IBE (Identity-Based Encryption)

Craig Gentry, DoCoMo USA Labs


High-Level Description of IBC

The Development of Practical Identity-Based Schemes

More Than Just Identities

IBC versus Public Key Cryptography

Points of Comparison

Advantages of IBC

Disadvantages of IBC

Common Objections to IBC

Alternatives to IBE

IBE versus Kerberos

IBE versus Mediated IBE

IBE versus Certificate-Based Encryption and Certificateless PKE

IBE versus Domain-Based IBE

The Guillou–Quisquater IBS Scheme

Cocks's Identity-Based Encryption Scheme

Identify-Based Encryption Using Pairings

Mathematical Background (on Pairings)

Previous Uses of Pairings in Cryptography

The Boneh–Franklin IBE Scheme

Pairing-Based IBE Without Random Oracles

Hierarchical Identity-Based Encryption

More Than Just Identities: Extending Identity-Based Cryptography

Signature-Contingent Decryption

Miscellaneous Applications

Conclusions and Further Reading


Cross References



Adi Shamir, co-inventor of the first public key cryptosystem (RSA), introduced the notion of identity-based cryptography (IBC) in 1984 as a way to simplify public key infrastructure (PKI) (Shamir, 1985). (See chapter 57 of this Handbook for a review of public key infrastructure.) His idea, at a high level, is simple and elegant: if public keys did not need to be distributed—if, instead, all public keys in the system were somehow known to all users—then much of the infrastructure needed to support public key cryptography (e.g., ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.