Main Page | See live article | Alphabetical index

ID-based cryptography

ID-based cryptography (or Identity based cryptography) is a key authentication system in which the public key of a user is some unique information about the identity of the user (e.g. email address).

This system works by having a trusted third party who has a secret which can be combined with a user's identity information to produce the user's secret key. The third party also produces some public information which is derived from its secret.

To decrypt or sign a message the user uses their private key like with normal public key cryptography, but to verify the signature or encrypt a message only the identity information and the third partiy's public information is needed.

Originally when this system was first developed in 1984 by Adi Shamir it could only be used for keys for digital signatures, however in 2001 this method was extended by Dan Boneh and Matthew K. Franklin to encryption/decryption through the use of Weil Pairings.

Only limited work has been done in terms of formally analysing ID based cryptosystems, some of which have been recently broken.

Because any users private key can be generated through the use of the third party's secret this system has inherent key escrow. A number of variant systems have been proposed which remove the escrow including Certificate-based encryption, Secure Key Issuing Cryptography and Certificateless Cryptography.

One of this systems major advantages is that if there are only a finite number of users, after all users have been issued with keys the third party's secret can be destroyed. This can take place because this system assumes that once issued keys are always valid (as this basic system lacks an method of key revocation). The majority of derivatives of this system which have key revocation loose this advantage.