abstract |
A computing entity has an associated static public/private key-pair formed by a static private key comprising a secret, and a static public key comprising both a first element and that element combined with the secret. The secret is stored in higher-security storage provided, for example, by a smartcard. A short-term private key is provided for use by a computing entity in effecting cryptographic operations during an operational period. This short-term private key is generated, independently of any pending cryptographic operations, by mapping a string to a second element and multiplying that element by said secret, the first and second elements being such that a computable bilinear map exists for these elements. The short-term private key is stored in lower-security storage in the computing entity for a limited period that encompasses the operational period in respect of which the key was generated. |