[148311] in cryptography@c2.net mail archive
Re: [Cryptography] Explaining PK to grandma
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Wed Nov 27 17:26:36 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <alpine.LFD.2.02.1311271553360.4266@laptop.kerry-linux.ie>
Date: Wed, 27 Nov 2013 16:39:19 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ralf Senderek <crypto@senderek.ie>
Cc: Jerry Leichter <leichter@lrw.com>, Cryptography <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============2888818471302933068==
Content-Type: multipart/alternative; boundary=089e014941f4f8eaa504ec2f6dac
--089e014941f4f8eaa504ec2f6dac
Content-Type: text/plain; charset=ISO-8859-1
On Wed, Nov 27, 2013 at 10:03 AM, Ralf Senderek <crypto@senderek.ie> wrote:
>
> Jerry Leichter wrote:
>
> *But*, there is one thing that may need, no so much "explanation" in the
>> sense of conveying a deep understanding, as "training". Somehow, a user of
>> secure email has to know how to get a key for themselves; how to move that
>> key to different machines;
>
>
No!
All the user needs to know is how to configure their email on a different
machine. If it takes more than giving the machine the address of the
account and authorizing the new machine to connect to it then it has failed.
that they must *not* give that key to anyone else.
>
>
No! No!
Make the scheme so that Grandma can't give her key to someone else without
a great deal of effort.
Imagine Granny has a little box next to her computer that does all
> the nasty crypto stuff she does not need to know about. Let us call
> it the crypto pi. All she can do is plug a memory stick in to feed the
> box some texts and pull another second memory key out to carry her
> encrypted text off to her lappy.
>
I think you are talking about the scheme that people like us might use.
Unless Grandma is running a revolutionary cell, I don't think we need to go
quite that far.
I certainly agree that for a particular class of user we want to lock it
down that well. But not for Grandma.
The NSA can't compromise every endpoint without being noticed. The more
times they get noticed, the more likelihood of an investigation eventually
taking place. And if that ever happens there is no knowing where it might
end up.
--
Website: http://hallambaker.com/
--089e014941f4f8eaa504ec2f6dac
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Wed, Nov 27, 2013 at 10:03 AM, Ralf Senderek <span dir=3D"ltr">&=
lt;<a href=3D"mailto:crypto@senderek.ie" target=3D"_blank">crypto@senderek.=
ie</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><br>
Jerry Leichter wrote:<br>
<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
*But*, there is one thing that may need, no so much "explanation"=
in the sense of conveying a deep understanding, as "training". =
=A0Somehow, a user of secure email has to know how to get a key for themsel=
ves; how to move that key to different machines;</blockquote>
</blockquote><div><br></div><div>No!</div><div>=A0</div><div>All the user n=
eeds to know is how to configure their email on a different machine. If it =
takes more than giving the machine the address of the account and authorizi=
ng the new machine to connect to it then it has failed.</div>
<div><br></div><div><br></div><blockquote class=3D"gmail_quote" style=3D"ma=
rgin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote cl=
ass=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;p=
adding-left:1ex">
that they must *not* give that key to anyone else. </blockquote></blockquo=
te><div><br></div><div>No! No!</div><div><br></div><div>=A0</div><div>Make =
the scheme so that Grandma can't give her key to someone else without a=
great deal of effort.</div>
<div><br></div><div><br></div><blockquote class=3D"gmail_quote" style=3D"ma=
rgin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Imagine Granny=
has a little box next to her computer that does all<br>
the nasty crypto stuff she does not need to know about. Let us call<br>
it the crypto pi. All she can do is plug a memory stick in to feed the<br>
box some texts and pull another second memory key out to carry her<br>
encrypted text off to her lappy.<br></blockquote><div><br></div><div>I thin=
k you are talking about the scheme that people like us might use. Unless Gr=
andma is running a revolutionary cell, I don't think we need to go quit=
e that far.</div>
<div><br></div><div>I certainly agree that for a particular class of user w=
e want to lock it down that well. But not for Grandma.</div><div><br></div>=
<div><br></div><div>The NSA can't compromise every endpoint without bei=
ng noticed. The more times they get noticed, the more likelihood of an inve=
stigation eventually taking place. And if that ever happens there is no kno=
wing where it might end up.=A0</div>
<div><br></div><div><br></div></div><div><br></div>-- <br>Website: <a href=
=3D"http://hallambaker.com/">http://hallambaker.com/</a><br>
</div></div>
--089e014941f4f8eaa504ec2f6dac--
--===============2888818471302933068==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============2888818471302933068==--
