ID-based Encryption - Drawbacks


  • If a Private Key Generator (PKG) is compromised, all messages protected over the entire lifetime of the public-private key pair used by that server are also compromised. This makes the PKG a high value target to adversaries. To limit the exposure due to a compromised server, the master private-public key pair could be updated with a new independent key pair. However, this introduces a key-management problem where all users must have the most recent public key for the server.
  • Because the Private Key Generator (PKG) generates private keys for users, it may decrypt and/or sign any message without authorisation. This implies that IBE systems cannot be used for non-repudiation. This may not be an issue for organizations that host their own PKG and are willing to trust their system administrators and do not require non-repudiation.
  • The issue of implicit key escrow does not exist with the current PKI system wherein private keys are usually generated on the user's computer. Depending on the context key escrow can be seen as a positive feature (e.g., within Enterprises). A number of variant systems have been proposed which remove the escrow including certificate-based encryption, secret sharing, secure key issuing cryptography and certificateless cryptography.
  • A secure channel between a user and the Private Key Generator (PKG) is required for transmitting the private key on joining the system. Here, a SSL-like connection is a common solution for a large-scale system. It is important to observe that users that hold accounts with the PKG must be able to authenticate themselves. In principle, this may be achieved through username,password or through public key pairs managed on smart cards.
  • IBE solutions may rely on cryptographic techniques that are insecure against code breaking quantum computer attacks (see Shor's algorithm)

Read more about this topic:  ID-based Encryption

Other articles related to "drawbacks, drawback":

United States House Committee On Commerce And Manufactures - History and Jurisdiction
... Requests for drawbacks, refunds authorized when imported goods on which duties had been paid were re-exported, were similarly referred to the committee during nearly every Congress ... received from merchants and others who had been denied drawbacks for a variety of reasons ... Merchants in Philadelphia, for example, asked for a drawback on a shipment of sugar that had been destroyed before it left the port, while other petitioners, denied drawbacks because of late filing of their requests ...
List Of Pakistani Intelligence Agencies - Federal Investigation Agency - Law Enforcement Services - Drawbacks
... Salaries Benefits and FIA employees draw very poor salaries and other benefits for them that’s why corruption cannot be controlled in Pakistan. ...
Session Jam - Drawbacks
... An example Mr ... Abdul Karim was a student of geology (four-year bachelor course) admitted to the university in the year 2000 (July) ...
CJ Carella's Witch Craft - System
... Drawbacks can then be used to gain extra points ... Characters also have a variety of skills, and Qualities and Drawbacks to give the character added perks or faults (respectively) ... Other Qualities and Drawbacks are of a Supernatural sort and are used to designate a character as a particular type of character (Gifted, Bast, Spirit, and so on) or detail what sort of magic they can do ...

Famous quotes containing the word drawbacks:

    France has neither winter nor summer nor morals—apart from these drawbacks it is a fine country.
    Mark Twain [Samuel Langhorne Clemens] (1835–1910)