[146722] in cryptography@c2.net mail archive
Re: [Cryptography] Why prefer symmetric crypto over public key
daemon@ATHENA.MIT.EDU (Jon Callas)
Sat Sep 7 02:52:52 2013
X-Original-To: cryptography@metzdowd.com
From: Jon Callas <jon@callas.org>
In-Reply-To: <94DC5527-4012-4F81-977B-6BE2069C8D89@cs.ru.nl>
Date: Fri, 6 Sep 2013 23:50:26 -0700
To: Jaap-Henk Hoepman <jhh@cs.ru.nl>
Cc: Crypto <cryptography@metzdowd.com>, Jon Callas <jon@callas.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sep 6, 2013, at 11:05 PM, Jaap-Henk Hoepman <jhh@cs.ru.nl> wrote:
>>
>> Public-key cryptography is less well-understood than symmetric-key cryptography. It is also tetchier than symmetric-key crypto, and if you pay attention to us talking about issues with nonces, counters, IVs, chaining modes, and all that, you see that saying that it's tetchier than that is a warning indeed.
>
> You have the same issues with nonces, counters, etc. with symmetric crypto so I don't see how that makes it preferable over public key crypto.
Point taken.
Bruce made a quip, and I offered an explanation about why that quip might make sense.
I have also, in debate with Jerry, opined that public-key cryptography is a powerful thing that can't be replaced with symmetric-key cryptography. That's something that I firmly believe. At its most fundamental, public-key crypto allows one to encrypt something to someone whom one does not have a prior security relationship with. That is powerful beyond words.
If you want to be an investigative reporter and want to say, "If you need to talk to me privately, use K" -- you can't do it with symmetric crypto; you have to use public-key. If you are a software developer and want to say say, "If you find a bug in my system and want to tell me, use K" -- you can't do it with symmetric crypto.
Heck, if you want to leave someone a voicemail securely you've never talked to, you need public key crypto.
That doesn't make Bruce's quip wrong, it just makes it part of the whole story.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii
wj8DBQFSKsy0sTedWZOD3gYRAm9wAJ9k8cASoXlfYOK/d0jrMtXQ8N/XegCg3ikv
miKwWy0D+O8JGF+6hh1Y3oU=
=msNM
-----END PGP SIGNATURE-----
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
