Designing Grid Security Infrastructures Using Identity-Based Cryptography

2010 ◽  
pp. 817-837
Author(s):  
Hoon Wei Lim
Keyword(s):  
Key Management ◽  
Mutual Authentication ◽  
Public Key ◽  
Grid Security ◽  
Grid Systems ◽  
Single Sign On ◽  
Security Services ◽  
Identity Based ◽  
Identity Based Cryptography

Public key infrastructure (PKI) is presently deployed in most grid implementations. Existing PKI-based grid systems make extensive use of public key certificates, both long-term and short-term, in order to support various grid security services, such as single sign-on, mutual authentication and delegation. Orthogonally, the emergence of identity-based cryptography (IBC), which is certificate-free, makes possible more lightweight, simpler public key management techniques than that of conventional certificate-based PKI. In this chapter, the authors study how properties of IBC can be used to design alternative grid security infrastructures which support grid security services in a more clean and natural way.

scholarly journals Improved Identity Based Encryption System (IIBES): A Mechanism for Eliminating the Key-Escrow Problem

2021 ◽  
Vol 5 (1) ◽  
pp. 77-84
Author(s):  
Maitri Patel ◽  
Rajan Patel
Keyword(s):  
Key Management ◽  
Public Key Cryptography ◽  
Public Key ◽  
Key Generation ◽  
Revolutionary Change ◽  
Key Escrow ◽  
Identity Based Encryption ◽  
Identity Based ◽  
Key Revocation ◽  
Identity Based Cryptography

A revolutionary change to public-key cryptography can be considered as an Identity Based Cryptography (IBC) in which identity of the receiver is being used as a public key for encrypting a message and Key Generation Centre (KGC). IBC will generate and distribute the private key to each user to decrypt a message. The thought behind presenting the scheme was to improve and reduce the complexity of certificate and key management, but it also gives rise to key escrow problem, access to encrypted information to unauthorized users. The paper represents Improved Identity-Based Encryption Scheme (IIBES) for Domain Name System (DNS) security which provides confidentiality and authentication through modified identity based encryption and identity based digital signatures. The IIBES comprises key revocation mechanism for non-revoked users and also eliminates key escrow problem. Thus, the IIBES aids to implement the identity-based cryptography more safely in reality and protects DNS against cache poisoning, spoofing attack and masquerade attack. Doi: 10.28991/esj-2021-01259 Full Text: PDF

scholarly journals Provably Secure Identity-Based Encryption and Signature over Cyclotomic Fields

2019 ◽  
Vol 2019 ◽  
pp. 1-13
Author(s):  
Yang Wang ◽  
Mingqiang Wang ◽  
Jingdan Zou ◽  
Jin Xu ◽  
Jing Wang
Keyword(s):  
Key Management ◽  
Cyclotomic Field ◽  
Cyclotomic Fields ◽  
Secret Key ◽  
Worst Case ◽  
Identity Based Encryption ◽  
Management Procedures ◽  
Identity Based ◽  
Identity Based Cryptography ◽  
Provably Secure

Identity-based cryptography is a type of public key cryptography with simple key management procedures. To our knowledge, till now, the existing identity-based cryptography based on NTRU is all over power-of-2 cyclotomic rings. Whether there is provably secure identity-based cryptography over more general fields is still open. In this paper, with the help of the results of collision resistance preimage sampleable functions (CRPSF) over cyclotomic fields, we give concrete constructions of provably secure identity-based encryption schemes (IBE) and identity-based signature schemes (IBS) based on NTRU over any cyclotomic field. Our IBE schemes are provably secure under adaptive chosen-plaintext and adaptive chosen-identity attacks, meanwhile, our IBS schemes are existentially unforgeable against adaptively chosen message and adaptively chosen identity attacks for any probabilistic polynomial time (PPT) adversary in the random oracle model. The securities of both schemes are based on the worst-case approximate shortest independent vectors problem (SIVPγ) over corresponding ideal lattices. The secret key size of our IBE (IBS) scheme is short—only one (two) ring element(s). The ciphertext (signature) is also short—only two (three) ring elements. Meanwhile, as the case of NTRUEncrypt, our IBE scheme could encrypt n bits in each encryption process. These properties may make our schemes have more advantages for some IoT applications over postquantum world in theory.

scholarly journals An Implementation Suite for a Hybrid Public Key Infrastructure

Symmetry ◽  
2021 ◽  
Vol 13 (8) ◽  
pp. 1535
Author(s):  
Jason Chia ◽  
Swee-Huay Heng ◽  
Ji-Jian Chin ◽  
Syh-Yuan Tan ◽  
Wei-Chuen Yau
Keyword(s):  
Public Key Infrastructure ◽  
Public Key ◽  
Practical Implementation ◽  
Public And Private ◽  
Industry Standard ◽  
Cryptographic Keys ◽  
Identity Based ◽  
Identity Based Cryptography ◽  
The Cost ◽  
Enterprise Java Bean

Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).

scholarly journals Identity Based Encryption and Identity Based Signature Scheme: A Research on Security Schemes

2019 ◽  
Vol 8 (6S4) ◽  
pp. 1330-1337
Keyword(s):  
Key Management ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Signature Scheme ◽  
Certificate Authority ◽  
Identity Based Encryption ◽  
Computer Based ◽  
Identity Based ◽  
To Receive

In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to review different problems related to them. Finally, feasibility and applicability of IBC in current and future environments has been discussed.

Security of Identity-Based Encryption Algorithms

2018 ◽  
pp. 4975-4984
Author(s):  
Kannan Balasubramanian ◽  
M. Rajakani
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Identity Based Encryption ◽  
Public Keys ◽  
Identity Based ◽  
Encryption Algorithms ◽  
Encrypted Communication ◽  
E Mail

The concept of Identity Based Cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP Addresses to form public keys with the corresponding private keys being created by the Trusted Authority(TA) who is in possession of a system-wide master secret. Then a party, Alice who wants to send encrypted communication to Bob need only Bob's identifier and the system-wide public parameters. Thus the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the system-wide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Security of Identity-Based Encryption Algorithms

2019 ◽  
pp. 312-325
Author(s):  
Kannan Balasubramanian ◽  
M. Rajakani
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Identity Based Encryption ◽  
Public Keys ◽  
Identity Based ◽  
Encryption Algorithms ◽  
Encrypted Communication ◽  
E Mail

The concept of identity-based cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP addresses to form public keys with the corresponding private keys being created by the trusted authority (TA) who is in possession of a systemwide master secret. Then a party, Alice, who wants to send encrypted communication to Bob need only Bob's identifier and the systemwide public parameters. Thus, the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the systemwide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Sign in / Sign up

Export Citation Format

Share Document