[Cryptography] Can a machine do trusted public key management?

Ralf Senderek crypto at senderek.ie
Sat Nov 30 13:01:35 EST 2013 

On a different thread bear wrote:

> I'm pretty firmly of the opinion that your grandparents ought not be
> required to understand asymmetric key crypto in order to use it. 
>
> They need a little appliance next to the computer that's shaped and 
> painted like a little mailbox with a USB socket inside a great big 
> keyhole on the front and another USB socket inside the mail slot. 
>
> Then you give them a USB stick with a picture of a key printed on 
> one side and a picture of a stamped envelope on the other. 
>
> "When you want to read your mail, unlock the mailbox by putting this
> key into it...  then you can bring the mail into your computer, just
> like bringing paper mail into the house.  You read and write your 
> mail on the computer ... and finally you take the mail out of your
> computer and put it into the mail slot to send your mail...."
>
> "Oh, yeah, if you want to get your email anywhere else, you need to 
> take the mailbox and the key with you.  And when you're done remember
> to clear your mail off their desktop, you don't want to leave a mess."
>
> You and me and the guy who manufactures those mailboxes know there's 
> public-key crypto going on inside the appliance, and a whole lot of 
> filtering to make absolutely sure no 'scripty' stuff is going onto 
> that USB stick.  Trying to explain it to anybody else is a waste 
> of time.

As I see it, this is a common belief on this list. But the conclusion has
- IMHO - not really been thought through to the end.

Can the universal crypto box (UCB) take the responsibility from its users to
perform proper key management? I don't think so.

If putting the USB stick into the proper hole is all a user needs to do, then
the private key will be put in action by this event and the RSA decryption key
needs to be stored in plain text inside the box. So the UCB's user has to guard
his box carefully not to let anyone else stick some USB key in the box while it
is active. 
PRO: The user cannot forget a passphrase, the risk of key revocation approaches zero. 
CON: It's easy to get forged messages signed and to decrypt sniffed 
cryptograms, as no passphrase is involved.

If inserting a USB stick is all a user has to do, how will he/she decide who's 
public key is to be used? All the user can do is create an information on the
USB stick that says: "I want this text and attachment be encrypted so that I can send
it to this email address: xy at abc.com". The UCB now has to find the correct public key.
With no further intervention from the user, the box has to solve "the trust problem".

If at all, this will only work, if all users have registered their public key within
a perfectly working global PKI. At least a user has to understand that without some
setup, maybe done by experts for him, his box won't work and that it will cost him 
some bucks. 
The user will also need to understand that any recipient that isn't part of this game 
cannot be reached. A great incentive to work on his pals to sign on to this service.

Only in light of such assumptions you can claim that explaining PK crypto to a user 
is a waste of time.

If - on the other hand -  we burden the user of the UCB with the job of proper
key management, that does not necessarily mean that he needs to become an expert.

                       -- Ralf

More information about the cryptography mailing list