Cryptography Reference
In-Depth Information
THE IDEA BEHIND IDPKC
One way in which this binding could be built in is if the public-key value can be
uniquely derived from the identity. And one way in which
this
can be done is to
make the public-key value and the identity
the same value
. This is the motivation
behind
identity-based public-key cryptography
(IDPKC).
A significant difference between IDPKC and certificate-based approaches to
management of conventional public-key cryptography is that IDPKC requires
a trusted third party to be involved in private-key generation. We will refer
to this trusted third party as a
trusted key centre
(TKC), since its main role
is the generation and distribution of private keys. The basic idea behind
IDPKC is:
• A public-key owner's 'identity'
is
their public key. There is a publicly known rule
that converts the owner's 'identity' into a string of bits, and then some publicly
known rule that converts that string of bits into a public key.
• The public-key owner's private key can be calculated from their public key only
by the TKC, who has some additional secret information.
In this way public-key certificates are not required, since the linkage between
the owner's identity and the public key is by means of the publicly known rules.
Despite the fact that public keys are easily determined by anyone, private keys are
only computable by the TKC.
A MODEL FOR IDPKC ENCRYPTION
Figure 11.8 shows the process behind using IDPKC to encrypt a message from
Alice to Bob. The model consists of the following stages:
Alice
Bob
Derive
PubB
E
PubB
(message)
Credentials
PrivB
=
f
(
PubB
,
s
TKC
)
TKC
PrivB
Decrypt
ciphertext
Figure 11.8.
The IDPKC process
