Handing Off Encrypted Data Without Decrypting It: Nokia's 2020 Re-Encryption Patent

A recurring problem in encrypted data sharing: Alice encrypted some data to herself, and now wants Bob to be able to read it — but she does not want to decrypt it and re-encrypt it to Bob's key, because that exposes the plaintext at the moment of handoff and may require her to be online. Proxy and homomorphic re-encryption solve this by transforming the ciphertext directly, key to key, without it ever being decrypted.

US10778657B2, “Schemes of homomorphic re-encryption,” granted to Nokia Technologies Oy on September 15, 2020, claims methods for exactly this. Classified under H04L 9/008 (homomorphic encryption) with H04L 63/0464 and key-agreement codes, it covers re-encrypting from one key to another while the data stays encrypted throughout.

The mechanism, read from the claim, relies on a re-encryption key — a special token that lets an intermediary (a proxy, a cloud) transform a ciphertext under Alice's key into a ciphertext under Bob's key. Crucially, that token does not let the intermediary decrypt anything; it only enables the transformation. The plaintext exists only at the true endpoints.

Why this matters operationally is delegation at scale. Encrypted cloud storage, encrypted email forwarding, encrypted content distribution — all involve handing protected data to new recipients over time. Without re-encryption, every new recipient means the owner must decrypt and re-encrypt, which is both a security exposure and an availability burden. Re-encryption pushes that work to an untrusted proxy safely.

Per the desk's discipline: issued grant (B2), not an application; a scheme/method claim, not a product. Nokia's telecommunications and networking context makes secure data delegation a natural fit, but the patent is the technique.

For the reader mapping homomorphic-adjacent cryptography, re-encryption is a quietly important branch. It is not about computing on ciphertext so much as moving ciphertext between trust domains without opening it — a primitive that secure sharing, key rotation, and access delegation all lean on, and one with its own real patent history.