[Cryptography] Thoughts about keys
Guido Witmond
guido at witmond.nl
Tue Sep 10 15:01:49 EDT 2013
On 09/10/13 19:08, Peter Fairbrother wrote:
> The only assurance given by the scheme is that if a person gave you
> a hash which he generated himself, and you match it with a string and
> that string matches what you know about the person (eg their name or
> photo), then no-one else can have MTM'd it.
So what you have is a scheme that allows people who meet *in real life*
to exchange keys. Why can't they just exchange an email address and
shared password? Or the fingerprint of a GPG-key, it's shorter and must
match the email address. Or hand out business cards with your public key
in a qr-code.
If you meet in person, you've already eliminated all MitM attacks.
My scheme does the opposite. It allows *total strangers* to exchange
keys securely over the internet.
The scheme uses a common interest website where people write signed
messages. The site is the *introducer* of the strangers. The technical
design with DNSSEC and a Certificate Transparency service detect MitM
attacks by a hostile site. (it can't prevent it).
*One* secure message is enough to create new channels. Once you have
exchanged the key with a stranger, you can create other secure channels.
Either direct messaging, chat, voice and video. You name it.
So far, the channels are only between two people. But once introduced
via a web site, people will exchange other peoples identities between
friends, relatives, coworkers. Creating a web of connections, all
encrypted with the TLS version du jour.
The beauty: the names are readable, human friendly, easy to give out and
verify. The protocol does all the certificate validation.
Each web site that adopts this scheme works as an introducer. There is
no central point to attack. So if the feds would block one site, you
don't lose your already validated keys. You won't even lose the
connections to other people if you have already established an
independent message channel with most of them.
Regards, Guido Witmond.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130910/6e4a92be/attachment.pgp>
More information about the cryptography
mailing list