Identity-based public key cryptography
Ben Laurie
ben at algroup.co.uk
Wed, 19 Dec 2001 12:19:34 +0000
David Hopwood wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Ben Laurie wrote:
> > Brian Gladman wrote:
> > > I have not looked at this scheme but I would consider it a non-starter in
> > > any situation where my security or safety depended on it if, as you suggest,
> > > I have to obtain my private key (or keys) from one or more third parties.
> > >
> > > In this situation there is no effective guarantee that I am the only person
> > > with access to these keys.
> >
> > There's also the issue that if N is ever revealed (N being the public
> > modulus), then _all_ private keys are immediately compromised.
>
> It's the factorisation of N that is the master secret, not N itself.
> (Makes no difference to your argument, though.)
Yes, sorry, slip of the brain.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff