Fwd: [IP] A Simpler, More Personal Key to Protect Online Messages

Nomen Nescio nobody at dizum.com
Tue Jul 8 17:30:06 EDT 2003

Tim Dierks writes:

> I don't think it's an interesting solution. I don't see any interesting 
> application that's possible with this system which you couldn't do with 
> existing public-key cryptography: for example, I could write a protocol & 
> software where you could request a public key from a server for any e-mail 
> address; if the user didn't already have an enrolled key, my trusted server 
> would generate one and enroll it on their behalf. When they got an 
> encrypted message, they could contact me, authenticate themselves, and I'd 
> send them their secret key.

One difference is that with the identity-based crypto, once a sender
has acquired the software and the CA's public key, he doesn't have to
contact the CA to get anyone's "certificate".  He can encrypt to anyone
without having to contact the CA, just based on the email address.
Your proposed substitute doesn't allow for this.

> but you don't need goofy new crypto to accomplish it.

The Weil pairing hardly constitutes "goofy new crypto".  They are
doing all kinds of cool stuff with pairings these days, including
privacy-enhancing technology such as public keys with built-in forward

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list