[146710] in cryptography@c2.net mail archive
Re: [Cryptography] Why prefer symmetric crypto over public key
daemon@ATHENA.MIT.EDU (Jon Callas)
Fri Sep 6 22:35:51 2013
X-Original-To: cryptography@metzdowd.com
From: Jon Callas <jon@callas.org>
In-Reply-To: <D64757F5-D269-45AB-9309-23BE06310E7B@cs.ru.nl>
Date: Fri, 6 Sep 2013 19:02:47 -0700
To: Jaap-Henk Hoepman <jhh@cs.ru.nl>
Cc: Crypto <cryptography@metzdowd.com>, Jon Callas <jon@callas.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============4189349932341596339==
Content-Type: multipart/signed;
boundary="PGP_Universal_A594A93A_7282D1B3_C6D5925D_DEE7C543";
protocol="application/pgp-signature";
micalg="pgp-sha1"
--PGP_Universal_A594A93A_7282D1B3_C6D5925D_DEE7C543
Content-Type: multipart/alternative; boundary="Apple-Mail=_A233A1AF-F0DF-48F3-8DF2-2E67A3834D6D"
--Apple-Mail=_A233A1AF-F0DF-48F3-8DF2-2E67A3834D6D
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On Sep 6, 2013, at 6:13 AM, Jaap-Henk Hoepman <jhh@cs.ru.nl> wrote:
> In this oped in the Guardian
>=20
> =
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surv=
eillance
>=20
> Bruce Schneier writes: "Prefer symmetric cryptography over public-key =
cryptography." The only reason I can think of is that for public key =
crypto you typically use an American (and thus subverted) CA to get the =
recipients public key.=20
>=20
> What other reasons could there be for this advice?
Public-key cryptography is less well-understood than symmetric-key =
cryptography. It is also tetchier than symmetric-key crypto, and if you =
pay attention to us talking about issues with nonces, counters, IVs, =
chaining modes, and all that, you see that saying that it's tetchier =
than that is a warning indeed.
The magic of public key crypto is that it gets rid of the key management =
problem -- if I'm going to communicate with you with symmetric crypto, =
how do I get the keys to you? The pain of it is that it replaces it with =
a new set of problems. Those problems include that the amazing power of =
public-key crypto tempts one to do things that may not be wise.
Jon
--Apple-Mail=_A233A1AF-F0DF-48F3-8DF2-2E67A3834D6D
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><br><div><div>On Sep 6, 2013, at 6:13 AM, Jaap-Henk Hoepman <<a =
href=3D"mailto:jhh@cs.ru.nl">jhh@cs.ru.nl</a>> wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><meta =
http-equiv=3D"content-type" content=3D"text/html; charset=3Dutf-8"><div =
dir=3D"auto"><div><span></span></div><div><meta =
http-equiv=3D"content-type" content=3D"text/html; charset=3Dutf-8"><div =
style=3D"-webkit-text-size-adjust: auto; ">In this oped in the =
Guardian</div><div style=3D"-webkit-text-size-adjust: auto; =
"><br></div><div style=3D"-webkit-text-size-adjust: auto; "><a =
href=3D"http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-sec=
ure-surveillance">http://www.theguardian.com/world/2013/sep/05/nsa-how-to-=
remain-secure-surveillance</a></div><div =
style=3D"-webkit-text-size-adjust: auto; "><br></div><div =
style=3D"-webkit-text-size-adjust: auto; ">Bruce Schneier =
writes: "<span style=3D"background-color: rgba(255, 255, 255, 0); =
">Prefer symmetric cryptography over public-key cryptography." The only =
reason I can think of is that for public key crypto you typically use an =
American (and thus subverted) CA to get the recipients public =
key. </span></div><div style=3D"-webkit-text-size-adjust: auto; =
"><span style=3D"background-color: rgba(255, 255, 255, 0); =
"><br></span></div><div style=3D"-webkit-text-size-adjust: auto; "><span =
style=3D"background-color: rgba(255, 255, 255, 0); ">What other reasons =
could there be for this =
advice?</span></div></div></div></blockquote><br></div><div>Public-key =
cryptography is less well-understood than symmetric-key cryptography. It =
is also tetchier than symmetric-key crypto, and if you pay attention to =
us talking about issues with nonces, counters, IVs, chaining modes, and =
all that, you see that saying that it's tetchier than that is a warning =
indeed.</div><div><br></div><div>The magic of public key crypto is that =
it gets rid of the key management problem -- if I'm going to communicate =
with you with symmetric crypto, how do I get the keys to you? The pain =
of it is that it replaces it with a new set of problems. Those problems =
include that the amazing power of public-key crypto tempts one to do =
things that may not be wise.</div><div><br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre"> =
</span>Jon</div><div><br></div><br></body></html>=
--Apple-Mail=_A233A1AF-F0DF-48F3-8DF2-2E67A3834D6D--
--PGP_Universal_A594A93A_7282D1B3_C6D5925D_DEE7C543
Content-Type: application/pgp-signature;
x-mac-type=70674453;
name=PGP.sig
Content-Disposition: attachment; filename=PGP.sig
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
iQA/AwUBUiqJSLE3nVmTg94GEQKw1wCg5ty22CPFowM/2Xal5N/PZGlQkC4An1Dv
xQsWwrO48Ua00AaMaqQ+R+vj
=L+Es
-----END PGP SIGNATURE-----
--PGP_Universal_A594A93A_7282D1B3_C6D5925D_DEE7C543--
--===============4189349932341596339==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============4189349932341596339==--