GESG Identity-Based Public Key Cryptography (ID-PKC)

Amir Herzberg AMIR at newgenpay.com
Wed Aug 1 05:10:09 EDT 2001


ID based public key is not a new concept, I believe first proposed by Adi
Shamir in Crypto 84 (the first I attended :-). It's a cute concept, but I'm
skeptic about its practical value - except of course as a way to force
parties to use private keys known to authorities :-(

The security requirement of ID based PKC is challanging, even more than
`regular` PKC (which is obviously a special case). So there were many works
proposing systems and also many attacks - although recently there are some
proposals with proofs of security (with strong assumptions...), e.g. Boneh &
Franklin in upcoming Crypto, see
http://crypto.stanford.edu/~dabo/abstracts/ibe.html. 

But, what is the practical value of ID based systems? Not sending the public
key? Give me a break... 
> M Taylor wrote:
> > The UK Communications-Electronics Security Group (CESG), the "defensive"
> > arm of the GCHQ, have published details about another PKC concept,
> > identity-based PKC, where every user's public key are predetermined by
an
> > unique identifier, such as email address. It does use a(/two) trusted
> > server(s), but might be viewed as an easier to use infrastructure than
> > tranditional PKI in some situations.

In what scenarios exactly? Many PKI scenarios are not ID specific at all -
ID is just one way to establish trust... And even when people use IDs, why
assume everybody trusts (completely!) the same authority?

Best, Amir 



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list