QUANTITATIVE EVALUATION OF IDENTITY BASED CRYPTOGRAPHY IN AN AUTHENTICATION SCENARIO.

Identity based cryptography is a particular case of asymmetric cryptography in which the public key is chosen so that it uniquely identifies its owner. This information can be any identifier of a person or a system, like the e-mail address, the IP address, and so on. This way there is no need for certificates, because such public keys can be managed very easy. This certificate less operation of identity based cryptography has obvious advantages over classical asymmetric cryptography because it eliminates all the validations required by the use of certificates. But can this advantage be quantified? Asymmetric cryptography is very popular, and, even with all the research conducted in order to promote the use of identity based cryptography, it is still used only in a limited number of applications. Our purpose is to quantitatively evaluate the difference between these two types of asymmetric cryptography in order to have a formal way of comparison between them. For these we have chosen an authentication scenario, giving the fact that authentication is used in the vast majority of security applications. In order to obtain the quantitative results we have implemented Needham-Schroeder protocol using both classical asymmetric cryptography and identity based cryptography. Then we measured the time needed for the authentication of the two parties in each of the case. The results suggest that, at the setup phase, identity based cryptography is slower than traditional asymmetric cryptography, but that after it, it is faster. [ABSTRACT FROM AUTHOR]