Gem
plus Adds
Identity-Based
Encryption to
Smart Cards Identity-based encryption
(IBE) uses
Identity as a public key rather than the cumbersome system of
certificates and revocation lists associated with traditional PKI, and now Gem
plus is adding it to smart cards.
IBE uses the recipient''s
name, phone number, or e-mail address as the public key enabling message
encryption or signature verification. The concept was first proposed back in
1984 by Adi Shamir, one of the minds behind RSA''s public key system, who saw
the use of identity as the public key as the natural evolution of cryptography.
IBE makes the cumbersome
system of
cryptography more transparent to end users and more manageable for
enterprises. "You simplify the moving parts because you wouldn''t need the
certificates to bind to IDs," said Sathvik Krishnamurthy, president and
CEO of Voltage Security, Inc.
It took 17 years for
someone to figure out the mathematics behind Shamir''s concept for IBE, but Dr.
Dan Boneh of Stanford and Dr. Matt Franklin of the University of
California-Davis finally did it in 2000. Their idea was eventually patented and
spun out of Stanford to become Voltage Security in July of 2003.
Voltage markets a product
called Secure Mail, a software agent that lets users transparently receive and
send secure e-mail using existing e-mail applications. It also developed Secure
File, which secure files and documents in repositories, and Secure IM, which
allows secure e-mail.
All of the company''s
products are built on IBE, which can use any arbitrary string as a public key,
allowing data to be protected without the need for certificates. The protection
is provided by a key server that controls the mapping of identities to
decryption keys.
Removing the certificates
and revocation lists makes the process of securing a message or file much
easier for end users. Traditional PKI required that users get a certificate,
publish that certificate to someone they want to receive a secure message, and
then have the sender encrypt the message using that certificate.
Working with a vendor
like Gem plus will allow users to store IBE keys on a smart card.
Authentication will also be strengthened because smart cards are a two-factor
solution. Gem plus can add IBE to a SIM card in a mobile phone, for example,
and can use it to encrypt an SMS message being sent from one subscriber to
another.
Because the message
itself is directly encrypted with the identity of the recipient, that recipient
alone can open the message. IBE also has the potential to increase the adoption
of mobile commerce because credit card numbers can be securely encrypted and
decrypted only by the intended recipient.
More abstracts about the Gem plus Adds Identity-Based Encryption to Smart Cards