IBE Retrospective

Cryptography lock and fingerprint image

The initial research that led to the first practical Identity Based Encryption (IBE) scheme was funded by The Defense Advanced Research Projects Agency (DARPA), a research and development agency of the United States Department of Defense. Created by Stanford University professors, Dr. Dan Boneh and Dr. Matt Franklin, IBE was a breakthrough in cryptography that enabled users to harness a unique identity, such as an email address, to secure communication. IBE allowed for elimination of the digital certificates that a traditional X.509 based public key infrastructure (PKI) relied upon, and afforded its practitioners numerous operational and financial benefits.

Following this successful project, an additional DoD contract was awarded to Voltage Security to develop and deploy the technology required to implement and support the Boneh-Franklin IBE cryptosystem. The DoD-funded initiatives proved highly successful, enabling the Boneh-Franklin IBE invention, and facilitating Voltage Security’s 2004 commercialization of the technology, and eventually finding a niche market for its IBE cryptosystem in securing both email communication and selected financial transactions.

Since then, however, network communication has exploded, presenting new security challenges that existing public key cryptosystems like IBE (and the more popular and pervasive PKI) cannot address. Once again, there is a need for a “next-generation” secure system – one that can accommodate a networked world that is today largely mobile, can protect data that has grown from .01 zettabytes in 2005 to a projected 163 ZB in 2025, and can stand up to the daily threats that stem from cybercrime.

Additionally, the next-generation cryptosystem has to easily scale to any level, and economically secure an unlimited number of connected things.

Verifiable Identity-Based Encryption (VIBE) vs Identity-Based Encryption (IBE)

VIBE Cybersecurity International LLC introduces Verifiable Identity-Based Encryption (VIBE). VIBE is a next-generation cryptosystem that greatly improves upon the Boneh-Franklin IBE invention that was commercialized by Voltage. Designed to address the myriad challenges our connected world faces today, VIBE has developed numerous, unique, features that render it ideally suited to economically and easily protect nations and the citizens they serve. Specifically, relative to IBE circa 2005, VIBE addresses the following challenges:

The Challenge

The VIBE Solution

Why It’s Important

IBE cannot viably validate the sender of a message.

VIBE Authenticates/Validates the sender of a message.

Without validation, the sender cannot be trusted, and the entire system is rendered vulnerable to 3rd party attacks.

IBE is susceptible to Man-in-the-Middle attacks on the Public Parameters.

VIBE eliminates the need to protect public parameters. This makes it resistant to Man-in-the-Middle attacks, which are a type of cyber- attack that can intercept and decrypt communications.

When the public parameters are changed, a common occurrence in a dynamic IBE environment, there is no way of verifying that they haven’t been altered, placing the entire IBE system at risk.

IBE systems require re-issuance of all keys in a group should a Private Key (PK) be lost or compromised, which is a practical limitation (and operational nightmare).

VIBE enables dynamic re-issuance of a user/device Private Key without the need to change the user’s/device’s basic identity or the group’s master key, and by doing so, avoids the need to re-issue all the private keys of a group.

Dynamic Private Key re-issuance becomes an easy, economical task, and ensures superior security system wide.

In an IBE system, an assumed-trustworthy, third-party Key Generation Centre (KGC) is responsible for generating Master Keys for the user. A KGC misusing its power can be disastrous, however, and this known vulnerability point in (IBE) is commonly referred to as the Key Escrow problem.

VIBE solves the Key Escrow challenge by generation and distribution of the Private Keys to two (2) Trusted Centers, which are operationally separated from each other (split ownership). The PK generation is initiated under the control of the requesting user and delivers two masked partial keys, which are transformed to a working Private Key at the user’s node/device. 

Breaches from “inside jobs” or hackers become virtually impossible with VIBE, as there is no single point of attack.

IBE requires a 1:1 Signing Requirement

VIBE enables Digital Signing (DS) resolving the existing IBE 1:1 signing requirement, thus enabling the technology to displace various PKI usage scenarios, such as Key Distribution, X.509 certificate replacement (TLS) and VPN’s.

VIBE is able to address a much larger market, and can eliminate the security threats inherent in PKI-enabled protocols like TLS.

With IBE, key reissuance and key revocation are possible, but the associated processes are highly impractical. In IBE a System Administrator would have to re-key the entire group by changing the master key, or the key requiring re-issuance has to change its identity (i.e. change its unique characteristic, such as a device serial number which is not possible).

VIBE’s key management technology provides “secure on-the-fly dynamic key re-issuance”. 

Key reissuance and key revocation processes are simple to use, do not require re-keying or re-issuance of all keys within a given group (e.g. IoT devices associated with a particular application), and can accommodate time or session-based key revocation (e.g. keys revoked immediately after communication transaction is completed).  

In today’s world, the ability to rapidly revoke and/or re-issue keys significantly reduces vulnerability.

IBE is incapable of effectively securing inter-group communication, given its inability to authenticate the sender of a given message.

VIBE is designed such that users/devices registered in the same Trusted Center (or circle of trust) can be authenticated and allowed to securely communicate with registered/devices in other Trusted Centers, subject to rules-based approvals. Envision organization’s departments, agencies, contractors and other partners each having their own secure group, with a master encryption key known only to them, and their respective users having the ability to securely communicate, peer-to-peer, with other VIBE-secured groups based on the organization’s defined rules.

Secure, authenticated communication between and among Trust Centers eliminates known vulnerabilities (e.g. breaches which originate with supply chain systems).

IBE cannot authenticate.

VIBE allows for authentication and encryption at the application layer.

Application layer authentication and encryption reduce the attack surface, so that if one application is compromised, the entire system is not at risk.

Andrew Parlock

Andrew Parlock


Andrew is a senior executive with extensive background in Applications Engineering, and in particular, Business Development. With an MBA, and an undergrad degree in Aerospace (aka “rocket science”), and having realized high-level security clearance with the US Government, Andrew is a subject-matter expert when it comes to helping our team navigate the complex world of government and its related businesses and agencies. In Andrew’s words, he “thrives in the chaos of the unknown where so many opportunities exist.”

Andrew is a senior executive with extensive background in Applications Engineering, and in particular, Business Development. With an MBA, and an undergrad degree in Aerospace (aka “rocket science”), and having realized high-level security clearance with the US Government, Andrew is a subject-matter expert when it comes to helping our team navigate the complex world of government and its related businesses and agencies. In Andrew’s words, he “thrives in the chaos of the unknown where so many opportunities exist.”


Chuck Brooks


Named Top Person To Follow on Tech by LinkedIn. Former Technology Partner Advisor at Bill and Melinda Gates Foundation. Helped “stand up” Office of Legislative at DHS. Served as first Director of Legislative Affairs at the DHS Science & Technology Directorate. A thought leader, influencer, technology evangelist. A featured writer/speaker/blogger. Topics include: homeland security, cyber security, CBRNE, artificial intelligence (AI), Internet of Things (IoT), science & technology, public/private partnerships, risk management, blockchain, innovation. Published in FORBES, Huffington Post, InformationWeek, MIT Sloan Blog, Computerworld, Federal Times, NextGov and many more.


Olivier Rouit

Senior Embedded Security Architect

Formerly educated with a degree in Applied Electronics Engineering and Industrial Computer Science from ENSEA, France, and in Artificial Intelligence from the renowned ENSIMAG University in Grenoble. France, Olivier’s first significant role in Applied Research was with Gemplus’s Telecom Division. An expert in embedded security, Olivier has worked extensively on numerous research projects ranging from the first implementation of an EAP SIM, in collaboration with CISCO, to the first implementation of a Javacard OTP with Verisign. Recognized as an expert in identity-management embedded technology, Olivier is an award-winning engineer who today is leading embedded development projects for VIBE.

Heiko Vetkamp

Heiko Vetkamp


Heiko worked at Philips for 13.5 years in several European countries, and he worked at Halo Creative & Design Ltd. at its headquarters in Hong Kong and Operations in China & US.  Heiko is a co-founder of Purive.  Heiko is a practical, professional manager with a proven track record in Supply Chain, Customer service, Planning & Logistics, Key account and Sales Management, General Management and Change Management.  Being a Certified Lean Six Sigma Black Belt, Heiko has experience in leading complex multi-site international supply chain projects, customer service & logistics management, the building and managing of intensive partnerships on several levels for international key accounts and distributors, the building of effective sales organisations, profit & loss responsibility, business development, and large integration and change management projects.

Heiko has a Master of Science (MSc) in Industrial Engineering from the Georgia Institute of Technology, in Atlanta with a focus on Economic decision analysis, and a Master of Science (MSc) in Mechanical engineering from the University of Twente in the Netherlands with a focus on Production and Operations management.  Today Heiko lives in Netherlands.  Heiko speaks Dutch, English, and German.

Craig Stark

Craig Stark


Craig Stark has over 30 years of Business Development experience with new technologies and bringing complex solutions to market from large to start-up sized companies. With deep experience in strategic partnerships, channel development, solution marketing, product and industry marketing, Craig uses an agile, collaborative approach of innovation management to build sustaining value for partners and clients. Craig has focused on IoT and transformative technologies for the past five years. His current work with Strategy of Things focuses on Smart Systems, Smart Buildings, and Platform Business Models. Prior to that, he spent six years in the smart systems development business, where he served as CTO and co-lead in design authority at Blackstone Gates, an international CX and loyalty strategy consultancy. Craig has served on the CIO Strategy Council (Data and Security Standards), The Conference Board of Canada (advisory on IP strategy) and as an industry partner for the Innovation, Science and Economic Development for the National IP Strategy council and currently supports the NSERC National IoT Research Chair in support of bridging applied research to several industry segments. Craig has supported research efforts for the US NIST IoT Infrastructure investment project to apply to several industry and vendor segments.

Paul Hager

Paul Hager


Paul has extensive experience in cybersecurity. He served as the U.S. Representative to NATO for Information Security. As Special Assistant to the Director of the NSA he participated in technology research, investment, and partnerships in international cybersecurity and telecom technologies. Early in his NSA career, he carried out system penetration testing (hacking), and was an early team member of the first U.S. National Computer Security Center. Paul has authored national and international policies and publications/books on information security. Paul earned his M.B.A. in Corporate Finance from the University of Pennsylvania Wharton School of Business, and a Master of Public Administration (MPA) in International Policy, from Harvard University. His undergraduate degrees are from the University of North Carolina, a B.S. in Mathematics and a B.A. with Honors in Psychology.


Bob Bergman

Standards Strategy

A total of 50 years of experience in software engineering, Decision Sciences, System Dynamics Modeling, Scenario Planning, International Standards, business strategy synthesis, and simulation. Bob’s background includes 12 years of flight simulator design for USAF high-performance aircraft and 28 years at Intel applying quantitative decision methodologies to improve international standards negotiations and strategic business decisions. Bob represented Intel at GSM Association, 3GPP (wireless com standards), IETF, oneM2m (IOT standards), and Open Mobile Alliance (Digital Rights Management standards). Bob attended MIT and SUNY at Albany earning a BS degree in Electrical Engineering & Computer Science, with graduate work in system dynamics.

Dr. William Young, Jr.

Dr. William “Dollar” Young, Jr


Dr. William “Dollar” Young, Jr is an accomplished strategist and technical leader with 31 years in the United States Air Force. His last Air Force position was as the initial commander of the Air Force’s newest operational organization, a first-of-its-kind wing tasked to deliver Electromagnetic Spectrum capabilities to all Air Force weapon systems and platforms via “missionware” applications, mission data, advanced networking and Electromagnetic Warfare Artificial Intelligence/Machine Learning algorithms.

Dr. Young is the creator of System-Theoretic Process Analysis for Security (STPA-Sec). STPA-Sec is the security analysis framework used to help secure many of America’s most complex new weapon systems. Dr. Young is a former consultant for MIT Lincoln Laboratory where he worked on new Security Engineering Analysis methods for the lab’s Cyber System Assessments Group. He is an Associate Research Professor at Syracuse University in the Electrical Engineering and Computer Science Dept. In this role, he is currently developing a new methodology for securing Internet of Things devices. Dr. Young previously served as the Chief Strategist for the Commander of the Air Force Air Education & Training Command.

Dr. Young earned his PhD at the Massachusetts Institute of Technology (MIT) in 2016 in Systems Engineering with an emphasis in Secure Systems Engineering. He has four Master’s Degrees. Dr. Young was one of the initial graduates of the Air Force’s Grand Strategy Program. He has a Bachelor of Science in Engineering Science with an emphasis in Electrical and Aeronautical Engineering.


Alfred Berkeley


A former president of NASDAQ. Was a Captain in the 438th Military Airlift Wing, and served as a Major in the USAF Reserve. He has testified before the Joint Committee on Economics of the US Congress, and before the House Science Committee, the House Permanent Select Committee on Intelligence, and the House Committee on Homeland Security. Served on the International Advisory Council for the Monetary Authority of Singapore, and is currently on the Board of Visitors of the University of Maryland School of Medicine, and a Trustee of Hollins University. Al earned a B.A. from the University of Virginia, and received his M.B.A. from The Wharton School at the University of Pennsylvania.