Identity-based public key cryptography

[Pete Chown]

John Williams wrote:

> Then all of a sudden we are being told about ID-PKC where no complicated PKI
> is needed.  Public keys can be computed and we get our private keys from a
> CA.  The CA can be split into pieces so that only someone with all of the
> pieces gets to have the working private key.  How secure is this system and
> is it in use anywhere?

It's not new.  IIRC it is described in the Handbook of Applied
Cryptography (the Handbook, not Schneier's Applied Cryptography).

As far as I know, it is secure in the sense that it achieves what it
sets out to achieve.  It doesn't give you confidentiality if the TTP is
not trusted.  Of course splitting the TTP key makes that a bit better
but not much.  It is simpler than conventional PKIs but you pay for it
with reduced security.

-- 
Pete