[9087] in cryptography@c2.net mail archive
Re: GESG Identity-Based Public Key Cryptography (ID-PKC)
daemon@ATHENA.MIT.EDU (Paul Harrison)
Tue Jul 31 16:13:53 2001
Date: Tue, 31 Jul 2001 12:43:12 -0700
From: Paul Harrison <pth@ibuc.com>
To: cryptography@wasabisystems.com
Reply-To: pth@ibuc.com
Message-id: <3B670A4F.8DA5760@ibuc.com>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7bit
M Taylor wrote:
> The UK Communications-Electronics Security Group (CESG), the "defensive"
> arm of the GCHQ, have published details about another PKC concept,
> identity-based PKC, where every user's public key are predetermined by an
> unique identifier, such as email address. It does use a(/two) trusted
> server(s), but might be viewed as an easier to use infrastructure than
> tranditional PKI in some situations.
Skipping over the quadratic residuosity, as I read the powerpoints, the
"Authority(ies)" create the private keys for users in response to "Hello,
I'm Bob" identity proofs (unspecified). Then the private key is transmitted
to alleged-Bob for use in private communication with Alice, et al.
How is this different from classic key escrow?
It would appear that even if the"Authority" forgot Bob's private key they
always have the information to regenerate it. Even the discussion of "split
authorities" (slides 48 ff) is eerily reminiscent of earlier proposed risk
mitigation strategies for key escrow agents.
Paul
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
