[146750] in cryptography@c2.net mail archive
Re: [Cryptography] Why prefer symmetric crypto over public
daemon@ATHENA.MIT.EDU (Christian Huitema)
Sat Sep 7 16:12:22 2013
X-Original-To: cryptography@metzdowd.com
From: "Christian Huitema" <huitema@huitema.net>
To: "'Naif M. Otaibi'" <otaibinm@gmail.com>,
"'Jaap-Henk Hoepman'" <jhh@cs.ru.nl>
In-Reply-To: <CAC_smCkoZDEGviybZiHiMGMPBdGWXbwHv1J4JJ1eqD6peqf9-g@mail.gmail.com>
Date: Sat, 7 Sep 2013 12:25:35 -0700
Cc: 'Crypto' <cryptography@metzdowd.com>, 'Jon Callas' <jon@callas.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is a multipart message in MIME format.
------=_NextPart_000_0258_01CEABC5.5B7D5310
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Another argument is =E2=80=9Cminimal dependency.=E2=80=9D If you use =
public key, you depend on both the public key algorithm, to establish =
the key, and the symmetric key algorithm, to protect the session. If you =
just use symmetric key, you depend on only one algorithm.
Of course, that means getting pair-wise shared secrets, and protecting =
them. Whether that=E2=80=99s harder or more fragile than maintaining a =
key ring is a matter of debate. It is probably more robust than relying =
on CA.
- -- Christian Huitema
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using gpg4o v3.1.107.3564 - http://www.gpg4o.de/
Charset: utf-8
iQEcBAEBAgAGBQJSK32sAAoJELba05IUOHVQYEQH/iugLUvpdwZoNbtZCXFoB4O8
yP+h6RdcKIraCZww/vrUeXYodfqn9AHWHfQmf0Gx6VlEpXMasJqi8DMR4Fyy4iAk
kq5GfuGITBZjeN3gW2Xf20wK0P5nFCgD0sK0sDwuYVZmx6K5Qc4uFt4VNooCoewe
rDk48vMRkJnz409M0YXU6Fnxrl7Tm0Tuk513HwAJjNetO1OLH7vznP+iGkZjdbxp
CzGuqZuEFwl2gm7TT0I+sciTRoRiVSBmNu+fxNOai9bo2vMUG4eVjSLX+mqRcAbe
fVmpSCf9BcA01DLUlRgHityfM9HzdEbQKjdX8QvT4YCI6X7wZ21zTKB2G8ISiwI=3D
=3Dd5yn
-----END PGP SIGNATURE-----
------=_NextPart_000_0258_01CEABC5.5B7D5310
Content-Type: text/html;
name="PGPexch.htm"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="PGPexch.htm"
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta name=3DGenerator =
content=3D"Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.hoenzb
{mso-style-name:hoenzb;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Another argument is “minimal dependency.” If you use =
public key, you depend on both the public key algorithm, to establish =
the key, and the symmetric key algorithm, to protect the session. If you =
just use symmetric key, you depend on only one =
algorithm.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p> </o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Of course, that means getting pair-wise shared secrets, and =
protecting them. Whether that’s harder or more fragile than =
maintaining a key ring is a matter of debate. It is probably more robust =
than relying on CA.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p> </o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D;mso-ligatures:standard'>-- Christian Huitema<o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p> </o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p> </o:p></span></p></div></body></html>
------=_NextPart_000_0258_01CEABC5.5B7D5310
Content-Type: application/octet-stream;
name="PGPexch.htm.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="PGPexch.htm.sig"
iQEcBAABAgAGBQJSK32tAAoJELba05IUOHVQ+6AH/A+jEI+xticKd808tC+33q8zqcV2blWPT754
xdcuz0dEjzBItkQkSvQ9FZLKW8cppVbf5ZVIN+/I5AYo/+01/nhAiOPf40JJHr8exuCwVnpqaql2
ZVP/fU8l6FD57z4C75/nQS1ijaHbfSUVzTi8CeiyY5i0J/Hpq4t9618qBz5XSj39QXjg9NiYhjY3
IZIwpNSF2qzaTo4LPBq5p4j5QMLy4XtDzF8vvF0rTd3IhZNhmS2fwZGDUWv6Tz+k3fM+UCRkL3zC
7TWNz5PK5Qe5fTnSSzHomJHon3WZ23qYNsGJtG3V5xSLnZl9dsPaNcmIP9tj6oXdXUCd8CDG2Kfd
x6k=
------=_NextPart_000_0258_01CEABC5.5B7D5310
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
------=_NextPart_000_0258_01CEABC5.5B7D5310--