NEWS

Computer, April 2009, p. 26–27

News Archive

November 2009

Program Uses Mobile Technology to Help with Crises

More Cores Keep Power Down

White-Space Networking Goes Live

Mobile Web 2.0 Experiences Growing Pains

October 2009

More Spectrum Sought for Body Sensor Networks

Optics for Universal I/O and Speed

High-Performance Computing Adds Virtualization to the Mix

ICANN Accountability Goes Multinational

RFID Tags Chat Their Way to Energy Efficiency

September 2009

Delay-Tolerant Networks in Your Pocket

Flash Cookies Stir Privacy Concerns

Addressing the Challenge of Cloud-Computing Interoperability

Ephemeralizing the Web

August 2009

Bluetooth Speeds Up

Grids Get Closer

DCN Gets Ready for Production

The Sims Meet Science

Sexy Space Threat Comes to Mobile Phones

July 2009

WiGig Alliance Makes Push for HD Specification

New Dilemnas, Same Principles:
Changing Landscape Requires IT Ethics to Go Mainstream

Synthetic DNS Stirs Controversy:
Why Breaking Is a Good Thing

New Approach Fights Microchip Piracy

Technique Makes Strong Encryption Easier to Use

New Adobe Flash Streams Internet Directly to TVs

June 2009

Aging Satellites Spark GPS Concerns

The Changing World of Outsourcing

North American CS Enrollment Rises for First Time in Seven Years

Materials Breakthrough Could Eliminate Bootups

April 2009

Trusted Computing Shapes Self-Encrypting Drives

March 2009

Google, Publishers to Try New Advertising Methods

Siftables Offer New Interaction Model for Serious Games

Hulu Boxed In by Media Conglomerates

February 2009

Chips on Verge of Reaching 32 nm Nodes

Hathaway to Lead Cybersecurity Review

A Match Made in Heaven: Gaming Enters the Cloud

January 2009

Government Support Could Spell Big Year for Open Source

25 Reasons For Better Programming

Web Guide Turns Playstation 3 Consoles into Supercomputing Cluster

Flagbearers for Technology: Contemporary Techniques Showcase US Artifact and European Treasures

December 2008

.Tel TLD Debuts As New Way to Network

Science Exchange

November 2008

The Future is Reconfigurable

Technique Makes Strong Encryption Easier to Use

by Linda Dailey Paulson

Organizations are beginning to adopt identity-based encryption (IBE), a communications-protection process that promises to make public-key cryptography easier to use.

Public-key cryptography uses paired keys for encrypting and decrypt ing messages, to protect electronic communications over public networks such as the Internet.

The technique uses a public encryption key and a private one that only the recipient knows. For example, Bob’s public key is the one that people use to encrypt information only for Bob, explained Luther Martin, chief security architect for information-encryption vendor Voltage Security. Anyone wishing to send Bob an encrypted message needs this key, which is why he places it in a publicly accessible location. The public key is transmitted to the sender in a digital certificate that verifies that it came from Bob.

To read his messages, Bob uses his private key, which is mathematically related to the public key. Hackers can’t read messages they intercept because they don’t have the private key.

The problem with this approach, said Martin, is that there are no standards-based means of finding someone’s public key. Most are kept in an LDAP directory of information stored in a server, which is not always easy to locate.

Ferris Research analyst Richi Jennings said public-key infrastructures are difficult to implement and maintain because they require servers for the storage of public keys, as well as key-recovery servers, and keymanagement capabilities.

IBE is a simpler process. The technology, first suggested by well-known cryptographer Adi Shamir in 1984, lets a message sender calculate a recipient’s public key from a unique identifier for the recipient.

Andy Dancer, chief technology officer for security vendor Trend Micro’s Encryption Group, said the recipient’s e-mail address or phone number could serve as an identity representation.

A trusted third-party server uses a cryptographic algorithm to calculate the corresponding public key from the recipient’s identifier. IBE generates the public key automatically and on demand, noted Michael Hong, product marketing manager for Trend Micro’s Encryption Group.

The approach thus eliminates the need for storing and finding public keys, and for dealing with digital certificates. According to Martin, IBE systems’ public keys typically are valid for only a limited amount of time.

Because IBE doesn’t require public-key storage and calculates keys only on demand, Martin said, it is easy to implement and operate. This also makes IBE less complex and less expensive to run than typical publickey systems.

Hong said IBE’s early performance, and thus its adoption, was slow because optimal mathematical techniques for use with the technology didn’t exist at the time. Meanwhile, Dancer added, commercial refinement of IBE techniques took several years.

Now, though, he said, the time is ripe for widespread adoption.


Suggestions