[Security] GSoC proposal: Identity-based end-to-end encryption for XMPP
Eric Rescorla
ekr at rtfm.com
Tue Mar 15 08:47:27 CST 2011
On Tue, Mar 15, 2011 at 7:14 AM, David Núñez <dnunez at lcc.uma.es> wrote:
> Thank you for your response. Respect to your first point, one advantage of the proposed scheme is that it is an alternative to digital certificates and its associated distribution infrastructure, as it relies on the identity of the users as public keys.
I don't know what this means. An IBE system requires a central key
generation server which needs to
verify users identities and only issue keys when appropriate. The
processing done by the KGS looks
very much like that done by a CA.
The primary advantage of an IBE system is that you can encrypt to
people whose credentials you
don't have (and may not even have any yet). However, since this is a
real-time exchange, that benefit
does not applyhere.
-Ekr
More information about the Security
mailing list