Brown’s identity-based decryption

Dan Brown recently wrote a paper that described what he calls "identity-based decryption." Here’s how he describes this in this paper’s abstract:

Identity-based decryption is an alternative to identity-based encryption, in which Alice encrypts a symmetric key for Bob under a trusted authority’s public key. Alice sends Bob the resulting ciphertext, which Bob can send to the trusted authority. The trusted authority provides Bob the symmetric key only upon verifying Bob’s identity.

I’m not quite sure that this is really a new idea. It’s very similar to what existing implementations of identity-based encryption currently let you do.

Products like Voltage's SecureMail that use IBE to encrypt email let you do the IBE either with or without client software. If you have client software installed, they work like you’d expect:

  1. Alice encrypts a message with a symmetric key
  2. Alice encrypts the symmetric key with Bob’s IBE public key
  3. Bob gets his IBE private key from a key server
  4. Bob decrypts the symmetric key with his IBE private key
  5. Bob decrypts the message with the symmetric key

But if Bob’s in an environment where he can’t install client software or his IT department won’t let him install any client software, a slightly different approach is used. In Voltage's SecureMail, we call this the Voltage Zero Download Messanger. Here’s how it works:

  1. Alice encrypts a message with a symmetric key
  2. Alice encrypts the symmetric key with Bob’s IBE public key
  3. Bob sends the encrypted message to a secure server
  4. The secure server gets Bob’s IBE private key
  5. The secure server decrypts the symmetric key with Bob’s IBE private key
  6. The secure server decrypts the message with the symmetric key
  7. The secure server sends the decrypted message to Bob

That’s extremely close to Brown’s IBD. It just does an additional step or two for Bob.

And by using IBE to do this instead of IBD, you get some important advantages. The biggest of these is probably the fact that you don’t need to securely archive any private keys. This makes an IBE system very simpler to buy and operate, and that gives the technology a big advantage when it’s compared to other alternatives.

So IBD looks like an interesting idea, but I doubt that it would ever get the commercial acceptance that IBE has seen. The last numbers that I saw said that there are somewhere between 40 and 50 million users of IBE worldwide, and I’d guess that most of those users use it because some CISO liked the fact that systems that use it are much cheaper to buy and operate than the alternatives.

Leave a Reply

Your email address will not be published. Required fields are marked *