Jump to content

Identity-based cryptography

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 117.239.191.130 (talk) at 05:43, 4 March 2014 (Usage). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Identity-based cryptography is a type of public-key cryptography in which a publicly known string representing an individual or organization is used as a public key. The public string could include an email address, domain name, or a physical IP address.

The first implementation of identity-based signatures and an email-address based public-key infrastructure (PKI) was developed by Adi Shamir in 1984,[1] which allowed users to verify digital signatures using only public information such as the user's identifier. Under Shamir's scheme, a trusted third party would deliver the private key to the user after verification of the user's identity, with verification essentially the same as that required for issuing a certificate in a typical PKI.

Shamir similarly proposed identity-based encryption, which appeared particularly attractive since there was no need to acquire an identity's public key prior to encryption. However, he was unable to come up with a concrete solution, and identity-based encryption remained an open problem for many years. The first practical implementation was finally devised by Boneh and Franklin in 2001.[2]

Usage

Identity-based systems allow any party to generate a public key from a known identity value such as an ASCII string. A trusted third party, called the private key generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the corresponding master private key (referred to as master key). Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID.i think this concepty

Limitation

Identity-based systems have a characteristic problem in operation. Suppose Alice and Bob are users of such a system. Since the information needed to find Alice's public key is completely determined by Alice's ID and the master public key, it is not possible to revoke Alice's credentials and issue new credentials without either (a) changing Alice's ID (usually a phone number or an email address which will appear in a corporate directory); or (b) changing the master public key and re-issusing private keys to all users, including Bob.

See also

References

  1. ^ Adi Shamir, Identity-Based Cryptosystems and Signature Schemes. Advances in Cryptology: Proceedings of CRYPTO 84, Lecture Notes in Computer Science, 7:47--53, 1984
  2. ^ Dan, Boneh; Matt, Franklin (2001). "Identity-based encryption from the Weil pairing". Advances in Cryptology — CRYPTO 2001. 2139/2001. Springer: 213–229. CiteSeerx10.1.1.66.1131. {{cite journal}}: |access-date= requires |url= (help); Unknown parameter |booktitle= ignored (help)
Retrieved from "https://en.wikipedia.org/w/index.php?title=Identity-based_cryptography&oldid=598065562"