Method for protecting payload data

Abstract

In a method for protecting payload data transmitted via a one-to-many communication channel from a provider device to at least one receiver device a public key set (PK) supporting asymmetric bilinear pairings is generated. A number of receiver device keys (DKi) that are generated based on the public key set (PK) are distributed to respective devices including the at least one receiver device. A provider key (K) is generated based on the public key set (PK) and inter alia on an encryption random number (t) and stored in the provider device. An envelope (ENV) is generated based on the public key set (PK) and on the encryption random number (t) and is distributed, via the one-to-many communication channel, to the respective devices including the at least one receiver device. The at least one receiver device generates a receiver key, which corresponds to the provider key, based on the distributed envelope (ENV) and the distributed receiver device key (DKi). The provider device encrypts and/or signs the payload data employing the provider key (K) for producing protected payload data and distributes them via the one-to-many communication channel to the respective devices. The at least one receiver device processes, e.g. by decrypting and/or authenticating, the protected payload data employing the receiver key.