Content deleted Content added
add in the Boneh & Franklin work |
key escow, revocation, and variants |
||
Line 1:
'''ID-based cryptography''' (or '''Identity based cryptography''') is a
This system works by having a trusted third party who has a secret which can be combined with a user's identity information to produce the user's secret key. The third party also produces some public information which is derived from
Line 9:
Only limited work has been done in terms of formally analysing ID based cryptosystems, some of which have been recently broken.
Because any users private key can be generated through the use of the third party's secret this system has inherent [[key escrow]]. A number of variant systems have been proposed which remove the escrow including [[Certificate-based encryption]], [[Secure Key Issuing Cryptography]] and [[Certificateless Cryptography]].
One of this systems major advantages is that if there are only a finite number of users, after all users have been issued with keys the third party's secret can be destroyed. This can take place because this system assumes that once issued keys are always valid (as this basic system lacks an method of [[key revocation]]). The majority of derivatives of this system which have key revocation loose this advantage.
==References==
| |||