Revision as of 17:48, 5 November 2013 edit 81.187.201.243 (talk) No edit summary ← Previous edit		Revision as of 17:51, 5 November 2013 edit undo Scottwh (talk \| contribs) 146 edits Undid revision 580333326 - I'd forgotten to sign it. WIll re-do. Next edit →
Line 19: ==Usage== Identity-based systems allow any party to generate a public key from a known identity value such as an ASCII string. A trusted third party, called the private key generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the corresponding '''master private key''' (referred to as ''master key''). Given the master public key, any party can compute a public key corresponding to the identity ''ID'' by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ''ID'' contacts the PKG, which uses the master private key to generate the private key for identity ''ID''. ~~==Limitation==~~ Identity-based systems have a characteristic problem in operation. Suppose Alice and Bob are users of such a system. Since the information needed to find Alice's public key is completely determined by Alice's ID and the master public key, it is not possible to revoke Alice's credentials and issue new credentials without either (a) changing Alice's ID (usually a phone number or an email address which will appear in a corporate directory); or (b) changing the master public key and re-issusing private keys to all users, including Bob. ==See also==

Identity-based cryptography: Difference between revisions