Certificateless cryptography is a variant of ID-based cryptography intended to prevent any need for key escrow. It does this by splitting the private key generations stage between a user and a third party. One disadvantage of this is that the identity information no longer forms the entire public key. ID-based cryptography (or identity based cryptography or identity based encryption) is a key authentication system in which the public key of a user is some unique information about the identity of the user (e. ... Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party, so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security. ... ...

To encrypt a message to another user, three pieces of information are needed: 1) the other user's public key and 2) identity, and also 3) the third party's public information. To decrypt, a user just needs to use their private key.

This system doesn't need certificates as no valid pair of private & public key can be generated without the secret information provided by the third party.

Although the level of trust that is placed in the third party is reduced in this system it is still high, as high as that placed in certificate authorities. This is because if the third party wished to break the system by generating fake public keys, it could still do so. It could not however decrypt messages which have been encrypted using a properly generated public key. In cryptography, a certificate authority or certification authority (CA) is an entity which issues digital certificates for use by other parties. ...

References

• Sattam S. Al-Riyami and Kenneth G. Paterson, Certificateless Public Key Cryptography , Lecture Notes in Computer Science, pp. 452 - 473, 2003 [1].