Main Page | See live article | Alphabetical index Certificateless Cryptography is a variant of ID-based cryptography that tries to remove key escrow. It does this by splitting the private key generations stage between the user and the third party. The downside of this is that the identity no longer forms the entire public key. To encrypt a message to another user three pieces of information are needed the other user's public key and identity and also the third party's public information. To decrypt a user just needs to use their private key. This system doesn't need certificates as no valid pair of private & public key can be generated without the secret information provided by the third party. Although the level of trust that is placed in the third party is reduced in this system it is still high, as high as that placed in Certificate Authoritys. This is because if the third party wished to break the system by generating fake public keys it could still do so (it could not however decrypt messages which have been encrypted using a validly generated public key). This article is from Wikipedia. All text is available under the terms of the GNU Free Documentation License.