[802] in cryptography@c2.net mail archive
Re: CACK without GAK
daemon@ATHENA.MIT.EDU (Adam Shostack)
Mon May 12 12:59:20 1997
From: Adam Shostack <adam@homeport.org>
In-Reply-To: <v03007806af9ced980514@[207.94.249.70]> from Bill Frantz at "May 12, 97 09:06:23 am"
To: frantz@netcom.com (Bill Frantz)
Date: Mon, 12 May 1997 12:46:58 -0400 (EDT)
Cc: cryptography@c2.net
Bill Frantz wrote:
| The idea of shared corporate keys seems very promising. (And please don't
| get too excited about sharing. We share symmetric keys all the time.)
| When I send an email order to V2 Graphics, I am sending to their order
| processing department.* I am not sending to any of the individuals
| currently working in that department. I should be using a departmental (or
| corporate wide) key.
|
| There are still a few practical problems. Say Joe has been caught stealing
| jelly beans from the CEO's private stash and has been fired for cause. Joe
| also knows the corporate key. Now Joe can intercept orders and steal the
| credit card numbers. For the sake of argument, the key can not be changed
| because its fingerprint has been published in a paper catalog. (Note that
| this same problem would exist if orders were sent to Joe's key, but then
| when Joe left, the corporation could not decrypt their orders.)
V2 should publish a corp certfying key, which is probably
shared with their lawers or some actually trusted third party with
whom they voluntarily contract.
They should then certify a purchasing dept key on a monthly or
bimonthly basis (this limits the damage from a lost key and is good
practice anyway.) If Joe leaves, they get an emergency upgrade, and
orders flowing in to the old key get audited slightly more. If V2
accepted digicash, it would know that the money had been stolen.
(One of my peet peeves lately is the amount of shit that is
required to handle "The Credit Card Catastrophe." By pointing it out,
I hope to encourage a move to non repudiable financial instruments,
with all the benefits that that entails.)
"The Credit Card Catastrophe" is not my phrase, but the title
of a book that was recommended to me, and is on my shelf to be read.
Its by the original marketing director of Diners Club.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
