Towards Complete Encryption within Cloud-based Systems: Attribute-based Encryption

In a world of GDPR…

• Why we still have databases with non-encrypted values?
• Why do we store data on public cloud systems in a non-encrypted format?
• Why does anyone who has access to a spreadsheet, is able to see the values that are used?
• Why can’t we restrict data access to those users who provide the right attributes?

In public key encryption, we use the public key of a recipient to encrypt data, and they then use their private key to decrypt it. But we have to discover the public key in some way. This normally involves reading the key from a digital certificate. This is a rather complex system where, if you were sending an email to person, you need to get their public key, and then add that onto your key ring.

With IBE (identity-based encryption), we use something about the identity of a person, such as their email address, to generate the public key for the recipient. In this way we can easily encrypt data by only knowing the email address of the person: