Hello Ninja! Have you heard about Identity Based Cryptography?
Public-key Cryptography provides very robust security for e-communications. However, it is used much less because of its complex nature. One of the ways to solve this problem is to use “Identity Based Cryptography".
Do you want to read up on it?
If your answer is yes, you're at the right place. As we guide you through this article, you will learn what Identity Based Cryptography is. You will also learn about its history, implementations, advantages, disadvantages, and more. So, are you excited? Then let's dive right into it.
Let us begin by knowing where it all started.
History
Adi Shamir introduced Identity Based Cryptography for the first time in 1984. The main idea behind this was to use user-identifying traits (such as email addresses or phone numbers) in place of digital certificates for Encryption and signature verification.
When Shamir gave his proposal, he had already figured out the use of the existing RSA(Rivest, Shamir, Adleman) function for an Identity Based Signature (IBS) scheme. But he could not find a way to implement Identity Based Encryption (IBE). It remained an unresolved issue for many years. Until Sakai in 2000 and Boneh & Franklin in 2001 came up with the first workable solutions.
Clifford Cocks independently created a solution for Identity Based Cryptography later in 2001.
Now you know how Identity based Cryptography came into being. But first, let us now talk about Cryptography.
Cryptography
It is the study of safe communication techniques. It limits the contents of a message to only the intended receiver and the sender. The use of Cryptography prevents unauthorized users from accessing sensitive information. The term “Cryptography” is made up of two words, “crypt” and "graphy." The word "crypt" comes from the word "Kryptos" (greek origin), which means "hidden." Cryptographic techniques use mathematical concepts and algorithms to encode messages. The encoded messages are generally made up of random numbers and strings. It is tough to decode these messages without the right key and algorithm.
There are mainly three types of Cryptography in general. These are as follows:
When we talk about Cryptography, the word “key” is mentioned many times. So, the question is, what is a key? Let's find out.
Cryptographic Key
A key is a set of characters or numbers that are used in an encryption algorithm. It is used to change data so it appears meaningless and random. Just like the key to your home is used to lock or unlock it, a cryptographic key is used to lock (encrypt) or open (decrypt) data. Some common types of keys are:
Public Key
Private Key
Authentication Key
Transport Key
Wrapping Key
Master Key
For Identity Based Cryptography, two keys are required, the public key and the private key. Identity Based Cryptography is a type of public-key Cryptography. To understand it better, let's take a look at what public key Cryptography is.
Public Key Cryptography
It is also known as asymmetric Cryptography. Public key Cryptography needs a pair of public and private keys for encrypting data. The sender of the message uses the public key to encrypt it. Receivers can decrypt it only if they have the correct private key.
In this system, both the public and private keys must be available to the receiver. The sender must be aware of the recipient's public key. In most cases, the sender must ask for a certificate authority to find the target recipient's public key. It is easy to do so within an organization. But senders who are outside the organization need access to a central directory. It makes it hard for them to send encrypted messages.
To tackle this problem, we can use Identity Based Cryptography. Let us now define it in detail.
Identity Based Cryptography
It is a type of public-key Cryptography. Here, a user can generate a public key using a known unique identifier (like an email address or a phone no.). A trusted third-party server generates the private key from the public key. This way, users do not have to distribute the public keys before sharing encrypted data.
Its basic idea is that a user's public key is created by applying a public hash function to the user's ID string. A central trusted party generates the correct private key. The user needs to authenticate his ID with the trusted party. After which, the private key is sent to that user over a secure channel. Instead of a certificate, the trusted party issues a private key. These public and private keys can be used in many cryptographic schemes.
Now, let us learn the cryptographic operations used in Identity Based Cryptography.
Encryption and Decryption Processes
Identity Based Cryptography depends on the private key generator (PKG), a trusted third party. The PKG generates a public-private key pair. PKG makes the public key handy for the users before starting the communication between parties. These keys generated by PKG are known as the master private key and the master public key.
Encryption
Encryption uses an algorithm to convert plain text into cipher text. This is used to protect sensitive data from unauthorized users. Generally, cipher text looks like a long list of random letters and numbers. Once the data has been encrypted, the only way to decrypt it and restore access to it by using the correct Encryption key.
The example that follows can help us to know the process of Encryption in Identity Based Cryptography:
Suppose Ninja wants to send a message to Peter. He already knows the ID of Peter (IDPeter) and the public key (pkpkg).
First of all, a plaintext message (M) is made by Tony for Peter.
To obtain cipher text (CT), he uses the public key (pkpkg) provided by PKG and Peter's Identity (IDPeter).
The encrypted message ( C ) is then sent to Peter via the internet (in this case).
Look at the image that follows to realize it better.
Decryption
Decryption is the process of converting cipher text into plain text. For decryption, we require the same algorithm and key used to encrypt the message. Encrypted data cannot be decrypted again without the proper key. Simply put, decryption is the converse of Encryption.
We will continue the same example to learn the decryption process.
Suppose Peter gets the encrypted message from Tony. It also has instructions about how to contact PKG and decrypt the message.
To decrypt the message into plain text, Peter authenticates his ID with the PKG. He sends enough proof that confirms that IDpeter belongs to him.
Upon successful authentication, Peter receives his private key (prpeter) from the PKG through a secure channel.
Peter recovers the plain text message by decrypting C with his private key prpeter.
Let's look at the image that follows to realize the above ex.
Now you're well-versed in the cryptographic operations involved in Identity Based Cryptography. Let's discover some of its advantages.
Advantages of Identity Based Cryptography
By now, you must have figured out some of the advantages of Identity Based Cryptography. Let us list some of them:
Certificates are not required to get the public key. The public key of a recipient is created from its ID.
The recipient of an encrypted message does not need to do anything special to receive it. It is one of the most appealing aspects of Identity Based Cryptography.
It is not necessary to revoke keys because they expire. In a normal public-key system, if a key is compromised, it must be cancelled.
Identity Based Encryption makes it possible to postdate messages for later decryption.
Less prone to spam.
Identity Based Cryptography provides many advantages over public key infrastructure-based approaches. But it also has some drawbacks. Let us find them out by looking at their disadvantages:
Disadvantages of Identity Based Cryptography
The disadvantages of Identity Based Cryptography are as follows:
Identity Based Encryption requires a centralized server. Hence, some keys must be made and kept in deposit. It puts them at a higher risk of leakage.
Keys at PKG are simple to issue and revoke.
To transfer the private key, we need to establish a secure channel between the sender or receiver and the IBE server.
Implementations
Let's look at some solutions to Identity Based Encryption:
Along with other researchers, Boneh and Franklin implemented Identity Based Cryptography using C++, known as the "Stanford IBE System."
After Boneh and Franklin's IBE scheme, Shamus Software also developed a library called "MIRACL" using C++.
Voltage Security, Inc. is the most well-known commercial application of IBE. They provide plug-ins for various major email programs, including Microsoft Outlook.
Frequently Asked Questions
What is Identity Based Encryption?
Identity Base Encryption (IBE) is a public-key cryptosystem. Any unique ID string (like an email address) can be a valid public key. A reliable third-party server generates the private key from the public key.
What is Encryption?
Encryption uses an algorithm to transform plain text into cipher text. It is used to protect sensitive data from unauthorized access.
What is Decryption?
Decryption is the process of converting cipher text into plain text. It can not be done without a valid key.
What is cipher text?
The "ciphertext" is the encrypted text that has been converted from plaintext by an Encryption algorithm.
What is Certificate Authority?
The Certificate Authority, or CA, is responsible for issuing digital certificates.
Conclusion
In this article, we have discussed Identity Based Cryptography. We have defined it in detail and also discussed its history. We also had a look at its advantages, disadvantages, and its uses.
We hope this article helps you on your journey. Don't stop just yet; there's much more about Cryptography for you to learn. You can find out more in the articles that follow: