An Introduction to Identity-based Cryptography - PowerPoint PPT Presentation

About This Presentation
Title:

An Introduction to Identity-based Cryptography

Description:

An Introduction to Identity-based Cryptography ... History of IDC Proposed by Shamir in 1984 Shamir came up with a working system for identity-based signature ... – PowerPoint PPT presentation

Number of Views:138
Avg rating:3.0/5.0
Slides: 12
Provided by: CarlYou
Category:

less

Transcript and Presenter's Notes

Title: An Introduction to Identity-based Cryptography


1
An Introduction to Identity-based Cryptography
  • Carl Youngblood
  • CSEP 590
  • 3/8/06

2
Problems with PKI
  • Sender must have recipients certificate
  • Complexity of certificate management and CRLs
  • Security paradox Certificate database exposes
    organization

e3eab1253b682fda7af153f6550ccb6e
3
Enter Identity-Based Cryptography
  • Cryptography for unprepared users
  • Public keys are some attribute of a users
    identity, such as an email address, phone number,
    or biometric data
  • Sender only needs to know recipients identity
    attribute to send an encrypted message
  • Recipient need not interact with the system until
    after receiving an encrypted message.

4
History of IDC
  • Proposed by Shamir in 1984
  • Shamir came up with a working system for
    identity-based signature (IDS), but no system for
    identity-based encryption (IDE)
  • First IDE system discovered in 2001 by Boneh and
    Franklin, based on Weil pairing.
  • Currently hot topic in cryptography

5
Identity-based encryption (IDE)
6
Identity-based signature (IDS)
7
Security of IDC
  • Most IDC schemes are based on bilinear
    non-degenerate maps. These have the property
  • Pair(a X, b Y) Pair(b X, a Y)
  • Operator refers to multiplication of a point on
    an elliptic curve by integers
  • Though unproven, the assumption is that these
    maps are one-way.
  • Bilinear Diffie-Hellman Assumption, because BDH
    problem reduces to it.

8
Advantages of IDC
  • No user preparation required most compelling
    advantage
  • No PKI management or certificate database
  • Inherent key escrow, though a drawback, allows
    for some additional benefits
  • No client-side installation required PKG can
    encrypt and sign messages for the user, in a
    web-based messaging application, for example.
  • Policy-based automatic outbound message
    encryption
  • Users keys may be kept on the PKG, which is more
    secure than users workstations.
  • Chameleon signatures only recipient can
    verify

9
Disadvantages of IDC
  • Inherent key escrow
  • Weakens non-repudiation
  • Variants being developed to overcome this
    weakness
  • No key revocation
  • If private key gets compromised, do I have to get
    a new identity?
  • Can be fixed by appending validity timestamp to
    public key
  • PKG requires extremely high level of assurance,
    since it holds all private keys and must remain
    online.

10
Implementations
  • Stanford IBE system http//crypto.stanford.edu/ibe
    /
  • MIRACL http//indigo.ie/mscott/
  • Voltage Security, Inc. http//www.voltage.com/
  • Proofpoint, Inc. http//www.proofpoint.com/

11
Summary
  • IBC has some weaknesses but is much easier to use
    than PKI
  • For its advocates, IBC provides a more reasonable
    balance between security and usability
  • High level of research is a good demonstration of
    its potential
Write a Comment
User Comments (0)
About PowerShow.com