Main Page | See live article | Alphabetical index

Certificate-based encryption

Certificate-based encryption is a system in which Certificate Authoritys uses ID-based encryption to produce a certificate. This system gives the users both implicit and explicit certification, the certificate can be used as a conventional certificate (for signatures, etc.), but also implicitly for the purpose of encryption.

A user Alice can doubly encrypt a message using another user's (Bob) public key and their (Bob's) identity.

This means that the user (Bob) can not decrypt it without a currently valid certificate and also that the CA can not decrypt the message as they don't have the user's private key (i.e. there is no implicit escrow as with ID-Based cryptography, as the double encryption means they cannot decrypt it solely with the information they have).

Key revocation can be added to the system by requiring a new certificate to be issued frequently (daily/hourly depending on level of security required), because the certificate is "public information" it does not need to be transmitted over a secret channel. The downside of this is the requirement for regular communication between users and the CA, which means the CA is more vulnerable to electronic attacks such as a Denial of Service attacks and also that such attacks could effectively stop the system from working. This risk can be partially but not completely reduced by having a hierarchy of multiple CAs.