Cryptography Reference
In-Depth Information
possible for any of the resource-constrained nodes to play the role of a CA, as the CA
should be unconditionally trusted by all the nodes in the network and should have a
tamper-resistant material to prevent any kind of node-compromising attack. Although
the sink node could act as a CA and as an RA in a WSN environment, it would be
very energy inefficient in a hop-by-hop routing model for each node to retrieve certifi-
cates from the sink. Furthermore, it would lead to resource exhaustion and a significant
reduction in network lifetime. While preloading of digital certificates in nodes before
deployment has been proposed, it would lead to unnecessarily large storage overhead
and inefficient resource utilization. In addition, certificate management in WSN would
be very complex, as it would need to go through a complex path construction process
that would generate yet more communication overhead in the network.
4.3 Identity-Based Cryptography
The term
identity-based cryptography
refers to cryptographic systems that derive public
keys from user's identities. In 1984, Shamir introduced identity-based cryptography
(IBC) (Shamir 1984). Shamir stated that:
The scheme is based on a public key cryptosystem with an extra twist: instead of
generating a random pair of public/secret keys and publishing one of these keys,
the user chooses his name and network address as his public key. Any combina-
tion of name, social security number, street address, office number or telephone
number can be used provided that it uniquely identifies the user in a way he can-
not later deny, and that it is readily available to the other party. The correspond-
ing secret key is computed by a PKG and issued to the user when he first joins
the network.
He constructed an identity-based signature (IBS) scheme using the existing RSA
function (Rivest et al. 1978), but was unsuccessful in constructing an identity-based
encryption (IBE) scheme, which remained a long-standing problem for almost a decade.
In 2001, Boneh and Franklin came up with an independent solution using the concept
of bilinear maps (Boneh and Franklin 2001). This led to a new era of research in IBC,
during which many identity-based digital signature schemes were proposed using the
concept of bilinear maps. At the same time, Cocks proposed an IBE scheme using qua-
dratic residuosity (Cocks 2001). However, Cocks' scheme was limited in its applicability
to WSN due to the generation of long ciphers and slower performance, as it is based
on a ternary quadratic form. Finally, Boneh, Lynn, and Shacham proposed the shortest-
length identity-based digital signature scheme using the concept of pairing in classical
cryptography (Boneh et al. 2004).
Identity-based cryptography steps up as a feasible solution against the large set of
problems proposed by PKI. Needless to say, however, no crypto-system is perfect, and
IBC has its associated costs, discussed later in this section. The basic idea behind IBE
is that in any form of communication, the sender needs some basic information about
the receiver (email address, phone number) before sending a message to the receiver.
Search WWH ::
Custom Search