[Cryptography] Why prefer symmetric crypto over public key crypto?

Peter Saint-Andre stpeter at stpeter.im
Sun Sep 8 18:57:17 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/7/13 9:06 PM, Christian Huitema wrote:
>> Pairwise shared secrets are just about the only thing that
>> scales worse than public key distribution by way of PGP key
>> fingerprints on business cards.  > The equivalent of CAs in an
>> all-symmetric world is KDCs.  Instead of having the power to
>> enable an active attack on you today, KDCs have the power to
>> enable a passive attack on you forever.  If we want secure crypto
>> that can be used by everyone, with minimal trust, public key is
>> the only way to do it.
>> 
> 
> I am certainly not going to advocate Internet-scale KDC. But what
> if the application does not need to scale more than a "network of 
> friends?"

A thousand times yes.

One doesn't need to communicate with several billion people, and we
don't need systems that scale up that high. Most folks just want to
interact (chat, share photos, voice/video conference, etc.) with their
friends and family and colleagues -- maybe 50 - 500 people. IMHO we
only need to scale up that high for secure communication. (I'm talking
about individual communication, not enterprise stuff.)

What about talking with someone new? Well, we can design separate
protocols that enable you to be introduced to someone you haven't
communicated with before (we already do that with things like FOAF,
LinkedIn, Facebook). Part of that introduction might involve learning
the new person's public key from someone you already trust (no need
for Internet-scale certificate authorities). You could use that public
key for bootstrapping the pairwise shared secrets.

Another attractive aspect of a network of friends is that it can be
used for mix networking (route messages through your friends) and for
things like less-than-completely-public media relays and data proxies
for voice, video, file transfer, etc. And such relays might just live
on those little home devices that Perry is talking about, separate
from the cloud.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSLQDNAAoJEOoGpJErxa2phHAQAJ76DfrFmz6Sv+HkczOgxJA1
v0kqmLphDhzgT/9eUiF1cCkowF0HE1l84DTuMefrwT2DmOLZJVQANy0Tg/CzWLRu
3JBDkPRQ/cdlfDyy1ZHNb4bsGWyxHIXViQg2sNQZ9KB8yRF4pouYewXOpoJDIabN
G40mVlWzuO5cTUWLColwDCaoR20Q+04Ln19BAiJi58d2UT4c55ZyF45hbbQSYL7T
bl1JQkvZdtp2Syn4DaGS+WmCUIGsv5KpdXmZv0ljKXoRqsOW7GjaiaQz84MMMQg9
EHZIDnAetTXdfbEki8AsO5PlGRmi944tHL7DtvXJKd76CY5dIZ6kywMU2g+/LrIn
1uWwTSogu4n4yiQrLyYfOnsttkzJWC9BE9YJXXeH0IN6VRvkC710zphCZLVw6LZJ
TsNvtskigIQ9jnPO1le1zkHIagXHhns6fVTURFuWd9ZHCOOdbNT7h6Lj+I8OGCkp
KFAbRfXzAQDZgVrl42IZ8Sn4DioCLGbscP3maU/C8J3s1+ega3lxfX3DNbJpX+id
FtnaXHfushv9xIkoNT/sBJrg79BblU5ZOH/GUBMwV+rFlWA0ofvIrhkaSnRUPFTI
gq2C913YWQfyybolHKRNsZ/JpYjarZAJ5eJdW9ALo3xrCxlTr/EcIek7hCVKBK1o
d7FvIpkYoexTO08AKfcZ
=GRXj
-----END PGP SIGNATURE-----


More information about the cryptography mailing list