WO2021112877A1 - Key distribution - Google Patents

Key distribution Download PDF

Info

Publication number
WO2021112877A1
WO2021112877A1 PCT/US2019/065024 US2019065024W WO2021112877A1 WO 2021112877 A1 WO2021112877 A1 WO 2021112877A1 US 2019065024 W US2019065024 W US 2019065024W WO 2021112877 A1 WO2021112877 A1 WO 2021112877A1
Authority
WO
WIPO (PCT)
Prior art keywords
decryption key
entity
private decryption
content
rendering
Prior art date
Application number
PCT/US2019/065024
Other languages
French (fr)
Inventor
Alberto SUCH VICENTE
Josep ABAD PEIRO
Helen Balinsky
Original Assignee
Hewlett-Packard Development Company, L.P.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett-Packard Development Company, L.P. filed Critical Hewlett-Packard Development Company, L.P.
Priority to PCT/US2019/065024 priority Critical patent/WO2021112877A1/en
Publication of WO2021112877A1 publication Critical patent/WO2021112877A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing

Definitions

  • Cryptography schemes can be used to encrypt content to be delivered to a consumer from a digital content generator.
  • asymmetric public and private key schemes may be used.
  • a potential content consumer (device or processor) has a unique private decryption key and a public encryption key that is made available to content generators.
  • the content generators use the public encryption key to encrypt content intended to be decrypted by a particular content consumer.
  • Figure 1 is a block diagram of a key distribution system according to an example
  • Figure 2 is a block diagram of a key distribution system according to an example
  • Figure 3 is a block diagram of a key distribution system according to an example
  • Figure 4 is a block diagram of a key distribution system according to an example
  • Figure 5 is an example flowchart of a method to distribute a private decryption key according to an example
  • Figure 6 is an example flowchart of a method of encrypting digital content according to an example
  • Figure 7 is an example flowchart of a method of decrypting digital content according to an example
  • Figure 8 is a block diagram of a network apparatus according to an example
  • Figure 9 is a block diagram of a digital content generating apparatus according to an example
  • Figure 10 is a block diagram of a content rendering device according to an example.
  • Figure 11 is a block diagram of a processor and a memory according to an example.
  • a network device for example a cloud server, for controlling the distribution of cryptographic keys for a rendering (print) system.
  • Content to be delivered to a set of consumers may be encrypted without needing to have specific cryptographic information of a receiver, by using advanced encryption techniques base on Functional Encryption such as Identity Based Encryption and Attribute Based Encryption.
  • a network device uses such a functional encryption process to generate at least one private decryption key for a rendering entity Characteristics or properties of the entity are used together with the master private decryption key to create a private decryption key.
  • Digital content such as a print job or raster image data may be encrypted by a content generator based on the master private key and at least one desired characteristic of a rendering entity.
  • the content generator may be a cloud service for designing content or a raster image processor at a print service provider site, for example.
  • the encrypted content can then be decrypted by a device having the desired characteristics using their assigned private decryption key.
  • the characteristics might be the model, device type, location, software or firmware version, who owns the device e.g. a print service provider (PSP.
  • a device having different characteristics will not be able to decrypt the encrypted content with their private decryption key.
  • the characteristics may be attributes or identities of a target consumer entity. For example, an identity might be the identity of a PSP site to which an entity is associated. An attribute might be a printer model.
  • Figure 1 shows a network apparatus 110 in communication with a rendering entity 120 across a digital communications network.
  • the network apparatus 110 may be a server (e.g. a cloud-based server) or a group of servers connected to the network, for example.
  • the network may be a local or wide area network.
  • the network is the internet.
  • the server provides a cloud-based software service 160, for example, a printer workflow solutions service.
  • a content rendering entity 120 may render 122 unencrypted digital content into a rendered output 140.
  • the content rendering entity 120 may be a hardware entity (e.g. a printer) or a software entity (e.g. a raster image processing software).
  • the content rendering entity 120 may be any one of: an image forming apparatus (printer), a 3D printer, or a raster image processor (RIP) for generating raster images from print data.
  • the rendering entity belongs to a print service provider (PSP) 150.
  • the PSP may be a site having a plurality of devices connected in an Intranet. Communication with the rendering entity 120 may be through a router or server of the PSP.
  • the network apparatus 110 is to receive from the content rendering entity data relating to at least one characteristic of the content rendering entity
  • the data may be transmitted in a data communication 121 from the rendering entity 120 to the network apparatus 111.
  • the network apparatus 110 obtains a master private decryption key (MK) for implementing a functional encryption scheme.
  • MK master private decryption key
  • the master private decryption key (MK) is generated by the network apparatus.
  • the master private decryption key may have been generated by another networked device (for example, a trusted entity) and received via the network by the network apparatus 120. For example, in response to a request for the MK by the network apparatus 120 to the trusted entity.
  • the data relating to at least one characteristic of the entity are used by the network apparatus 110 together with the master private decryption key to derive a private decryption key (PDK) to be distributed in a data communication 111 across a to the rendering entity 120.
  • the rendering entity 120 may use the PDK to decrypt received content.
  • the network apparatus is a trusted entity.
  • the private decryption key is derived by the network apparatus 120 using an identity-based encryption (I BE) process.
  • I BE identity-based encryption
  • BF-IBE Boneh-Frankln
  • SK-IBE Sakai-Kasahara
  • BB-IBE Boneh-Boyen
  • the characteristic or characteristics of the content rendering entity 110 may be assigned and used as an identity or multiple identities.
  • the generated PDK is associated with an identity, such as, for example, the name of the print service provider (PSP) 150 owning the rendering entity (e.g. a consumer device or service), or the name of a network of print service providers (PSPs) that support a certain type of content rendering.
  • PSP print service provider
  • PSPs network of print service providers
  • PSPs that support a particular cloud- based content generator service.
  • the characteristics may be associated with multiple identities and these can be consolidated into a multiple-identity PDK using existing techniques.
  • a key aggregation scheme may also be used to consolidate several identities in one PDK.
  • a key aggregation scheme is a set of algorithms that enables creation of a PDK that comprises several identities. Depending on the scheme, to decrypt a message the PDK can comprise all the identities (and) or one of the identities (or).
  • an IBE PDK may be generated associated to several group identities. For example:
  • the generation would be done using a key aggregation scheme as mentioned above.
  • the characteristics are of the PSP that owns the entity, the model of the entity and the printer identifier are treated as identities.
  • the private decryption key is derived using an attribute-based encryption (ABE) process.
  • ABE attribute-based encryption
  • KP-ABE Key-policy attribute-based encryption
  • ciphertext-policy attribute-based encryption and Content-policy attribute-based encryption
  • the characteristic or characteristics may form a set of attributes, such as the PSP owning the content rendering entity, the type of entity (e.g. printer or RIP), serial number.
  • an ABE PDK for a printer may have the following attributes:
  • ABE processes do not restrict the set of attributes that can be used to generate PDKs and any Boolean expression can be used in the ABE process.
  • Attributes that identify the different characteristics of the specific consumer rendering entity 120 include but are not limited to:
  • attributes are often captured in the process of enrolling a new device, RIP, etc. Accordingly, in an example, the characteristics may be captured as part of a registration process when a device or other service is registered with a cloud-based print workflow service.
  • the set of attributes can be extended once the system is in place to add new attributes if new system rules arise. For IBE, using key aggregation mechanisms several identities can be aggregated to achieve similar flexibility than the one provided by ABE.
  • the characteristic or characteristics may include (but are not limited to) at least one of: a model identifier, a serial number, a print service provider identity, location data, software version data, firmware version data. Any of these characteristics may be defined as identities or attributes depending on whether IBE or ABE functional encryption is used.
  • a PDK may be generated and assigned for each rendering entity 120 (content consumer) e.g. RIPs, printers, 3D printers, etc) that may receive encrypted digital content to be rendered.
  • rendering entity 120 content consumer
  • RIPs RIPs, printers, 3D printers, etc
  • the PDK may then be distributed to the associated rendering entity via the network.
  • the mechanism used to deliver the PDK to the consumer should ensure confidentiality and integrity.
  • associated cryptographic identities e.g. a built-in Secure Cryptographic Identity
  • device attestation protocols may be used to ensure that the PDK is delivered to the specific printer.
  • a key exchange method according to the Diffie-Hellman key exchange method could be used.
  • a certification authority that is a trusted entity may be used to provide a non-tamperable authentication of the transmitted key.
  • Another example can use an authentication protocol such as the OAuth or OAuth2 open standard.
  • the PDK may be stored securely with the content rendering entity, so it cannot be compromised by an attacker.
  • built-in secure storage may be used to store the PDK.
  • the system shown in Figure 1 further includes a content generator.
  • the content generator 130 obtains a functional encryption key for encrypting content that it wishes to send to the rendering entity 120.
  • the content generator 130 may be a server hosting a digital content creation service 170 based in the cloud, according to an example.
  • the digital content may be a print job or other print data.
  • An encryption key derivation mechanism that enables producers to derive the key to use to encrypt the content is used by the content generator 130 to obtain the encryption key for performing functional encryption.
  • the key can be derived directly by the content generator 130 just knowing an identity (or identities) of the target rendering entity 120, and knowledge of the specific process used by the crypto system.
  • the content generator 130 associates a set of attributes (a Boolean expression) to the encrypted content, so that entities that have PDKs that meet the Boolean expression can decrypt the content with their respective ABKs but entities that have PDKs which do not meet the Boolean expression cannot.
  • MPub Master Public Key
  • the content generator 130 associates a set of attributes (a Boolean expression) to the encrypted content, so that entities that have PDKs that meet the Boolean expression can decrypt the content with their respective ABKs but entities that have PDKs which do not meet the Boolean expression cannot.
  • a content generator 130 using a cloud-based content generation service 170, for example
  • a content generator 130 uses the encryption key derivation mechanism with the identity of the group (I BE), or the set of group attributes (Boolean expression) that it wants to enforce, to encrypt the content.
  • the content generator 130 will have to use the identity or identities that it wants to enforce, for example:
  • PSP ldentity FancyPSP
  • ‘Fancy PSP’ is the exemplary name or identifier of a print service provider that the content generator has selected as being able to decrypt the content that it wishes to render.
  • a rendering entity 120 When a rendering entity 120 receives the content, it will be able to decrypt it if the identities (IBE) assigned to the consumer PDK match the identities used for encryption, or if attributes assigned to the consumer PDK evaluate the Boolean expression to true in the case of ABE. In other words, for ABE, any PDK matching the attributes in the encrypted content will be able to decrypt the content. For IBE, whether all or just some of the identities used to generate the PDK need to be used to generate the content for the PDK to be able to decrypt the content will depend on the key aggregation scheme used to generate the PDK.
  • Content generators do not need to know any specific details (such as public keys) of rendering entities (consumers) in order to send content to that entity (consumer);
  • FIG. 2 shows a block diagram of a system 200 in which a trusted network apparatus (e.g. a network controller) 210 that belongs to a PSP 250.
  • the network apparatus 220 is used to generate private decryption keys for rendering entities 210-1 to 210-N that belong to that same PSP 250.
  • the network apparatus 220 is in communication with a trusted entity 280 and is external to an Intranet of the PSP 250 that includes the rendering entities 220-1 to 220-N and the network apparatus 210.
  • the network apparatus 210 is to obtain a master private decryption key for functional encryption from the trusted entity 280.
  • the trusted entity 280 may be hosted on a server providing a cloud service 260.
  • a rendering entity from among the rendering entities 220-1 to 220- IN may communicate data 221-1 to 221-N relating to at least one characteristic of the entity to the network apparatus 210.
  • the network apparatus 220 having obtained the master private decryption key and the characteristics data may use this to generate a private decryption key PDK for a respective entity 221-N to 221-N.
  • the network apparatus may then distribute the PDK to the rendering entity 220-1 to 220-N in a data communication 212-1 to 212-N within the local network e.g.
  • a digital content generator 230 running on a cloud service 250 function as the corresponding elements 130, 250 in the previous embodiment.
  • content is sent to the first rendering entity 220-1 but could equally be transmitted to any other of the rendering entities 220-1 to 220-N.
  • Decryption with the PDK of the rendering entity 220-1 is possible where the attributes/identities match those used in the encryption process.
  • a system 300 includes a network component 310 belonging to the PSP 250 that is to send data relating to at least one characteristic, in data communication 311 , to network apparatus 110.
  • the characteristic or characteristics may be, for example, the identity or an identifying attribute of the PSP 250 to which the rendering entities belong.
  • a private decryption key for use by the rendering entities 220-1 to 220-N belonging to the PSP 250 may then be obtained by return communication 111.
  • the transmission is made to the network apparatus 110 which generates and distributes a private decryption key in the same manner as the corresponding element of Figure 1.
  • the network apparatus 110 distributes the PDK, in data communication 111, it does so to the network component (controller) 310 of the PSP 250.
  • the network component 310 is arranged to receive functionally encrypted content transmitted 231 from digital content generator 230 and decrypt it using the private decryption key obtained from the network apparatus 110.
  • the decrypted data may then be provided by the network component (controller) of the PSP to any of the rendering entities e.g. printers or RIPs belonging to the PSP to be processed in data communication 312-1 to 312-N.
  • the rendering entities take the unencrypted content (e.g. a print job) and produce a rendered output 240-1 to 240-N.
  • the obtained PDK acts as a common private decryption key for entities belonging to the PSP 250 for encrypting functionally encrypted content intended entities having characteristics relating to the PSP.
  • the PDK may be distributed to the rendering entities by the network component and the encrypted content from the content generator decrypted at the rendering entity 220-1 to 220-N rather than at the network component 310.
  • the network component 310 of the PSP 250 is to transmit the PDK to the rendering entities 220-1 to 220-N.
  • Figure 4 shows a further example system 400, whereby a raster image processor (RIP) 420-1 and a printer (e.g. a 2D or 3D printer) 420-2 are rendering entities belong to a PSP 150.
  • RIP raster image processor
  • printer e.g. a 2D or 3D printer
  • the RIP 420-1 and printer 420-2 use different PDKs generated based on characteristics specific to them, More specifically, the RIP 420-1 sends data in a communication 421-1 to the network apparatus 110 which generates a private decryption key using the characteristics and a master private decryption key for functional encryption.
  • the network apparatus may use attribute or identity-based encryption as already described above, for example, in relation to the network apparatus 110 of Figure 1.
  • the network apparatus 110 returns the generated PDK to the RIP 4201- in communication 111.
  • the printer 420-2 as a second entity of the PSP 150 also sends characteristics data in a communication 421-2 to the network apparatus 110.
  • the network apparatus 110 uses the characteristics and the master private decryption key to generate an individual PDK for the printer 420- 2 which is distributed to the printer in data communication 421-2. Accordingly, the RIP 420-1 and the printer 420-2 have individual PDKs generated from a same master private decryption key using their respective characteristics.
  • a digital content generator 130 belonging to a cloud service 170 may generate digital content to be rendered at the PSP.
  • the digital content generator 130 may generate a print job.
  • the generated print job may be functionally encrypted using knowledge of the functional encryption scheme and characteristics (attributes or identities) of the rendering entity to receive the encrypted content.
  • the encrypted content is an encrypted print job that is received by PSP 150 via data communication 131.
  • the PSP 250 it is received by RIP 420-1. If the RIP has characteristics which match those used when encrypting the print job by the content generator 130 it will be able to decrypt the print job and process it.
  • the RIP 420-1 upon decrypting the print job can render it as a raster image which is produced as an output.
  • the RIP itself may encrypt the raster image data in a similar manner to the encryption performed by the digital content generator, thereby enforcing characteristics of the rendering device that is to render the raster image into an output (e.g. the characteristics of a printer to render the raster image data into at least one printed sheet).
  • the RIP may specify that printers of a certain model type with a certain functionality may decrypt the raster image and print it but others may not.
  • the RIP may specify that the printing of the raster image data is carried out at a certain location or a certain provided i.e. at a printer belonging to the PSP 250.
  • the printer 420-2 receives the encrypted raster image data in data communication 422-1 and decrypts it using its PDK. The printer then renders the raster image data as an output comprising at least one sheet (paper printer) or an additively manufactured object (3D printer).
  • one Trusted Entity manages enrolment an PDK generation based on the consumer registration information.
  • a Trusted Entity e.g. a cloud-based print workflow solution
  • an association of PSPs may be able to generate part of the consumers PDKs with their associated identities and/or attributes.
  • the Master PDK needs to be kept secret by a trusted entity.
  • I BE key aggregation schemes allow that there are different Master PDKs, one for each type of identity (for example, one for the printer model, that would be handled by the manufacturer, and one for the PSP that would be handled by the PSP itself).
  • each entity would generate a corresponding Identity Based PDK for the device.
  • the content generator would be able to encrypt the content so it can be decrypted by a receiver that has both identities.
  • Both I BE and ABE systems allow also to have hierarchical trusted entities, allowing to delegate part of the PDKs generation to some entities.
  • An example of using hierarchical trusted entities would be having a system (such as, for example Central Command for 3DP solutions) in the PSP that provides the final PDKs to the consumers in that PDK.
  • FIG. 5 is an example flowchart of a method for distributing a private decryption key to a content rendering entity in a computer network according to an example.
  • the method may be performed by a network apparatus 110, 210.
  • the method comprises obtaining a master private decryption key.
  • the master private decryption key may be obtained from a trusted entity.
  • the trusted entity may be a cloud-based apparatus.
  • the method comprises generating a private decryption key based on at least one characteristic of a content rendering entity, suing the master private decryption key. Generating the private decryption key may be performed using a functional encryption process, such as identity-based encryption or attribute- based encryption.
  • the private decryption key may be generated in response to a request made by a content rendering entity, according to an example.
  • the method comprises distributing the private decryption key to a content rendering entity having the at least one characteristic.
  • the method can comprise receiving a request made by the content rendering entity for a private decryption key.
  • the request may be a registration request to register the content rendering entity with a cloud-based computing service and includes data indicative of the at least one characteristic.
  • FIG. 6 is an example flowchart of a method for encrypting digital content according to an example.
  • the method may be performed by a content generating apparatus 130.
  • an encryption key associated with a master decryption key is obtained.
  • the encryption key may be obtained according to a functional encryption process such as identity-based encryption or attribute-based encryption.
  • at least one characteristic of a content rendering entity is selected (assigned).
  • a characteristic may take the form of an attribute or identity of a target rendering entity.
  • the method comprises digital content being encrypted using the encryption key and the selected characteristics.
  • the encryption may be based on functional encryption, such as identity-based encryption or attribute- based encryption.
  • the method comprises transmitting (sending) the encrypted content to a rendering entity.
  • the rendering entity may be a device or software service belonging to a print service provider, alternatively, the rendering entity may be a print service provider that receives and manages print jobs.
  • Figure 7 is an example flowchart of a method for obtaining a private decryption key according to an example.
  • the method may be performed by a digital content rendering entity 120, 420 such as a printer or a raster image processor.
  • the content rendering entity may be any device, network of devices or software service for receiving and rendering content as an output.
  • the method comprises sending a request including at least one characteristic of the rendering entity to a network apparatus or trusted entity.
  • Blocks 706 to 710 comprise a method of using the obtained private decryption key according to an example.
  • the method comprises receiving encrypted digital content at the rendering entity.
  • the method comprises decrypting the digital content using the private decryption key.
  • the method can comprise rendering the decrypted digital content.
  • FIG. 8 is a block diagram of a network apparatus according to an example.
  • the network apparatus 800 is to receive 502 data relating to at least one characteristic of a content rendering entity on the network.
  • the content rendering entity may be any apparatus or software instance for rendering data relating to digital content into an output.
  • a content rendering entity may be a printer or 3D printer.
  • the content rendering entity may be a software service such as a raster image processor belonging to a print service provider.
  • the characteristics may relate to attributes or identities of the content rendering entity. For example, the location, model or version number, print service provider of the content rendering entity.
  • the data relating to the characteristic or characteristics may be received as part of a registration request made by the rendering entity.
  • the network apparatus 800 is to obtain 504 a master private decryption key.
  • the master private decryption key may be obtained from a trusted entity or be generated using a functional encryption process such as an identity-based encryption or attribute-based encryption process.
  • the network apparatus 800 is to generate 506 a private decryption key based on the at least one characteristic of the rendering entity.
  • the private decryption key may be generated using an identity-based encryption or an attribute-based encryption process.
  • the network apparatus 800 is to distribute 508 the private decryption key to the content rendering entity.
  • the private decryption key may be distributed using a secure key transportation protocol.
  • the network apparatus 800 may be a cloud connected server remote from the content rendering entity or a server or other network component in an intranet including the content rendering entity.
  • Figure 9 is a digital content generator 900 according to an example.
  • the digital content generator 900 may be a server or other network device hosting a digital content creation service.
  • the digital content generator 900 is to perform the method of Figure 6 as described above.
  • Figure 10 is a content rendering apparatus 1000 according to an example.
  • the content rendering apparatus 1000 may be a printer, 3D printer or a device or any other component of a print service provider for rendering digital content.
  • the content rendering apparatus 1000 is to perform the method of Figure 7 as described above.
  • Examples in the present disclosure can be provided as methods, systems or machine-readable instructions, such as any combination of software, hardware, firmware or the like.
  • Such machine-readable instructions may be included on a computer readable storage medium (including but not limited to disc storage, CD-ROM, optical storage, etc.) having computer readable program codes therein or thereon.
  • the machine-readable instructions may, for example, be executed by a general-purpose computer, a special purpose computer, an embedded processor or processors of other programmable data processing devices to realize the functions described in the description and diagrams.
  • a processor or processing apparatus may execute the machine-readable instructions.
  • modules of apparatus for example, a rendering device, printer or 3D printer
  • modules of apparatus may be implemented by a processor executing machine readable instructions stored in a memory, or a processor operating in accordance with instructions embedded in logic circuitry.
  • the term 'processor 1 is to be interpreted broadly to include a CPU, processing unit, ASIC, logic unit, or programmable gate set etc.
  • the methods and modules may all be performed by a single processor or divided amongst several processors.
  • Such machine-readable instructions may also be stored in a computer readable storage that can guide the computer or other programmable data processing devices to operate in a specific mode.
  • the instructions may be provided on a non-transitory computer readable storage medium encoded with instructions, executable by a processor.
  • Figure 11 shows an example of a processor 1110 associated with a memory 1120.
  • the memory 1120 comprises computer readable instructions 1130 which are executable by the processor 1110.
  • the instructions 1130 comprise:
  • the instructions may further comprise instructions to receive a request for a private decryption key from a content rendering entity.
  • Such machine readable instructions may also be loaded onto a computer or other programmable data processing devices, so that the computer or other programmable data processing devices perform a series of operations to produce computer-implemented processing, thus the instructions executed on the computer or other programmable devices provide a operation for realizing functions specified by flow(s) in the flow charts and/or block(s) in the block diagrams.
  • teachings herein may be implemented in the form of a computer software product, the computer software product being stored in a storage medium and comprising a plurality of instructions for making a computer device implement the methods recited in the examples of the present disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Mathematical Analysis (AREA)
  • Algebra (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

There is provided a network apparatus. The network apparatus comprises a processor and a memory. The processor is arranged to receive data relating to at least one characteristic of a content rendering entity on the network. A master private decryption key is obtaine. The master private decryption key is suitable for a functional encryption process. A private decryption key for the entity is derived based on the received data and the master private decryption key. The generated private decryption key is distributed to the content rendering entity.

Description

KEY DISTRIBUTION
BACKGROUND
[0001] Cryptography schemes can be used to encrypt content to be delivered to a consumer from a digital content generator. For example, asymmetric public and private key schemes may be used. In such schemes a potential content consumer (device or processor) has a unique private decryption key and a public encryption key that is made available to content generators. The content generators use the public encryption key to encrypt content intended to be decrypted by a particular content consumer.
BRIEF DESCRIPTION OF THE DRAWINGS
[0002] Various features of certain examples will be apparent from the detailed description which follows, taken in conjunction with the accompanying drawings, which together illustrate, by way of example, a number of features, and wherein:
[0003] Figure 1 is a block diagram of a key distribution system according to an example;
[0004] Figure 2 is a block diagram of a key distribution system according to an example;
[0005] Figure 3 is a block diagram of a key distribution system according to an example;
[0006] Figure 4 is a block diagram of a key distribution system according to an example;
[0007] Figure 5 is an example flowchart of a method to distribute a private decryption key according to an example;
[0008] Figure 6 is an example flowchart of a method of encrypting digital content according to an example; [0009] Figure 7 is an example flowchart of a method of decrypting digital content according to an example;
[0010] Figure 8 is a block diagram of a network apparatus according to an example;
[0011] Figure 9 is a block diagram of a digital content generating apparatus according to an example;
[0012] Figure 10 is a block diagram of a content rendering device according to an example; and
[0013] Figure 11 is a block diagram of a processor and a memory according to an example.
DETAILED DESCRIPTION
[0014] In the following description, for purposes of explanation, numerous specific details of certain examples are set forth. Reference in the specification to "an example" or similar language means that a particular feature, structure, or characteristic described in connection with the example is included in at least that one example, but not necessarily in other examples.
[0015] In an example, there is provided a network device, for example a cloud server, for controlling the distribution of cryptographic keys for a rendering (print) system. Content to be delivered to a set of consumers (printers, 3D printers, raster image processors (RIPs) an so on) organized in groups having common attributes, may be encrypted without needing to have specific cryptographic information of a receiver, by using advanced encryption techniques base on Functional Encryption such as Identity Based Encryption and Attribute Based Encryption.
[0016] In an example, a network device uses such a functional encryption process to generate at least one private decryption key for a rendering entity Characteristics or properties of the entity are used together with the master private decryption key to create a private decryption key. Digital content such as a print job or raster image data may be encrypted by a content generator based on the master private key and at least one desired characteristic of a rendering entity. The content generator may be a cloud service for designing content or a raster image processor at a print service provider site, for example. The encrypted content can then be decrypted by a device having the desired characteristics using their assigned private decryption key. The characteristics might be the model, device type, location, software or firmware version, who owns the device e.g. a print service provider (PSP. A device having different characteristics will not be able to decrypt the encrypted content with their private decryption key.
[0017] This enables the secure distribution of confidential or sensitive content to be processed or rendered (e.g. printed) to a suitable software or hardware entity with at least one desired characteristic without having to know exactly which device or software service is going to have to process it. Instead a content generator just needs to know the characteristics (properties) of consumer entities that are to have access to the confidential content. The characteristics may be attributes or identities of a target consumer entity. For example, an identity might be the identity of a PSP site to which an entity is associated. An attribute might be a printer model.
[0018] Figure 1 shows a network apparatus 110 in communication with a rendering entity 120 across a digital communications network. The network apparatus 110 may be a server (e.g. a cloud-based server) or a group of servers connected to the network, for example. The network may be a local or wide area network. In an example, the network is the internet. In an example, the server provides a cloud-based software service 160, for example, a printer workflow solutions service.
[0019] A content rendering entity 120 may render 122 unencrypted digital content into a rendered output 140. For example, if the rendering entity is a printer and the content to be rendered is a print job or print data, a printed page or pages of a document may be produced at the output. The content rendering entity 120 may be a hardware entity (e.g. a printer) or a software entity (e.g. a raster image processing software). In an example, the content rendering entity 120 may be any one of: an image forming apparatus (printer), a 3D printer, or a raster image processor (RIP) for generating raster images from print data. According to an example, the rendering entity belongs to a print service provider (PSP) 150. The PSP may be a site having a plurality of devices connected in an Intranet. Communication with the rendering entity 120 may be through a router or server of the PSP.
[0020] The network apparatus 110 is to receive from the content rendering entity data relating to at least one characteristic of the content rendering entity
120. The data may be transmitted in a data communication 121 from the rendering entity 120 to the network apparatus 111.
[0021] The network apparatus 110 obtains a master private decryption key (MK) for implementing a functional encryption scheme. In an example, the master private decryption key (MK) is generated by the network apparatus. Alternatively, the master private decryption key may have been generated by another networked device (for example, a trusted entity) and received via the network by the network apparatus 120. For example, in response to a request for the MK by the network apparatus 120 to the trusted entity.
[0022] The data relating to at least one characteristic of the entity are used by the network apparatus 110 together with the master private decryption key to derive a private decryption key (PDK) to be distributed in a data communication 111 across a to the rendering entity 120. The rendering entity 120 may use the PDK to decrypt received content. In an example, the network apparatus is a trusted entity.
[0023] In an example, the private decryption key is derived by the network apparatus 120 using an identity-based encryption (I BE) process. For example, Boneh-Frankln (BF-IBE), Sakai-Kasahara (SK-IBE) or Boneh-Boyen (BB-IBE) identity-based encryption processes may be used. The characteristic or characteristics of the content rendering entity 110 may be assigned and used as an identity or multiple identities. Accordingly, the generated PDK is associated with an identity, such as, for example, the name of the print service provider (PSP) 150 owning the rendering entity (e.g. a consumer device or service), or the name of a network of print service providers (PSPs) that support a certain type of content rendering. For example, PSPs that support a particular cloud- based content generator service. The characteristics may be associated with multiple identities and these can be consolidated into a multiple-identity PDK using existing techniques. In an example, a key aggregation scheme may also be used to consolidate several identities in one PDK. A key aggregation scheme is a set of algorithms that enables creation of a PDK that comprises several identities. Depending on the scheme, to decrypt a message the PDK can comprise all the identities (and) or one of the identities (or).
[0024] According to an example, an IBE PDK may be generated associated to several group identities. For example:
PSP ldentity=FancyPSP Model ldentity= HPDesignJetZ6, Printer ldentity=12345SG
The generation would be done using a key aggregation scheme as mentioned above. In this way, the characteristics are of the PSP that owns the entity, the model of the entity and the printer identifier are treated as identities.
[0025] In another example, the private decryption key is derived using an attribute-based encryption (ABE) process. For example, any of Key-policy attribute-based encryption (KP-ABE), ciphertext-policy attribute-based encryption and Content-policy attribute-based encryption may be used as an ABE process. For ABE, the characteristic or characteristics may form a set of attributes, such as the PSP owning the content rendering entity, the type of entity (e.g. printer or RIP), serial number.
[0026] In an example, an ABE PDK for a printer that is equivalent to the multiple identity example above, may have the following attributes:
(MODEL=HPDesignJetZ6, SERIAL#=12345SG, PSP=FancyPSP, COUNTRY=US, CITY=NYC, FIRWARE_VERSION=HPDesignJetZ6_01_05_19)
ABE processes do not restrict the set of attributes that can be used to generate PDKs and any Boolean expression can be used in the ABE process.
[0027] Attributes that identify the different characteristics of the specific consumer rendering entity 120 include but are not limited to:
• Type: RIP, printer, ...
• Model Device Serial Number
PSP identification
Location
Country
Device firmware version
Software version
[0028] These attributes are often captured in the process of enrolling a new device, RIP, etc. Accordingly, in an example, the characteristics may be captured as part of a registration process when a device or other service is registered with a cloud-based print workflow service. The set of attributes can be extended once the system is in place to add new attributes if new system rules arise. For IBE, using key aggregation mechanisms several identities can be aggregated to achieve similar flexibility than the one provided by ABE.
[0029] The characteristic or characteristics (whether identities or attributes) may include (but are not limited to) at least one of: a model identifier, a serial number, a print service provider identity, location data, software version data, firmware version data. Any of these characteristics may be defined as identities or attributes depending on whether IBE or ABE functional encryption is used.
[0030] Accordingly, a PDK may be generated and assigned for each rendering entity 120 (content consumer) e.g. RIPs, printers, 3D printers, etc) that may receive encrypted digital content to be rendered.
[0031] The PDK may then be distributed to the associated rendering entity via the network. In order to ensure security of the system, the mechanism used to deliver the PDK to the consumer should ensure confidentiality and integrity. In the case of printers and other hardware devices, associated cryptographic identities (e.g. a built-in Secure Cryptographic Identity) and device attestation protocols may be used to ensure that the PDK is delivered to the specific printer. For example, a key exchange method according to the Diffie-Hellman key exchange method could be used. In another example, a certification authority that is a trusted entity may be used to provide a non-tamperable authentication of the transmitted key. Another example can use an authentication protocol such as the OAuth or OAuth2 open standard. Further, the PDK may be stored securely with the content rendering entity, so it cannot be compromised by an attacker. In the case of a printer or other hardware device, built-in secure storage may be used to store the PDK.
[0032] According to an example, the system shown in Figure 1 further includes a content generator. The content generator 130 obtains a functional encryption key for encrypting content that it wishes to send to the rendering entity 120. The content generator 130 may be a server hosting a digital content creation service 170 based in the cloud, according to an example. The digital content may be a print job or other print data.
[0033] An encryption key derivation mechanism that enables producers to derive the key to use to encrypt the content is used by the content generator 130 to obtain the encryption key for performing functional encryption. In the case of IBE, the key can be derived directly by the content generator 130 just knowing an identity (or identities) of the target rendering entity 120, and knowledge of the specific process used by the crypto system.
[0034] In the case of ABE, there is Master Public Key (MPub) that can made available to any content generator that needs to encrypt digital content. As part of the encryption process, the content generator 130 associates a set of attributes (a Boolean expression) to the encrypted content, so that entities that have PDKs that meet the Boolean expression can decrypt the content with their respective ABKs but entities that have PDKs which do not meet the Boolean expression cannot.
[0035] Since there are no confidentiality restrictions, both the detailed processes for key derivation according to IBE, and the master public key MPub for ABE, can be published in any documentation such as a ‘Content creator developers guide’.
[0036] Taking the example of the digital content taking the form of a print job, when a content generator 130 (using a cloud-based content generation service 170, for example) is to encrypt the print job, it just uses the encryption key derivation mechanism with the identity of the group (I BE), or the set of group attributes (Boolean expression) that it wants to enforce, to encrypt the content.
[0037] As an example of enforced attributes in an ABE system may be:
(MODEL=Skaar|Polestar, COUNTRY=US, FIRMWARE_VERSION>Skaar_01_04_00)
Where ‘Skaar’ and ‘Polestari are exemplary model names of a printer, the country in which the printer is to be located is the US and the printer should have a firmware version that is Skaar 01 04 00 or later.
[0038] In the case of an IBE system, the content generator 130 will have to use the identity or identities that it wants to enforce, for example:
[0039] PSP ldentity=FancyPSP where ‘Fancy PSP’ is the exemplary name or identifier of a print service provider that the content generator has selected as being able to decrypt the content that it wishes to render.
[0040] When a rendering entity 120 receives the content, it will be able to decrypt it if the identities (IBE) assigned to the consumer PDK match the identities used for encryption, or if attributes assigned to the consumer PDK evaluate the Boolean expression to true in the case of ABE. In other words, for ABE, any PDK matching the attributes in the encrypted content will be able to decrypt the content. For IBE, whether all or just some of the identities used to generate the PDK need to be used to generate the content for the PDK to be able to decrypt the content will depend on the key aggregation scheme used to generate the PDK.
[0041] Accordingly:
• Content generators (producers) do not need to know any specific details (such as public keys) of rendering entities (consumers) in order to send content to that entity (consumer);
• Ability for content generators (producers) to generate generic digital content that can be accessed by different consumers based on security or business rules rather than pre-knowledge of specific consumers;
• Compared to using a data encryption key DEK, there is no need to encrypt a data encryption key DEK several times i.e. using the public keys of consumer entities, i.e. a separate encrypted DEK for each consumer; and
• Extensibility: new security or business rules may be easily implemented by adding new identities or attributes to the system.
[0042] Figure 2 shows a block diagram of a system 200 in which a trusted network apparatus (e.g. a network controller) 210 that belongs to a PSP 250. The network apparatus 220 is used to generate private decryption keys for rendering entities 210-1 to 210-N that belong to that same PSP 250. The network apparatus 220 is in communication with a trusted entity 280 and is external to an Intranet of the PSP 250 that includes the rendering entities 220-1 to 220-N and the network apparatus 210.
[0043] According to an example, the network apparatus 210 is to obtain a master private decryption key for functional encryption from the trusted entity 280. The trusted entity 280 may be hosted on a server providing a cloud service 260. A rendering entity from among the rendering entities 220-1 to 220- IN may communicate data 221-1 to 221-N relating to at least one characteristic of the entity to the network apparatus 210. The network apparatus 220 having obtained the master private decryption key and the characteristics data may use this to generate a private decryption key PDK for a respective entity 221-N to 221-N. The network apparatus may then distribute the PDK to the rendering entity 220-1 to 220-N in a data communication 212-1 to 212-N within the local network e.g. intranet or other LAN of the PSP 250. In this way characteristics of the devices in addition or as an alternative to the PSP identifier may be used to generate specific PDKs for the entities 220-1 to 220-N in the PSP 250. The specifics of generating the PDK via functional encryption using IBE or ABE have already been described above in relation to the example embodiment of Figure 1. At the encryption side, a digital content generator 230 running on a cloud service 250 function as the corresponding elements 130, 250 in the previous embodiment. In this example, content is sent to the first rendering entity 220-1 but could equally be transmitted to any other of the rendering entities 220-1 to 220-N. Decryption with the PDK of the rendering entity 220-1 is possible where the attributes/identities match those used in the encryption process.
[0044] According to a further example shown in figure 3, a system 300 includes a network component 310 belonging to the PSP 250 that is to send data relating to at least one characteristic, in data communication 311 , to network apparatus 110. The characteristic or characteristics may be, for example, the identity or an identifying attribute of the PSP 250 to which the rendering entities belong. A private decryption key for use by the rendering entities 220-1 to 220-N belonging to the PSP 250 may then be obtained by return communication 111. The transmission is made to the network apparatus 110 which generates and distributes a private decryption key in the same manner as the corresponding element of Figure 1. When the network apparatus 110 distributes the PDK, in data communication 111, it does so to the network component (controller) 310 of the PSP 250.
[0045] The network component 310 is arranged to receive functionally encrypted content transmitted 231 from digital content generator 230 and decrypt it using the private decryption key obtained from the network apparatus 110. The decrypted data may then be provided by the network component (controller) of the PSP to any of the rendering entities e.g. printers or RIPs belonging to the PSP to be processed in data communication 312-1 to 312-N. The rendering entities take the unencrypted content (e.g. a print job) and produce a rendered output 240-1 to 240-N. In this way the obtained PDK acts as a common private decryption key for entities belonging to the PSP 250 for encrypting functionally encrypted content intended entities having characteristics relating to the PSP. Alternatively, according to an example, the PDK may be distributed to the rendering entities by the network component and the encrypted content from the content generator decrypted at the rendering entity 220-1 to 220-N rather than at the network component 310. In other words, in an example, the network component 310 of the PSP 250 is to transmit the PDK to the rendering entities 220-1 to 220-N. [0046] Figure 4 shows a further example system 400, whereby a raster image processor (RIP) 420-1 and a printer (e.g. a 2D or 3D printer) 420-2 are rendering entities belong to a PSP 150. The RIP 420-1 and printer 420-2 use different PDKs generated based on characteristics specific to them, More specifically, the RIP 420-1 sends data in a communication 421-1 to the network apparatus 110 which generates a private decryption key using the characteristics and a master private decryption key for functional encryption. The network apparatus may use attribute or identity-based encryption as already described above, for example, in relation to the network apparatus 110 of Figure 1. The network apparatus 110 returns the generated PDK to the RIP 4201- in communication 111. The printer 420-2 as a second entity of the PSP 150 also sends characteristics data in a communication 421-2 to the network apparatus 110. The network apparatus 110 uses the characteristics and the master private decryption key to generate an individual PDK for the printer 420- 2 which is distributed to the printer in data communication 421-2. Accordingly, the RIP 420-1 and the printer 420-2 have individual PDKs generated from a same master private decryption key using their respective characteristics.
[0047] A digital content generator 130 belonging to a cloud service 170 may generate digital content to be rendered at the PSP. For example, the digital content generator 130 may generate a print job. The generated print job may be functionally encrypted using knowledge of the functional encryption scheme and characteristics (attributes or identities) of the rendering entity to receive the encrypted content. In this example, the encrypted content is an encrypted print job that is received by PSP 150 via data communication 131. At the PSP 250, it is received by RIP 420-1. If the RIP has characteristics which match those used when encrypting the print job by the content generator 130 it will be able to decrypt the print job and process it. The RIP 420-1 upon decrypting the print job can render it as a raster image which is produced as an output. As a further stage of encryption, the RIP itself may encrypt the raster image data in a similar manner to the encryption performed by the digital content generator, thereby enforcing characteristics of the rendering device that is to render the raster image into an output (e.g. the characteristics of a printer to render the raster image data into at least one printed sheet). For example, the RIP may specify that printers of a certain model type with a certain functionality may decrypt the raster image and print it but others may not. Further, the RIP may specify that the printing of the raster image data is carried out at a certain location or a certain provided i.e. at a printer belonging to the PSP 250. This provides an extra level of security and enforcement such that the raster image data cannot be intercepted and routed to an insecure printer for printing. The printer 420-2 receives the encrypted raster image data in data communication 422-1 and decrypts it using its PDK. The printer then renders the raster image data as an output comprising at least one sheet (paper printer) or an additively manufactured object (3D printer).
[0048] In an example, one Trusted Entity (e.g. a cloud-based print workflow solution) manages enrolment an PDK generation based on the consumer registration information. However, in an example, it would be possible to have several Trusted Entities that manage part of the identity or attribute set, allowing, for example, third parties to participate in the cryptographic system. For example, an association of PSPs may be able to generate part of the consumers PDKs with their associated identities and/or attributes. The Master PDK needs to be kept secret by a trusted entity. However, some I BE key aggregation schemes allow that there are different Master PDKs, one for each type of identity (for example, one for the printer model, that would be handled by the manufacturer, and one for the PSP that would be handled by the PSP itself). In this case, according to an example, each entity would generate a corresponding Identity Based PDK for the device. The content generator would be able to encrypt the content so it can be decrypted by a receiver that has both identities.
[0049] Both I BE and ABE systems allow also to have hierarchical trusted entities, allowing to delegate part of the PDKs generation to some entities. An example of using hierarchical trusted entities would be having a system (such as, for example Central Command for 3DP solutions) in the PSP that provides the final PDKs to the consumers in that PDK.
[0050] Figure 5 is an example flowchart of a method for distributing a private decryption key to a content rendering entity in a computer network according to an example. The method may be performed by a network apparatus 110, 210. At block 504 the method comprises obtaining a master private decryption key. The master private decryption key may be obtained from a trusted entity. The trusted entity may be a cloud-based apparatus. At block 506 the method comprises generating a private decryption key based on at least one characteristic of a content rendering entity, suing the master private decryption key. Generating the private decryption key may be performed using a functional encryption process, such as identity-based encryption or attribute- based encryption. The private decryption key may be generated in response to a request made by a content rendering entity, according to an example. At block 508 the method comprises distributing the private decryption key to a content rendering entity having the at least one characteristic. In an example, at block 502 the method can comprise receiving a request made by the content rendering entity for a private decryption key. The request may be a registration request to register the content rendering entity with a cloud-based computing service and includes data indicative of the at least one characteristic.
[0051] Figure 6 is an example flowchart of a method for encrypting digital content according to an example. The method may be performed by a content generating apparatus 130. At block 602, an encryption key associated with a master decryption key is obtained. The encryption key may be obtained according to a functional encryption process such as identity-based encryption or attribute-based encryption. At block 604, at least one characteristic of a content rendering entity is selected (assigned). A characteristic may take the form of an attribute or identity of a target rendering entity. At block 606, the method comprises digital content being encrypted using the encryption key and the selected characteristics. According to an example, the encryption may be based on functional encryption, such as identity-based encryption or attribute- based encryption. At block 608, the method comprises transmitting (sending) the encrypted content to a rendering entity. The rendering entity may be a device or software service belonging to a print service provider, alternatively, the rendering entity may be a print service provider that receives and manages print jobs.
[0052] Figure 7 is an example flowchart of a method for obtaining a private decryption key according to an example. The method may be performed by a digital content rendering entity 120, 420 such as a printer or a raster image processor. The content rendering entity may be any device, network of devices or software service for receiving and rendering content as an output. At block 702, the method comprises sending a request including at least one characteristic of the rendering entity to a network apparatus or trusted entity. Blocks 706 to 710 comprise a method of using the obtained private decryption key according to an example. At block 706, the method comprises receiving encrypted digital content at the rendering entity. At block 708, the method comprises decrypting the digital content using the private decryption key. In an example, at block 710, the method can comprise rendering the decrypted digital content.
[0053] Figure 8 is a block diagram of a network apparatus according to an example. The network apparatus 800 is to receive 502 data relating to at least one characteristic of a content rendering entity on the network. The content rendering entity may be any apparatus or software instance for rendering data relating to digital content into an output. For example, a content rendering entity may be a printer or 3D printer. The content rendering entity may be a software service such as a raster image processor belonging to a print service provider. The characteristics may relate to attributes or identities of the content rendering entity. For example, the location, model or version number, print service provider of the content rendering entity. The data relating to the characteristic or characteristics may be received as part of a registration request made by the rendering entity. The network apparatus 800 is to obtain 504 a master private decryption key. The master private decryption key may be obtained from a trusted entity or be generated using a functional encryption process such as an identity-based encryption or attribute-based encryption process. The network apparatus 800 is to generate 506 a private decryption key based on the at least one characteristic of the rendering entity. The private decryption key may be generated using an identity-based encryption or an attribute-based encryption process. The network apparatus 800 is to distribute 508 the private decryption key to the content rendering entity. The private decryption key may be distributed using a secure key transportation protocol. The network apparatus 800 may be a cloud connected server remote from the content rendering entity or a server or other network component in an intranet including the content rendering entity.
[0054] Figure 9 is a digital content generator 900 according to an example. The digital content generator 900 may be a server or other network device hosting a digital content creation service. The digital content generator 900 is to perform the method of Figure 6 as described above.
[0055] Figure 10 is a content rendering apparatus 1000 according to an example. The content rendering apparatus 1000 may be a printer, 3D printer or a device or any other component of a print service provider for rendering digital content. The content rendering apparatus 1000 is to perform the method of Figure 7 as described above.
[0056] Examples in the present disclosure can be provided as methods, systems or machine-readable instructions, such as any combination of software, hardware, firmware or the like. Such machine-readable instructions may be included on a computer readable storage medium (including but not limited to disc storage, CD-ROM, optical storage, etc.) having computer readable program codes therein or thereon.
[0057] The present disclosure is described with reference to flow charts and/or block diagrams of the method, devices and systems according to examples of the present disclosure. Although the flow diagrams described above show a specific order of execution, the order of execution may differ from that which is depicted. Blocks described in relation to one flow chart may be combined with those of another flow chart. In some examples, some blocks of the flow diagrams may not be necessary and/or additional blocks may be added. It shall be understood that each flow and/or block in the flow charts and/or block diagrams, as well as combinations of the flows and/or diagrams in the flow charts and/or block diagrams can be realized by machine readable instructions.
[0058] The machine-readable instructions may, for example, be executed by a general-purpose computer, a special purpose computer, an embedded processor or processors of other programmable data processing devices to realize the functions described in the description and diagrams. In particular, a processor or processing apparatus may execute the machine-readable instructions. Thus, modules of apparatus (for example, a rendering device, printer or 3D printer) may be implemented by a processor executing machine readable instructions stored in a memory, or a processor operating in accordance with instructions embedded in logic circuitry. The term 'processor1 is to be interpreted broadly to include a CPU, processing unit, ASIC, logic unit, or programmable gate set etc. The methods and modules may all be performed by a single processor or divided amongst several processors.
[0059] Such machine-readable instructions may also be stored in a computer readable storage that can guide the computer or other programmable data processing devices to operate in a specific mode.
[0060] For example, the instructions may be provided on a non-transitory computer readable storage medium encoded with instructions, executable by a processor.
[0061] Figure 11 shows an example of a processor 1110 associated with a memory 1120. The memory 1120 comprises computer readable instructions 1130 which are executable by the processor 1110. The instructions 1130 comprise:
[0062] Instructions to obtain a master private decryption key.
[0063] Instructions to generate a private decryption key based on at least one characteristic of a content rendering entity, using the master private decryption key.
[0064] Instructions to distribute the private decryption key to a content rendering entity having the at least one characteristic.
[0065] In an example, the instructions may further comprise instructions to receive a request for a private decryption key from a content rendering entity.
[0066] Such machine readable instructions may also be loaded onto a computer or other programmable data processing devices, so that the computer or other programmable data processing devices perform a series of operations to produce computer-implemented processing, thus the instructions executed on the computer or other programmable devices provide a operation for realizing functions specified by flow(s) in the flow charts and/or block(s) in the block diagrams.
[0067] Further, the teachings herein may be implemented in the form of a computer software product, the computer software product being stored in a storage medium and comprising a plurality of instructions for making a computer device implement the methods recited in the examples of the present disclosure.
[0068] While the method, apparatus and related aspects have been described with reference to certain examples, various modifications, changes, omissions, and substitutions can be made without departing from the present disclosure. In particular, a feature or block from one example may be combined with or substituted by a feature/block of another example.
[0069] The word "comprising" does not exclude the presence of elements other than those listed in a claim, "a" or "an" does not exclude a plurality, and a single processor or other unit may fulfil the functions of several units recited in the claims.
[0070] The features of any dependent claim may be combined with the features of any of the independent claims or other dependent claims.

Claims

1. A network apparatus, comprising a processor and a memory, the processor being arranged to: receive data relating to at least one characteristic of a content rendering entity on the network; obtain a master private decryption key for functional encryption; derive a private decryption key for the entity based on the received data and the master private decryption key; and distribute the generated private decryption key to the content rendering entity.
2. A network apparatus according to claim 1 , wherein the functional encryption is based on identity-based encryption and the at least one characteristic are identities associated with the content rendering entity.
3. A network apparatus according to claim 1 , wherein the functional encryption is based on attribute-based encryption and the at least one characteristic are attributes of the content rendering entity.
4. A network apparatus according to claim 1 , wherein the at least one characteristic includes at least one of: a model identifier, a serial number, a print service provider identity, location or country data, software version data, and firmware version data.
5. A network apparatus according to claim 1 , wherein the content rendering entity is one of: an image forming apparatus, a 3D printer, or a raster image processor (RIP) for generating raster images from print data, or a print service provider (PSP).
6. A network apparatus according to claim 1 , wherein the network apparatus is a cloud computing server.
7. A method for distributing a private decryption key, to a content rendering entity in a computer network, comprising: obtaining a master private decryption key; generating a private decryption key based on at least one characteristic of a content rendering entity, using the master private decryption key; distributing the private decryption key to a content rendering entity having the at least one characteristic.
8. A method according to claim 7, wherein obtaining the master private decryption key includes obtaining the master private decryption key from a trusted entity.
9. A method according to claim 7, wherein generating the private decryption key is performed using identity-based encryption or attribute-based encryption.
10. A method according to claim 7, wherein the private decryption key is generated in response to a request made by the content rendering entity.
11. A method according to claim 10, wherein the request is a registration request to register the content rendering entity with a cloud computing service and includes data indicative of the characteristic.
12. A method according to claim 7, wherein the private decryption key is distributed to the content rendering entity using a secure key distribution protocol.
13. A system, in a computer network, comprising: a rendering entity for performing a rendering process using rendering data; a trusted entity; and a cloud-based apparatus comprising: a key generation module arranged to derive a private decryption key, for the rendering entity, using a master private decryption key obtained from the trusted entity and data indicative of a property of the rendering service or device; and a distribution module arranged to distribute the generated private decryption key to the rendering entity.
14. A system according to claim 13, further comprising a content generator arranged to: obtain an encryption key associated with the master private decryption key; select at least one characteristics of a rendering entity; functionally encrypt rendering data using the encryption key and the at least one property of the rendering entity.
15. A non-transitory machine-readable storage medium encoded with instructions executable by a processor, the machine-readable storage medium comprising instructions to: obtain a master private decryption key; generate a private decryption key based on at least one characteristic of a content rendering entity, using the master private decryption key; and distribute the private decryption key to a content rendering entity having the at least one characteristic.
PCT/US2019/065024 2019-12-06 2019-12-06 Key distribution WO2021112877A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2019/065024 WO2021112877A1 (en) 2019-12-06 2019-12-06 Key distribution

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2019/065024 WO2021112877A1 (en) 2019-12-06 2019-12-06 Key distribution

Publications (1)

Publication Number Publication Date
WO2021112877A1 true WO2021112877A1 (en) 2021-06-10

Family

ID=76222651

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2019/065024 WO2021112877A1 (en) 2019-12-06 2019-12-06 Key distribution

Country Status (1)

Country Link
WO (1) WO2021112877A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030005285A1 (en) * 2001-06-29 2003-01-02 Graunke Gary L. Method and apparatus for distributing keys for decrypting and re-encrypting publicly distributed media
US20120240240A1 (en) * 2002-08-15 2012-09-20 Mats Naslund Monitoring of digital content
US20130028415A1 (en) * 2010-04-27 2013-01-31 Nippon Telegraph And Telephone Corporation Cryptographic processing system, key generation device, encryption device, decryption device, signature processing system, signature device, and verification device
US20150049359A1 (en) * 2013-08-19 2015-02-19 Samsung Electronics Co., Ltd. Cloud printing system and method using image forming apparatus

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030005285A1 (en) * 2001-06-29 2003-01-02 Graunke Gary L. Method and apparatus for distributing keys for decrypting and re-encrypting publicly distributed media
US20120240240A1 (en) * 2002-08-15 2012-09-20 Mats Naslund Monitoring of digital content
US20130028415A1 (en) * 2010-04-27 2013-01-31 Nippon Telegraph And Telephone Corporation Cryptographic processing system, key generation device, encryption device, decryption device, signature processing system, signature device, and verification device
US20150049359A1 (en) * 2013-08-19 2015-02-19 Samsung Electronics Co., Ltd. Cloud printing system and method using image forming apparatus

Similar Documents

Publication Publication Date Title
US11128447B2 (en) Cryptographic operation method, working key creation method, cryptographic service platform, and cryptographic service device
US8924709B2 (en) Print release with end to end encryption and print tracking
US20160127128A1 (en) Management of cryptographic keys
WO2013144553A1 (en) Method and system for network data access
US11838409B2 (en) Method and apparatus for transferring data in a publish-subscribe system
EP2832035B1 (en) Security
US20220171832A1 (en) Scalable key management for encrypting digital rights management authorization tokens
CN112787822B (en) SM 9-based attribute encryption method and system under large attribute set
WO2021105756A1 (en) Method and system for a verifiable identity based encryption (vibe) using certificate-less authentication encryption (clae)
Shanthi et al. Efficient secure system of data in cloud using steganography based cryptosystem with FSN
Oudkerk et al. Cryptographic access control in support of object level protection
WO2021112877A1 (en) Key distribution
CN114629634A (en) Encrypted communication system, encrypted communication method, and encrypted communication device
SATHEESH et al. A NOVEL HARDWARE PARAMETERS BASED CLOUD DATA ENCRYPTION AND DECRYPTION AGAINST UNAUTHORIZED USERS.
Parit et al. Ciphertext Policy Attribute Based Encryption
Kim et al. Certificateless Group to Many Broadcast Proxy Reencryptions for Data Sharing towards Multiple Parties in IoTs
Mahmoud et al. A robust cryptographic‐based system for secure data sharing in cloud environments
Eswara Narayanan et al. A highly secured and streamlined cloud collaborative editing scheme along with an efficient user revocation in cloud computing
EP4283918B1 (en) Methods and arrangements for enabling secure digital communications among a group
Vijayalakshmi et al. Authentication of data storage using decentralized access control in clouds
Karrothu et al. An Escrow-Free and Authenticated Group Key Management in Internet of Things
JP2009232012A (en) Secret data communication system and program
Mallela et al. Verifiable Delegation for Secure Outsourcing in Cloud computing
Xu et al. Achieving Data Security, Access Control and Authentication of Controllers in Hierarchical Software Defined Networking with Attribute Based Encryption
Kalpana et al. Homomorphic Encryption Environment-Service Provider based Encryption and Decryption Endpoints for Third-party Cloud Provider,(IJCSIS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19955168

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19955168

Country of ref document: EP

Kind code of ref document: A1