Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Propose a Revocable Identity-Based Encryption Scheme

Posted by timothy on from the now-who-was-I? dept.

jd writes Identity-based public key encryption works on the idea of using something well-known (like an e-mail address) as the public key and having a private key generator do some wibbly-wobbly timey-wimey stuff to generate a secure private key out if it. A private key I can understand, secure is another matter. In fact, the paper notes that security has been a big hassle in IBE-type encryption, as has revocation of keys. The authors claim, however, that they have accomplished both. Which implies the public key can't be an arbitrary string like an e-mail, since presumably you would still want messages going to said e-mail address, otherwise why bother revoking when you could just change address?

Anyways, this is not the only cool new crypto concept in town, but it is certainly one of the most intriguing as it would be a very simple platform for building mostly-transparent encryption into typical consumer apps. If it works as advertised. I present it to Slashdot readers to engender discussion on the method, RIBE in general and whether (in light of what's known) default strong encryption for everything is something users should just get whether they like it or not.

3 of 76 comments (clear)

  1. Not distributed by Animats · · Score: 4, Interesting

    I'm not qualified to judge whether it's secure, but it's not distributed. "Each user is provided by PKG with a set of private keys corresponding to his/her identity for each node on the path from his/her associated leaf to the root of the tree via a secure channel as in IBE scheme." So there's a tree of all users, maintained by somebody. I think; the paper suffered in translation.

    1. Re:Not distributed by Lennie · · Score: 3, Interesting

      (I haven't read the article yet)

      Distributed wouldn't be my fear, federated would be fine (for example can a person or organization use their own domain).

      I wonder will my communication be easy to identify with an Identity-based encryption scheme.

      --
      New things are always on the horizon
  2. Something seems off... by penguinoid · · Score: 4, Interesting

    If the email address is the public key, and then you generate a private key from that... what's to stop someone else from generating your private key from the email address?

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways