Sakai-Kasahara Key Encryption (SAKKE)
RFC 6508

 
Document Type RFC - Informational (February 2012; No errata)
Was draft-groves-sakke (individual in sec area)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 6508 (Informational)
Telechat date
Responsible AD spt
IESG note Tim Polk (tim.polk@nist.gov) is the shepherd.
Send notices to Michael.Groves@cesg.gsi.gov.uk, tim.polk@nist.gov, draft-groves-sakke@ietf.org
Internet Engineering Task Force (IETF)                         M. Groves
Request for Comments: 6508                                          CESG
Category: Informational                                    February 2012
ISSN: 2070-1721

                 Sakai-Kasahara Key Encryption (SAKKE)

Abstract

   In this document, the Sakai-Kasahara Key Encryption (SAKKE) algorithm
   is described.  This uses Identity-Based Encryption to exchange a
   shared secret from a Sender to a Receiver.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It has been approved for publication by the Internet
   Engineering Steering Group (IESG).  Not all documents approved by the
   IESG are a candidate for any level of Internet Standard; see Section
   2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6508.

Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Groves                        Informational                     [Page 1]
RFC 6508                          SAKKE                    February 2012

Table of Contents

   1. Introduction ....................................................2
      1.1. Requirements Terminology ...................................3
   2. Notation and Definitions ........................................3
      2.1. Notation ...................................................3
      2.2. Definitions ................................................5
      2.3. Parameters to Be Defined or Negotiated .....................6
   3. Elliptic Curves and Pairings ....................................7
      3.1. E(F_p^2) and the Distortion Map ............................7
      3.2. The Tate-Lichtenbaum Pairing ...............................7
   4. Representation of Values ........................................9
   5. Supporting Algorithms ..........................................10
      5.1. Hashing to an Integer Range ...............................10
   6. The SAKKE Cryptosystem .........................................11
      6.1. Setup .....................................................11
           6.1.1. Secret Key Extraction ..............................11
           6.1.2. User Provisioning ..................................11
      6.2. Key Exchange ..............................................12
           6.2.1. Sender .............................................12
           6.2.2. Receiver ...........................................12
      6.3. Group Communications ......................................13
   7. Security Considerations ........................................13
   8. References .....................................................15
      8.1. Normative References ......................................15
      8.2. Informative References ....................................15
   Appendix A. Test Data..............................................17

1.  Introduction

   This document defines an efficient use of Identity-Based Encryption
   (IBE) based on bilinear pairings.  The Sakai-Kasahara IBE
   cryptosystem [S-K] is described for establishment of a shared secret
   value.  This document adds to the IBE options available in [RFC5091],
   providing an efficient primitive and an additional family of curves.

   This document is restricted to a particular family of curves (see
   Section 2.1) that have the benefit of a simple and efficient method
   of calculating the pairing on which the Sakai-Kasahara IBE
   cryptosystem is based.

   IBE schemes allow public and private keys to be derived from
   Identifiers.  In fact, the Identifier can itself be viewed as
   corresponding to a public key or certificate in a traditional public
   key system.  However, in IBE, the Identifier can be formed by both
   Sender and Receiver, which obviates the necessity of providing public
   keys through a third party or of transmitting certified public keys

Groves                        Informational                     [Page 2]
Show full document text