[3095] in cryptography@c2.net mail archive
Re: practical encryption
daemon@ATHENA.MIT.EDU (Nelson Minar)
Mon Jul 27 12:18:41 1998
Date: Mon, 27 Jul 1998 11:57:01 -0400
From: nelson@media.mit.edu (Nelson Minar)
To: "P. J. Ponder" <ponder@freenet.tlh.fl.us>
Cc: Dan Geer <geer@world.std.com>, cryptography@c2.net
In-Reply-To: <Pine.OSF.3.96.980725112002.22742I-100000@fn3.freenet.tlh.fl.us>
"P. J. Ponder" <ponder@freenet.tlh.fl.us> said:
>Most people (actually, more like 'almost all') have no experience
>with the concept of managing keys, either in a private key system, or
>in a more complex and recondite public key system.
So there are two choices - either educate people about the arcana of
managing keys or make the systems simpler so people understand them
without having to learn anything new. The question is, is crypto *so*
different that people have to learn a new concept?
"Practical encryption for the masses" to me means focussing on
technologies that are easy for people to use. Easy and cheap, if not
super-strong. I liked John Gilmore's comment here about the compromise
of doing Diffie-Hellman without frequent human intervention. It may
not be "right" in the sense of perfect security, but it's surely
better than nothing at all. Or as he said:
>If this became widespread end-to-end (or even firewall-to-firewall)
>then mass surveillance would take a lot of work and get detected if
>anyone cared to look.
This will surely help to make our society more free. And, as a nice
side effect, it will make it a lot harder for dorky system crackers to
break into my system with tools they downloaded from rootshell.com and
don't understand.
The real solution is to make all this fancy crypto we know about look
more like what people have experience with. My mother *does* have a
concept about managing keys - the keys to her house, her car. She
knows that if she loses those, she can't open the lock.
The analogy breaks down in an important way, though - if my mother
loses her keys she can get a locksmith to come in and rekey the lock.
The idea of building a crypto system that was this easy to circumvent
scares me, it's too much like key escrow. On the other hand, door
locks are still useful even if skilled people can bypass them. Maybe
in some crypto circumstances, trading off ease-of-use for strength is
the right choice.
