Identity-based cryptography is a type of public-key cryptography in which the public key of a user is some unique information about the identity of the user (e.g. a user's email address). This can use the text-value of the name or ___domain name as a key or the physical IP address it translates to.
The first implementation of an email-address based PKI was developed by Adi Shamir in 1984[1], which allowed users to verify digital signatures using only public information such as the user's identifier.
Usage
Identity-based systems allow any party to generate a public key from a known identity value such as an ASCII string. A trusted third party, called the Private Key Generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the corresponding master private key (referred to as master key). Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID.
References
- ^ Adi Shamir, Identity-Based Cryptosystems and Signature Schemes. Advances in Cryptology: Proceedings of CRYPTO 84, Lecture Notes in Computer Science, 7:47--53, 1984