Cryptography Reference
In-Depth Information
failure because of the PKG turning malicious. It could surreptitiously keep a copy of all
the generated private keys and decrypt the encrypted data at a later time. This problem
could be solved using the concept of threshold key cryptography, discussed later.
In a PKI-based system, each end user requires a public key certificate from all the
intermediate CAs as well as the recipient's certificate to send an encrypted message.
However, in an IBC environment, the problem of obtaining authentic public key certifi-
cates has been replaced with the task of obtaining authentic public parameters from the
PKG. This is where IBC has a clear advantage, as there are fewer PKGs compared to end
users. For instance, if there is a single PKG, all the end users can communicate securely
with each other without ever querying for a public key certificate. In the next section,
we review some of the computational problems that form the basis for the identity-based
encryption and signature schemes.
4.3.1 Computational Problems
Computational problems are considered to be suitably hard, but can still be acknowl-
edged in terms of quantities that provide cryptographic strength for public key algo-
rithms. For instance, the Diffie-Hellman key exchange provides the motivation for
many computational problems in cryptography. Let us review the classical Diffie-
Hellman (D-H) key exchange protocol (Figure 4.10). Let Alice and Bob agree on an
element g that generates the multiplicative group G. Then Alice and Bob select random
values
r
A
Z
q
and
r
B
Z
q
, and calculate
=
r
and
=
r
B
t
g
t
g
, respectively. Given
A
g
,
t
B
, Alice computes the shared secret
=
r
. Similarly, Bob computes
=
r
AB
Zt
Zt
AB
B
A
given
g
and
t
A
. Hence,
g
,
t
A
, and
t
B
are publicly available, and without the private values
r
A
and
r
B
, it is believed to be hard for an adversary to compute
Z
AB
. This general frame-
work is used to discuss variants of the D-H key exchange in the subsequent sections.
Multiplicative notation is used instead of additive notation because multiplicative
Alice
Bob
r
A
א
Z
q
r
t
g
A
where
g
is generator of
G
t
A
r
B
א
Z
q
r
t
g
B
t
B
Zt
r
Zt
r
AB
B
AB
A
Figure 4.10.
Diffi e-Hellman Key Exchange Protocol
Search WWH ::
Custom Search