Identity-Based Encryption from the Weil Pairing
Boneh, Dan, and Matt Franklin
Annual International Cryptology Conference (2001), Berlin, Heidelberg: Springer Berlin Heidelberg: pp. 213-229
https://doi.org/10.1007/3-540-44647-8_13
“In 1984 Shamir asked for a public key encryption scheme in which the public key can be an arbitrary string. In such a scheme there are four algorithms: (1) setup generates global system parameters and a master-key, (2) extract uses the master-key to generate the private key corresponding to an arbitrary public key string ID ∈ {0, 1}*, (3) encrypt encrypts messages using the public key ID, and (4) decrypt decrypts messages using the corresponding private key.
Shamir’s original motivation for identity-based encryption was to simplify certificate management in e-mail systems. When Alice sends mail to Bob at bob@company.com she simply encrypts her message using the public key string “bob@company.com”. There is no need for Alice to obtain Bob’s public key certificate. When Bob receives the encrypted mail he contacts a third party, which we call the Private Key Generator (PKG). Bob authenticates himself to the PKG in the same way he would authenticate himself to a CA and obtains his private key from the PKG. Bob can then read his e-mail. Note that unlike the existing secure e-mail infrastructure, Alice can send encrypted mail to Bob even if Bob has not yet setup his public key certificate. ”
Similar Papers
Boneh, Dan, and Matt Franklin
Annual International Cryptology Conference (2001), Berlin, Heidelberg: Springer Berlin Heidelberg: pp. 213-229