Expand description
Identity-Based Encryption (IBE) for simplified key management.
IBE allows deriving public keys directly from arbitrary identities (email, node ID, etc.) without requiring a certificate infrastructure. This is particularly useful for P2P systems where nodes join and leave dynamically.
This implementation uses a simplified hash-based IBE scheme suitable for the CHIE protocol:
- Master key authority generates public parameters
- User secret keys are derived from identity strings using HKDF
- Encryption uses hybrid encryption (X25519 + ChaCha20-Poly1305)
- Identity-based key derivation simplifies key distribution
§Example
use chie_crypto::ibe::{IbeMaster, IbeParams};
// Setup: Master authority generates public parameters
let master = IbeMaster::generate();
let params = master.public_params();
// Extract user secret key for an identity
let alice_id = "alice@example.com";
let alice_sk = master.extract_secret_key(alice_id);
// Encrypt to Alice using only her identity
let plaintext = b"Secret message for Alice";
let ciphertext = params.encrypt(alice_id, plaintext).unwrap();
// Alice decrypts using her secret key
let decrypted = alice_sk.decrypt(&ciphertext).unwrap();
assert_eq!(plaintext.as_slice(), decrypted.as_bytes());Structs§
- IbeCiphertext
- IBE ciphertext.
- IbeMaster
- IBE master authority.
- IbeMaster
Key - Master secret key for IBE system.
- IbeParams
- Public parameters for IBE system.
- IbeSecret
Key - User secret key for a specific identity.
Enums§
- IbeError
- Errors that can occur during IBE operations.
Type Aliases§
- IbeResult
- Result type for IBE operations.