公开(公告)号：US08245038B2

公开(公告)日：2012-08-14

申请号：US12055870

申请日：2008-03-26

Applicant: Philippe Jean-Paul Golle ,  Jessica N. Staddon ,  Richard Chow

Inventor： Philippe Jean-Paul Golle ,  Jessica N. Staddon ,  Richard Chow

IPC: H04L29/06

CPC classification number: G06F21/64

Abstract: One embodiment of the present invention provides a system which allows a document owner to redact content from a document and allows a recipient of the redacted document to challenge the appropriateness of the redaction. During operation, the system allows the document owner to redact a string Mi from location i in the document. In doing so, the system produces a commitment Ci=C(Mi, Ri) based on string Mi and a string Ri used as randomness and communicates Ci to the recipient. When the recipient challenges the redaction, the system receives a topic string T from the recipient, and produces a string RT. The system then communicates RT to the recipient, thereby allowing the recipient to produce a commitment CT=C(T, RT) based on strings T and RT, and compare CT with Ci. Comparing commitment CT with Ci allows the recipient to test redactions for string equality.

Abstract translation: 本发明的一个实施例提供了一种允许文档所有者从文档中修改内容并允许编辑文档的接收者挑战编辑的适当性的系统。 在操作期间，系统允许文档所有者从文档中的位置i修改字符串Mi。 在这样做时，系统基于字符串Mi产生承诺Ci = C（Mi，Ri）和用作随机性的字符串Ri，并将Ci传送给接收者。 当接收方挑战编辑时，系统从收件人接收主题字符串T，并产生字符串RT。 系统然后将RT传送给接收者，从而允许接收者基于字符串T和RT产生承诺CT = C（T，RT），并将CT与Ci进行比较。 将承诺CT与Ci进行比较，允许收件人对字符串相等性进行测试。

公开(公告)号：US07873838B2

公开(公告)日：2011-01-18

申请号：US11611843

申请日：2006-12-15

Applicant: Jessica N. Staddon ,  Philippe Jean-Paul Golle

Inventor： Jessica N. Staddon ,  Philippe Jean-Paul Golle

IPC: G09C1/00

CPC classification number: H04L9/088 ,  H04L9/0894

Abstract: A selectively encrypted data unit is generated from an unencrypted data unit. This is accomplished by accessing a list of attributes related to the unencrypted data unit that identify classifications of sensitive information within the unencrypted data unit. In addition, a protection key that is responsive to a random number is selected and auxiliary values computed from the attributes of the sensitive information and the random number are produced. The sensitive information is encrypted with the protection key to create an encrypted version of the sensitive information. The encrypted version is associated with the auxiliary values and linked to an attribute vector that classifies the sensitive information in the encrypted version. Data from the unencrypted data unit and the encrypted version of the sensitive information is stored as the selectively encrypted data unit.

Abstract translation: 从未加密的数据单元生成选择性加密的数据单元。 这通过访问与未加密的数据单元中的敏感信息的分类的未加密的数据单元相关的属性的列表来实现。 此外，选择响应于随机数的保护密钥，并且产生从敏感信息和随机数的属性计算出的辅助值。 敏感信息用保护密钥加密，以创建敏感信息的加密版本。 加密版本与辅助值相关联，并链接到将加密版本中的敏感信息分类的属性向量。 来自未加密数据单元的数据和敏感信息的加密版本被存储为选择性加密的数据单元。

公开(公告)号：US10311445B2

公开(公告)日：2019-06-04

申请号：US12194920

申请日：2008-08-20

Applicant: Richard Chow ,  Philippe Jean-Paul Golle ,  Jessica N. Staddon

Inventor： Richard Chow ,  Philippe Jean-Paul Golle ,  Jessica N. Staddon

IPC: G06Q30/02 ,  G06Q30/06

Abstract: One embodiment of the present invention provides a system that performs inference detection based on Internet advertisements. In doing so, this system first receives a set of topic words, performs a search query on each topic word using a search engine, and gathers a set of Uniform Resource Locators (URLs) associated with sponsored advertisement from the search results corresponding to each search query. Then, the system determines a correlation between two topic words based on their corresponding URLs associated with sponsored advertisement, and produces a result which indicates groups of correlated topic words.

公开(公告)号：US07865742B2

公开(公告)日：2011-01-04

申请号：US11611845

申请日：2006-12-15

Applicant: Jessica N. Staddon ,  Philippe Jean-Paul Golle

Inventor： Jessica N. Staddon ,  Philippe Jean-Paul Golle

IPC: G06F21/00

CPC classification number: G06F21/6209 ,  G06Q20/3821 ,  H04L9/0847 ,  H04L9/085 ,  H04L9/3073

Abstract: A capability key is generated that provides access to sensitive information within a selectively encrypted data unit created from an unencrypted data unit. A user specifies access rights as a monotone boolean relationship between a selection of a list of attributes related to the unencrypted data unit. This relationship is used to compute a key descriptor. Next one or more shares of a master secret is generated responsive to the monotone boolean relationship and a random number. Next a unique capability key is computed from one or more cryptosystem parameters, the one or more shares and the random number. The unique capability key and the key descriptor together enable decryption of sensitive information within a selectively encrypted data unit created from an unencrypted data unit. Finally, the unique capability key and the key descriptor are provided to allow decryption of sensitive information within the selectively encrypted data unit.

Abstract translation: 生成能够提供对从未加密的数据单元创建的选择性加密的数据单元中的敏感信息的访问的能力密钥。 用户将访问权限指定为与未加密的数据单元相关的属性列表的选择之间的单调布尔关系。 该关系用于计算密钥描述符。 响应于单调布尔关系和随机数生成下一个主秘密的一个或多个共享。 接下来，从一个或多个密码系统参数，一个或多个共享和随机数计算独特的能力密钥。 唯一能力密钥和密钥描述符可以在从未加密的数据单元创建的选择性加密的数据单元中解密敏感信息。 最后，提供独特的能力密钥和密钥描述符，以允许对选择性加密的数据单元内的敏感信息进行解密。

公开(公告)号：US07861096B2

公开(公告)日：2010-12-28

申请号：US11611848

申请日：2006-12-15

Applicant: Jessica N. Staddon ,  Philippe Jean-Paul Golle

Inventor： Jessica N. Staddon ,  Philippe Jean-Paul Golle

IPC: G09C1/00

CPC classification number: G06F21/6209 ,  H04L9/085 ,  H04L2209/60

Abstract: A selectively encrypted data unit includes an encrypted version of sensitive information (capable of being decrypted to reveal the sensitive information), a plurality of auxiliary values, and an attribute vector associated with the encrypted version of the sensitive information. The selectively encrypted data unit and a unique capability key are accessed. The unique capability key is associated with a key descriptor and is responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares of a master secret. Next the technology determines whether the attribute vector is filtered or enabled by the key descriptor. If so, a protection key is acquired that is responsive to the one or more cryptosystem parameters, the plurality of auxiliary values, the key descriptor and the unique capability key. Once acquired, the protection key is used to decrypt the encrypted version to generate the sensitive information which is presented.

Abstract translation: 选择性加密的数据单元包括敏感信息的加密版本（能够被解密以显示敏感信息），多个辅助值以及与敏感信息的加密版本相关联的属性向量。 访问选择性加密的数据单元和独特的能力密钥。 唯一能力密钥与密钥描述符相关联，并且响应于一个或多个密码系统参数，一个或多个随机数以及主秘密的一个或多个共享。 接下来，该技术确定属性向量是否被密钥描述符过滤或启用。 如果是，则获取响应于一个或多个密码系统参数，多个辅助值，密钥描述符和唯一能力密钥的保护密钥。 一旦获取，保护密钥用于解密加密版本，以产生呈现的敏感信息。

公开(公告)号：US20090249220A1

公开(公告)日：2009-10-01

申请号：US12055870

申请日：2008-03-26

Applicant: Philippe Jean-Paul Golle ,  Jessica N. Staddon ,  Richard Chow

Inventor： Philippe Jean-Paul Golle ,  Jessica N. Staddon ,  Richard Chow

IPC: G06F3/00

CPC classification number: G06F21/64

Abstract: One embodiment of the present invention provides a system which allows a document owner to redact content from a document and allows a recipient of the redacted document to challenge the appropriateness of the redaction. During operation, the system allows the document owner to redact a string Mi from location i in the document. In doing so, the system produces a commitment Ci=C(Mi, Ri) based on string Mi and a string Ri used as randomness and communicates Ci to the recipient. When the recipient challenges the redaction, the system receives a topic string T from the recipient, and produces a string RT. The system then communicates RT to the recipient, thereby allowing the recipient to produce a commitment CT=C(T, RT) based on strings T and RT, and compare CT with Ci. Comparing commitment CT with Ci allows the recipient to test redactions for string equality.

Abstract translation: 本发明的一个实施例提供了一种允许文档所有者从文档中修改内容并允许编辑文档的接收者挑战编辑的适当性的系统。 在操作期间，系统允许文档所有者从文档中的位置i修改字符串Mi。 在这样做时，系统基于字符串Mi产生承诺Ci = C（Mi，Ri）和用作随机性的字符串Ri，并将Ci传送给接收者。 当接收方挑战编辑时，系统从收件人接收主题字符串T，并产生字符串RT。 系统然后将RT传送给接收者，从而允许接收者基于字符串T和RT产生承诺CT = C（T，RT），并将CT与Ci进行比较。 将承诺CT与Ci进行比较，允许收件人对字符串相等性进行测试。

公开(公告)号：US20100049682A1

公开(公告)日：2010-02-25

申请号：US12194920

申请日：2008-08-20

Applicant: Richard Chow ,  Philippe Jean-Paul Golle ,  Jessica N. Staddon

Inventor： Richard Chow ,  Philippe Jean-Paul Golle ,  Jessica N. Staddon

IPC: G06N5/02 ,  G06F7/06 ,  G06F17/30

CPC classification number: G06Q30/02 ,  G06Q30/0631

Abstract: One embodiment of the present invention provides a system that performs inference detection based on Internet advertisements. In doing so, this system first receives a set of topic words, performs a search query on each topic word using a search engine, and gathers a set of Uniform Resource Locators (URLs) associated with sponsored advertisement from the search results corresponding to each search query. Then, the system determines a correlation between two topic words based on their corresponding URLs associated with sponsored advertisement, and produces a result which indicates groups of correlated topic words.

Abstract translation: 本发明的一个实施例提供了一种基于因特网广告进行推理检测的系统。 在这样做时，该系统首先接收一组主题词，使用搜索引擎对每个主题词执行搜索查询，并从与每个搜索相对应的搜索结果中收集与赞助广告相关联的一组统一资源定位符（URL） 查询。 然后，系统基于与赞助广告相关联的相应URL来确定两个主题词之间的相关性，并产生指示相关主题词组的结果。

公开(公告)号：US20080046757A1

公开(公告)日：2008-02-21

申请号：US11611843

申请日：2006-12-15

Applicant: Jessica N. Staddon ,  Philippe Jean-Paul Golle

Inventor： Jessica N. Staddon ,  Philippe Jean-Paul Golle

IPC: H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC classification number: H04L9/088 ,  H04L9/0894

Abstract: A selectively encrypted data unit is generated from an unencrypted data unit. This is accomplished by accessing a list of attributes related to the unencrypted data unit that identify classifications of sensitive information within the unencrypted data unit. In addition, a protection key that is responsive to a random number is selected and auxiliary values computed from the attributes of the sensitive information and the random number are produced. The sensitive information is encrypted with the protection key to create an encrypted version of the sensitive information. The encrypted version is associated with the auxiliary values and linked to an attribute vector that classifies the sensitive information in the encrypted version. Data from the unencrypted data unit and the encrypted version of the sensitive information is stored as the selectively encrypted data unit.

Abstract translation: 从未加密的数据单元生成选择性加密的数据单元。 这通过访问与未加密的数据单元中的敏感信息的分类的未加密的数据单元相关的属性的列表来实现。 此外，选择响应于随机数的保护密钥，并且产生从敏感信息和随机数的属性计算出的辅助值。 敏感信息用保护密钥加密，以创建敏感信息的加密版本。 加密版本与辅助值相关联，并链接到将加密版本中的敏感信息分类的属性向量。 来自未加密数据单元的数据和敏感信息的加密版本被存储为选择性加密的数据单元。

公开(公告)号：US20080016372A1

公开(公告)日：2008-01-17

申请号：US11611848

申请日：2006-12-15

Applicant: Jessica N. Staddon ,  Philippe Jean-Paul Golle

Inventor： Jessica N. Staddon ,  Philippe Jean-Paul Golle

IPC: H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC classification number: G06F21/6209 ,  H04L9/085 ,  H04L2209/60

Abstract: A selectively encrypted data unit includes an encrypted version of sensitive information (capable of being decrypted to reveal the sensitive information), a plurality of auxiliary values, and an attribute vector associated with the encrypted version of the sensitive information. The selectively encrypted data unit and a unique capability key are accessed. The unique capability key is associated with a key descriptor and is responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares of a master secret. Next the technology determines whether the attribute vector is filtered or enabled by the key descriptor. If so, a protection key is acquired that is responsive to the one or more cryptosystem parameters, the plurality of auxiliary values, the key descriptor and the unique capability key. Once acquired, the protection key is used to decrypt the encrypted version to generate the sensitive information which is presented.

Abstract translation: 选择性加密的数据单元包括敏感信息的加密版本（能够被解密以显示敏感信息），多个辅助值以及与敏感信息的加密版本相关联的属性向量。 访问选择性加密的数据单元和独特的能力密钥。 唯一能力密钥与密钥描述符相关联，并且响应于一个或多个密码系统参数，一个或多个随机数以及主秘密的一个或多个共享。 接下来，该技术确定属性向量是否被密钥描述符过滤或启用。 如果是，则获取响应于一个或多个密码系统参数，多个辅助值，密钥描述符和唯一能力密钥的保护密钥。 一旦获取，保护密钥用于解密加密版本，以产生呈现的敏感信息。

公开(公告)号：US20080016341A1

公开(公告)日：2008-01-17

申请号：US11611845

申请日：2006-12-15

Applicant: Jessica N. Staddon ,  Philippe Jean-Paul Golle

Inventor： Jessica N. Staddon ,  Philippe Jean-Paul Golle

IPC: H04L9/32 ,  H04N7/16 ,  H04L9/00 ,  G06F12/14 ,  G06K9/00 ,  G06F17/30 ,  G06F7/04 ,  G06F11/30 ,  H03M1/68 ,  H04K1/00

CPC classification number: G06F21/6209 ,  G06Q20/3821 ,  H04L9/0847 ,  H04L9/085 ,  H04L9/3073

Abstract: A capability key is generated that provides access to sensitive information within a selectively encrypted data unit created from an unencrypted data unit. A user specifies access rights as a monotone boolean relationship between a selection of a list of attributes related to the unencrypted data unit. This relationship is used to compute a key descriptor. Next one or more shares of a master secret is generated responsive to the monotone boolean relationship and a random number. Next a unique capability key is computed from one or more cryptosystem parameters, the one or more shares and the random number. The unique capability key and the key descriptor together enable decryption of sensitive information within a selectively encrypted data unit created from an unencrypted data unit. Finally, the unique capability key and the key descriptor are provided to allow decryption of sensitive information within the selectively encrypted data unit.

Abstract translation: 生成能够提供对从未加密的数据单元创建的选择性加密的数据单元中的敏感信息的访问的能力密钥。 用户将访问权限指定为与未加密的数据单元相关的属性列表的选择之间的单调布尔关系。 该关系用于计算密钥描述符。 响应于单调布尔关系和随机数生成下一个主秘密的一个或多个共享。 接下来，从一个或多个密码系统参数，一个或多个共享和随机数计算独特的能力密钥。 唯一能力密钥和密钥描述符可以在从未加密的数据单元创建的选择性加密的数据单元中解密敏感信息。 最后，提供独特的能力密钥和密钥描述符，以允许在选择性加密的数据单元内解密敏感信息。