Using the Boneh-Franklin and Boneh-Boyen Identity-Based Encryption Algorithms with the Cryptographic Message Syntax (CMS)
RFC 5409
Network Working Group L. Martin
Request for Comments: 5409 Voltage Security
Category: Informational M. Schertler
Axway
January 2009
Using the Boneh-Franklin and Boneh-Boyen Identity-Based Encryption
Algorithms with the Cryptographic Message Syntax (CMS)
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (http://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Abstract
This document describes the conventions for using the Boneh-Franklin
(BF) and Boneh-Boyen (BB1) identity-based encryption algorithms in
the Cryptographic Message Syntax (CMS) to encrypt content-encryption
keys. Object identifiers and the convention for encoding a
recipient's identity are also defined.
Martin & Schertler Informational [Page 1]
RFC 5409 Using IBE with CMS January 2009
Table of Contents
1. Introduction ....................................................2
1.1. Terminology ................................................3
1.2. IBE Overview ...............................................3
2. Using Identity-Based Encryption .................................3
3. Key Encryption Algorithm Identifiers ............................6
4. Processing by the Sender ........................................7
5. Processing by the Receiver ......................................7
6. ASN.1 Module ....................................................8
7. Security Considerations .........................................9
7.1. Attacks outside the Scope of This Document .................9
7.2. Attacks within the Scope of This Document .................10
7.3. Attacks to Which the Protocols Defined in This Document
Are Susceptible............................................11
8. References .....................................................12
8.1. Normative References ......................................12
8.2. Informative References ....................................12
1. Introduction
This document defines the way to use the Boneh-Franklin [IBCS] and
Boneh-Boyen [IBCS] identity-based encryption (IBE) public-key
algorithms in the Cryptographic Message Syntax (CMS) [CMS]. IBE is a
public-key technology for encrypting content-encryption keys (CEKs)
that can be implemented within the framework of the CMS: the
recipient's identity is incorporated into the EnvelopedData CMS
content type using the OtherRecipientInfo CHOICE in the RecipientInfo
field as defined in Section 6.2.5 of [CMS]. This document does not
describe the implementation of the BF and BB1 algorithms, which are
described in detail in [IBCS].
IBE algorithms are a type of public-key cryptographic algorithm in
which the public key is calculated directly from a user's identity
instead of being generated randomly. This requires a different set
of steps for encryption and decryption than would be used with other
public-key algorithms, and these steps are defined in Sections 4 and
5 of this document, respectively.
This document also defines the object identifiers and syntax of the
object that is used to define the identity of a message recipient.
CMS values and identity objects are defined using ASN.1 [ASN1].
Martin & Schertler Informational [Page 2]
RFC 5409 Using IBE with CMS January 2009
1.1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [KEYWORDS].
1.2. IBE Overview
In addition to the client components that are described in this
document, the following additional components are required for a
complete IBE messaging system.
o A Private-Key Generator (PKG). The PKG contains the
cryptographic material, known as a master secret, for
generating an individual's IBE private key. A PKG accepts an
IBE user's private key request and, after successfully
authenticating them in some way, returns their IBE private key.
Show full document text