Identity-based public key cryptography
Brian Gladman
Brian Gladman" <brg at gladman.uk.net
Mon, 17 Dec 2001 20:48:26 -0000
From: "John Williams" <j.g.williams@surrey.ac.uk>
To: "Ukcrypto (E-mail)" <ukcrypto@chiark.greenend.org.uk>
Sent: Monday, December 17, 2001 12:35 AM
Subject: Identity-based public key cryptography
> The powers that be continue to agonise over the use of cryptographic
> services for the NHS. Setting up the necessary PKI seems to be
particularly
> challenging.
>
> Then all of a sudden we are being told about ID-PKC where no complicated
PKI
> is needed. Public keys can be computed and we get our private keys from a
> CA. The CA can be split into pieces so that only someone with all of the
> pieces gets to have the working private key. How secure is this system
and
> is it in use anywhere? It seems too good to be true and I feel uneasy
about
> where I am being told to go to view it from:
>
> http://www.cesg.gov.uk/technology/id-pkc/index.htm
I have not looked at this scheme but I would consider it a non-starter in
any situation where my security or safety depended on it if, as you suggest,
I have to obtain my private key (or keys) from one or more third parties.
In this situation there is no effective guarantee that I am the only person
with access to these keys.
Brian Gladman