[3085] in cryptography@c2.net mail archive
Re: practical encryption
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Sun Jul 26 18:34:52 1998
To: "P. J. Ponder" <ponder@freenet.tlh.fl.us>
Cc: Dan Geer <geer@world.std.com>, cryptography@c2.net
From: Marc Horowitz <marc@cygnus.com>
Date: 26 Jul 1998 17:22:24 -0400
In-Reply-To: "P. J. Ponder"'s message of Sat, 25 Jul 1998 11:46:42 -0400 (EDT)
"P. J. Ponder" <ponder@freenet.tlh.fl.us> writes:
>> If you make it so easy that 'they don't even know it is there' then how do
>> you protect the keys? Embed them in signon scripts so that whomever is at
>> the keyboard is key-enabled? Encode them in certificates that
>> automatically get attached to outgoing mail, without even entering a
>> passphrase?
Users understand passwords. For non-certificate systems, like
Kerberos, this is sufficient. Key management (as long as the hosts
are moderately secure) is safe, the keys are strong, and the admins
can reset things if necessary.
For certificate systems, I'll extend Dan's answer a little. The
standard rub of "easy, good, cheap: choose two" applies to crypto.
Dan's choice was between easy&cheap and good&cheap". You can have
easy&good, but it will cost you, since you'll need hardware in the
form of cryptographic smartcards, crypto ignition keys, etc. Of
course, this sort of technology has a way to go, given attacks like
differential power analysis and magnetic domain analysis.
On the other hand, even today's smart cards are preferable to magnetic
stripe technology like on a credit card, and people seem to be able to
deal fine with insertion/swipe readers.
I don't think it will ever be possible to get people to understand
enough cryptography to deal with what they need to deal with today.
The burden is on us to figure out ways to make it easy to use, and
hope the costs will be acceptable in volume.
Marc
