You are on page 1of 3

Introduction Identity-based public key encryption enables easy initiation of public key cryptography by enabling an entitys public key

to be obtained from a random identification element, such as an email address or a name. The main sensible advantage of identity-based cryptography is in tremendously minimizing the need for as well as dependence on, public key certificates. Whereas various fascinating identity-based systems have been built in the past, there is none that is compatible with common public key encryption algorithms like the El Gamal and Rivest-Shamir-Adleman (RSA). This restricts the service of identity-based cryptography as an on-going stage to full-scale public key cryptography. Additionally, it is essential challenging to resolve fine grained recall with identity-based cryptography. Mediated RSA (mRSA) is an easy and realistic technique of sharing a RSA private key between the user and a Security Mediator (SEM). None of the user or the SEM can deceive one another because each cryptographic operation regardless of whether it the signature or decryption entails both elements. mRSA permits rapid and fine-grained management of users security privileges. Nevertheless, mRSA nonetheless depends on the conventional public key certificates to hold and communicate public keys. Therefore a password is not needed in the subsequent attempts in Identity based Cryptosystem because in an ordinary public key infrastructure (PKI) deployment, a users public key is specifically fixed in a public key certificate which is, fundamentally, a combination between the certificate holders identity and the requested public key. This standard form requires universal trust in certificate issuers that is Certification Authorities (Joye & Neven, 2009). Will identity based cryptosystem replace PKI Looking at the current trends, it is almost certain that, Identity Based Cryptosystem (IBC) will replace Public Key infrastructure (PKI). One noticeable drawback to extensive implementation of public-key cryptography is its reliance on a public-key infrastructure that is split between its users. Prior to secure communications can be initiated, both sender and receiver must produce encryption and signature matched up keys, send certificate requests together with evidence of identity to a Certificate Authority (CA), and get CA-signed certificates, which they can then make use of in authentication both ways and communicate encrypted messages. This process can be slow as well as be subject to errors, and is particularly unfriendly to new computer users. In most instances, people who can receive encrypted email are also unable to transmit secure messages to other people because of poor or no readiness, minimal interoperability, hardware limitations or insufficient technical expertise on the receiving end. Putting into consideration the need to pass and receive information and the intricacy of PKI-based cryptography, communication that can benefit from added security is regularly carried out in the open. Therefore in essence Identity-based cryptosystem (IBC) tries to minimize these obstacles by demanding no readiness on the receiving end. Although it offers various advantages over PKI-based methods it does have its drawbacks.

Some of the reasons why it is possible for identity based cryptosystem to replace PKI are that readiness is needed on the receiving end of an encrypted message. This is essentially the most convincing element of Identity-based cryptosystem. There is also no requirement to manage a public key infrastructure, including CRL administration. Identity-based cryptosystem inbuilt key escrow attribute implies that decryption and signature can happen on the server. Whereas this is a disadvantage in Identity-based cryptosystem since it removes nonnegation most of the time, it also makes other particular attributes possible otherwise not attainable in PKIbased systems in which the signer holds his/her private key. Identity-based cryptosystem has enhanced user-friendliness by having the PKG deal with cryptographic processes for the user and needing no client-side deployment. This can be particularly very strong in a scenario where an organization wants to embrace a structure in which all the messages of certain confidentiality degree are automatically encrypted and signed. The system administrator can indicate the strategy that control if a message will be encrypted or signed by use of utilities such as keyword search of the message content, duration, or a common phrase match on the sender or recipient. Additionally if a user does not have to receive his or her private key, it can be stored on the PKG, which in most case has a much greater degree of security than a user's terminal (Dent & Zheng, 2010). Can Identity based cryptosystem be used for general purpose authentication? Cloud computing is a category of the emerging technologies, highly customizable distributed computing infrastructure in which computing resources are provided in form of a service putting into consideration parallel virtualization and Internet technologies. Some of the cloud-based services are Software-as-aService (SaaS) as well as Platform as a Service (PaaS). Some examples are Amazons Elastic Compute Cloud (EC2) and IBMs Blue Cloud. In relation to cloud computing Identity -Based Cryptosystems has lately gotten significant interest. Through Identity-Based Cryptosystems, an identifier representing a user can be changed into his or her public key and applied on-the-fly with no authenticity verification. The ability of Identity-Based Cryptosystems to offer high flexibility to factors within a security infrastructure and its certificate-free method could very well fit the vibrant qualities of cloud computing. In essence, it looks like the enhancements in Identity-Based Cryptosystems can provide more easy and scalable significant application and management methods within cloud security infrastructures than conventional public key infrastructure(PKI) does. The application of Identity-Based Cryptosystems in cloud computing is an emerging, promising and attractive development (Kizza, 2005). What other supporting systems will be needed Other supporting systems for Identity-Based Cryptosystems in future will be a new system infrastructure with an unidentified private key generation protocol so that the Key Generation Center (KGC) can give a private key to an verified user with no knowledge of the list of users identities. This also appropriately fits the process that authentication should be carried out with the local registration authorities (CA) instead of

the Key Generation Center (KGC). This idea can be regarded as moderating the key escrow difficult in a different perspective as opposed to distributed KGCs approach (Fischer-Hubner, 2008). Possible vulnerabilities and threats Identity-Based Cryptosystems presumes the availability of a Trusted Third Party (TTP), known as Private Key Generator (PKG), which is tasked with generating the matching user private key. Depending on a TTP and applying an identity as the foundation of the scheme translates into various weaknesses on the system, as the innate key escrow problem (www.igi-global.com). These systems allocate a specific identifier to each user and object. Additionally, current assignment techniques allow an intruder to cautiously choose user IDs and concurrently get several pseudo-identities, which eventually lead to the capability of disrupting the peer to peer system in very calculated and risky ways (Bidgoli, 2006). References Anderson, R. (2008) Security Engineering: A guide to building Dependable Distributable Systems. 2nd ed. Indiana: Wiley Publishing, Inc. Bidgoli, H. (2006). Handbook of Information Security Volume 3. Hoboken: John Wiley & Sons. Dent, A, & Zheng, Y 2010, Practical Signcryption [Electronic Book] / Alexander W. Dent, Yuliang Zheng, Editors ; Foreword By Moti Yung, n.p.: Berlin ; Springer, c2010., University of Liverpool Catalogue, EBSCOhost, viewed 7 April 2013. Fischer-Hbner, S 2008, The Future Of Identity In The Information Society [Electronic Book] : Proceedings Of The Third IFIP WG 9.2, 9.6/11.6, 11.7/FIDIS International Summer School On The Future Of Identity In The Information Society, Karlstad University, Sweden, August 4-10, 2007 / Edited By Simone FischerHbner ... [Et Al.], n.p.: New York : Springer, c2008., University of Liverpool Catalogue, EBSCOhost, viewed 7 April 2013. Joye, M, & Neven, G 2009, Identity-Based Cryptography [Electronic Book] Edited By Marc Joye And Gregory Neven, n.p.: Amsterdam ; IOS Press, c2009., University of Liverpool Catalogue, EBSCO host, viewed 7 April 2013. Kizza, J 2005, Computer Network Security [Electronic Book] / By Joseph Migga Kizza , n.p.: Boston, MA : Springer Science+Business Media, Inc., 2005., University of Liverpool Catalogue, EBSCO host, viewed 7 April 2013.