[3079] in cryptography@c2.net mail archive
Re: practical encryption
daemon@ATHENA.MIT.EDU (P. J. Ponder)
Sun Jul 26 14:39:19 1998
Date: Sat, 25 Jul 1998 11:46:42 -0400 (EDT)
From: "P. J. Ponder" <ponder@freenet.tlh.fl.us>
To: Dan Geer <geer@world.std.com>
cc: cryptography@c2.net
In-Reply-To: <199807241347.AA29244@world.std.com>
The discipline of key management is one of the harder aspects of properly
implementing a cryptographic system. Most people (actually, more like
'almost all') have no experience with the concept of managing keys, either
in a private key system, or in a more complex and recondite public key
system. Many people are familiar with the idea of access control through
the use of a password or PIN, but this isn't the same thing as 'real' key
management.
If you forget your password on the office LAN, someone from the help desk
will reset it and off you go again. If you forget your bank card's PIN,
you can get the bank to issue a new card or reset the old one. If you
forget your passphrase for PGP, well, you're in trouble. There is no
easily understood differentiation between these cases for people who don't
know, understand, and use cryptography.
Some military units, and some other national intgelligence agencies, and
some advanced technical and financial businesses have procedures and
discipline for managing cryptographic keys. Few people know how to manage
keys and actually use these procedures as part of their daily activities.
The vast majority of people are not prepared today to use strong
cryptography because they have no experience in handling sensitive
information and they have never been trained in the discipline of key
management. Nor do they have other similar experiences or training in
protecting intangible objects that will help them understand the
principles of key management.
If you make it so easy that 'they don't even know it is there' then how do
you protect the keys? Embed them in signon scripts so that whomever is at
the keyboard is key-enabled? Encode them in certificates that
automatically get attached to outgoing mail, without even entering a
passphrase?
In order for a cryptographic system to function properly, the people using
the keys have a critical role to play in managing and protecting the keys.
This is not a trivial exercise and PKCS haven't lessened the burdens of
key management - in some ways they have made it worse. Witness the
ongoing debates about dragging in third parties, CPSs, and CRLs and all of
that.
The practical aspects of widespread use of strong cryptography highlight
important social and educational gaps we need to overcome. Making it easy
is part of the problem, convincing people why some aspects need to be hard
is another.
--
pj
ponder@tfn.net
On Fri, 24 Jul 1998, Dan Geer wrote:
>
> People don't want to know how this stuff works.
>
> In a famous and subtantiated finding, Tversky & Kahneman
> showed that people tend to regard propositions that they
> do not understand as more risky, regardless of their
> intrinsic risk, and to regard things they do understand
> as less risky, again without regard to intrinsic risk. **
>
> This presumably drives the crypto community's dilemma
> in affecting public taste w.r.t. tradeoffs of freedom
> versus security.
>
> --dan
>
>
> ** Amos Tversky and Daniel Kahneman, "Judgment Under Uncertainty:
> Heuristics and Biases," Science [185] 1974, pp. 1124-1131.
>
>
