Careers & Certifications

03:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Public Key Without the Middleman

Products incorporating a new elliptic-curve cryptography method called Weil Pairings are now being released.

Products incorporating a new elliptic-curve cryptography method called Weil Pairings are now being released. Weil establishes a security system without the complex infrastructure mandated by RSA public/private key cryptography.

The Weil approach, also known as identity-based encryption, creates a set of public parameters. Users can send secure messages without qualifying themselves in the public-key directory. This could allow citizens to send a tip securely and anonymously to the police, for instance.

Weil systems also let the server generate any user's private key, so the administering entity has access to everything. There is no single point of failure for secure messages. And private keys can be set to expire, making management easier.

There are downsides, though. Because the sender of a message can be anonymous, his or her identity is refutable. But more importantly, the server is a key escrow agent, able to decrypt any message sent.

Perhaps the biggest negative is that Weil is best-suited for niche apps, yet start-up Voltage Security and other vendors are marketing it more broadly. It's not clear to us that Weil will ever replace RSA as a general-use key infrastructure.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Hot Topics
7
Have You Hugged Your Sysadmin Today?
Susan Fogarty, Editor in Chief,  7/25/2014
6
Cisco Certifications Confront Changing Skills Needs
Ethan Banks, Senior Network Architect,  7/30/2014
1
IT Budgets Up In 2015, Hiring Tepid
Robert Mullins 7/25/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
Video
Slideshows
Twitter Feed