsung Sds Co., Ltd. | Apparatus and method for data security |
-
2014
- 2014-05-20 KR KR20140060366A patent/KR20150034591A/en not_active Application Discontinuation
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019103360A1 (en) * | 2017-11-21 | 2019-05-31 | 순천향대학교 산학협력단 | Data management method and system based on proxy re-encryption in iot lightweight terminal environment |
US20210135853A1 (en) * | 2019-10-31 | 2021-05-06 | Samsung Sds Co., Ltd. | Apparatus and method for data security |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6573600B2 (en) | A method performed by at least one server for processing data packets from a first computing device to a second computing device to allow end-to-end encrypted communication | |
CN103237040B (en) | A kind of storage means, server and client side | |
US20140143541A1 (en) | Method and Apparatus for Managing Encrypted Files in Network System | |
WO2012111713A1 (en) | Key management system | |
KR102325725B1 (en) | Digital certificate management method and device | |
CN103428221A (en) | Safety logging method, system and device of mobile application | |
CN104145444A (en) | Method of operating a computing device, computing device and computer program | |
JP6115573B2 (en) | Cryptographic system, data storage system, and apparatus and method used therefor | |
CN103812927A (en) | Storage method | |
US20180063095A1 (en) | Data encipherment prior to recipient selection | |
CN105007254A (en) | Data transmission method and system, and terminal | |
CN104145446A (en) | Method of operating a computing device, computing device and computer program | |
US20210112039A1 (en) | Sharing of encrypted files without decryption | |
Reshma et al. | Pairing-free CP-ABE based cryptography combined with steganography for multimedia applications | |
JP2019102970A (en) | Data sharing server device, key generation server device, communication terminal, and program | |
US11290277B2 (en) | Data processing system | |
CN103716280A (en) | Data transmission method, server and system | |
Weber | A hybrid attribute-based encryption technique supporting expressive policies and dynamic attributes | |
KR20150034591A (en) | Cloud server for re-encrypting the encrypted data and re-encrypting method thereof | |
KR20170084802A (en) | Methdo and system for transmitting secure data in a terminal | |
KR101812311B1 (en) | User terminal and data sharing method of user terminal based on attributed re-encryption | |
JP2017163326A (en) | Encryption system, encryption method, and encryption program | |
JP5691549B2 (en) | Policy management server device, server device, client device, and encryption algorithm switching system having the same | |
KR20210008100A (en) | Central secret key management method for multiple user devices related to a single public key | |
CN111130796B (en) | Secure online cloud storage method in instant messaging |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |