At Thu, 28 Feb 2008 15:04:21 -0500,
Hadriel Kaplan wrote:
> > -----Original Message-----
> > From: sip-bounces at ietf.org [mailto:sip-bounces at ietf.org] On Behalf Of Eric
> > Rescorla
> > Sent: Thursday, February 28, 2008 2:14 PM
> > To: Dean Willis
> > Cc: sip at ietf.org
> > Subject: Re: [Sip] comments on draft-kupwade-sip-iba-00
> >
> > At Thu, 28 Feb 2008 12:46:21 -0600,
> > Dean Willis wrote:
> >
> > Yes, and this is all equally possible with PKI systems. As I
> > said at the beginning, the only thing that IBS is bringing
> > to the party here is a smaller credential. As far as I'm
> > awre, the size of the cert is not the primary reason for lack
>
> of adoption of any of these schemes
> >
> > Again, what does IBS bring to the party except compression? [0].
>
> I agree with you in general about IBS (but I like IBE); but it's not
> just compression that IBE brings. When you receive a PKI cert from
> an individual, you have to do a verification step that their cert
> was signed by the CA. Assuming you share the same CA and all,
> you're still doing a signature validation operation of the
> individual's cert before you can then go validate what it is they
> signed, with that user cert. Right? If you share the same KG, you
> skip that validation step. Although I guess you have to generate
> the individual's public key, which is probably just as taxing an
> operation. So maybe it's a wash.
I can't tell what your concern is? Performance?
There are a lot of different designs that trade off the
speed of various
operations. In general, at least one
of the operations (encrypt, decrypt) requires a pairing
operation, so IB* systems are in aggregate slower than
comparable non-IB* systems.
Elliptic Curve Pairing operation is faster than the usual RSA operation.
The bench mark program in the paring based crypto-library developed by the Dan Boneh?s research group shows how Elliptic curve parings ( Tate pairings) are faster than the usual RSA decryption scheme.
- Harsh
-Ekr