InfoWorld: E-mail encryption as easy as remembering who you are

An interesting concept, I’d love to see this implemented for existing open source software like GnuPG.

The method Boneh and Franklin developed employs the mathematical technique of bilinear mappings, known as Weil and Tate pairings, on elliptic curves to obtain an algorithm that transforms a simple identity string (such as a phone number or e-mail address) into a public-private key pair, where the public key is the identity string. The beauty is that the process is self-serve; key users need not be pre-registered. « You can encrypt e-mail to me even before I’ve bothered to register [with the key server] as an individual, » Franklin observes.

InfoWorld: E-mail encryption as easy as remembering who you are: May 21, 2004: By P.J. Connolly : DATA_MANAGEMENT : NETWORKING : SECURITY

I’ll have to read more on their methods, as one of the key problems in establishing identity is finding characteristics that are unique to an individual. PKI relies on creating a unique certificate and then tying that to an individual responsible for proving/augmenting the proof the link is authentic.

This method takes the opposite path, relying on publicly available information to create a unique set of identifying characteristics (the public-key). Smart and easier but is it safer ?