Wow, after using bilinear pairings all semester, Perlmonks is the last place I expected to see them pop up! It's always nice to see someone trying to put the latest theory into practice, and in Perl no less.

IBE allows for other really neat encryption ideas that I think are great. Consider an IBE system that's run at your company. Of course you can encrypt messages to Bob using his email address "bob@acme.com" as the public key. But you can also pass little "notes" to the public authority as part of the encryption key. Think of encrypting a message using something like "bob@acme.com:after2006-12-31:security3" as the public key. When Bob authenticates to the trusted authority to get the corresponding decryption key, the authority will only decide to give it to him if the date is after 12/31 and if he still has security clearance 3.

By dating all the encryption keys in this way, it gives an extra level of security from a hacker who steals your decryption keys. The stolen keys will only work for a small window of time, as long as the senders "postmark" their messages like in that example. IBE allows us to delegate some pretty sophisticated policies to the authority.

I'd also just like to elaborate on what these "pairings" do (only at a high level), since I doubt many monks have been exposed to them. You can think of the elements of a cyclic group as ga and gb, where a & b are integers in some range (and g is some special element of the group). If you had two such elements, you could multiply them together to get ga+b, so you can always perform additions in the exponent. But schemes like ElGamal and Diffie-Hellman key exchange work on the principle that if you don't know a & b, you only know ga and gb, then it's hard to compute gab. So multiplications in the exponent are hard.

Pairings work by flipping this principle on its head. Now suppose you had a group where you could do those kinds of multiplications in the exponent efficiently (that's exactly what the pairing function does). But there's a catch -- you can only do one multiplication. This limitation is because the result of the multiplication has a slightly different form, which does not allow you to make any additional multiplications. But still, with such a pairing function, you can base a cryptosystem on the hardness of computing gabc when given ga, gb, gc, This extra level of algebraic freedom lets us design many more interesting cryptosystems.

Cheers, and thanks for posting this sneak-peek into the frontier of crypto research ;)

blokhead

In reply to Re: RFC: Identity Based Cryptography by blokhead
in thread Identity Based Encryption using Pairings and Crypt::PBC by jettero

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.