Encryption techniques for improved sharing and distribution of encrypted content
US-9374373-B1 · Jun 21, 2016 · US
Content management systems and methods using proxy reencryption
US12021984B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12021984-B2 |
| Application number | US-202217829241-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 31, 2022 |
| Priority date | May 25, 2018 |
| Publication date | Jun 25, 2024 |
| Grant date | Jun 25, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
This disclosure relates to systems and methods for managing protected electronic content using proxy reencryption techniques. Rights management architectures are described that may, among other things, provide end-to-end protection of content keys from their point of origination at a content creator and/or content service to end user devices. Proxy reencryption techniques consistent with aspects of the disclosed embodiments may enable transformation of a ciphertext under one public key to a ciphertext containing the same plaintext under another public key. Consistent with embodiments disclosed herein, proxy reencryption processes may be implemented using indistinguishability obfuscation and puncturable public-key encryption schemes, functional encryption, and/or white box obfuscation techniques.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for managing data performed by an electronic data service system comprising a processor and a non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the electronic data access management system to perform the method, the method comprising: receiving, from a user system, a public encryption key of the user system; encrypting a plaintext data access key with a public encryption key of the electronic data service system to generate an encrypted data access key; generating, based on the public encryption key of the user system and a private encryption key of the electronic data service system, a reencryption key; generating a protected reencryption program, the protected reencryption program comprising the reencryption key and being configured to generate a reencrypted data access key using the reencryption key and the encrypted data access key, wherein the reencrypted data access key comprises the plaintext data access key encrypted with the public encryption key of the user system, and wherein the protected reencryption program is configured to generate the reencrypted data access key without exposing the plaintext data access key outside the protected reencryption program during execution of the protected reencryption program; and transmitting the protected reencryption program and the encrypted data access key to an electronic data access management system. 2. The method of claim 1 , wherein the protected reencryption program comprises an obfuscated program. 3. The method of claim 2 , wherein the protected reencryption program is obfuscated using indistinguishability obfuscation. 4. The method of claim 2 , wherein the protected reencryption program is obfuscated using whitebox cryptographic obfuscation. 5. The method of claim 1 , wherein the plaintext data access key is configured to decrypt associated protected data. 6. The method of claim 5 , wherein the protected data comprises protected content. 7. The method of claim 6 , wherein the plaintext data access key comprises a content key. 8. The method of claim 1 , wherein the protected reencryption program is associated with a system identifier associated with the user system. 9. The method of claim 8 , wherein the method further comprises transmitting the system identifier associated with the protected reencryption program to the electronic data access management system. 10. The method of claim 1 , wherein the plaintext data access key is configured to decrypt associated protected data and the protected reencryption program is associated with a data identifier associated with the protected data. 11. The method of claim 10 , wherein the method further comprises transmitting the data identifier associated with the protected reencryption program to the electronic data access management system. 12. The method of claim 1 , wherein the public encryption key of the user system is received from the user system as part of a system registration process. 13. The method of claim 1 , wherein the method further comprises storing the received public encryption key of the user system in a system information database managed by the electronic data service system. 14. The method of claim 13 , wherein the method further comprises storing the reencryption key in the system information database managed by the electronic data service system. 15. The method of claim 1 , wherein the method further comprises transmitting the received public encryption key of the user system to a remote system information database management service for storage. 16. The method of claim 15 , wherein the method further comprises transmitting the reencryption key to the remote system information database management service for storage. 17. The method of claim 1 , wherein the method further comprises receiving, at the electronic data service system from the user system, a data request message, the data request message comprising a request to access protected data. 18. The method of claim 17 , wherein the data request message further comprises at least one of a data identifier associated with the protected data and information associated with the user system. 19. The method of claim 18 , wherein the method further comprises determining whether the user system is authorized to access the protected data based on the data request message. 20. The method of claim 19 , wherein determining whether the user system is authorized to access the protected data based on the data request message comprises determining that the user system is authorized to access the protected data and, in response, transmitting a response message to the user system signed using a private key associated with the electronic data service system.
Assignees
Inventors
Classifications
Proxy, i.e. using intermediary entity to perform cryptographic operations · CPC title
Digital right managament [DRM] · CPC title
Obfuscation or hiding, e.g. involving white box · CPC title
Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation · CPC title
using a plurality of keys or algorithms · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12021984B2 cover?
- This disclosure relates to systems and methods for managing protected electronic content using proxy reencryption techniques. Rights management architectures are described that may, among other things, provide end-to-end protection of content keys from their point of origination at a content creator and/or content service to end user devices. Proxy reencryption techniques consistent with aspect…
- Who is the assignee on this patent?
- Intertrust Tech Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L9/30. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 25 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).