| CPC H04L 63/045 (2013.01) [G06F 21/6209 (2013.01); H04L 9/3013 (2013.01); H04L 9/3247 (2013.01); H04L 63/123 (2013.01); H04L 63/126 (2013.01); H04L 2209/72 (2013.01)] | 20 Claims |
|
1. A method, comprising:
receiving, by a computing system, a file and a redaction service call, the redaction service call including selected file content of the file to be redacted;
generating, by the computing system, a content encryption key;
encrypting, by the computing system, the selected file content of the file with the content encryption key to generate cipher text;
generating, by the computing system, a hash of the cipher text;
signcrypting, by the computing system, the hash and the content encryption key for each of a plurality of recipients using each of a signcrypting party public key, a signcrypting party private key, and a corresponding recipient public key to generate a plurality of seal components of a signcrypted envelope message;
embedding, by the computing system, the cipher text within a letter component of the signcrypted envelope message; and
transmitting, by the computing system, the signcrypted envelope message to each of the plurality of recipients,
wherein each of the plurality of recipients can unsigncrypt a corresponding seal component of the signcrypted envelope message using each of a corresponding recipient private key and the signcrypting party public key to retrieve the content encryption key and the hash of the cipher text,
wherein each of the plurality of recipients can decrypt the cipher text in the letter component of the signcrypted envelope message using the content encryption key,
wherein origin authenticity of the cipher text can be determined by each of the plurality of recipients using each of the signcrypting party public key and the corresponding recipient public and private keys, and
wherein data integrity of the cipher text and the content encryption key can be verified via the hash of the cipher text.
|