Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

 
NetNews
N E W S / A N A L Y S I S  


Public Key Without the Middleman

  July 24, 2003
  By Robert Moskowitz


TOC Issue TOC
Printer Print full article
Printer Download as PDF
E-Mail E-Mail this URL
Discuss Discuss this article
flame author Flame the author

Products incorporating a new elliptic-curve cryptography method called Weil Pairings are now being released. Weil establishes a security system without the complex infrastructure mandated by RSA public/private key cryptography.

The Weil approach, also known as identity-based encryption, creates a set of public parameters. Users can send secure messages without qualifying themselves in the public-key directory. This could allow citizens to send a tip securely and anonymously to the police, for instance.

Weil systems also let the server generate any user's private key, so the administering entity has access to everything. There is no single point of failure for secure messages. And private keys can be set to expire, making management easier.

There are downsides, though. Because the sender of a message can be anonymous, his or her identity is refutable. But more importantly, the server is a key escrow agent, able to decrypt any message sent.

Perhaps the biggest negative is that Weil is best-suited for niche apps, yet start-up Voltage Security and other vendors are marketing it more broadly. It's not clear to us that Weil will ever replace RSA as a general-use key infrastructure.

Post a comment or question on this story.


Best of the Web

Data deduplication: Declawing the clones

Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.

Quick Read

Compression, Encryption, Deduplication, and Replication: Strange Bedfellows

One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.

Quick Read

WAN Optimization Whitelists and Blacklists

Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.

Quick Read

WAN Optimization as a Managed Service: It's Not About the Cost

This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.

Quick Read

  Sponsored Links

Premium Content

Data Centers Gone Wild
February 22, 2010
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll