Content deleted Content added
wikipedia is not a linkfarm |
Nicely written. Removed one line suggesting that the Boneh-Franklin system is insecure. There are currently no attacks known on the BDH assumption. |
||
Line 7:
==Encryption schemes==
The most efficient identity-based encryption schemes are currently based on [[bilinear pairings]] on [[elliptic curves]], such as the [[weil pairing|Weil]] or [[Tate pairing|Tate]] pairings. The first of these schemes was developed by [[Dan Boneh]] and [[Matthew K. Franklin]] ([[2001]]), and performs [[probabilistic encryption]] of arbitrary ciphertexts using an [[Elgamal]]-like approach. Though the Boneh-Franklin scheme is [[Provable security|provably secure]], the security proof rests on relatively new assumptions about the hardness of problems in certain elliptic curve groups.
Another approach to identity-based encryption was proposed by [[Clifford Cocks]] in [[2001]]. The [[Cocks IBE scheme]] is based on well-studied assumptions (the [[quadratic residuosity problem|quadratic residuosity assumption]]) but encrypts messages one bit at a time with a high degree of [[ciphertext expansion]]. Thus it is highly inefficient and impractical for sending all but the shortest messages, such as a session key for use with a [[symmetric cipher]].
| |||