Identity-based utility: IdentiCrypt. All of the discussions on various weblogs about digital identity have been most interesting to follow. But they've left me (and, perhaps, others) a bit hanging with respect to what might actually motivate deployment of a broader-based, more open identity infrastructure.
On my walk around the big block this beautiful Sunday afternoon, I got to thinking about the private RSS capability that Userland implemented to allow modest security to be interposed between an RSS feed and the general public. Using this capability, you can setup a private RSS feed that uses HTTP basic authentication to limit access to those who know the userid/password combination to get to the RSS file on your server. Depending on how you setup your server and manage access to it, you can allow your readers to share userid/passwords (across a workgroup for example) or you can (following better security practices) assign unique userid/password pairs individually. It's all up to you.
But what if you wanted to send someone (or give them access to) a file (like a private RSS file) more securely than basic HTTP access authentication provides? How would you do that? Lots of ways exist, I suppose - involving some sort of pre-arranged approach to sharing a secret key or using a public key approach.
Along comes something called identity-based encryption (IBE). IBE implements a public-key cryptosystem for securing messages -- but does it in a unique way: anyone can use your identity as the key to encrypting messages meant only for you. The sender doesn't need to know your key to send you the encrypted message -- just your identity. In fact, you don't even have to know your key in advance of them sending you the encrypted message. How's that for putting your identity to work?
Dan Boneh and a small team at Stanford have been working on this problem. IdentiCrypt is now offering a beta download plug-in that implements this technique for secure email. IdentiCrypt is also posting to hire smart people to work on this effort.
Good stuff! [Scott Loftesness]
5:21:19 AM 
|
