[drog]

You are correct, but I think "identity based encryption" protocols can run in MPC mode. Multiple parties will generate distributed secret that will be used to generate private keys. Anyone can easily generate public key for any identity (e.g. email) for the given "key generator" setup using public data of this setup. But for a user to get their private key, they need to assemble secrets by proving their identity to multiple independent parties - you have to hack every one of them to restore the private key of user.