We introduce the notion of certificate-based encryption. In this model, a certificate - or, more generally, a signature - acts not only as a certificate but also as a decryption key. To decrypt a message, a keyholder needs both its secret key and an up-to-date certificate from its CA (or a signature from an authorizer). Certificate-based encryption combines the best aspects of identity-based encryption (implicit certification) and public key encryption (no escrow). We demonstrate how certificate-based encryption can be used to construct an efficient PKI requiring less infrastructure than previous proposals, including Micali's Novomodo, Naor-Nissim and Aiello-Lodha-Ostrovsky. © International Association for Cryptologic Research 2003.
CITATION STYLE
Gentry, C. (2003). Certificate-based encryption and the certificate revocation problem. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2656, 272–293. https://doi.org/10.1007/3-540-39200-9_17
Mendeley helps you to discover research relevant for your work.