Identity-based public key cryptography

[Adrian Midgley]

On Wednesday 26 December 2001 20:13, you wrote:

> > In-transit records require more protection, but there are no real
> > difficulties in providing this with traditional, non-escrowed systems=
=2E=20
Crucial point here.

> > A
> > telephone book of medical practioners' keys could easily be compiled,=
 and
> > a key authentication and revocation service established.=20

Easier to hub and spoke it - IE doctors in Exeter know the identity and k=
ey=20
for the PPSA (agency with which we exchange patient records as registrati=
on=20
changes, from which we get money, etc) N&E Devon PPSA knows key for 95 ot=
her=20
PPSAs or equivalents, such as Bedfordshire...

So when a person moves from Luton & Dunstable to Exeter, I send a demand =
to=20
Devon PPSA, which reconises me, sends a demand to Luton whcih recognises =
it,=20
latter sends demand to Mary who sends the notes encrypted to luton & dunc=
e ,=20
who decrypt, recrypt and send to Devon PPSA who decrypt recrypt and send =
to=20
me.

(roughly)  THis being what currently happens with the pile of smelly pape=
r=20
currently regarded as supporting the 13th best health service in the worl=
d.

> Facilities with legitimate access to controlled
> drugs must surely be considered as *potentially* liable to be involved =
in
> illegal handling.

I suspect I speak for many of my colleagues when I say "Huh?"

> I do not think that the debate on this list has yet substantiated a nee=
d
> for a signature capability, and at least one medical practitioner here =
has
> indicated that he would not trust the validity of data provided by pers=
ons
> that he did not know as individuals. =20

I need a signature on my notes so I can show I made them, that they are t=
he=20
notes I made, when and so on.
If someone else has a key which could make it appear that I made a note t=
hat=20
in fact they made, I shall feel acutely nervous.

> In the NHS context I agree that it is almost impossible to countenance
> any use of IB-PKC that would not be otherwise met by conventional PK
> methods. =20

So, lets not do it then.

>But we should also recognise that the essential facility for
> key revocation itself exposes a conventional PK system to DOS/DOTrust
> attacks
Hmm.  You may not be aware of the pace at which real life events in teh N=
HS=20
move. =20
If an attack meant it took a week to revoke a key this would count as=20
blistering speed.  Maybe my understanding of this is poor, but I suspect =
the=20
Scandinavian implementation of TCP/IP by carrier pigeon would speed=20
communications in the NHS.
Seriously, real-time is not something the NHS operates in.

> I am inclined to think that the basis for secure transfer of files ough=
t
> to involve direct modem-modem dial-up connections with checking of CLI =
data
> against an authorised list of medical office telephone numbers,=20

There are 10 000 Practices here. =20

> followed by
> a line drop and dial back arrangement. =20

We are incredibly mean about small amounts of money, unless you agree to =
pay=20
all our phone biulls, this is a non-starter, and if you (or rather the=20
NHSE/DoH) does, we will assume you are stealing the money to do so from=20
something esle we need.

It would be paranoid were it not borne out of long experience.


>Cryptography is probably essential
> also, but the details should be deferred until the basic communications
> protocol has been designed.
Politically, we have NHS Net.

--=20
=46rom one of the Linux desktops of Dr Adrian Midgley=20
http://www.defoam.net/            =20