Careers & Certifications

03:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Public Key Without the Middleman

Products incorporating a new elliptic-curve cryptography method called Weil Pairings are now being released.

Products incorporating a new elliptic-curve cryptography method called Weil Pairings are now being released. Weil establishes a security system without the complex infrastructure mandated by RSA public/private key cryptography.

The Weil approach, also known as identity-based encryption, creates a set of public parameters. Users can send secure messages without qualifying themselves in the public-key directory. This could allow citizens to send a tip securely and anonymously to the police, for instance.

Weil systems also let the server generate any user's private key, so the administering entity has access to everything. There is no single point of failure for secure messages. And private keys can be set to expire, making management easier.

There are downsides, though. Because the sender of a message can be anonymous, his or her identity is refutable. But more importantly, the server is a key escrow agent, able to decrypt any message sent.

Perhaps the biggest negative is that Weil is best-suited for niche apps, yet start-up Voltage Security and other vendors are marketing it more broadly. It's not clear to us that Weil will ever replace RSA as a general-use key infrastructure.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
Hot Topics
18
IT Hiring: Social Media Matters
Marcia Savage, Managing Editor, Network Computing,  8/27/2014
5
How To Survive In Networking
Susan Fogarty, Editor in Chief,  8/28/2014
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Slideshows
Twitter Feed