Identity-Based Cryptography: Applications, Vulnerabilities, and Future Directions

Identity-Based Cryptography: Applications, Vulnerabilities, and Future Directions

Jenny Torres, Michele Nogueira, Guy Pujolle
DOI: 10.4018/978-1-4666-2919-6.ch020
(Individual Chapters)
No Current Special Offers


Since computer systems and communication become each time more pervasive, information security takes attention, requiring guarantees for data authentication, integrity and confidentiality. Pervasive communication and computer systems intend to provide access to information and services anytime and anywhere, demanding cryptographic systems more practical and that consider the characteristics of emerging network paradigms, such as wireless communication, device constraints and mobility. Identity-Based Cryptography (IBC) is an asymmetric key cryptographic technology that employs as user’s public key any unique information related to the identity of the user. IBC efficiently manages keying material and provides an easy way to issue a pair of keys applying user information. However, it assumes the existence of a Trusted Third Party (TTP), called Private Key Generator (PKG), which is responsible for generating the corresponding user private key. Relying on a TTP and using an identity as the base of the scheme result in different weaknesses on the system, as the inherent key escrow problem. This chapter investigates those weaknesses, and it points out the stat-of-the-art of proposed solutions to avoid them. This chapter also provides an overview of Identity-Based Encryption (IBE), Identity-Based Signature (IBS) and Identity-Based Key Agreement (IBKA), emphasizing IBE due to being an open problem for many years. This chapter concludes highlighting IBC applications and future trends.
Chapter Preview


The protection of sensitive information against unauthorized access or fraudulent changes has been a primary concern throughout centuries. The ability to protect the confidentiality of information, to prevent unauthorized access to data or services and to prevent the unauthorized modification of data is a fundamental requirement of security, as well as the ability to know whom you are talking to. Modern communication techniques, using computers connected through networks, make all data even more vulnerable for threats that can easily compromise its confidentiality, privacy and integrity. Also, new issues have come up, being most of them irrelevant before. Cryptology, the study of cryptosystems, can be subdivided into two disciplines: cryptography and cryptanalysis. Cryptography concerns itself with the design of cryptosystems, while cryptanalysis studies the breaking of cryptosystems. These two aspects are closely related since setting up a cryptosystem claims the analysis of its security (Van Tilborg, 1999).

Complete Chapter List

Search this Book: