Certificate-based encryption
Encyclopedia
Certificate-based encryption is a system in which a certificate authority
uses ID-based cryptography
to produce a certificate. This system gives the users both implicit and explicit certification, the certificate can be used as a conventional certificate (for signatures, etc.), but also implicitly for the purpose of encryption.
This means that the user (Bob) cannot decrypt it without a currently valid certificate and also that the certificate authority cannot decrypt the message as they don't have the user's private key (i.e., there is no implicit escrow
as with ID-based cryptography, as the double encryption means they cannot decrypt it solely with the information they have).
s) and also that such attacks could effectively stop the system from working. This risk can be partially but not completely reduced by having a hierarchy of multiple certificate authorities.
movies in such a way as to make them playable only in a part of the world where they are sold. However, the fact that the region decryption key is stored on the hardware level in the DVD players substantially weakens this form of protection.
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...
uses ID-based cryptography
ID-based cryptography
ID-based encryption is an important primitive of ID-based cryptography. As such it is a type of public-key encryption in which the public key of a user is some unique information about the identity of the user...
to produce a certificate. This system gives the users both implicit and explicit certification, the certificate can be used as a conventional certificate (for signatures, etc.), but also implicitly for the purpose of encryption.
Example
A user Alice can doubly encrypt a message using another user's (Bob) public key and his (Bob's) identity.This means that the user (Bob) cannot decrypt it without a currently valid certificate and also that the certificate authority cannot decrypt the message as they don't have the user's private key (i.e., there is no implicit escrow
Escrow
An escrow is:* an arrangement made under contractual provisions between transacting parties, whereby an independent trusted third party receives and disburses money and/or documents for the transacting parties, with the timing of such disbursement by the third party dependent on the fulfillment of...
as with ID-based cryptography, as the double encryption means they cannot decrypt it solely with the information they have).
Key revocation
Key revocation can be added to the system by requiring a new certificate to be issued as frequently as the level of security requires. Because the certificate is "public information", it does not need to be transmitted over a secret channel. The downside of this is the requirement for regular communication between users and the certificate authority, which means the certificate authority is more vulnerable to electronic attacks (such as denial-of-service attackDenial-of-service attack
A denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
s) and also that such attacks could effectively stop the system from working. This risk can be partially but not completely reduced by having a hierarchy of multiple certificate authorities.
Practical applications
The best example of practical use of certificate-based encryption is Content Scrambling System (CSS), which is used to encode DVDDVD
A DVD is an optical disc storage media format, invented and developed by Philips, Sony, Toshiba, and Panasonic in 1995. DVDs offer higher storage capacity than Compact Discs while having the same dimensions....
movies in such a way as to make them playable only in a part of the world where they are sold. However, the fact that the region decryption key is stored on the hardware level in the DVD players substantially weakens this form of protection.