Abstract
A broadcast encryption method that allows a broadcaster to send encrypted content to a set of users such that only a subset of authorized users can decrypt the content, and to perform both temporary and permanent revocation of users. Accordingly, during a Setup stage, a Key Service generates a public key and a Master Secret Key (MSK) and sends the Public Parameters PP used to generate the public key to a broadcaster and to all users. The broadcaster uses the Public Parameters PP to create a message M, with which the broadcaster encrypts the content, and further creates a Cipher Text (CT), which is sent to all users. During a Key Gen stage, whenever a user wishes to decrypt the message M for decrypting the content, the user sends a request with his ID1 to the Key Service. The Key Service generates a corresponding secret key SKID1 and the secret key SKID1 is sent to the user ID1 via a secure data channel. During a Decrypt stage, the user uses the secret key SK ID1 , to decrypt the Cipher Text (CT) and obtain the message M. During a Revoke stage of k users (k=1,2,3,….) a State Update Message (SUM) which is sent to all users, is provided and each user updates his state with the SUM he received, such that the k users having identities ID1, ID2,…. IDk will not be able to update their state and will be permanently revoked, while all the remaining users being admitted users will be able to update their state and will not be revoked. Temporary revocation is done by inserting a list of IDs (ID1, ID2,…. IDk) to be revoked into the CT.
Original language | English |
---|---|
Patent number | WO2018207187 |
IPC | H04N 21/ 266 A I |
Priority date | 14/08/17 |
State | Published - 15 Nov 2018 |