Scribd Logo
Upload

Welcome to Scribd!

  • An Introduction To Identity-Based Cryptography: Carl Youngblood CSEP 590 3/8/06

    Uploaded by

    Ramu Kuchipudi
    5 views11 pages
    young

    Original Title

    Youngblood

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    young

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views11 pages

    An Introduction To Identity-Based Cryptography: Carl Youngblood CSEP 590 3/8/06

    Uploaded by

    Ramu Kuchipudi
    young

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    An Introduction to

    Identity-based
    Cryptography
    Carl Youngblood
    CSEP 590
    3/8/06
    Problems with PKI
     Sender must have
    recipient’s certificate
     Complexity of certificate
    management and CRLs
     Security paradox –
    Certificate database
    exposes organization
    Enter Identity-Based Cryptography
     Cryptography for unprepared
    users
     Public keys are some attribute
    of a user’s identity, such as an
    email address, phone number,
    or biometric data
     Sender only needs to know
    recipient’s identity attribute to
    send an encrypted message
     Recipient need not interact with
    the system until after receiving
    an encrypted message.
    History of IDC
     Proposed by Shamir in 1984
     Shamir came up with a working system for
    identity-based signature (IDS), but no system
    for identity-based encryption (IDE)
     First IDE system discovered in 2001 by
    Boneh and Franklin, based on Weil
    pairing.
     Currently hot topic in cryptography
    Identity-based encryption (IDE)
    Identity-based signature (IDS)
    Security of IDC
     Most IDC schemes are based on bilinear non-
    degenerate maps. These have the property:
     Pair(a · X, b · Y) = Pair(b · X, a · Y)
     Operator · refers to multiplication of a point on an
    elliptic curve by integers
     Though unproven, the assumption is that these
    maps are one-way.
     Bilinear Diffie-Hellman Assumption, because
    BDH problem reduces to it.
    Advantages of IDC
     No user preparation required – most compelling
    advantage
     No PKI management or certificate database
     Inherent key escrow, though a drawback, allows
    for some additional benefits:
     No client-side installation required; PKG can encrypt
    and sign messages for the user, in a web-based
    messaging application, for example.
     Policy-based automatic outbound message
    encryption
     Users’ keys may be kept on the PKG, which is more
    secure than users’ workstations.
     “Chameleon” signatures – only recipient can verify
    Disadvantages of IDC
     Inherent key escrow
     Weakens non-repudiation
     Variants being developed to overcome this weakness
     No key revocation
     If
    private key gets compromised, do I have to get a
    new identity?
     Can be fixed by appending validity timestamp to
    public key
     PKG requires extremely high level of assurance,
    since it holds all private keys and must remain
    online.
    Implementations
     Stanford IBE system
    http://crypto.stanford.edu/ibe/
     MIRACL
    http://indigo.ie/~mscott/
     Voltage Security, Inc.
    http://www.voltage.com/
     Proofpoint, Inc.
    http://www.proofpoint.com/
    Summary
     IBC has some weaknesses but is much
    easier to use than PKI
     For its advocates, IBC provides a more
    reasonable balance between security and
    usability
     High level of research is a good
    demonstration of its potential

    You might also like