81:
schemes also allow for "escrow free" identity based cryptography. A notable example of such an escrow free identity based key agreement is the McCullagh-Barreto's "Authenticated Key
Agreement without Escrow" found in section 4 of their 2004 paper, "A New Two-Party Identity-Based Authenticated Key Agreement". A variant of this escrow free key exchange is standardized as the identity based key agreement in the Chinese identity based standard
1342:
69:, which appeared particularly attractive since there was no need to acquire an identity's public key prior to encryption. However, he was unable to come up with a concrete solution, and identity-based encryption remained an open problem for many years. The first practical implementations were finally devised by Sakai in 2000, and Boneh and Franklin in 2001. These solutions were based on
122:
Identity-based systems have a characteristic problem in operation. Suppose Alice and Bob are users of such a system. Since the information needed to find Alice's public key is completely determined by Alice's ID and the master public key, it is not possible to revoke Alice's credentials and issue new
93:
Identity-based systems allow any party to generate a public key from a known identity value, such as an ASCII string. A trusted third party, called the private key generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the
80:
Closely related to various identity-based encryption schemes are identity based key agreement schemes. One of the first identity based key agreement algorithms was published in 1986, just two years after Shamir's identity based signature. The author was E. Okamoto. Identity based key agreement
57:
using only public information such as the user's identifier. Under Shamir's scheme, a trusted third party would deliver the private key to the user after verification of the user's identity, with verification essentially the same as that required for issuing a
123:
credentials without either (a) changing Alice's ID (usually a phone number or an email address which will appear in a corporate directory); or (b) changing the master public key and re-issuing private keys to all users, including Bob.
1322:
1152:
767:
477:
895:
140:
990:
890:
294:
619:
798:
792:
178:
916:
470:
415:
271:
106:
by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity
1375:
534:
602:
559:
524:
983:
514:
240:
1370:
463:
592:
539:
678:
1201:
1132:
703:
587:
976:
844:
777:
519:
1317:
1272:
1075:
834:
683:
597:
582:
145:
82:
429:
1196:
693:
564:
155:
150:
1312:
946:
926:
135:
66:
42:
298:
1302:
1292:
1147:
885:
656:
1297:
1287:
1080:
1040:
1033:
1018:
1013:
839:
486:
31:
1085:
1028:
921:
772:
711:
646:
249:
219:
59:
1345:
1191:
1137:
787:
544:
501:
364:
126:
This limitation may be overcome by including a time component (e.g. the current month) in the identity.
175:
1307:
1231:
698:
509:
321:
254:
1060:
804:
224:
102:). Given the master public key, any party can compute a public key corresponding to the identity
1176:
1160:
1102:
829:
651:
574:
554:
549:
529:
421:
110:
contacts the PKG, which uses the master private key to generate the private key for the identity
54:
1236:
1226:
1092:
911:
854:
782:
668:
411:
337:
267:
1171:
1023:
757:
403:
329:
259:
38:. The public string could include an email address, domain name, or a physical IP address.
377:
182:
34:
in which a publicly known string representing an individual or organization is used as a
325:
277:
239:
Cocks, Cliff (2001). "An
Identity Based Encryption Scheme Based on Quadratic Residues".
1246:
1166:
1122:
1065:
1050:
74:
248:. Lecture Notes in Computer Science. Vol. 2260/2001. Springer. pp. 360–363.
218:. Lecture Notes in Computer Science. Vol. 2139/2001. Springer. pp. 213–229.
214:
Dan, Boneh; Matt, Franklin (2001). "Identity-based encryption from the Weil pairing".
1364:
1327:
1282:
1241:
1221:
1112:
1070:
1045:
17:
187:
Advances in
Cryptology – Proceedings of CRYPTO 84, Lecture Notes in Computer Science
1277:
1117:
1107:
1097:
1055:
999:
951:
931:
425:
41:
The first implementation of identity-based signatures and an email-address based
1256:
849:
726:
395:
1216:
1186:
1181:
1142:
875:
607:
50:
35:
341:
263:
199:
Sakai, R; Ohgishi, K; Kasahara, M (2000). "Cryptosystems based on pairings".
1206:
312:
Okamoto, E. (1986). "Proposal for identity-based key distribution systems".
333:
1251:
1211:
936:
870:
741:
736:
731:
612:
762:
721:
407:
70:
1127:
880:
396:"Forward Secure Asynchronous Messaging from Puncturable Encryption"
356:
716:
673:
641:
634:
629:
624:
972:
459:
809:
663:
357:"A New Two-Party Identity-Based Authenticated Key Agreement"
146:
SM9 - Chinese
National Identity Based Cryptography Standard
73:. Also in 2001, a solution was developed independently by
1153:
Cryptographically secure pseudorandom number generator
203:. Symposium on cryptography and information security.
447:
1265:
1006:
904:
863:
822:
750:
692:
573:
500:
493:
402:. ACM (published 20 July 2015). pp. 305–320.
295:"Dr Clifford Cocks CB, Honorary Doctor of Science"
176:Identity-Based Cryptosystems and Signature Schemes
355:McCullagh, Noel; Barreto, Paulo S. L. M. (2004).
141:Identity-based conditional proxy re-encryption
984:
471:
8:
400:2015 IEEE Symposium on Security and Privacy
991:
977:
969:
497:
478:
464:
456:
452:
448:
394:Green, Matthew; Miers, Ian (17 May 2015).
253:
223:
389:
387:
151:Sakai–Kasahara Identity Based Encryption
297:. University of Bristol. Archived from
167:
53:in 1984, which allowed users to verify
373:
362:
7:
799:Naccache–Stern knapsack cryptosystem
216:Advances in Cryptology – CRYPTO 2001
25:
1341:
1340:
432:from the original on 8 June 2021
830:Discrete logarithm cryptography
1202:Information-theoretic security
1:
845:Non-commutative cryptography
1376:Identity-based cryptography
1318:Message authentication code
1273:Cryptographic hash function
1076:Cryptographic hash function
942:Identity-based cryptography
835:Elliptic-curve cryptography
28:Identity-based cryptography
1392:
1197:Harvest now, decrypt later
65:Shamir similarly proposed
1336:
1313:Post-quantum cryptography
968:
947:Post-quantum cryptography
896:Post-Quantum Cryptography
455:
451:
136:Identity-based encryption
67:identity-based encryption
43:public-key infrastructure
1303:Quantum key distribution
1293:Authenticated encryption
1148:Random number generation
264:10.1007/3-540-45325-3_32
1371:Public-key cryptography
1298:Public-key cryptography
1288:Symmetric-key algorithm
1081:Key derivation function
1041:Cryptographic primitive
1034:Authentication protocol
1019:Outline of cryptography
1014:History of cryptography
840:Hash-based cryptography
487:Public-key cryptography
242:Cryptography and Coding
32:public-key cryptography
1086:Secure Hash Algorithms
1029:Cryptographic protocol
372:Cite journal requires
1192:End-to-end encryption
1138:Cryptojacking malware
502:Integer factorization
18:ID-based cryptography
1308:Quantum cryptography
1232:Trusted timestamping
1061:Cryptographic nonce
805:Three-pass protocol
334:10.1049/el:19860880
326:1986ElL....22.1283O
314:Electronics Letters
49:) was developed by
1177:Subliminal channel
1161:Pseudorandom noise
1103:Key (cryptography)
575:Discrete logarithm
408:10.1109/SP.2015.26
181:2020-08-12 at the
96:master private key
62:in a typical PKI.
55:digital signatures
1358:
1357:
1354:
1353:
1237:Key-based routing
1227:Trapdoor function
1093:Digital signature
964:
963:
960:
959:
912:Digital signature
855:Trapdoor function
818:
817:
535:Goldwasser–Micali
417:978-1-4673-6949-7
320:(24): 1283–1284.
273:978-3-540-43026-1
71:bilinear pairings
16:(Redirected from
1383:
1344:
1343:
1172:Insecure channel
1024:Classical cipher
993:
986:
979:
970:
801:
702:
697:
657:signature scheme
560:Okamoto–Uchiyama
498:
480:
473:
466:
457:
453:
449:
442:
441:
439:
437:
391:
382:
381:
375:
370:
368:
360:
352:
346:
345:
309:
303:
302:
291:
285:
284:
282:
276:. Archived from
257:
247:
236:
230:
229:
227:
211:
205:
204:
196:
190:
189:, 7:47--53, 1984
172:
98:(referred to as
21:
1391:
1390:
1386:
1385:
1384:
1382:
1381:
1380:
1361:
1360:
1359:
1350:
1332:
1261:
1002:
997:
956:
900:
864:Standardization
859:
814:
797:
746:
694:Lattice/SVP/CVP
688:
569:
515:Blum–Goldwasser
489:
484:
446:
445:
435:
433:
418:
393:
392:
385:
371:
361:
354:
353:
349:
311:
310:
306:
293:
292:
288:
280:
274:
255:10.1.1.116.5477
245:
238:
237:
233:
213:
212:
208:
198:
197:
193:
183:Wayback Machine
173:
169:
164:
132:
120:
91:
23:
22:
15:
12:
11:
5:
1389:
1387:
1379:
1378:
1373:
1363:
1362:
1356:
1355:
1352:
1351:
1349:
1348:
1337:
1334:
1333:
1331:
1330:
1325:
1323:Random numbers
1320:
1315:
1310:
1305:
1300:
1295:
1290:
1285:
1280:
1275:
1269:
1267:
1263:
1262:
1260:
1259:
1254:
1249:
1247:Garlic routing
1244:
1239:
1234:
1229:
1224:
1219:
1214:
1209:
1204:
1199:
1194:
1189:
1184:
1179:
1174:
1169:
1167:Secure channel
1164:
1158:
1157:
1156:
1145:
1140:
1135:
1130:
1125:
1123:Key stretching
1120:
1115:
1110:
1105:
1100:
1095:
1090:
1089:
1088:
1083:
1078:
1068:
1066:Cryptovirology
1063:
1058:
1053:
1051:Cryptocurrency
1048:
1043:
1038:
1037:
1036:
1026:
1021:
1016:
1010:
1008:
1004:
1003:
998:
996:
995:
988:
981:
973:
966:
965:
962:
961:
958:
957:
955:
954:
949:
944:
939:
934:
929:
924:
919:
914:
908:
906:
902:
901:
899:
898:
893:
888:
883:
878:
873:
867:
865:
861:
860:
858:
857:
852:
847:
842:
837:
832:
826:
824:
820:
819:
816:
815:
813:
812:
807:
802:
795:
793:Merkle–Hellman
790:
785:
780:
775:
770:
765:
760:
754:
752:
748:
747:
745:
744:
739:
734:
729:
724:
719:
714:
708:
706:
690:
689:
687:
686:
681:
676:
671:
666:
661:
660:
659:
649:
644:
639:
638:
637:
632:
622:
617:
616:
615:
610:
600:
595:
590:
585:
579:
577:
571:
570:
568:
567:
562:
557:
552:
547:
542:
540:Naccache–Stern
537:
532:
527:
522:
517:
512:
506:
504:
495:
491:
490:
485:
483:
482:
475:
468:
460:
444:
443:
416:
383:
374:|journal=
347:
304:
301:on 2015-06-27.
286:
283:on 2007-02-06.
272:
231:
225:10.1.1.66.1131
206:
191:
166:
165:
163:
160:
159:
158:
156:Boneh–Franklin
153:
148:
143:
138:
131:
128:
119:
116:
94:corresponding
90:
87:
75:Clifford Cocks
24:
14:
13:
10:
9:
6:
4:
3:
2:
1388:
1377:
1374:
1372:
1369:
1368:
1366:
1347:
1339:
1338:
1335:
1329:
1328:Steganography
1326:
1324:
1321:
1319:
1316:
1314:
1311:
1309:
1306:
1304:
1301:
1299:
1296:
1294:
1291:
1289:
1286:
1284:
1283:Stream cipher
1281:
1279:
1276:
1274:
1271:
1270:
1268:
1264:
1258:
1255:
1253:
1250:
1248:
1245:
1243:
1242:Onion routing
1240:
1238:
1235:
1233:
1230:
1228:
1225:
1223:
1222:Shared secret
1220:
1218:
1215:
1213:
1210:
1208:
1205:
1203:
1200:
1198:
1195:
1193:
1190:
1188:
1185:
1183:
1180:
1178:
1175:
1173:
1170:
1168:
1165:
1162:
1159:
1154:
1151:
1150:
1149:
1146:
1144:
1141:
1139:
1136:
1134:
1131:
1129:
1126:
1124:
1121:
1119:
1116:
1114:
1113:Key generator
1111:
1109:
1106:
1104:
1101:
1099:
1096:
1094:
1091:
1087:
1084:
1082:
1079:
1077:
1074:
1073:
1072:
1071:Hash function
1069:
1067:
1064:
1062:
1059:
1057:
1054:
1052:
1049:
1047:
1046:Cryptanalysis
1044:
1042:
1039:
1035:
1032:
1031:
1030:
1027:
1025:
1022:
1020:
1017:
1015:
1012:
1011:
1009:
1005:
1001:
994:
989:
987:
982:
980:
975:
974:
971:
967:
953:
950:
948:
945:
943:
940:
938:
935:
933:
930:
928:
925:
923:
920:
918:
915:
913:
910:
909:
907:
903:
897:
894:
892:
889:
887:
884:
882:
879:
877:
874:
872:
869:
868:
866:
862:
856:
853:
851:
848:
846:
843:
841:
838:
836:
833:
831:
828:
827:
825:
821:
811:
808:
806:
803:
800:
796:
794:
791:
789:
786:
784:
781:
779:
776:
774:
771:
769:
766:
764:
761:
759:
756:
755:
753:
749:
743:
740:
738:
735:
733:
730:
728:
725:
723:
720:
718:
715:
713:
710:
709:
707:
705:
700:
695:
691:
685:
682:
680:
677:
675:
672:
670:
667:
665:
662:
658:
655:
654:
653:
650:
648:
645:
643:
640:
636:
633:
631:
628:
627:
626:
623:
621:
618:
614:
611:
609:
606:
605:
604:
601:
599:
596:
594:
591:
589:
586:
584:
581:
580:
578:
576:
572:
566:
565:Schmidt–Samoa
563:
561:
558:
556:
553:
551:
548:
546:
543:
541:
538:
536:
533:
531:
528:
526:
525:Damgård–Jurik
523:
521:
520:Cayley–Purser
518:
516:
513:
511:
508:
507:
505:
503:
499:
496:
492:
488:
481:
476:
474:
469:
467:
462:
461:
458:
454:
450:
431:
427:
423:
419:
413:
409:
405:
401:
397:
390:
388:
384:
379:
366:
358:
351:
348:
343:
339:
335:
331:
327:
323:
319:
315:
308:
305:
300:
296:
290:
287:
279:
275:
269:
265:
261:
256:
251:
244:
243:
235:
232:
226:
221:
217:
210:
207:
202:
195:
192:
188:
184:
180:
177:
171:
168:
161:
157:
154:
152:
149:
147:
144:
142:
139:
137:
134:
133:
129:
127:
124:
117:
115:
113:
109:
105:
101:
97:
88:
86:
84:
78:
76:
72:
68:
63:
61:
56:
52:
48:
44:
39:
37:
33:
30:is a type of
29:
19:
1278:Block cipher
1118:Key schedule
1108:Key exchange
1098:Kleptography
1056:Cryptosystem
1000:Cryptography
952:OpenPGP card
941:
932:Web of trust
588:Cramer–Shoup
434:. Retrieved
399:
365:cite journal
350:
317:
313:
307:
299:the original
289:
278:the original
241:
234:
215:
209:
200:
194:
186:
174:Adi Shamir,
170:
125:
121:
111:
107:
103:
99:
95:
92:
79:
64:
46:
40:
27:
26:
1266:Mathematics
1257:Mix network
922:Fingerprint
886:NSA Suite B
850:RSA problem
727:NTRUEncrypt
60:certificate
1365:Categories
1217:Ciphertext
1187:Decryption
1182:Encryption
1143:Ransomware
876:IEEE P1363
494:Algorithms
162:References
118:Limitation
100:master key
51:Adi Shamir
36:public key
1207:Plaintext
342:0013-5194
250:CiteSeerX
220:CiteSeerX
1346:Category
1252:Kademlia
1212:Codetext
1155:(CSPRNG)
1133:Machines
937:Key size
871:CRYPTREC
788:McEliece
742:RLWE-SIG
737:RLWE-KEX
732:NTRUSign
545:Paillier
430:Archived
179:Archived
130:See also
1007:General
783:Lamport
763:CEILIDH
722:NewHope
669:Schnorr
652:ElGamal
630:Ed25519
510:Benaloh
426:9171925
322:Bibcode
1128:Keygen
905:Topics
881:NESSIE
823:Theory
751:Others
608:X25519
436:8 June
424:
414:
340:
270:
252:
222:
1163:(PRN)
717:Kyber
712:BLISS
674:SPEKE
642:ECMQV
635:Ed448
625:EdDSA
620:ECDSA
550:Rabin
422:S2CID
281:(PDF)
246:(PDF)
89:Usage
917:OAEP
891:CNSA
768:EPOC
613:X448
603:ECDH
438:2021
412:ISBN
378:help
338:ISSN
268:ISBN
201:SICS
927:PKI
810:XTR
778:IES
773:HFE
704:SIS
699:LWE
684:STS
679:SRP
664:MQV
647:EKE
598:DSA
583:BLS
555:RSA
530:GMR
404:doi
330:doi
260:doi
83:SM9
47:PKI
1367::
758:AE
593:DH
428:.
420:.
410:.
398:.
386:^
369::
367:}}
363:{{
336:.
328:.
318:22
316:.
266:.
258:.
185:.
114:.
112:ID
108:ID
104:ID
85:.
77:.
992:e
985:t
978:v
701:/
696:/
479:e
472:t
465:v
440:.
406::
380:)
376:(
359:.
344:.
332::
324::
262::
228:.
45:(
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.