Cryptography Reference
In-Depth Information
Encryption
. Alice derives Bob's public key
PubB
from Bob's identity using the
publicly known rules. Alice then encrypts her message using
PubB
and sends
the resulting ciphertext to Bob.
Identification
. Bob identifies himself to the TKC by presenting appropriate
credentials and requests the private key
PrivB
that corresponds to
PubB
.
Private key derivation
. If the TKC accepts Bob's credentials then the TKC
derives
PrivB
from
PubB
and a system secret value
s
TKC
, known only by
the TKC.
Private-key distribution
. The TKC sends
PrivB
to Bob using a secure channel.
Decryption
. Bob decrypts the ciphertext using
PrivB
.
One of the most interesting aspects of this IDPKC encryption model is that
encryption can occur
before
private-key derivation and distribution. In other
words, it is possible to send an encrypted message to someone who has not
yet established a private decryption key. Indeed, they may not even be aware
of the possibility of receiving encrypted messages! This is quite an unexpected
property and one that certainly does not hold for conventional public-key
cryptography.
It should also be noted that once a user has obtained their private key, there is
no need for them to repeat the middle three stages until either
PubB
or the system
secret
s
TKC
change. We return to this issue shortly.
IDPKC ENCRYPTION ALGORITHMS
The most important issue regarding algorithms for IDPKC is that
conventional
public-key cryptosystems cannot be used for IDPKC
. There are two principal
reasons for this:
1. In conventional public-key algorithms, such as RSA, it is not possible for
any
value to be a public key. Rather, a public key is a value that satisfies certain
specific mathematical properties. Given an arbitrary numerical identity of a
public-key owner, it is unlikely that this corresponds to a valid public key (it
might
, but this would be lucky, rather than expected).
2. Conventional public-key algorithms do not feature a system secret
s
TKC
that
can be used to 'unlock' each private key from the corresponding public key.
For these reasons, IDPKC requires the design of different encryption algorithms
that are explicitly designed for the IDPKC setting. Several such algorithms exist,
but we will not discuss them in any further detail.
PRACTICAL ISSUES WITH IDPKC
While IDPKC directly solves some of the problems associated with certificate-
based public-key cryptography, it results in some new issues. These include:
The need for an online, centrally trusted TKC
. There is no getting around
this requirement, which immediately restricts IDPKC to applications where