[특허]Blinded encryption and decryption

Blinded encryption and decryption 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-009/00
출원번호	US-0664799 (2003-09-18)
등록번호	US-7363499 (2008-04-22)
발명자 / 주소	Perlman,Radia J
출원인 / 주소	Sun Microsystems, Inc.
대리인 / 주소	Osha��Liang LLP
인용정보	피인용 횟수 : 12 인용 특허 : 19

초록 ▼

A method and system for utilizing and encryption or decryption agent so as to preclude access by the encryption agent or decryption agent, respectively, to the information being encrypted or decrypted. To preclude access by the encryption agent, a blinding function is applied to the information prior to forwarding such information to the encryption agent for encryption. To preclude access to the information by the decryption agent, a blinding function is applied to the encrypted information prior to forwarding the encrypted information to the decryption agent for decryption. Once the information has been returned, the information is unblinded, leaving an encrypted or decrypted message respectively.

대표청구항 ▼

What is claimed is: 1. A method for performing blind decryption of a message M, wherein said message is encrypted by a first node using an encryption function to form an encrypted message, the method comprising the steps of: blinding said encrypted message with a blinding function z to form a blinded and encrypted message, wherein z has an inverse z-1; in a first communicating step, communicating said blinded and encrypted message to a decryption agent; decrypting said blinded and encrypted message by said decryption agent using a decryption function to form a blinded message, wherein said decryption function is the inverse of said encryption function; in a second communicating step, communicating said blinded message to said first node; and unblinding said blinded message using z-1, to obtain said message M, wherein said decryption function comprises an ephemeral decryption key. 2. The method of claim 1 wherein said first node and said decryption agent are communicably coupled via a network, and at least one of said first and second communicating steps comprises the step of communicating the respective message over said network. 3. The method of claim 2 wherein said first and second communicating steps comprise communicating the respective messages over said network. 4. The method of claim 1 wherein said first communicating step comprises the step of communicating said blinded and encrypted message from said first node to said decryption agent via an anonymizer node and said second communicating step comprises the step of communicating said blinded message from said decryption agent to said first nose via said anonymizer node. 5. The method of claim 1 further including the step of rendering said ephemeral decryption key unusable after a predetermined time. 6. The method of claim 1 further including the step of generating said message M at said first node. 7. The method of claim 1 wherein said encryption and decryption functions are, respectively, public and private keys of a public key pair. 8. The method of claim 7 wherein said public and private keys comprise a RSA public/private key of the form (e,n) and (d,n), respectively. 9. The method of claim 8 wherein said blinding function, z, is a blinding number of R having an inverse R-1 that satisfies R*R-1=1 mod n and wherein said blinding step includes the step of forming said blinded and encrypted message as the product (Re*Me mod n) where (Me mod n) is said message M encrypted using said public encryption key. 10. The method of claim 9 wherein the decryption step includes raising the product ((Re*Me) mod n) to the power d mod n, forming ((Re*Me) mod n))d mod n to form said blinded message R*M mod n. 11. The method of claim 10 wherein the unblinding step includes unblinding said blinded message R*M mod n using R-1 obtain said message M. 12. The method of claim 9 further including the step of generating an integer random number and utilizing said random number as the blinding number R. 13. The method of claim 9 further comprising the steps of: obtaining a public key associated with said decryption agent, wherein said public key is a Diffie-Hellman public key of the form gx mod p; selecting a blinding number, y, having an inverse blinding function y-1 that satisfies y*y-1=1 mod p-1; raising said public key gx mod p to the power y to obtain gxy mod p; raising g to the power y to form gy mod p; encrypting said message M using gxy mod p to form said encrypted message of the form {M}gxy mod p; saving a copy of said encrypted message {M}gxy mod p; and saving a copy of gy mod p by said first node. 14. The method of claim 13 wherein said step of decrypting said blinded and encrypted message by said first node includes: selecting a blinding number, w, having an inverse blinding number w-1 that satisfies w*w-1=1 mod p-1; raising, by said first node, said public key gx mod p to the power w to obtain gyw mod p; forwarding gyw mod p to said decryption agent; receiving gxyw mod p from said decryption agent; raising gxyw mod p to said inverse blinding number, w-1, to form gxy mod p; and decrypting said encrypted message {M}gxy mod p using gxy mod p to obtain said message M. 15. The method of claim 13 wherein said blinding number, y, is a randomly selected integer. 16. The method of claim 14 wherein said blinding number, w, is a randomly selected integer. 17. A method for performing blind decryption of a message M, wherein said message is encrypted by a first node using an encryption function to form an encrypted message, the method comprising the steps of: blinding said encrypted message with a blinding function z to form a blinded and encrypted message, wherein z has an inverse z-1; in a first communicating step, communicating said blinded and encrypted message to a decryption agent; decrypting said blinded and encrypted message by said decryption agent using a decryption function to form a blinded message, wherein said decryption function is the inverse of said encryption function; in a second communicating step, communicating said blinded message to said first node; unblinding said blinded message using z-1, to obtain said message M; selecting a blinding number y having an inverse blinding number y-1; blinding said message M using said blinding number y to form a first blinded message; forwarding said first blinded message to an encryption agent; encrypting, by said encryption agent, said first blinded message to form a first blinded and encrypted message wherein said encryption is performed using said encryption function and wherein said encryption function and said corresponding decryption function are secret encryption and decryption keys, respectively; forwarding said first blinded and encrypted message from said encryption agent to said first node; and unblinding said first blinded and encrypted message using inverse blinding number y-1 to form said encrypted message. 18. The method of claim 17 wherein step of blinding said message using said blinding number y to form said first blinded message includes a step of raising said message M to the power y mod p. 19. The method of claim 18 wherein said secret encryption key is a value x and wherein said secret decryption key is x-1 and wherein said step of encrypting said blinded message includes the step of raising said first blinded message My mod p to the power x mod p to form said first blinded and encrypted message. 20. The method of claim 19 wherein said step of unblinding said first blinded and encrypted message includes the step of raising said first blinded and encrypted message Mxy mod p to the power y-1 mod p, to obtain said encrypted message Mx mod p. 21. The method of claim 20 wherein said step of decrypting said first blinded message by said decryption agent includes the step of raising said first blinded message to said secret decryption key x-1 to form a second blinded message Mz mod p. 22. A system for performing blind decryption of a message M comprising: a first node and a decryption agent communicably coupled via a communications network; said first node operative to: encrypt said message using an encryption function to form an encrypted message; blind said encrypted message with a blinding function z to form a blinded and encrypted message, wherein z has an inverse z-1; communicate said blinded and encrypted message to a decryption agent; decrypt said blinded and encrypted message by said decryption agent using a decryption function to form a blinded message, wherein said decryption function is the inverse of said encryption function; communicate said blinded message to said first node; and unblind said blinded message using z-1, to obtain said message M, wherein said decryption function comprises an ephemeral decryption key. 23. A computer program product including a computer readable medium, said computer readable medium having a computer program stored thereon for use in blinded ephemeral decryption, said computer program being executable on processors in a first node and a decryption agent respectively, said computer program product comprising: program code for execution on said processor in said first node for blinding said encrypted message with a blinding function z to form a blinded and encrypted message, wherein z has an inverse z-1 and for communicating said blinded and encrypted message to a decryption agent; program code for execution on said processor in said decryption agent for decrypting said blinded and encrypted message by said decryption agent using a decryption function to form a blinded message, wherein said decryption function is the inverse of said encryption function and for communicating said blinded message to said first node; and program code for execution on said processor in said first node for unblinding said blinded message using z-1, to obtain said message M, wherein said decryption function comprises an ephemeral decryption key. 24. The method of claim 17, wherein said step of decrypting said first blinded message by said decryption agent includes the step of raising said first blinded message to said secret decryption key x-1 to form a second blinded message Mz mod p.

이 특허에 인용된 특허 (19)

Molva Refik (Juan-Les-Pins EPX) Tsudik Gene (Thalwil EPX), Authentication method and system with a smartcard.
상세보기
Spelman Jeffrey F. (Duvall WA) Thomlinson Matthew W. (Bellvue WA), Blind encryption.
상세보기
Chaum David L. (14652 Sutton St. Sherman Oaks CA 91306), Blind signature systems.
상세보기
Ganesan Ravi, Computer system for securing communications using split private key asymmetric cryptography.
상세보기
Steven T. Ansell ; Andrew R. Cherenson ; Mark E. Paley ; Steven B. Katz ; John Michael Kelsey, Jr. ; Bruce Schneier, Copy security for portable music players.
상세보기
Sumner Terence Edward, Encryption and decryption method and apparatus.
상세보기
Lewis Tony, Key replacement in a public key cryptosystem.
상세보기
Jakobsson Markus, Method and apparatus for encrypting, decrypting, and providing privacy for data values.
상세보기
Zubeldia Pedro ; Romney Gordon W., Method and apparatus for managing key revocation.
상세보기
Bellare Mihir M. (New York NY) Rogaway Phillip W. (Austin TX), Method and apparatus for three-party entity authentication and key distribution using message authentication codes.
상세보기
Jenkins Lew ; Pasetes ; Jr. Emmanuel K., Method and system for providing secure EDI over an open network.
상세보기
Zolotorev,Oleg Anatolievich; Kuznetsov,Ivan Vladimirovich; Moshonkin,Andrei Gennadievich; Smirnov,Alexandr Leonidovich; Khamitov,Ildar Magafurovich, Method for making a blind RSA-signature and apparatus therefor.
상세보기
Silverbrook Kia,AUX ; Walmsley Simon Robert,AUX, Method for making a chip tamper-resistant.
상세보기
Puhl Larry C. (Sleepy Hollow IL) Finkelstein Louis D. (Wheeling IL) Dabbish Ezzat A. (Cary IL), Method for providing blind access to an encryption key.
상세보기
Chaum David (14652 Sutton St. Sherman Oaks CA 91403), One-show blind signature systems.
상세보기
Morgan Stephen P. ; Russell Lance W. ; Reed Benjamin Clay, Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same.
상세보기
Spies Terence R. ; Simon Daniel R., System and method for secure purchase and delivery of video content programs.
상세보기
Chaum David (14652 Sutton St. Sherman Oaks CA 91403), Undeniable signature systems.
상세보기
Vaeth J. Stuart ; Walton Charles S., Virtual certificate authority.
상세보기

이 특허를 인용한 특허 (12)

Raciborski, Nathan F.; Kokal, Mohan I., Consistent browser file download.
상세보기
Garrett, Duncan; Roberts, Dave; Smets, Patrik, Electronic authentication systems.
상세보기
Mestré, Patrick; Smets, Patrik, Electronic authentication systems.
상세보기
Smets, Patrik; Mestre, Patrick; Roberts, Dave; Garret, Duncan, Electronic authentication systems.
상세보기
Kaji, Yuichi, Encryption key generation device.
상세보기
Wang, Changjie; Ma, Fulong; Li, Hui, Method and device for managing digital content.
상세보기
Raciborski, Nathan F.; Thompson, Mark R., Multiple object download.
상세보기
Raciborski, Nathan F.; Gordon, Michael M., Rich content download.
상세보기
Riegel, Brian M.; Sherry, James S., Token-based security for links to media streams.
상세보기
Riegel, Brian M.; Sherry, James S., Token-based security for links to media streams.
상세보기
Talvensaari, Michael Dean; Zenoni, Ian, Token-based security for remote resources.
상세보기
Talvensaari, Michael Dean; Zenoni, Ian, Token-based security for remote resources.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Blinded encryption and decryption 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (19)

이 특허를 인용한 특허 (12)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Blinded encryption and decryption 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (19)

이 특허를 인용한 특허 (12)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트