[146444] in cryptography@c2.net mail archive
Re: [Cryptography] Why human-readable IDs (was Re: Email and IM are
daemon@ATHENA.MIT.EDU (Jerry Leichter)
Wed Aug 28 13:11:34 2013
X-Original-To: cryptography@metzdowd.com
From: Jerry Leichter <leichter@lrw.com>
In-Reply-To: <20130828085247.7ab75b0f@jabberwock.cb.piermont.com>
Date: Wed, 28 Aug 2013 10:33:16 -0400
To: "Perry E. Metzger" <perry@piermont.com>
Cc: "Wendy M. Grossman" <wendyg@pelicancrossing.net>, cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
A different take on the problem: Would something built around identify-based encryption help here? It sounds very tempting: My email address (or any other string - say a bitmap of a picture of me) *is* my public key. The problem is that it requires a central server that implicitly has access to my private key. There are some proposals around to work around that (e.g., by constructing the key from a combination of keys from different key generators). But we could go another route: I can run a key generator on my own hardware. That doesn't quite solve the problem, since you now need a secure way to find my key generator - any generator will happily tell you how to encrypt using leichter@lrw.com to generate the public key, and *it* will have the corresponding private key.
I don't quite see how to make this work, but IBE seems like a primitive that might be helpful, somehow.
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
