43:
advantage of the system, is that it is possible to verify that any such obtained public key belongs to the stated identity string. (In other words, the method of distributing the user's public key does not have to be secure.) The identity string and the KGC's public key can be used to verify that the obtained public key belongs to the identity string. (It can be verified that the obtained public key was generated from the identity string, the KGC's private key and some unknown value). Note that multiple public / private key pairs can be generated for any identity string, but attackers would not have access to the KGC's private key in the creation process.
50:
For tight security, a certificateless system has to prove its security against two types of adversaries. Type 1 Adversary- Refers to any third party who can fake the user's public keys, corresponding to obtaining the user's random secret value. Type 2 Adversary- Refers to a compromised or malicious
38:
process is split between the KGC and the user. The KGC first generates a key pair, where the private key is now the partial private key of the system. The remainder of the key is a random value generated by the user, and is never revealed to anyone, not even the KGC. All cryptographic operations by
42:
One disadvantage of this is that the identity information no longer forms the entire public key. Meaning, the user's public key is not discoverable from only the user's identity string and the KGC's public key. Thus, the user's public key must be published or otherwise obtained by other users. One
46:
To encrypt a message to another user, three pieces of information are needed: 1) the recipient's public key and 2) identity string, and also 3) the KGC's public information (public key). The identity string and the KGC's public key are used to verify that the recipient's public key belongs to the
34:
or a key generation center (KGC) who is given complete power and is implicitly trusted. To prevent a complete breakdown of the system in the case of a compromised KGC, the
85:
39:
the user are performed by using a complete private key which involves both the KGC's partial key, and the user's random secret value.
47:
recipient (was generated from the identity string and the KGC's public key). To decrypt, a user just needs to use their private key.
80:
31:
23:
35:
60:
Sattam S. Al-Riyami and
Kenneth G. Paterson, Certificateless Public Key Cryptography,
74:
27:
51:
KGC, who has access to the partial public and private keys of all users.
65:
30:problem. Ordinarily, keys are generated by a
8:
7:
14:
62:Lecture Notes in Computer Science
16:Variant of ID-based cryptography
1:
20:Certificateless cryptography
86:Identity-based cryptography
102:
64:, pp. 452–473, 2003
26:intended to prevent the
81:Public-key cryptography
32:certificate authority
24:ID-based cryptography
93:
22:is a variant of
101:
100:
96:
95:
94:
92:
91:
90:
71:
70:
57:
17:
12:
11:
5:
99:
97:
89:
88:
83:
73:
72:
69:
68:
56:
53:
36:key generation
15:
13:
10:
9:
6:
4:
3:
2:
98:
87:
84:
82:
79:
78:
76:
66:
63:
59:
58:
54:
52:
48:
44:
40:
37:
33:
29:
25:
21:
61:
49:
45:
41:
19:
18:
75:Categories
55:References
28:key escrow
77::
67:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.