Identity Based Encryption through Elliptical Curve Cryptography

Although the Boneh and Franklin identity-based encryption scheme is not overly complex theoretically, the implementation of the system proves to be somewhat difficult. 1 Identity Based Encryption: The difficulty with public key encryption involves distribution of the keys and the assumption that they will always be available (Ding 194). It is not always practical to be connected to a key certificate authority to verify a user’s public key. Identity based encryption uses a unique, public piece of information about the user (email address, IP address, even a street adress) and the public key is generated by the sender. Several schemes have already been proposed, including one using mediated RSA (Ding 193). Boneh and Franklin (Proceedings of Crypto ’01) have proposed the idea that bilinear pairings on elliptic curves could be used to make identity-based encryption possible and practical. Boyen (Proceedings of Crypto ’03) has conjectured an identity-based combination signature and encryption scheme that he claims is ”secure, compact, fast, and practical”. Identity based encryption has other advantages than ease of remembering a user’s public key, also outlined in Boneh and Franklin’s paper. Key escrow is trivial depending on the implementation of Boneh and Franklin’s system, described below. Timed-expiration keys are also quite easy to implement if the form of a public key is ”[email protected] 11-03-03”: this key is usable only on November 11, 2003. After that date, Bob would receive a new private key generated from the string ”[email protected] 11-04-03”, rendering a snooped or cracked private key from the previous day useless. Moreover, if Bob were to go on a business trip to Europe, he would still wish to send secure electronic mail back to his company in New York. He could request an ’advance’ on his keys and receive the private keys from 11-04-03 to 11-11-03. Should disaster strike and Bob’s laptop is stolen or compromised, the attacker only has keys for one week, rather than the private key for Bob’s entire mail history and future. In a traditional scheme, this spells doom, as not only does Bob have all past communications compromised, he must revoke his public key and generate a new key pair, then publicize this to co-workers, friends, and family.