IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0015360
(2011-01-27)
|
등록번호 |
US-8683230
(2014-03-25)
|
발명자
/ 주소 |
- England, Paul
- Peinado, Marcus
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
1 인용 특허 :
173 |
초록
▼
In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows the data to be obtained from the ciphertext only if one or more conditions are satisfied. In accordance with another aspec
In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows the data to be obtained from the ciphertext only if one or more conditions are satisfied. In accordance with another aspect, a bit string is received from a calling program. Data in the bit string is decrypted using public key decryption and returned to the calling program only if one or more conditions included in the bit string are satisfied.
대표청구항
▼
1. A method comprising: obtaining data to be sealed and one or more conditions that are to be satisfied in order for the data to be unsealed;sealing the data in response to a request by a caller by encrypting, in a device and using public key encryption, both the data and the one or more conditions
1. A method comprising: obtaining data to be sealed and one or more conditions that are to be satisfied in order for the data to be unsealed;sealing the data in response to a request by a caller by encrypting, in a device and using public key encryption, both the data and the one or more conditions to generate a ciphertext that includes both the encrypted data and the encrypted one or more conditions, the data not being unsealed if the one or more conditions are not satisfied, the one or more conditions including a logical formula to be evaluated and the one or more conditions being satisfied only if the logical formula evaluates true; andreturning the ciphertext to the caller. 2. A method as recited in claim 1, the data comprising a cryptographic key. 3. A method as recited in claim 1, obtaining the data comprising receiving the data as part of a PKSeal operation. 4. A method as recited in claim 1, the logical formula comprising a statement written in first order logic. 5. A method as recited in claim 1, the logical formula comprising a statement written in predicate logic. 6. A method as recited in claim 1, the one or more conditions further including a digest of a target program to which the data can be revealed, the one or more conditions being satisfied only if both the logical formula evaluates true and a digest of a program requesting that the data be unsealed is the digest of the target program. 7. A method comprising: invoking, in a device, an operation of a guard to seal data; andreceiving, in response to invoking the operation, a ciphertext generated by the guard when sealing the data, the ciphertext including both the data and one or more conditions that are to be satisfied in order for the data to be unsealed, the one or more conditions including a logical formula to be evaluated and the one or more conditions being satisfied only if the logical formula evaluates true, the data not being unsealed if the one or more conditions are not satisfied, the data and the one or more conditions having been encrypted using public key encryption. 8. A method as recited in claim 7, the operation comprising a PKSeal operation. 9. A method as recited in claim 7, the invoking the operation comprising passing the data as an input to the operation. 10. A method as recited in claim 7, the invoking the operation comprising passing at least one of the one or more conditions as an input to the operation. 11. A method as recited in claim 7, the data comprising a cryptographic key. 12. A method as recited in claim 7, the logical formula comprising a statement written in first order logic. 13. A method as recited in claim 7, the logical formula comprising a statement written in predicate logic. 14. A computing device having one or more components implemented at least in part in hardware and that perform acts comprising: invoking, in the computing device, an operation of a guard to have ciphertext decrypted; andreceiving from the guard, in response to invoking the operation, decrypted data from the ciphertext only if one or more conditions included in the ciphertext are satisfied, the one or more conditions including a logical formula and the one or more conditions being satisfied only if the logical formula evaluates true, the ciphertext being decrypted using public key decryption. 15. A computing device as recited in claim 14, the operation comprising a PKUnseal operation. 16. A computing device as recited in claim 14, the invoking the operation comprising passing the ciphertext as an input to the operation. 17. A computing device as recited in claim 14, the invoking the operation comprising passing a pointer to the ciphertext as an input to the operation. 18. A computing device as recited in claim 14, the data comprising a cryptographic key. 19. A computing device as recited in claim 14, the logical formula comprising a statement written in first order logic. 20. A computing device as recited in claim 14, the logical formula comprising a statement written in predicate logic.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.