Identity Based Cryptography

Abstract

Data security is one of the principle concerns today. Digital signature assumes an important part to guarantee authentication, non-integrity, and non-repudiation on a message. Digital signature can be computed using Rives, Shamir, and Adleman (RSA), and elliptic curve cryptography. It can be a simple signature in which hash of the message is encrypted with the private key of the sender. This private key and corresponding public keys are generated by Certificate Authority (CA), and public key are binded in the digital certificate. Another approach is Identity Based (ID) signature in which private keys are generated by Private Key Generator (PKG) and public key is derived from the user’s identity [19]. This is also known as certificate less communication. In ID based signature, there is no need to transmit public key over unsecure channel. Public keys are efficiently derived from the receiver’s identity information such as name, email address, network address, IP address, and now Aadhar number. Unauthorized users can forge email addresses. Today Aadhar number is used as a unique identity proof that can be used as ID to derive public key of the user. But ID based cryptography has an inherent key escrow because of its dependence on PKG that uses a single master secret key to generate a user’s private key. Key escrow enables the PKG to decrypt all the messages of its domain. In this paper we have proposed a secure and efficient multiple signatures scheme based on Shamir’s and Lein Harn’s identity based signature that is secure against forgery and public key replacement attack and do a comparison between Public Key Infrastructure (PKI) and ID based cryptography.