Tuesday, May 6, 2008

More on functional encryption and two-level keys

Following up to my previous post on functional encryption. Just read another interesting article on the subject.

The gist of it is in using policy as a way of granting acess and reducing the reliance on a "trusted server". From the article..

"In a functional encryption system, keys are personalized and only one is needed for a person to gain access to all the data that should be available to them. In addition to simplifying the key process, this idea allows users—with proper access rights—to search encrypted volumes for specific information. "

The key used here is a personal key which contains attributes of a person which is used to unlock the document... Seems intriguing, but I am not sure how multiple people (or even groups such as HR) can be given access to a document based on such keys... Would like to understand this a bit more...

No comments: