US20140321651A1 - Distribution of keys for encryption/decryption - Google Patents
Distribution of keys for encryption/decryption Download PDFInfo
- Publication number
- US20140321651A1 US20140321651A1 US14/330,384 US201414330384A US2014321651A1 US 20140321651 A1 US20140321651 A1 US 20140321651A1 US 201414330384 A US201414330384 A US 201414330384A US 2014321651 A1 US2014321651 A1 US 2014321651A1
- Authority
- US
- United States
- Prior art keywords
- event
- key
- attendee
- keys
- wireless transmitter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00132—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture in a digital photofinishing system, i.e. a system where digital photographic images undergo typical photofinishing processing, e.g. printing ordering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00132—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture in a digital photofinishing system, i.e. a system where digital photographic images undergo typical photofinishing processing, e.g. printing ordering
- H04N1/00137—Transmission
- H04N1/0014—Transmission via e-mail
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00132—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture in a digital photofinishing system, i.e. a system where digital photographic images undergo typical photofinishing processing, e.g. printing ordering
- H04N1/00148—Storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00132—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture in a digital photofinishing system, i.e. a system where digital photographic images undergo typical photofinishing processing, e.g. printing ordering
- H04N1/00161—Viewing or previewing
- H04N1/00164—Viewing or previewing at a remote location
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00204—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
- H04N1/00209—Transmitting or receiving image data, e.g. facsimile data, via a computer, e.g. using e-mail, a computer network, the internet, I-fax
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00204—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
- H04N1/00209—Transmitting or receiving image data, e.g. facsimile data, via a computer, e.g. using e-mail, a computer network, the internet, I-fax
- H04N1/00212—Attaching image data to computer messages, e.g. to e-mails
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00204—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
- H04N1/00244—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server with a server, e.g. an internet server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00347—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with another still picture apparatus, e.g. hybrid still picture apparatus
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/44—Secrecy systems
- H04N1/448—Rendering the image unintelligible, e.g. scrambling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26613—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/27—Server based end-user applications
- H04N21/274—Storing end-user multimedia data in response to end-user request, e.g. network recorder
- H04N21/2743—Video hosting of uploaded data from client
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/414—Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
- H04N21/41407—Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance embedded in a portable device, e.g. video client on a mobile phone, PDA, laptop
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/436—Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/4508—Management of client data or end-user data
- H04N21/4524—Management of client data or end-user data involving the geographical location of the client
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4627—Rights management associated to the content
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/61—Network physical structure; Signal processing
- H04N21/6106—Network physical structure; Signal processing specially adapted to the downstream path of the transmission network
- H04N21/6131—Network physical structure; Signal processing specially adapted to the downstream path of the transmission network involving transmission via a mobile phone network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/61—Network physical structure; Signal processing
- H04N21/6156—Network physical structure; Signal processing specially adapted to the upstream path of the transmission network
- H04N21/6181—Network physical structure; Signal processing specially adapted to the upstream path of the transmission network involving transmission via a mobile phone network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N2201/00—Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
- H04N2201/0008—Connection or combination of a still picture apparatus with another apparatus
- H04N2201/0034—Details of the connection, e.g. connector, interface
- H04N2201/0048—Type of connection
- H04N2201/0055—By radio
Definitions
- SenseCam is a wearable camera developed by Microsoft Research which can be used to assist with memory recall by enabling a user to rewind through the recent events experienced by the wearer of the device. This may be particularly useful for memory-impaired individuals, or where an individual has experienced a traumatic event (e.g. an elderly person's fall resulting in injury). There are many other possible uses for SenseCam.
- the device can capture very large numbers of images and in addition to capturing images, the device also records sensor data, such as movement, light level and temperature periodically.
- This sensor data is used to trigger the capturing of images, for example, when there is a change in light level or sudden movement.
- a change in light level may indicate that a user has moved from one room to another, or from inside to outside and therefore the image captured will indicate a change in location (and environment) of the wearer.
- the device has a wide angle or fish-eye lens so that the user does not need to worry about pointing the device in a particular direction.
- An accelerometer is used for image stabilisation.
- a user may generate a huge collection of digital images that they may wish to distribute with others.
- the size of the image files coupled with typical internet connection speeds and mailbox size limits means that often it is not feasible to distribute more than a very select few images by email. Instead, images may be uploaded to a website where they can be viewed and downloaded by others.
- images may be uploaded to a website where they can be viewed and downloaded by others.
- many people may be reluctant to publish collections of images, which may be of a personal event such as a holiday or birthday celebration, in such a publicly accessible manner.
- the present example provides a method of encryption comprising the steps of: identifying a key associated with an event; encrypting data using the identified key; and publishing the encrypted data and details of the event.
- the access to the decrypted data can be limited to those attending the event.
- This enables the encrypted data to be published in a publicly accessible location whilst still controlling access to the decrypted data.
- the details of the event comprise at least one of: a date, a time, a day of a week, a location, an attendee list and an event name.
- the method may further comprise the step of: transmitting the identified key using a wireless transmitter.
- the transmitting step may be performed at the event.
- this communicates the key for the event to attendees at the event.
- the step of identifying a key comprises: at the event, receiving the key via a wireless receiver; and storing the key associated with the details of the event.
- this allows an attendee at an event to use a key received at an event to encrypt data associated with that event.
- the method may further comprise the step of: identifying at least one additional key associated with the event; and the step of encrypting may comprise: encrypting the data using the identified keys, such that the encrypted data can be decrypted using a subset of the identified keys.
- the subset of the identified keys comprises all the identified keys.
- the step of publishing comprises: making the encrypted data and the details of the event available via at least one of: a website, a public folder, an email and a server.
- this enables the encrypted data to be posted in a publicly available place over a large bandwidth connection.
- the step of encrypting comprises: selecting data comprising a plurality of parts; determining a sensitivity rating for each part of the data; and encoding those parts of the data having a sensitivity rating exceeding a predefined value
- the step of publishing comprises: publishing the encrypted parts of the data, unencrypted parts of the data having a sensitivity below the predefined value and the details of the event.
- this enables publication of less sensitive information without encryption and publication of more sensitive information with encryption. It only uses encryption where it is wanted and reduces the complexity of the publication of information.
- the data comprises at least one of: a digital photograph, a video clip and an audio clip.
- a second example provides a computer program comprising computer program code means adapted to perform all the steps of any of the methods of encryption described above when said program is run on a computer.
- the computer program may be embodied on a computer readable medium.
- a third example provides a method of decryption comprising the steps of: accessing encrypted data and details of an event; identifying a key associated with the event; and decrypting the encrypted data using the identified key.
- the access to the key can be limited to those attending the event, such that only attendees can decrypt the data.
- the details of the event comprise at least one of: a date, a time, a day of a week, a location, an attendee list and an event name.
- the method may further comprise the steps of: at the event, receiving the key via a wireless receiver; and storing the key associated with the details of the event, and the step of identifying a key may comprise: retrieving a stored key associated with the event.
- the method may further comprise the step of: at the event, transmitting the identified key using a wireless transmitter.
- the method may further comprise the step of: identifying at least one additional key associated with the event; and the step of decrypting may comprise: decrypting the data using at least one of the identified keys.
- the step of accessing comprises: retrieving the encrypted data and the details of the event from one of: a website, a public folder, an email and a server.
- a fourth example provides a computer program comprising computer program code means adapted to perform all the steps of any of the methods of decryption described above when said program is run on a computer.
- the computer program may be embodied on a computer readable medium.
- the methods described herein may be performed by software in machine readable form on a storage medium.
- the software can be suitable for execution on a parallel processor or a serial processor such that the method steps may be carried out in any suitable order, or simultaneously.
- FIG. 1 is a schematic diagram of six individuals in a meeting room
- FIG. 2 is an example flow diagram for distribution of keys for encryption/decryption
- FIG. 3 is an example flow diagram of the decryption process performed by an attendee at an event
- FIG. 4 shows a schematic diagram of group of people at an event
- FIG. 5 is an example flow diagram of example encryption and decryption processes performed by an attendee at an event
- FIG. 6 shows an example flow diagram for use of multiple keys for encryption/decryption
- FIG. 7 shows a schematic diagram of three wireless transmitters and their coverage areas.
- FIG. 8 shows a table of the numbers received by each of the devices shown in FIG. 7 .
- an individual In a situation where an individual wishes to share large amounts of data, such as a collection of digital photographs taken at an event, the individual can post the data to a web site which can be accessed by those at the event.
- the data is personal (e.g. wedding photographs) or otherwise sensitive in nature, the individual may not wish to make the data available to all.
- the individual could password protect either the data or access to the particular web site and then tell all those at the event the password required to access the material.
- this relies on the individual remembering to tell everyone and may be time consuming.
- this may not be practical or possible. For example, the individual may not know all the other attendees at the event, (e.g.
- FIG. 1 is a schematic diagram of six individuals 102 , labelled A-F, in a meeting room 104 and FIG. 2 shows an example flow diagram for distribution of keys for encryption/decryption.
- meeting attendee A is wearing a SenseCam (as described above) he may wish to share the images taken during the meeting with the other five attendees (users B-F) but not with anyone who did not attend the meeting.
- An encryption key is identified (step 201 ) by the SenseCam device (e.g. by generating a key using a key generation program) and this encryption key is transmitted via a wireless link to wireless-capable devices carried by the other attendees (step 202 ).
- wireless-capable devices examples include mobile telephones, PDAs (personal digital assistants), laptop computers and SenseCams.
- Suitable wireless technologies include Bluetooth, infrared and WiFi. It may be beneficial to select a wireless technology for transmission of the key which has a range which is limited to the same as (or less than) the area of the event. In other examples, transmission methods with larger ranges may be used (see description below with reference to FIG. 7 ).
- connection which does not involve a physical connection, i.e. a connection which is not ‘wired’. It encompasses free space communication using any part of the electromagnetic spectrum including RF communication, infra-red communication and free space optical communication.
- the images from the meeting are encrypted such that they can be decrypted using the distributed key (step 203 ).
- the images can then be distributed by posting them in an encrypted form in an accessible place (step 204 ), e.g. on a web page, a server or a public folder on a computer, or by sending them by email.
- the encrypted data may be accessed by many people, or in fact by anybody if they are posted on a public web site, the only people who can decrypt the data are the attendees A-F at the meeting who received the key at the meeting in question.
- the key is transmitted (in step 202 ) prior to the encoding of the images (in step 203 ).
- This is by way of example only and the steps could be performed in an alternative order or substantially simultaneously.
- the encryption step By transmitting the key in advance of performing the encryption, as in FIG. 2 , this allows the encryption step to be performed either on the camera device (i.e. on the SenseCam in this example) or subsequently on a computer once the images have been downloaded.
- Performing encryption on the camera is the most secure option because it means that the unencrypted images do not leave the camera and so there is less chance of them being disseminated or accessed by a third party.
- the identification and transmission of the key (steps 201 and 202 ) could be performed by a wireless-capable device other than the SenseCam and the encryption and publication steps (steps 203 and 204 ) could be performed on a computer.
- the key is described as being identified. This may comprise selection of the key from a list of keys that have previously been generated, generation of a key or any other suitable method to obtain a key.
- the key may be identified by generating a key either as part of the process of encrypting the data or by any other means.
- FIG. 3 shows an example flow diagram of the decryption process performed by an attendee at the event, e.g. attendee B.
- Attendee B receives the key on a wireless-capable device, such as a PDA, which is equipped with a wireless receiver or transceiver (step 301 ).
- the key is then stored associated with details of the meeting (step 302 ).
- the key may be stored in the calendar entry for the meeting or the key may be stored along with a time and date stamp (and location stamp if available) indicating when (and where, if known) the key was received.
- attendee B accesses the encrypted data associated with the meeting (step 303 ), e.g. by downloading the encrypted file from a web site, and then uses the stored key to decrypt the data (step 304 ).
- an attendee may also receive a pointer (e.g. a url) detailing where to find the encrypted data.
- the pointer may be transmitted by the same transmitter as the key or may be transmitted independently from the key.
- the key transmitted at an event may be used in combination with a second key transmitted separately, for example, with the invitation to the event (e.g. within the Microsoft Outlook (trade mark) meeting invitation).
- the material to be disseminated to those at the event is encrypted in such a manner that both keys are required to be able to decrypt the data and an individual who has only one of the two keys cannot decrypt the data. This would prevent an individual from being able to access the data by eavesdropping on the key transmission whilst still limiting access to those individuals who actually attended the event.
- FIG. 4 shows a group of people 400 who may, for example, be attending a wedding.
- One person 401 shown by the square symbol
- This key may be received by wireless-capable devices 402 (shown by the circle symbol) in close proximity to him but not necessarily received by all those at the event.
- the wireless-capable devices 402 which receive the key then re-transmit the key to other wireless-capable devices 403 (shown by the triangle symbol).
- all the attendees at an event may receive the key even though the original sender of the key (person 401 ) does not know them all and may not have been in close proximity to all of them during the event.
- a limit may be set on the number of times a key can be re-transmitted.
- the key could be limited to only being retransmitted twice so that only people within three hops of the original sender 401 would be able to receive the key.
- the re-transmission could be limited in time such that re-transmission could occur for only the next hour or for the duration of the event and then would subsequently be prevented.
- the key was identified and transmitted by an attendee at an event with data that they wished to share with the rest of the attendees.
- the key could be transmitted by a local beacon which is not necessarily associated with either an attendee of the event or with an individual having data to share.
- a conference (or other event) organiser may establish a local beacon that transmits a key for reception by conference participants.
- the local beacon may comprise a computer with wireless transmitting capability or other wireless transmitting apparatus.
- the use of the key by a conference participant can be explained with reference to FIG. 5 .
- the key is received on a wireless-capable device (step 501 ) and stored associated with details of the event at which the key was received (step 502 ).
- this data is identified (step 503 ) and then encrypted using the stored key (step 504 ).
- the encrypted data can then be posted to a web site (or other repository) associated with the event (step 505 ). If the participant wishes to access material associated with the event, they access the web site (step 506 ) and download the encrypted material (step 507 ) which can then be decrypted using the stored key (step 508 ).
- a single key is transmitted at an event which is then used either on its own for encryption and decryption or is used in combination with one or more other keys which have been transmitted separately.
- a scientist may be prepared to share certain data to anyone at a technical conference but may only be prepared to share some details with attendees who sat through the whole of his presentation, (e.g. an audio transcript of his presentation).
- a conference organiser may only wish to provide information to attendees who attended the whole of a conference rather than those that turned up at registration but did not participate in any of the conference sessions.
- Such control over the dissemination of information may be achieved using multiple keys transmitted throughout an event, as can be described with reference to FIG. 6 .
- FIG. 6 shows an example flow diagram for use of multiple keys for encryption/decryption. Whilst attending an event, three different keys are received by a wireless-capable device carried by an attendee at different times throughout the event and each is stored on the device associated with the event (steps 601 - 603 ). When the individual subsequently wants to share information with other attendees, this information is identified (step 604 ) and the information is encrypted using one or more (all three in this case) keys associated with the event (step 605 ). The encrypted data can then be published on a web site associated with the event (step 606 ).
- the web site is accessed (step 607 ) and the encrypted data downloaded (step 608 ) before being decoded using all the received keys stored associated with that event (step 609 ).
- the encrypted data is described as being posted to a web site or other repository associated with an event, this is by way of example only.
- the encrypted data could be stored anywhere, for example a conference participant could place an encrypted file containing his presentation at a particular conference on his home page, along with details of the conference at which the presentation was made.
- a conference participant could place an encrypted file containing his presentation at a particular conference on his home page, along with details of the conference at which the presentation was made.
- Anyone accessing the home page who had attended the conference and received the key(s) would then be able to download and decrypt the presentation but those who had not attended the conference would be unable to access the decrypted material.
- the keys are transmitted by either a wireless-capable device belonging to an attendee or other transmitter associated with the event.
- the keys may be transmitted by transmitters which are not linked with the event.
- FIG. 7 shows a schematic diagram of three wireless transmitters 701 - 703 each having a particular coverage area 704 - 706 .
- the transmitters may be GSM base stations, WiFi hotspots or other transmitters and the transmitters may the same or may be different.
- Each transmitter regularly transmits a random number or other string and the numbers transmitted by each transmitter are different.
- the diagram also shows four wireless-capable devices 707 - 710 , each carried by a different individual who is moving along a path (shown by dotted lines 711 - 714 ). Each device is shown in three positions, at times a, b and c, which coincide with times that numbers are transmitted by each of the transmitters 701 - 703 .
- the first transmitter 701 transmits numbers 1001 , 1011 , 1021 at times a, b and c respectively, whilst the second transmitter 702 transmits 2001 , 2011 , 2021 and the third transmitter 703 transmits 3001 , 3011 , 3021 .
- FIG. 8 shows a table of the numbers received by each of the devices 707 - 710 at each of the times a, b and c. At time c all the devices are within close proximity of each other and are all within range of the same transmitters. Consequently at this time, each device receives the same three numbers, 1021 , 2021 , and 3021 .
- this data may be encrypted, and subsequently decrypted using some or all of the keys received by the devices and stored associated with the time that the meeting took place. This means that only those devices that were in the correct location, at the correct time have the required keys to access the data.
- the transmitters shown in FIG. 7 may transmit the numbers using any wireless technology or protocol.
- the transmitters may be land based (e.g. GSM base stations) or may be satellites.
- the set of keys recorded by any device may identify its location very precisely (e.g. for WiFi transmitters where the coverage area is very small) or very approximately (e.g. for GPS satellites where the coverage area is extremely large).
- Threshold encryption uses a key that is distributed amongst n decryption servers.
- a person with an encrypted message (a ciphertext) that they wish to decrypt has to send the ciphertext to at least k decryption servers, (where k ⁇ n), each of which provides a partial decryption share.
- the person can then combine the received partial decryption shares and as long as they have at least k shares they can recover the original message.
- the concept behind threshold encryption is that no one person (or server) has the entire encryption key and that the decryption can only occur when there is collaboration between a minimum number (k) of these people (or servers).
- a single device has several keys that it has received and stored, either at a single time or over a period of time.
- the data can be encoded such that an individual that has received and stored a subset k of all the n transmitted keys can still recover the original data and it does not matter which subset of k from n keys have been received.
- These threshold encryption techniques may also be applied where several individuals generate keys associated with a single event. For example, a number of people at a wedding may take digital photographs and knowing that they will wish to share the photographs after the event, each generates a key and transmits it to other guests (as described above with reference to FIG. 4 ). A guest at the wedding may therefore receive a number of keys from other guests. If that guest then wishes to disseminate data associated with the wedding, they can encrypt the data using some or all of the keys that they have received or identified associated with the wedding, or they may encrypt it such that it can be decrypted using any subset k of the n keys that the encrypting guest had received.
- the encryption techniques above may be combined with image analysis methods that are used to determine whether an image contains sensitive material. For example, an individual may have a large number of photographs taken on his holiday that he wishes to share with his friends. Some of the photographs are of panoramas, buildings and animals whilst some of the images contain faces or views of people. Image analysis methods may therefore be used to determine which images contain people (or parts thereof, such as faces) and only those images are encrypted when they are posted onto the central repository with the non-sensitive images being available to anyone. Other factors may be used in addition, or instead, to determine a sensitivity rating for data, for example, keywords may be defined which determine the sensitivity of a document to be shared. Data (or parts thereof) with a sensitivity rating which exceeds a predefined value (i.e.
- a threshold may be encrypted, whilst data which does not may be left unencrypted.
- the encryption technique used may be selected according to the sensitivity rating.
- data (or parts thereof) with a sensitivity rating which exceeds a threshold may not be distributed at all, whilst data which has a sensitivity rating which does not exceed the threshold may be encrypted and distributed.
- multiple thresholds may be used to define data (or parts thereof) which cannot be distributed, data which can be distributed but only if encoded, and data which can be distributed without encoding.
- image recognition algorithms may be used to determine the sensitivity rating of images (e.g. still images, video clips etc).
- a ‘black list’ may be defined which contains the names of a number of people whose images should not be distributed.
- a ‘grey list’ may define those whose image may be distributed if encoded and a ‘white list’ may detail those who are happy for their image to be distributed freely without encoding.
- the method steps may be shared between one or more device.
- the keys may be received and stored on a first device, such as an individual's mobile telephone, laptop or PDA.
- This information may then be transferred to or synchronised with a computer which may be used for the steps of encrypting/decrypting and accessing the data repository to upload or download data.
- the data to be shared may be created on the mobile telephone, camera, PDA, computer or other device, and the data may be created by the individual sharing the data or by a third party.
- the above description refers to the encryption of data using keys.
- encryption is used herein to refer to any technique which can be used to prevent unauthorised access to data such that the data can only be accessed using one or more shared secrets (e.g. a key or a token). It is intended to cover both cryptographic techniques and authentication techniques.
- the data may be shared in clear text but only to those holding the correct token.
- This token may be distributed using a wireless transmitter at an event (as described above).
- the data may be posted to a web site or other publicly accessible area in such a manner that it can only be retrieved upon presentation of the correct token.
- decryption is used herein to refer to the process of accessing the original data using the one or more shared secrets.
- a remote computer may store an example of the process described as software.
- a local or terminal computer may access the remote computer and download a part or all of the software to run the program.
- the local computer may download pieces of the software as needed, or execute some software instructions at the local terminal and some at the remote computer (or computer network).
- a dedicated circuit such as a DSP, programmable logic array, or the like.
Abstract
Methods of encryption and decryption are described which use a key associated with an event to encrypt/decrypt data associated with the event. The method of encryption comprises identifying a key associated with an event and encrypting data using the identified key. The encrypted data is then published along with details of the event.
Description
- This application is a continuation of, and claims priority to, U.S. patent application Ser. No. 12/096,223, filed on Jun. 5, 2008 and assigned a 371 (c) Date of Oct. 21, 2008, and entitled “DISTRIBUTION OF KEYS FOR ENCRYPTION/DECRYPTION,” which is a National Stage Entry of, and claims priority to, PCT application no. PCT/US2006/045369 filed Nov. 24, 2006, and entitled “DISTRIBUTION OF KEYS FOR ENCRYPTION/DECRYPTION,” which claims priority to European Patent Application No. 05257465.4, filed Dec. 5, 2005, and entitled “DISTRIBUTION OF KEYS FOR ENCRYPTION/DECRYPTION.” This application claims the benefit of each of the above-identified application, and disclosure of the above-identified applications are hereby incorporated by reference in their entirety as if set forth herein in full.
- Over the last few years, the use of digital cameras has increased enormously, with digital cameras now commonly being incorporated into other portable electronic equipment, particularly mobile telephones. Over the same period, the resolution of those digital cameras has also increased considerably, with mobile telephones now having 2 Megapixel cameras integrated into them and digital cameras with upwards of 6 million effective pixels being widely available. Digital cameras allow users to take large numbers of photographs, knowing that they can be selective about which and how many images they may subsequently choose to print and/or retain. This results in a user having a large collection of digital images, where the file size for each image may be large.
- SenseCam is a wearable camera developed by Microsoft Research which can be used to assist with memory recall by enabling a user to rewind through the recent events experienced by the wearer of the device. This may be particularly useful for memory-impaired individuals, or where an individual has experienced a traumatic event (e.g. an elderly person's fall resulting in injury). There are many other possible uses for SenseCam.
- The device can capture very large numbers of images and in addition to capturing images, the device also records sensor data, such as movement, light level and temperature periodically. This sensor data is used to trigger the capturing of images, for example, when there is a change in light level or sudden movement. A change in light level may indicate that a user has moved from one room to another, or from inside to outside and therefore the image captured will indicate a change in location (and environment) of the wearer. The device has a wide angle or fish-eye lens so that the user does not need to worry about pointing the device in a particular direction. An accelerometer is used for image stabilisation.
- Through use of a conventional digital camera or a SenseCam, a user may generate a huge collection of digital images that they may wish to distribute with others. The size of the image files coupled with typical internet connection speeds and mailbox size limits means that often it is not feasible to distribute more than a very select few images by email. Instead, images may be uploaded to a website where they can be viewed and downloaded by others. However, many people may be reluctant to publish collections of images, which may be of a personal event such as a holiday or birthday celebration, in such a publicly accessible manner.
- One solution to this problem is to password protect the website and then to give the password to anyone who is permitted to view the images.
- The following presents a simplified summary of the disclosure in order to provide a basic understanding to the reader. This summary is not an extensive overview of the disclosure and it does not identify key/critical elements of the invention or delineate the scope of the invention. Its sole purpose is to present some concepts disclosed herein in a simplified form as a prelude to the more detailed description that is presented later.
- The present example provides a method of encryption comprising the steps of: identifying a key associated with an event; encrypting data using the identified key; and publishing the encrypted data and details of the event.
- Advantageously, by associating a key with an event, the access to the decrypted data can be limited to those attending the event. This enables the encrypted data to be published in a publicly accessible location whilst still controlling access to the decrypted data.
- Preferably, the details of the event comprise at least one of: a date, a time, a day of a week, a location, an attendee list and an event name.
- The method may further comprise the step of: transmitting the identified key using a wireless transmitter.
- The transmitting step may be performed at the event. Advantageously, this communicates the key for the event to attendees at the event.
- Preferably, the step of identifying a key comprises: at the event, receiving the key via a wireless receiver; and storing the key associated with the details of the event.
- Advantageously, this allows an attendee at an event to use a key received at an event to encrypt data associated with that event.
- The method may further comprise the step of: identifying at least one additional key associated with the event; and the step of encrypting may comprise: encrypting the data using the identified keys, such that the encrypted data can be decrypted using a subset of the identified keys.
- In an example, the subset of the identified keys comprises all the identified keys.
- Preferably, the step of publishing comprises: making the encrypted data and the details of the event available via at least one of: a website, a public folder, an email and a server.
- Advantageously, this enables the encrypted data to be posted in a publicly available place over a large bandwidth connection.
- Preferably, the step of encrypting comprises: selecting data comprising a plurality of parts; determining a sensitivity rating for each part of the data; and encoding those parts of the data having a sensitivity rating exceeding a predefined value, and preferably the step of publishing comprises: publishing the encrypted parts of the data, unencrypted parts of the data having a sensitivity below the predefined value and the details of the event.
- Advantageously, this enables publication of less sensitive information without encryption and publication of more sensitive information with encryption. It only uses encryption where it is wanted and reduces the complexity of the publication of information.
- Preferably, the data comprises at least one of: a digital photograph, a video clip and an audio clip.
- A second example provides a computer program comprising computer program code means adapted to perform all the steps of any of the methods of encryption described above when said program is run on a computer.
- The computer program may be embodied on a computer readable medium.
- A third example provides a method of decryption comprising the steps of: accessing encrypted data and details of an event; identifying a key associated with the event; and decrypting the encrypted data using the identified key.
- Advantageously, by associating a key with an event, the access to the key can be limited to those attending the event, such that only attendees can decrypt the data.
- Preferably, the details of the event comprise at least one of: a date, a time, a day of a week, a location, an attendee list and an event name.
- The method may further comprise the steps of: at the event, receiving the key via a wireless receiver; and storing the key associated with the details of the event, and the step of identifying a key may comprise: retrieving a stored key associated with the event.
- The method may further comprise the step of: at the event, transmitting the identified key using a wireless transmitter.
- The method may further comprise the step of: identifying at least one additional key associated with the event; and the step of decrypting may comprise: decrypting the data using at least one of the identified keys.
- Preferably, the step of accessing comprises: retrieving the encrypted data and the details of the event from one of: a website, a public folder, an email and a server.
- A fourth example provides a computer program comprising computer program code means adapted to perform all the steps of any of the methods of decryption described above when said program is run on a computer.
- The computer program may be embodied on a computer readable medium.
- The methods described herein may be performed by software in machine readable form on a storage medium. The software can be suitable for execution on a parallel processor or a serial processor such that the method steps may be carried out in any suitable order, or simultaneously.
- This acknowledges that software can be a valuable, separately tradable commodity. It is intended to encompass software, which runs on or controls “dumb” or standard hardware, to carry out the desired functions. It is also intended to encompass software which “describes” or defines the configuration of hardware, such as HDL (hardware description language) software, as is used for designing silicon chips, or for configuring universal programmable chips, to carry out desired functions.
- Many of the attendant features will be more readily appreciated as the same becomes better understood by reference to the following detailed description considered in connection with the accompanying drawings.
- The present description will be better understood from the following detailed description read in light of the accompanying drawings, wherein:
-
FIG. 1 is a schematic diagram of six individuals in a meeting room; -
FIG. 2 is an example flow diagram for distribution of keys for encryption/decryption; -
FIG. 3 is an example flow diagram of the decryption process performed by an attendee at an event; -
FIG. 4 shows a schematic diagram of group of people at an event; -
FIG. 5 is an example flow diagram of example encryption and decryption processes performed by an attendee at an event; -
FIG. 6 shows an example flow diagram for use of multiple keys for encryption/decryption; -
FIG. 7 shows a schematic diagram of three wireless transmitters and their coverage areas; and -
FIG. 8 shows a table of the numbers received by each of the devices shown inFIG. 7 . - Like reference numerals are used to designate like parts in the accompanying drawings.
- The detailed description provided below in connection with the appended drawings is intended as a description of the present examples and is not intended to represent the only forms in which the present example may be constructed or utilized. The description sets forth the functions of the example and the sequence of steps for constructing and operating the example. However, the same or equivalent functions and sequences may be accomplished by different examples.
- In a situation where an individual wishes to share large amounts of data, such as a collection of digital photographs taken at an event, the individual can post the data to a web site which can be accessed by those at the event. However, where the data is personal (e.g. wedding photographs) or otherwise sensitive in nature, the individual may not wish to make the data available to all. To solve this, the individual could password protect either the data or access to the particular web site and then tell all those at the event the password required to access the material. However, this relies on the individual remembering to tell everyone and may be time consuming. Furthermore in some situations this may not be practical or possible. For example, the individual may not know all the other attendees at the event, (e.g. a wedding, a conference etc) and so may not be able to manually provide the password to all the other attendees. The examples detailed below describe improved methods and apparatus for sharing of keys that can be used to encrypt/decrypt data to be shared between the attendees of a particular event.
- A first example can be described with reference to
FIGS. 1-3 .FIG. 1 is a schematic diagram of sixindividuals 102, labelled A-F, in ameeting room 104 andFIG. 2 shows an example flow diagram for distribution of keys for encryption/decryption. If meeting attendee A is wearing a SenseCam (as described above) he may wish to share the images taken during the meeting with the other five attendees (users B-F) but not with anyone who did not attend the meeting. An encryption key is identified (step 201) by the SenseCam device (e.g. by generating a key using a key generation program) and this encryption key is transmitted via a wireless link to wireless-capable devices carried by the other attendees (step 202). Examples of wireless-capable devices include mobile telephones, PDAs (personal digital assistants), laptop computers and SenseCams. Suitable wireless technologies include Bluetooth, infrared and WiFi. It may be beneficial to select a wireless technology for transmission of the key which has a range which is limited to the same as (or less than) the area of the event. In other examples, transmission methods with larger ranges may be used (see description below with reference toFIG. 7 ). - The term ‘wireless’ is used herein to mean a connection which does not involve a physical connection, i.e. a connection which is not ‘wired’. It encompasses free space communication using any part of the electromagnetic spectrum including RF communication, infra-red communication and free space optical communication.
- The images from the meeting are encrypted such that they can be decrypted using the distributed key (step 203). The images can then be distributed by posting them in an encrypted form in an accessible place (step 204), e.g. on a web page, a server or a public folder on a computer, or by sending them by email. Although the encrypted data may be accessed by many people, or in fact by anybody if they are posted on a public web site, the only people who can decrypt the data are the attendees A-F at the meeting who received the key at the meeting in question.
- There may also be other materials, such as Microsoft Powerpoint (trade mark) presentations and minutes, that the meeting attendees also wish to share between those at the meeting and but not with anyone else. These materials can also be encrypted (by attendee A or by another attendee) such that they can be decrypted using the distributed key and then the encrypted data distributed in the same (or similar) manner as the images, described above.
- In the example flow diagram shown in
FIG. 2 , the key is transmitted (in step 202) prior to the encoding of the images (in step 203). This is by way of example only and the steps could be performed in an alternative order or substantially simultaneously. By transmitting the key in advance of performing the encryption, as inFIG. 2 , this allows the encryption step to be performed either on the camera device (i.e. on the SenseCam in this example) or subsequently on a computer once the images have been downloaded. Performing encryption on the camera is the most secure option because it means that the unencrypted images do not leave the camera and so there is less chance of them being disseminated or accessed by a third party. In another example, the identification and transmission of the key (steps 201 and 202) could be performed by a wireless-capable device other than the SenseCam and the encryption and publication steps (steps 203 and 204) could be performed on a computer. - In the above description with reference to
FIG. 2 , the key is described as being identified. This may comprise selection of the key from a list of keys that have previously been generated, generation of a key or any other suitable method to obtain a key. The key may be identified by generating a key either as part of the process of encrypting the data or by any other means. -
FIG. 3 shows an example flow diagram of the decryption process performed by an attendee at the event, e.g. attendee B. Attendee B receives the key on a wireless-capable device, such as a PDA, which is equipped with a wireless receiver or transceiver (step 301). The key is then stored associated with details of the meeting (step 302). For example, the key may be stored in the calendar entry for the meeting or the key may be stored along with a time and date stamp (and location stamp if available) indicating when (and where, if known) the key was received. Subsequently, attendee B accesses the encrypted data associated with the meeting (step 303), e.g. by downloading the encrypted file from a web site, and then uses the stored key to decrypt the data (step 304). - In another example, in addition to receiving the key on a wireless-capable device whilst at an event, an attendee may also receive a pointer (e.g. a url) detailing where to find the encrypted data. The pointer may be transmitted by the same transmitter as the key or may be transmitted independently from the key.
- In another example, the key transmitted at an event (e.g. the meeting as described above with reference to
FIGS. 1 and 2 ) may be used in combination with a second key transmitted separately, for example, with the invitation to the event (e.g. within the Microsoft Outlook (trade mark) meeting invitation). In this example, the material to be disseminated to those at the event is encrypted in such a manner that both keys are required to be able to decrypt the data and an individual who has only one of the two keys cannot decrypt the data. This would prevent an individual from being able to access the data by eavesdropping on the key transmission whilst still limiting access to those individuals who actually attended the event. - Where data is to be disseminated to those attending a larger event, it may not be practical for one attendee to transmit the key from their wireless-capable device to each of the other attendees. Instead the wireless-capable devices may be used to relay the key to other attendees at the event as can be described with reference to
FIG. 4 .FIG. 4 shows a group ofpeople 400 who may, for example, be attending a wedding. One person 401 (shown by the square symbol) has a digital camera and takes many pictures at the wedding that he knows he will want to share with all the other wedding guests after the event. Consequently, he causes a wireless-capable device of his, which may be his digital camera or other device, to identify and transmit a key using the device's wireless transmitter/transceiver. This key may be received by wireless-capable devices 402 (shown by the circle symbol) in close proximity to him but not necessarily received by all those at the event. The wireless-capable devices 402 which receive the key then re-transmit the key to other wireless-capable devices 403 (shown by the triangle symbol). Using an ad-hoc network technique, such as the one described, all the attendees at an event may receive the key even though the original sender of the key (person 401) does not know them all and may not have been in close proximity to all of them during the event. - In order to prevent widespread dissemination of the key using relaying, as described above, a limit may be set on the number of times a key can be re-transmitted. For example the key could be limited to only being retransmitted twice so that only people within three hops of the
original sender 401 would be able to receive the key. In another example, the re-transmission could be limited in time such that re-transmission could occur for only the next hour or for the duration of the event and then would subsequently be prevented. - In the above description, the key was identified and transmitted by an attendee at an event with data that they wished to share with the rest of the attendees. In another example, the key could be transmitted by a local beacon which is not necessarily associated with either an attendee of the event or with an individual having data to share. For example, a conference (or other event) organiser may establish a local beacon that transmits a key for reception by conference participants. The local beacon may comprise a computer with wireless transmitting capability or other wireless transmitting apparatus. The use of the key by a conference participant can be explained with reference to
FIG. 5 . The key is received on a wireless-capable device (step 501) and stored associated with details of the event at which the key was received (step 502). If the participant has data to share with the other participants such as slides from a presentation or supplementary information in response to questions received, this data is identified (step 503) and then encrypted using the stored key (step 504). The encrypted data can then be posted to a web site (or other repository) associated with the event (step 505). If the participant wishes to access material associated with the event, they access the web site (step 506) and download the encrypted material (step 507) which can then be decrypted using the stored key (step 508). - In the above examples, a single key is transmitted at an event which is then used either on its own for encryption and decryption or is used in combination with one or more other keys which have been transmitted separately. However, in some circumstances it may be beneficial to control access to the data further such that only attendees who spent a certain period of time at an event can access the data. For example, a scientist may be prepared to share certain data to anyone at a technical conference but may only be prepared to share some details with attendees who sat through the whole of his presentation, (e.g. an audio transcript of his presentation). In another example, a conference organiser may only wish to provide information to attendees who attended the whole of a conference rather than those that turned up at registration but did not participate in any of the conference sessions. Such control over the dissemination of information may be achieved using multiple keys transmitted throughout an event, as can be described with reference to
FIG. 6 . -
FIG. 6 shows an example flow diagram for use of multiple keys for encryption/decryption. Whilst attending an event, three different keys are received by a wireless-capable device carried by an attendee at different times throughout the event and each is stored on the device associated with the event (steps 601-603). When the individual subsequently wants to share information with other attendees, this information is identified (step 604) and the information is encrypted using one or more (all three in this case) keys associated with the event (step 605). The encrypted data can then be published on a web site associated with the event (step 606). If in addition or instead the individual wishes to access data posted by another attendee at the event, the web site is accessed (step 607) and the encrypted data downloaded (step 608) before being decoded using all the received keys stored associated with that event (step 609). - Although in the above description, the encrypted data is described as being posted to a web site or other repository associated with an event, this is by way of example only. The encrypted data could be stored anywhere, for example a conference participant could place an encrypted file containing his presentation at a particular conference on his home page, along with details of the conference at which the presentation was made. Anyone accessing the home page who had attended the conference and received the key(s) would then be able to download and decrypt the presentation but those who had not attended the conference would be unable to access the decrypted material.
- In the above description with reference to
FIGS. 1-6 , the keys are transmitted by either a wireless-capable device belonging to an attendee or other transmitter associated with the event. In another example, which can be described with reference toFIGS. 7 and 8 , the keys may be transmitted by transmitters which are not linked with the event. -
FIG. 7 shows a schematic diagram of three wireless transmitters 701-703 each having a particular coverage area 704-706. The transmitters may be GSM base stations, WiFi hotspots or other transmitters and the transmitters may the same or may be different. Each transmitter regularly transmits a random number or other string and the numbers transmitted by each transmitter are different. The diagram also shows four wireless-capable devices 707-710, each carried by a different individual who is moving along a path (shown by dotted lines 711-714). Each device is shown in three positions, at times a, b and c, which coincide with times that numbers are transmitted by each of the transmitters 701-703. For purposes of explanation only, thefirst transmitter 701 transmitsnumbers second transmitter 702 transmits 2001, 2011, 2021 and thethird transmitter 703 transmits 3001, 3011, 3021. - As each device moves along its respective path, it receives the numbers transmitted by those transmitters that the device is within range of and these numbers are stored on the device associated with the time at which they are received. As each device moves along a different path, the sets of numbers received and stored for each device will be different.
FIG. 8 shows a table of the numbers received by each of the devices 707-710 at each of the times a, b and c. At time c all the devices are within close proximity of each other and are all within range of the same transmitters. Consequently at this time, each device receives the same three numbers, 1021, 2021, and 3021. - If at time c, the four individuals carrying the four devices 707-710 meet and subsequently wish to share some data, this data may be encrypted, and subsequently decrypted using some or all of the keys received by the devices and stored associated with the time that the meeting took place. This means that only those devices that were in the correct location, at the correct time have the required keys to access the data.
- The transmitters shown in
FIG. 7 may transmit the numbers using any wireless technology or protocol. The transmitters may be land based (e.g. GSM base stations) or may be satellites. Depending on the coverage area of the transmitters, the set of keys recorded by any device may identify its location very precisely (e.g. for WiFi transmitters where the coverage area is very small) or very approximately (e.g. for GPS satellites where the coverage area is extremely large). - In some situations, particularly where the number of numbers recorded during an event may be very large or where the event covers a significant area so that different individuals may have received a slightly different set of numbers, it may be beneficial to use a modification to threshold encryption for the encryption of the data. Threshold encryption uses a key that is distributed amongst n decryption servers. A person with an encrypted message (a ciphertext) that they wish to decrypt has to send the ciphertext to at least k decryption servers, (where k<n), each of which provides a partial decryption share. The person can then combine the received partial decryption shares and as long as they have at least k shares they can recover the original message. The concept behind threshold encryption is that no one person (or server) has the entire encryption key and that the decryption can only occur when there is collaboration between a minimum number (k) of these people (or servers).
- In this example, however, a single device has several keys that it has received and stored, either at a single time or over a period of time. By using threshold encryption techniques the data can be encoded such that an individual that has received and stored a subset k of all the n transmitted keys can still recover the original data and it does not matter which subset of k from n keys have been received.
- These threshold encryption techniques may also be applied where several individuals generate keys associated with a single event. For example, a number of people at a wedding may take digital photographs and knowing that they will wish to share the photographs after the event, each generates a key and transmits it to other guests (as described above with reference to
FIG. 4 ). A guest at the wedding may therefore receive a number of keys from other guests. If that guest then wishes to disseminate data associated with the wedding, they can encrypt the data using some or all of the keys that they have received or identified associated with the wedding, or they may encrypt it such that it can be decrypted using any subset k of the n keys that the encrypting guest had received. - The encryption techniques above may be combined with image analysis methods that are used to determine whether an image contains sensitive material. For example, an individual may have a large number of photographs taken on his holiday that he wishes to share with his friends. Some of the photographs are of panoramas, buildings and animals whilst some of the images contain faces or views of people. Image analysis methods may therefore be used to determine which images contain people (or parts thereof, such as faces) and only those images are encrypted when they are posted onto the central repository with the non-sensitive images being available to anyone. Other factors may be used in addition, or instead, to determine a sensitivity rating for data, for example, keywords may be defined which determine the sensitivity of a document to be shared. Data (or parts thereof) with a sensitivity rating which exceeds a predefined value (i.e. a threshold) may be encrypted, whilst data which does not may be left unencrypted. In another example, the encryption technique used may be selected according to the sensitivity rating. In another example, data (or parts thereof) with a sensitivity rating which exceeds a threshold may not be distributed at all, whilst data which has a sensitivity rating which does not exceed the threshold may be encrypted and distributed. In another example, multiple thresholds may be used to define data (or parts thereof) which cannot be distributed, data which can be distributed but only if encoded, and data which can be distributed without encoding. An example of a face detection algorithm is described in a paper by P. Viola and M. Jones entitled ‘Robust Real-Time Object Detection’ presented at the International Conference on Computer Vision (ICCV) 2001.
- In another example, image recognition algorithms may be used to determine the sensitivity rating of images (e.g. still images, video clips etc). A ‘black list’ may be defined which contains the names of a number of people whose images should not be distributed. A ‘grey list’ may define those whose image may be distributed if encoded and a ‘white list’ may detail those who are happy for their image to be distributed freely without encoding.
- Although the above methods are described as being carried out on a wireless-capable device, the method steps may be shared between one or more device. For example, the keys may be received and stored on a first device, such as an individual's mobile telephone, laptop or PDA. This information may then be transferred to or synchronised with a computer which may be used for the steps of encrypting/decrypting and accessing the data repository to upload or download data. The data to be shared may be created on the mobile telephone, camera, PDA, computer or other device, and the data may be created by the individual sharing the data or by a third party.
- Although the above description relates primarily to the dissemination of digital images, the same techniques are also applicable to the sharing of any kind of data including, but not limited to, documents, presentations, audio files and video files.
- The above description refers to the encryption of data using keys. The term ‘encryption’ is used herein to refer to any technique which can be used to prevent unauthorised access to data such that the data can only be accessed using one or more shared secrets (e.g. a key or a token). It is intended to cover both cryptographic techniques and authentication techniques. For example, the data may be shared in clear text but only to those holding the correct token. This token may be distributed using a wireless transmitter at an event (as described above). The data may be posted to a web site or other publicly accessible area in such a manner that it can only be retrieved upon presentation of the correct token. The term ‘decryption’ is used herein to refer to the process of accessing the original data using the one or more shared secrets.
- Those skilled in the art will realize that storage devices utilized to store program instructions can be distributed across a network. For example, a remote computer may store an example of the process described as software. A local or terminal computer may access the remote computer and download a part or all of the software to run the program. Alternatively, the local computer may download pieces of the software as needed, or execute some software instructions at the local terminal and some at the remote computer (or computer network). Those skilled in the art will also realize that by utilizing conventional techniques known to those skilled in the art that all, or a portion of the software instructions may be carried out by a dedicated circuit, such as a DSP, programmable logic array, or the like.
- Any range or device value given herein may be extended or altered without losing the effect sought, as will be apparent to the skilled person.
- The steps of the methods described herein may be carried out in any suitable order, or simultaneously where appropriate.
- It will be understood that the above description of a preferred embodiment is given by way of example only and that various modifications may be made by those skilled in the art.
Claims (20)
1. A computer-implemented method of decryption comprising the steps of:
subsequent to conclusion of an event, accessing encrypted data and details of the event;
identifying a plurality of keys associated with the event; and
executing, by a processor, machine readable instructions for decrypting the encrypted data using at least a subset of the identified plurality of keys, the subset including at least two keys.
2. The method according to claim 1 , wherein the details of the event comprise at least one of: a date, a time, a day of a week, a location, an attendee list or an event name.
3. The method according to claim 1 , further comprising the steps of:
during the event, receiving a particular key of the plurality of keys via a wireless receiver; and
storing the particular key in association with the details of the event,
and wherein the step of identifying the plurality of keys comprises:
retrieving the stored particular key.
4. The method according to claim 1 , further comprising:
during the event, receiving at least one key of the plurality of keys via a wireless receiver associated with a particular event attendee; and
during the event, transmitting the at least one key using a wireless transmitter associated with the particular event attendee.
5. The method according to claim 4 , wherein transmitting the at least one key using a wireless transmitter associated with the particular event attendee comprises:
determining whether a number of hops that the at least one key has been transmitted between a recipient and an original sender is below a threshold number of transmissions;
in an event that the number of hops is below the threshold number of transmissions, transmitting the at least one key using the wireless transmitter associated with the particular event attendee; and
in an event that the number of hops is not below the threshold number of transmissions, preventing transmission of the at least one key using the wireless transmitter associated with the particular event attendee.
6. The method according to claim 4 , wherein transmitting the at least one key using a wireless transmitter associated with the particular event attendee comprises:
determining whether a transmission time threshold has been reached;
in an event that the transmission time threshold has not been reached, transmitting the at least one key using the wireless transmitter associated with the particular event attendee; and
in an event that the transmission time threshold has been reached, preventing transmission of the at least one key using the wireless transmitter associated with the particular event attendee.
7. The method according to claim 1 , wherein the step of accessing comprises:
retrieving the encrypted data and the details of the event from one of: a website, a public folder, an email or a server.
8. The method according to claim 1 , wherein a first of the at least two keys is obtained during the event and a second of the at least two keys is obtained at a time other than during the event.
9. A computer-implemented method of decryption comprising the steps of:
identifying a first key associated with a first portion of data associated with an event;
identifying a second key associated with a second portion of data associated with the event;
subsequent to conclusion of the event, accessing encrypted data and details of the event, the encrypted data including the first portion of data and the second portion of data; and
executing, by a processor, machine readable instructions for decrypting the encrypted data using at least the first key to decrypt the first portion of the data and using at least the second key to decrypt the second portion of the data.
10. The method according to claim 9 , further comprising:
during the event, receiving at least one of the first key or second key via a wireless receiver associated with a particular event attendee; and
during the event, transmitting the at least one of the first key or second key using a wireless transmitter associated with the particular event attendee.
11. The method according to claim 10 , wherein transmitting the at least one of the first key or second key using a wireless transmitter associated with the particular event attendee comprises:
determining whether a number of hops that the at least one of the first key or second key has been transmitted between a recipient and an original sender is below a threshold number of transmissions;
in an event that the number of hops is below the threshold number of transmissions, transmitting the at least one of the first key or second key using the wireless transmitter associated with the particular event attendee; and
in an event that the number of hops is not below the threshold number of transmissions, preventing transmission of the at least one of the first key or second key using the wireless transmitter associated with the particular event attendee.
12. The method according to claim 10 , wherein transmitting the at least one of the first key or second key using a wireless transmitter associated with the particular event attendee comprises:
determining whether a transmission time threshold has been reached;
in an event that the transmission time threshold has not been reached, transmitting the at least one of the first key or second key using the wireless transmitter associated with the particular event attendee; and
in an event that the transmission time threshold has been reached, preventing transmission of the at least one of the first key or second key using the wireless transmitter associated with the particular event attendee.
13. A decryption system comprising:
a processor configured to:
subsequent to conclusion of an event, access encrypted data and details of the event;
identify a plurality of keys associated with the event; and
decrypt the encrypted data using at least a subset of the identified plurality of keys, the subset including at least two keys.
14. The decryption system according to claim 13 , wherein the details of the event comprise at least one of: a date, a time, a day of a week, a location, an attendee list or an event name.
15. The decryption system according to claim 13 , wherein the processor is further configured to:
during the event, receive a particular key of the plurality of keys via a wireless receiver; and
store the particular key in association with the details of the event,
wherein the processor being configured to identify the plurality of keys includes the processor being configured to retrieve the stored particular key.
16. The decryption system according to claim 13 , wherein the processor is further configured to:
during the event, receive at least one key of the plurality of keys via a wireless receiver associated with a particular event attendee; and
during the event, transmit the at least one key using a wireless transmitter associated with the particular event attendee.
17. The decryption system according to claim 16 , wherein the processor being configured to transmit the at least one key using a wireless transmitter associated with the particular event attendee includes the processor being configured to:
determine whether a number of hops that the at least one key has been transmitted between a recipient and an original sender is below a threshold number of transmissions;
in an event that the number of hops is below the threshold number of transmissions, transmit the at least one key using the wireless transmitter associated with the particular event attendee; and
in an event that the number of hops is not below the threshold number of transmissions, prevent transmission of the at least one key using the wireless transmitter associated with the particular event attendee.
18. The decryption system according to claim 16 , wherein the processor being configured to transmit the at least one key using a wireless transmitter associated with the particular event attendee includes the processor being configured to:
determine whether a transmission time threshold has been reached;
in an event that the transmission time threshold has not been reached, transmit the at least one key using the wireless transmitter associated with the particular event attendee; and
in an event that the transmission time threshold has been reached, prevent transmission of the at least one key using the wireless transmitter associated with the particular event attendee.
19. The decryption system according to claim 13 , wherein the processor being configured to access includes the processor being configured to retrieve the encrypted data and the details of the event from one of: a website, a public folder, an email or a server.
20. The decryption system according to claim 13 , wherein a first of the at least two keys is obtained during the event and a second of the at least two keys is obtained at a time other than during the event.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/330,384 US20140321651A1 (en) | 2005-12-05 | 2014-07-14 | Distribution of keys for encryption/decryption |
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP05257465A EP1793606A1 (en) | 2005-12-05 | 2005-12-05 | Distribution of keys for encryption/decryption |
EP05257465.4 | 2005-12-05 | ||
PCT/US2006/045369 WO2007067372A1 (en) | 2005-12-05 | 2006-11-24 | Distribution of keys for encryption/decryption |
US9622308A | 2008-10-21 | 2008-10-21 | |
US14/330,384 US20140321651A1 (en) | 2005-12-05 | 2014-07-14 | Distribution of keys for encryption/decryption |
Related Parent Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/045369 Continuation WO2007067372A1 (en) | 2005-12-05 | 2006-11-24 | Distribution of keys for encryption/decryption |
US12/096,223 Continuation US8787580B2 (en) | 2005-12-05 | 2006-11-24 | Distribution of keys for encryption/decryption |
Publications (1)
Publication Number | Publication Date |
---|---|
US20140321651A1 true US20140321651A1 (en) | 2014-10-30 |
Family
ID=36190673
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/096,223 Active 2030-09-05 US8787580B2 (en) | 2005-12-05 | 2006-11-24 | Distribution of keys for encryption/decryption |
US14/330,384 Abandoned US20140321651A1 (en) | 2005-12-05 | 2014-07-14 | Distribution of keys for encryption/decryption |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/096,223 Active 2030-09-05 US8787580B2 (en) | 2005-12-05 | 2006-11-24 | Distribution of keys for encryption/decryption |
Country Status (5)
Country | Link |
---|---|
US (2) | US8787580B2 (en) |
EP (1) | EP1793606A1 (en) |
KR (1) | KR101485611B1 (en) |
CN (1) | CN101322347B (en) |
WO (1) | WO2007067372A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11374911B1 (en) * | 2021-01-29 | 2022-06-28 | Zoom Video Communications, Inc. | Systems and methods for locking encrypted video conferences |
Families Citing this family (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102007026528B4 (en) * | 2007-06-08 | 2009-04-16 | Siemens Ag | Method for collecting monitoring data |
US9128981B1 (en) | 2008-07-29 | 2015-09-08 | James L. Geer | Phone assisted ‘photographic memory’ |
US8775454B2 (en) | 2008-07-29 | 2014-07-08 | James L. Geer | Phone assisted ‘photographic memory’ |
US8671265B2 (en) | 2010-03-05 | 2014-03-11 | Solidfire, Inc. | Distributed data storage system providing de-duplication of data using block identifiers |
AU2011313826B2 (en) * | 2010-10-08 | 2015-10-08 | Ecred Pty Ltd | System and method of conducting transactions |
US9054992B2 (en) | 2011-12-27 | 2015-06-09 | Solidfire, Inc. | Quality of service policy sets |
US9838269B2 (en) | 2011-12-27 | 2017-12-05 | Netapp, Inc. | Proportional quality of service based on client usage and system metrics |
JP5991051B2 (en) * | 2012-07-06 | 2016-09-14 | 株式会社リコー | Wireless communication system, terminal device and program |
JP6149567B2 (en) * | 2013-07-18 | 2017-06-21 | サクサ株式会社 | Document management system |
JP6182267B2 (en) * | 2013-07-31 | 2017-08-16 | モンレアル,サルー マルティネス | Audiovisual information and / or multimedia information collection method and computer program that are executed on a computer as evidence |
US9628986B2 (en) * | 2013-11-11 | 2017-04-18 | At&T Intellectual Property I, L.P. | Method and apparatus for providing directional participant based image and video sharing |
US20150244795A1 (en) | 2014-02-21 | 2015-08-27 | Solidfire, Inc. | Data syncing in a distributed system |
US9798728B2 (en) | 2014-07-24 | 2017-10-24 | Netapp, Inc. | System performing data deduplication using a dense tree data structure |
US10133511B2 (en) | 2014-09-12 | 2018-11-20 | Netapp, Inc | Optimized segment cleaning technique |
US9671960B2 (en) | 2014-09-12 | 2017-06-06 | Netapp, Inc. | Rate matching technique for balancing segment cleaning and I/O workload |
US9836229B2 (en) | 2014-11-18 | 2017-12-05 | Netapp, Inc. | N-way merge technique for updating volume metadata in a storage I/O stack |
US9720601B2 (en) | 2015-02-11 | 2017-08-01 | Netapp, Inc. | Load balancing technique for a storage array |
US9762460B2 (en) | 2015-03-24 | 2017-09-12 | Netapp, Inc. | Providing continuous context for operational information of a storage system |
US9710317B2 (en) | 2015-03-30 | 2017-07-18 | Netapp, Inc. | Methods to identify, handle and recover from suspect SSDS in a clustered flash array |
EP3314960B1 (en) * | 2015-06-29 | 2020-01-08 | HERE Global B.V. | Use of encryption to provide positioning support services |
US9740566B2 (en) | 2015-07-31 | 2017-08-22 | Netapp, Inc. | Snapshot creation workflow |
US10929022B2 (en) | 2016-04-25 | 2021-02-23 | Netapp. Inc. | Space savings reporting for storage system supporting snapshot and clones |
US10642763B2 (en) | 2016-09-20 | 2020-05-05 | Netapp, Inc. | Quality of service policy sets |
CN107508796B (en) * | 2017-07-28 | 2019-01-04 | 北京明朝万达科技股份有限公司 | A kind of data communications method and device |
US10515222B2 (en) * | 2017-11-17 | 2019-12-24 | Blackberry Limited | Electronic device including display and method of encrypting information |
US10630866B2 (en) * | 2018-01-28 | 2020-04-21 | Motorola Mobility Llc | Electronic devices and methods for blurring and revealing persons appearing in images |
US10757323B2 (en) | 2018-04-05 | 2020-08-25 | Motorola Mobility Llc | Electronic device with image capture command source identification and corresponding methods |
US11605242B2 (en) | 2018-06-07 | 2023-03-14 | Motorola Mobility Llc | Methods and devices for identifying multiple persons within an environment of an electronic device |
Citations (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4988987A (en) * | 1985-12-30 | 1991-01-29 | Supra Products, Inc. | Keysafe system with timer/calendar features |
US20010038695A1 (en) * | 2000-03-24 | 2001-11-08 | Kim A-Jung | Method for secure communication in multiple access systems |
US20020024590A1 (en) * | 1999-10-16 | 2002-02-28 | Pena Martin Rangel | Method and system for computer-aided telecommunication and financial transactions |
US20040078595A1 (en) * | 2002-10-17 | 2004-04-22 | Kent Larry G. | Instant messaging private tags |
US20040078596A1 (en) * | 2002-10-17 | 2004-04-22 | Kent Larry G. | Customizable instant messaging private tags |
US6742116B1 (en) * | 1998-09-30 | 2004-05-25 | Fujitsu Limited | Security method, security software and security system for electronic communications |
US6744759B1 (en) * | 1999-09-27 | 2004-06-01 | 3Com Corporation | System and method for providing user-configured telephone service in a data network telephony system |
US6795429B1 (en) * | 1999-09-27 | 2004-09-21 | 3Com Corporation | System and method for associating notes with a portable information device on a network telephony call |
US20040184614A1 (en) * | 2003-03-18 | 2004-09-23 | Walker Glenn A. | Digital receiver and method for receiving secure group data |
US20040201685A1 (en) * | 2001-10-31 | 2004-10-14 | Seaman Mark D. | Bookmarking captured digital images at an event to all present devices |
US20040245331A1 (en) * | 2001-07-02 | 2004-12-09 | Jean-Jacques Vandewalle | Method and device for processing data for customizing an application of a protable communication device, for example a smart card |
US20050004968A1 (en) * | 2003-07-02 | 2005-01-06 | Jari Mononen | System, apparatus, and method for a mobile information server |
US6851053B1 (en) * | 1999-03-02 | 2005-02-01 | Microsoft Corporation | Multiparty conference authentication |
US6856616B1 (en) * | 2000-02-29 | 2005-02-15 | 3Com Corporation | System and method for providing service provider configurations for telephones using a central server in a data network telephony system |
US20050084114A1 (en) * | 2003-10-20 | 2005-04-21 | Jung Bae-Eun | Conference session key distribution method in an ID-based cryptographic system |
US20050192820A1 (en) * | 2004-02-27 | 2005-09-01 | Simon Steven G. | Method and apparatus for creating and distributing recordings of events |
US7016675B1 (en) * | 1999-09-27 | 2006-03-21 | 3Com Corporation | System and method for controlling telephone service using a wireless personal information device |
US20060068893A1 (en) * | 2004-09-29 | 2006-03-30 | Wms Gaming Inc. | Wagering game with symbols collection |
US20060085354A1 (en) * | 2004-10-15 | 2006-04-20 | Hitachi Global Storage Technologies Netherlands B.V. | Data transfer system and data transfer method |
US20060095769A1 (en) * | 1999-11-01 | 2006-05-04 | Robert Zuccherato | System and method for initializing operation for an information security operation |
US20060117178A1 (en) * | 2004-11-29 | 2006-06-01 | Fujitsu Limited | Information leakage prevention method and apparatus and program for the same |
US20060115085A1 (en) * | 2004-04-28 | 2006-06-01 | Denso Corporation | Communication system having plurality of nodes sharing a common cipher key, cipher key dispatching apparatus for use in the system, and anti-theft apparatus utilizing information derived from cipher key utilization |
US20060126843A1 (en) * | 2004-12-09 | 2006-06-15 | Brickell Ernie F | Method and apparatus for increasing the speed of cryptographic processing |
US20070061593A1 (en) * | 2005-09-15 | 2007-03-15 | Ufuk Celikkan | Sending secured data |
US20070081522A1 (en) * | 2005-10-12 | 2007-04-12 | First Data Corporation | Video conferencing systems and methods |
US20070083666A1 (en) * | 2005-10-12 | 2007-04-12 | First Data Corporation | Bandwidth management of multimedia transmission over networks |
US7222054B2 (en) * | 1998-03-03 | 2007-05-22 | Card Guard Scientific Survival Ltd. | Personal ambulatory wireless health monitor |
US20070115388A1 (en) * | 2005-10-12 | 2007-05-24 | First Data Corporation | Management of video transmission over networks |
US20070288768A1 (en) * | 2004-04-06 | 2007-12-13 | Nesta Pasquale A | Secure Logging For Irrefutable Administration |
US20080293473A1 (en) * | 2004-06-30 | 2008-11-27 | Wms Gaming, Inc. | Wagering Game with Character Learning |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4200770A (en) * | 1977-09-06 | 1980-04-29 | Stanford University | Cryptographic apparatus and method |
DE3431726A1 (en) * | 1984-08-29 | 1986-03-13 | Philips Kommunikations Industrie AG, 8500 Nürnberg | Telecommunications network, in particular mobile radio network, with network-uniformly changeable keys |
US6195751B1 (en) * | 1998-01-20 | 2001-02-27 | Sun Microsystems, Inc. | Efficient, secure multicasting with minimal knowledge |
US7359507B2 (en) * | 2000-03-10 | 2008-04-15 | Rsa Security Inc. | Server-assisted regeneration of a strong secret from a weak secret |
US6918039B1 (en) * | 2000-05-18 | 2005-07-12 | International Business Machines Corporation | Method and an apparatus for detecting a need for security and invoking a secured presentation of data |
US6957217B2 (en) * | 2000-12-01 | 2005-10-18 | Sony Corporation | System and method for selectively providing information to a user device |
US7076067B2 (en) * | 2001-02-21 | 2006-07-11 | Rpk New Zealand Limited | Encrypted media key management |
US6885388B2 (en) * | 2001-04-25 | 2005-04-26 | Probaris Technologies Inc. | Method for automatically generating list of meeting participants and delegation permission |
JP2005018487A (en) * | 2003-06-26 | 2005-01-20 | Sharp Corp | Method for distributing right to participate in conference and conference system |
US7523316B2 (en) * | 2003-12-08 | 2009-04-21 | International Business Machines Corporation | Method and system for managing the display of sensitive content in non-trusted environments |
-
2005
- 2005-12-05 EP EP05257465A patent/EP1793606A1/en not_active Ceased
-
2006
- 2006-11-24 US US12/096,223 patent/US8787580B2/en active Active
- 2006-11-24 WO PCT/US2006/045369 patent/WO2007067372A1/en active Application Filing
- 2006-11-24 KR KR1020087013496A patent/KR101485611B1/en active IP Right Grant
- 2006-11-24 CN CN2006800455180A patent/CN101322347B/en not_active Expired - Fee Related
-
2014
- 2014-07-14 US US14/330,384 patent/US20140321651A1/en not_active Abandoned
Patent Citations (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4988987A (en) * | 1985-12-30 | 1991-01-29 | Supra Products, Inc. | Keysafe system with timer/calendar features |
US7222054B2 (en) * | 1998-03-03 | 2007-05-22 | Card Guard Scientific Survival Ltd. | Personal ambulatory wireless health monitor |
US6742116B1 (en) * | 1998-09-30 | 2004-05-25 | Fujitsu Limited | Security method, security software and security system for electronic communications |
US6851053B1 (en) * | 1999-03-02 | 2005-02-01 | Microsoft Corporation | Multiparty conference authentication |
US6744759B1 (en) * | 1999-09-27 | 2004-06-01 | 3Com Corporation | System and method for providing user-configured telephone service in a data network telephony system |
US6795429B1 (en) * | 1999-09-27 | 2004-09-21 | 3Com Corporation | System and method for associating notes with a portable information device on a network telephony call |
US7016675B1 (en) * | 1999-09-27 | 2006-03-21 | 3Com Corporation | System and method for controlling telephone service using a wireless personal information device |
US20020024590A1 (en) * | 1999-10-16 | 2002-02-28 | Pena Martin Rangel | Method and system for computer-aided telecommunication and financial transactions |
US20060095769A1 (en) * | 1999-11-01 | 2006-05-04 | Robert Zuccherato | System and method for initializing operation for an information security operation |
US6856616B1 (en) * | 2000-02-29 | 2005-02-15 | 3Com Corporation | System and method for providing service provider configurations for telephones using a central server in a data network telephony system |
US20010038695A1 (en) * | 2000-03-24 | 2001-11-08 | Kim A-Jung | Method for secure communication in multiple access systems |
US20040245331A1 (en) * | 2001-07-02 | 2004-12-09 | Jean-Jacques Vandewalle | Method and device for processing data for customizing an application of a protable communication device, for example a smart card |
US20040201685A1 (en) * | 2001-10-31 | 2004-10-14 | Seaman Mark D. | Bookmarking captured digital images at an event to all present devices |
US20040078596A1 (en) * | 2002-10-17 | 2004-04-22 | Kent Larry G. | Customizable instant messaging private tags |
US20040078595A1 (en) * | 2002-10-17 | 2004-04-22 | Kent Larry G. | Instant messaging private tags |
US20040184614A1 (en) * | 2003-03-18 | 2004-09-23 | Walker Glenn A. | Digital receiver and method for receiving secure group data |
US20050004968A1 (en) * | 2003-07-02 | 2005-01-06 | Jari Mononen | System, apparatus, and method for a mobile information server |
US20050084114A1 (en) * | 2003-10-20 | 2005-04-21 | Jung Bae-Eun | Conference session key distribution method in an ID-based cryptographic system |
US20050192820A1 (en) * | 2004-02-27 | 2005-09-01 | Simon Steven G. | Method and apparatus for creating and distributing recordings of events |
US20070288768A1 (en) * | 2004-04-06 | 2007-12-13 | Nesta Pasquale A | Secure Logging For Irrefutable Administration |
US20060115085A1 (en) * | 2004-04-28 | 2006-06-01 | Denso Corporation | Communication system having plurality of nodes sharing a common cipher key, cipher key dispatching apparatus for use in the system, and anti-theft apparatus utilizing information derived from cipher key utilization |
US20080293473A1 (en) * | 2004-06-30 | 2008-11-27 | Wms Gaming, Inc. | Wagering Game with Character Learning |
US20060068893A1 (en) * | 2004-09-29 | 2006-03-30 | Wms Gaming Inc. | Wagering game with symbols collection |
US20060085354A1 (en) * | 2004-10-15 | 2006-04-20 | Hitachi Global Storage Technologies Netherlands B.V. | Data transfer system and data transfer method |
US20060117178A1 (en) * | 2004-11-29 | 2006-06-01 | Fujitsu Limited | Information leakage prevention method and apparatus and program for the same |
US20060126843A1 (en) * | 2004-12-09 | 2006-06-15 | Brickell Ernie F | Method and apparatus for increasing the speed of cryptographic processing |
US20070061593A1 (en) * | 2005-09-15 | 2007-03-15 | Ufuk Celikkan | Sending secured data |
US20070081522A1 (en) * | 2005-10-12 | 2007-04-12 | First Data Corporation | Video conferencing systems and methods |
US20070083666A1 (en) * | 2005-10-12 | 2007-04-12 | First Data Corporation | Bandwidth management of multimedia transmission over networks |
US20070115388A1 (en) * | 2005-10-12 | 2007-05-24 | First Data Corporation | Management of video transmission over networks |
Non-Patent Citations (2)
Title |
---|
Hwang et al.; A self-encryption mechanism for authentication of roaming and teleconference services; Wireless Communications, IEEE Transactions on (Volume:2 , Issue: 2 ) Page(s): 400 - 407 ; March 2003; IEEE Xplore * |
Steer et al.; A secure audio teleconference system; Proceeding CRYPTO '88 Proceedings on Advances in cryptology, 1990, Pages 520-528, ACM Digital Library * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11374911B1 (en) * | 2021-01-29 | 2022-06-28 | Zoom Video Communications, Inc. | Systems and methods for locking encrypted video conferences |
US11750578B2 (en) | 2021-01-29 | 2023-09-05 | Zoom Video Communications, Inc. | Locking encrypted video conferences |
Also Published As
Publication number | Publication date |
---|---|
KR20080073319A (en) | 2008-08-08 |
KR101485611B1 (en) | 2015-01-22 |
EP1793606A1 (en) | 2007-06-06 |
CN101322347B (en) | 2011-11-16 |
WO2007067372A1 (en) | 2007-06-14 |
US20090220093A1 (en) | 2009-09-03 |
US8787580B2 (en) | 2014-07-22 |
CN101322347A (en) | 2008-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8787580B2 (en) | Distribution of keys for encryption/decryption | |
US7373173B2 (en) | Sharing image items | |
EP2856735B1 (en) | Method and system for automatic generation of context-aware cover message | |
CN110521172A (en) | For handling the method and system of of short duration content-message | |
US8224041B2 (en) | Media data processing apparatus and media data processing method | |
US9143889B2 (en) | Method of establishing application-related communication between mobile electronic devices, mobile electronic device, non-transitory machine readable media thereof, and media sharing method | |
US11768887B2 (en) | Electronic evidence transfer | |
US8914897B2 (en) | Controlling access to digital images based on device proximity | |
WO2014035998A2 (en) | Coded image sharing system (ciss) | |
EP3039811B1 (en) | Method, content owner device, computer program, and computer program product for distributing content items to authorized users | |
US9203612B1 (en) | Systems and methods for controlling media distribution | |
FR3104357A1 (en) | Renewal of single-use keys | |
WO2013127449A1 (en) | Method, apparatus and computer program for associating pictures related to an event | |
JP2008028494A (en) | Photograph upload system | |
JP6949180B1 (en) | Posting authority granting device, posting permission granting method, posting permission granting program | |
EP2843978B1 (en) | Method of establishing application-related communication between mobile electronic devices, mobile electronic device thereof, and media sharing method | |
JP4357178B2 (en) | Image server | |
US20190207780A1 (en) | Method and system for sharing content files using a computer system and data network | |
CN111491136A (en) | Image transmission system and method | |
Adams et al. | Combining social authentication and untrusted clouds for private location sharing | |
EP2254275A1 (en) | Method of encryption of particular parts of a document for privileged users access | |
EP3133524B1 (en) | Data collaboration | |
Thampi et al. | Recovery of Digital Evidence from Social Networking Sites | |
AWAN | Automated Content Sharing in Extended Homes through Mobile Devices | |
WO2017117507A1 (en) | System and method of applying adaptive privacy controls to lossy file types |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034747/0417 Effective date: 20141014 Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:039025/0454 Effective date: 20141014 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO PAY ISSUE FEE |