Identity Based Cryptography

James Higdon, Sameer SherwaniCpSc 624/424

Overview

• Type of encryption mechanisms

• Types of encryptions• Basic Identity based encryption• Advantages• Disadvantages• Applications

   Encryption

 - process of transforming information(plaintext) using a cipher (algorithm) to ciphertext. 

Types of cryptographic mechanisms

•  Key Authentication o One way hash functions: MD5, SHAo Digital signatures: Verify user: DSA  

•  Key exchangeo  key distribution: Diffi-Hellman 

•  Key generationo  Block Ciphers: DES/AES; ATM, passwords

Types of keys(ciphers)

• Symmetric keys

• Traditional asymmetric keys 

• Identity-based asymmetric keyso  Common public-key Algorithms 

( RSA, Elliptic curve, Discrete logarithm based) o  Explain difference between traditional and Identity based

asymmetric keys

Symmetric Encryption

Asymmetric Encryption(Public Key Infrastructure - PKI)

ID-based Encryption

Identity based Encryption(IBE)

  "identity-based"...  mainly about keys

 The major differences between an identity-based system and a traditional system are

•  How to authenticate the key•  How to distribute the key•  How to use the key 

Identity based Encryption(IBE)

• A public-key encryption system in which an arbitrary string can be used as the public key.

Any personal information: An e-mail address, a photo, and a postal address, etc

Any terms and conditions, such as a time etc• Developed by Adi Shamir in 1984• However, the encryption schemes were not fully used or

created until 2001.

How it works

• Private Keys are generated by a third party Private Key Generator (PKG)

• PKG publishes a public master key and retains the private master key

• With the correct ID, users can contact the PKG to obtain the private key

• This way, messages may be encrypted without a prior distribution of keys between individuals 

Advantages

Reduces the complexity of the encryption process 

• No certificates needed. A recipient's public key is derived from his identity.• No pre-enrollment required.• Keys expire, so they don't need to be revoked. In a traditional public-key

system, keys must be revoked if compromised.• Less vulnerable to spam.• Enables postdating of messages for future decryption.• Enables automatic expiration, rendering messages unreadable after a certain

date.

Disadvantages

• Requires a centralized server. IBE's centralized approach implies that some keys must be created and held in escrow -- and are therefore at greater risk of disclosure.

• Requires a secure channel between a sender or recipient and the IBE server for transmitting the private key.

Real-World Application

• Voltage Security provide Identity-Based Encryption for emails

• IBE Toolkit available to those who would like to use the encryption services