NPR : E-Mail Encryption Rare in Everyday Use
Steven M. Bellovin
smb at cs.columbia.edu
Fri Feb 24 10:31:36 EST 2006
In message <43FF1CDF.2070003 at nma.com>, Ed Gerck writes:
>This IS one of the sticky points ;-) If postal mail would work this way,
>you'd have to ask me to send you an envelope before you can send me mail.
>This is counter-intuitive to users.
I assumed that that was your point, which is why I figured you were
trolling. But of course, your analogy is precisely wrong -- I can look
people's addresses, physical and electronic. People who want to engage
in secure communication publish their keys. I haven't checked Paul's
home page; Ben and I both have links to our PGP keys from our web pages.
You don't.
>
>Your next questions could well be how do you know my key is really mine...
>how do you know it was not revoked ...all of which are additional sticky point
>s.
>In the postal mail world, how'd you know the envelope is really from me or
>that it is secure?
Of course, you know even less about such things in the physical world.
But you know that, too. So what is your point?
Certainly, usability is an issue. It hasn't been solved because
there's no market for it here; far too few people care about email
encryption. And they're right -- their email is insecure, but given
the environment of the typical desktop system would crypto do any good?
We've already seen tailored worms stealing corporate information; we've
also seen keystroke loggers and e-theft programs that watch for a login
successful screen from your financial provider. How would encrypting
email help a businessman in an environment like that? (I know -- have
a separate machine used only for encrypting and decrypting files, and
use a flash drive to carry ciphertext back and forth. Talk about
usability problems....)
Yes, I can and do send encrypted email. Statistically, I don't do it
very often. In all of last year, I sent four such messages, comprising
exactly one conversation. My effective security is locked-down hosts,
in particular the machine where sensitive inbound mail sits until I
pull it down to my laptop. This way, I don't have to trust my
employer, my ISP, etc. And I use SSL or SSH -- with checking of the
far-side certificates -- for transport.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list