In one aspect, a data structure to be encrypted is received, the data structure including content along with a statement of conditions under which the content may be decrypted. The content is encrypted using a public key of a pair of public and private keys of a device that is to decrypt the data structure. In another aspect, a data structure is decrypted using a private key of a pair of public and private keys. A statement of conditions under which content in the data structure can be decrypted is obtained, and testing is performed as to whether the conditions are satisfied. The decrypted content is returned only if the conditions are satisfied.