[prev in list] [next in list] [prev in thread] [next in thread] 

List:       otr-dev
Subject:    Re: [OTR-dev] Identity Based Encryption plug-in based on OTR
From:       Ian Goldberg <ian () cypherpunks ! ca>
Date:       2008-03-06 0:48:43
Message-ID: 20080306004843.GE5786 () yoink ! cs ! uwaterloo ! ca
[Download RAW message or body]

> I think that one if the reasons why responses have been lacking is
> because there is a philosophical conflict: OTR is all about the user
> retaining control of his communications and keys. while IBE is
> necessarily [1] about centralised key control and administration.
> 
> But I don't know enough about the OTR libraries to answer you anyway.
> 
> 
> [1] unless you have invented something new in IBE - if anyone is
> interested, perhaps one of Ian students?, I have a small suggestion and
> no time to work on it.

One of my students and I have actually implemented IBE with a
distributed PKG, so that some threshold number of PKG nodes would have
to collude to recover your private key.  Agreed that it doesn't make
much sense in the IM context, though, as you've necessarily got an
interactive communication channel over which you can do key exchange.

http://www.cacr.math.uwaterloo.ca/techreports/2007/cacr2007-33.pdf

   - Ian

[prev in list] [next in list] [prev in thread] [next in thread]