Algorithm agility with IBE

In his recent blog post, enterprise architect extraordinaire James McGovern mentions that he’s concerned that there’s no algorithm agility with identity-based encryption. His thoughts may be based on a misunderstanding of what IBE actually is. Here's why.

IBE is really a family of public-key technologies that share a common set of properties, and there are actually several different IBE schemes. Voltage’s shipping products actually support two of these:Boneh-Franklin IBE and the Boneh-Boyen IBE. So even within the technology used by a single vendor, there’s still the opportunity for algorithm agility while keeping the useful properties of IBE.

Most of Voltage’s customers use Boneh-Franklin IBE. It was the first IBE scheme that was both practical and secure. It’s also the easiest to understand. Boneh-Boyen IBE is harder to understand. It also has a number of properties that differentiate it from the Bohen-Franklin scheme, most of which only matter to specialists in the field of pairing-based cryptography. Most people really don’t care, for example, whether an identity gets hashed to a point on an elliptic curve or it gets hashed to an integer. Boneh-Franklin IBE hashes an identity to a point on an elliptic curve. Boneh-Boyen IBE hashes an identity to an integer.

The likelihood of a weakness being found in either the Boneh-Franklin of the Boneh-Boyen scheme is also quite low. Both of these schemes have formal proofs of their security. Lots of smart people have reviewed these proofs, so they’re probably correct. This means that it’s very unlikely that there’s a weakness in either the Bohen-Franklin or the Boneh-Boyen IBE scheme that can be exploited.

There are also other vendors that use IBE technology in their products. I can’t say for sure, but I wouldn’t be surprised if their products have the same level of algorithm agility that Voltage’s products do. I can say with certainty that the concerns around algorithm agility really don’t apply to Voltage’s products. You’ll have to ask other vendors about exactly how they do things.

Leave a Reply

Your email address will not be published. Required fields are marked *