Cryptography Reference
In-Depth Information
public-key certificates is now simply translated into a need to register in order to
obtain private keys.
MORE GENERAL NOTIONS OF IDPKC
The idea behind IDPKC is both compelling and intriguing, since it represents a
quite different approach to implementing public-key cryptography. In fact, it is
even more interesting than it first appears, since there is no need to restrict public
keys to being associated with identities. They could take the form of almost any
string of data.
One of the most promising extensions of the IDPKC idea is to associate public
keys in an IDPKC system with
decryption policies
. The idea involves only a slight
modification of the process described in Figure 11.8:
Encryption
. Alice derives a public key
PubPolicy
based on a specific decryption
policy using publicly known rules. For example, this policy could be
Qualified
radiographer working in a UK hospital
. Alice then encrypts her message (say,
a health record) using
PubPolicy
and (continuing our example) stores it on a
medical database, along with an explanation of the decryption policy.
Identification
. Qualified UK radiographer Bob, who wishes to access the health
record, identifies himself to the TKC by presenting appropriate medical
credentials and requests the private key
PrivPolicy
that corresponds to
PubPolicy
.
Private-key derivation
. If the TKC accepts Bob's credentials then the TKCderives
PrivPolicy
from
PubPolicy
and a system secret value
s
TKC
, known only by
the TKC.
Private-key distribution
. The TKC sends
PrivPolicy
to Bob using a secure
channel.
Decryption
. Bob decrypts the ciphertext using
PrivPolicy
.
This example illustrates the power of being able to encrypt before the recipient
obtains the private key since, in this example, Alice does not necessarily even
know the recipient. This idea is being instantiated by
attribute-based
encryption
schemes, which model decryption policies in terms of a set of
attributes
that a
recipient must possess before the TKC will release the corresponding private key
to them.
IDPKC IN PRACTICE
While IDPKC presents an interesting alternative framework for managing
public-key cryptography, it is still early in its development. Cryptographic
algorithms for implementing IDPKC are relatively new, although several are
now well respected. Some commercial applications, including email secu-
rity products (see Section 12.7.2), have already implemented IDPKC. While
we have primarily discussed IDPKC in order to illustrate that
there are
