Identity-based public key cryptography

John Williams j.g.williams at surrey.ac.uk
Sat, 29 Dec 2001 16:06:00 -0000 

There have been some useful comments made in this conversation thread since
I made my original posting.  Thank you to all.  I have collated a few below
partly to clarify my own thinking and partly to invite any further comment
clarification


Whether or not to trust the (split) CA is ultimately a human decision.

There are concerns about depending on a third party to provide and look
after our personal (or role based) private keys

"The problem has simply been pushed from binding the key to a trusted
identity to verifying the trusted identity - no
improvement in verifiability or management, but a massive retrograde step in
security."

There is a whole raft of issues relating to NDA

Signing / signatures are not resolved

Security Through Obscurity Or Legislation

"A ploy feeding from the difficulty of civilian government deploying PKI as
mandated or recommended by the e-Envoy" - seems particularly apposite in
this context

"Its (?ID-PKC) intended application would appear to fit best in an
environment where there is an organisational structure linking the various
participants and the CA represents some level of command"

"In any hierarchical situation the people at the bottom should physically
control who above them has access to their data, not the people above"

Several comments about signatures and the common sense tendency for
clinicians only to trust known sources - in the real world we each work in /
belong to "web(s) of trust"


John Williams





> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of
> John Williams
> Sent: 17 December 2001 00:36
> To: Ukcrypto (E-mail)
> Subject: Identity-based public key cryptography
>
>
> The powers that be continue to agonise over the use of cryptographic
> services for the NHS.  Setting up the necessary PKI seems to
> be particularly
> challenging.
>
> Then all of a sudden we are being told about ID-PKC where no
> complicated PKI
> is needed.  Public keys can be computed and we get our
> private keys from a
> CA.  The CA can be split into pieces so that only someone
> with all of the
> pieces gets to have the working private key.  How secure is
> this system and
> is it in use anywhere?  It seems too good to be true and I
> feel uneasy about
> where I am being told to go to view it from:
>
> http://www.cesg.gov.uk/technology/id-pkc/index.htm
>
>
> Does this have any place?
>
>
> John Williams
>
> Dr John Williams
>