Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ellipse-based Email Encryption

Posted by michael on Wednesday September 19, 2001 @02:40PM from the bright-ideas dept.

madlinguist writes: "Researchers connected with Stanford's Applied Crypto Group have developed a new method of identity-based encryption from spending too much time with ellipses. Named after two of the researchers, the Boneh-Franklin project was presented at Crypto 2001, where these researchers encouraged the crypto community to crack their open-source system. Best of all, the project's homepage allows you to try it on your own email address."

1 of 15 comments (clear)

Min score:

Reason:

Sort:

Smells like snake oil from here by bhurt · 2001-09-27 09:41 · Score: 3, Insightful

If both the private and public key are calculated from the same publically available peice of knowledge (the email address), how do you keep the private key *private*? I am as capable as anyone of feeding "rms@fsf.org", "hemos@slashdot.org", or "billg@microsoft.com" into the algorithm as Richard Stallman, Hemos, or Bill Gates are. This gives me the ability to impersonate any of those people.

The whole idea of a private key is that it's *private*, i.e. only I know it, and no one else can figure it out from the publically available information about me.