Identity-based public key cryptography
Ben Laurie
ben at algroup.co.uk
Tue, 18 Dec 2001 11:12:21 +0000
Brian Gladman wrote:
>
> From: "John Williams" <j.g.williams@surrey.ac.uk>
> To: "Ukcrypto (E-mail)" <ukcrypto@chiark.greenend.org.uk>
> Sent: Monday, December 17, 2001 12:35 AM
> Subject: Identity-based public key cryptography
>
> > The powers that be continue to agonise over the use of cryptographic
> > services for the NHS. Setting up the necessary PKI seems to be
> particularly
> > challenging.
> >
> > Then all of a sudden we are being told about ID-PKC where no complicated
> PKI
> > is needed. Public keys can be computed and we get our private keys from a
> > CA. The CA can be split into pieces so that only someone with all of the
> > pieces gets to have the working private key. How secure is this system
> and
> > is it in use anywhere? It seems too good to be true and I feel uneasy
> about
> > where I am being told to go to view it from:
> >
> > http://www.cesg.gov.uk/technology/id-pkc/index.htm
>
> I have not looked at this scheme but I would consider it a non-starter in
> any situation where my security or safety depended on it if, as you suggest,
> I have to obtain my private key (or keys) from one or more third parties.
>
> In this situation there is no effective guarantee that I am the only person
> with access to these keys.
There's also the issue that if N is ever revealed (N being the public
modulus), then _all_ private keys are immediately compromised.
And, exactly how does basing PKC on identity help, anyway? It still
leaves open the question of what my identity is and how that is verified
- seems to me that the problem has simply been pushed from binding the
key to a trusted identity to verifying the trusted identity - no
improvement in verifiability or management, but a massive retrograde
step in security.
All in all, this sounds like a very poor design.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff