my $ID_c = 'node_id=1382'; # chromatic is looking to join our IBE
  my $Q_c  = $pairing->init_G1->set_to_hash( sha1($ID_c) );
  my $x_c  = $pairing->init_Zr->random;
  my $X_c  = $pairing->init_G2->pow_zn( $P, $x_c );
  my $req  = $X_c->as_bytes;

  # we transmit $X_c in the open along with our request for $d_c
  # the TA then builds our private key and constructs a secret $W_0.
  # IRL, the TA would calculate $Q_c on its own ...
  my $dtmp = $pairing->init_G1->pow_zn( $Q_c, $s );
  my $W_0  = $pairing->init_GT->e_hat( 
      $pairing->init_G2->set_to_bytes($req)->pow_zn( $s ), # only the TA can make this
      $P_pub );
  my $cipher0 = new Crypt::CBC({header=>"randomiv", cipher=>"Blowfish", key=>$W_0->as_bytes});
  my $reqfil  = $cipher0->encrypt( $dtmp->as_bytes );

  # Back at the $ID_c node, we can recover our private key
  # from $reqfil like so:
  my $W_1     = $pairing->init_GT->e_hat( $P_pub, $P_pub )->pow_zn($x_c);
  my $cipher1 = new Crypt::CBC({header=>"randomiv", cipher=>"Blowfish", key=>$W_1->as_bytes});
  my $d_c     = $pairing->init_G1->set_to_bytes( $cipher1->decrypt( $reqfil ) );

  print "I have aquired my key from the TA over a secure authentic channel:\n\t",
      substr($dtmp->as_base64, 0, 80), "\n\t", 
      substr($d_c->as_base64, 0, 80), "\n\n";