I'm not clear what you're trying to ask, so I'm going to make up a couple things, and answer them. Let me know if I'm getting warm
First, "identity based encryption" isn't really an encryption scheme so much as a key management scheme. In any public/private — or, technically, "asymmetric" — encryption, there are two keys. One of them is used to encrypt, one to decrypt, and they have the special property that if you know one of them, it's still exponentially hard (or thought to be exponentially hard) to construct the other one. So, I can for example encrypt a letter to you using my private key; I publish my public key. If you can decrypt the letter using the public key, you have assurance that I was the one who really sent it. This is the core idea of digital signing schemes.
The problem is that you have to have a way of generating and managing those keys, and that turns out to be hard, because the scheme is only as good as the protection you have on your private key. There are a number of methods for doing this.
ID based encryption attempts to simplify this key management problem by proposing special algorithms that construct private keys from a known public piece of information: say an email address. To do this in a way that still makes it hard to figure out the private side, you need to have a trusted entity who constructs the private key based on some other secret they know. So, to establish your communications with someone who knows your email address. you go to the trusted provider and ask for the private key to be generated. The person you want to communicate with knows what provider you use, and gets a master public key from that provider.
Now, the person you want to send to can then generate the public side from your ID without knowing anything except some master key information from the provider; the key is never transmitted direction.
In other words, it looks like this: Alice wants to send email to Bob that's encrypted. They both trust a provider, Tom.
- Alice sends a request to Tom with her email address "[email protected]", and gets back a private key P. There is a corresponding public key p, but Tom doesn't send that to anyone.
- Bob sends a request to Tom and gets Tom's master public key m.
- Alice encrypts her message "x" with her private key, giving {"x"}P. (That notation is just "message "x" "wrapped" or encryption with key P.) Alice then sends that message to Bob.
- Bon uses his knowledge of Alice's email address and Tom's master key m, and computes. p=f("[email protected]", m). Now he applies the decryption decrypt({"x")P, p) and poof, out comes Alice's message.
The thing about these schemes is that it simplifies some key management issues, but only somewhat. You still need to generate the keys, and what's worse, you have to really trust Tom, because he knows everything: he can generate your private key, and encrypt with it, making any message look like it came from you. What this means is that it creates an inherent key escrow scheme; your private key can be found out.
Some ways this is good; it handles the problem of lost keys. But for most reasons people want to use encryption, it's bad. Now someone can subpoena Tom, or just beat him up, and get at your private data.
The result is that ID based encryption alone is a nifty idea, but hasn't got a lot of a market.