Workshop highlights adoption of identity-based encryption

Voltage Security today summarized the results from the recent National Institute of Standards and Technology (NIST) sponsored workshop: Applications of Pairing Based Cryptography: Identity Based Encryption and Beyond, recognizing that significant progress has been made in the adoption of Identity-Based Encryption (IBE) as an alternative approach to securing sensitive information.

Voltage Security joined leading practitioners of Identity-Based Encryption, including cryptographers, researchers, members of government organizations such as N.S.A, U.S. Navy, and Social Security Administration, commercial organizations as well as representatives from security solution providers.

Topics discussed included:

  • Recent research results on pairing-based cryptography and IBE.
  • Performance and implementation details of IBE systems.
  • New applications utilizing pairing-based cryptography and IBE.
  • Future of Identity-Based Encryption.

In addition, the topic of “Whether or Not IBE is Needed” was discussed by a panel consisting of top security experts including Terence Spies, CTO of Voltage Security, noted researcher Brent Waters, SRI International, public-key expert Jon Callas, CTO of PGP Inc., and  widely respected computer scientist and Sun Fellow,  Radia Perlman.  There was extensive discussion around the “intrinsic” value of IBE versus PKI. 

The following core capabilities of IBE were identified:

  • Offline encryption improves scalability.
  • No pre-enrollment requirements support dynamic coalitions and ad hoc messages.
  • Use of identity drives support for groups, organizational mailboxes and protection of portal content.
  • Stateless key management reduces management overhead and facilitates disaster recovery.
  • IBE’s inherent key recovery simplifies implementation design and execution.

The discussion pointed out that traditional PKI approaches, or approaches that emulate PKI, cannot achieve these same capabilities without adding design, code, and implementation complexity that often limits scalability and increases overall maintenance costs.




Share this