Identity Based Cryptography
description
Transcript of Identity Based Cryptography
Identity Based Cryptography
James Higdon, Sameer SherwaniCpSc 624/424
Overview
• Type of encryption mechanisms
• Types of encryptions• Basic Identity based encryption• Advantages• Disadvantages• Applications
Encryption
- process of transforming information(plaintext) using a cipher (algorithm) to ciphertext.
Types of cryptographic mechanisms
• Key Authentication o One way hash functions: MD5, SHAo Digital signatures: Verify user: DSA
• Key exchangeo key distribution: Diffi-Hellman
• Key generationo Block Ciphers: DES/AES; ATM, passwords
Types of keys(ciphers)
• Symmetric keys
• Traditional asymmetric keys
• Identity-based asymmetric keyso Common public-key Algorithms
( RSA, Elliptic curve, Discrete logarithm based) o Explain difference between traditional and Identity based
asymmetric keys
Symmetric Encryption
Asymmetric Encryption(Public Key Infrastructure - PKI)
ID-based Encryption
Identity based Encryption(IBE)
"identity-based"... mainly about keys
The major differences between an identity-based system and a traditional system are
• How to authenticate the key• How to distribute the key• How to use the key
Identity based Encryption(IBE)
• A public-key encryption system in which an arbitrary string can be used as the public key.
Any personal information: An e-mail address, a photo, and a postal address, etc
Any terms and conditions, such as a time etc• Developed by Adi Shamir in 1984• However, the encryption schemes were not fully used or
created until 2001.
How it works
• Private Keys are generated by a third party Private Key Generator (PKG)
• PKG publishes a public master key and retains the private master key
• With the correct ID, users can contact the PKG to obtain the private key
• This way, messages may be encrypted without a prior distribution of keys between individuals
Advantages
Reduces the complexity of the encryption process
• No certificates needed. A recipient's public key is derived from his identity.• No pre-enrollment required.• Keys expire, so they don't need to be revoked. In a traditional public-key
system, keys must be revoked if compromised.• Less vulnerable to spam.• Enables postdating of messages for future decryption.• Enables automatic expiration, rendering messages unreadable after a certain
date.
Disadvantages
• Requires a centralized server. IBE's centralized approach implies that some keys must be created and held in escrow -- and are therefore at greater risk of disclosure.
• Requires a secure channel between a sender or recipient and the IBE server for transmitting the private key.
Real-World Application
• Voltage Security provide Identity-Based Encryption for emails
• IBE Toolkit available to those who would like to use the encryption services