NPR : E-Mail Encryption Rare in Everyday Use
Alex Alten
alex at alten.org
Fri Feb 24 23:50:39 EST 2006
At 06:09 PM 2/24/2006 +0100, Ian G wrote:
>Steven M. Bellovin wrote:
>
>>Certainly, usability is an issue. It hasn't been solved because there's
>>no market for it here; far too few people care about email encryption.
>
>Usability is the issue. If I look over onto
>my skype window, it says there are 5 million
>or so users right now. It did that without
>any of the hullabaloo of the other systems,
>and still manages to encrypt my comms. By
>some measures it is the most successful crypto
>system ever.
Actually the usability issue has been solved elsewhere too. We did it over
at TriStrata
before the firm crashed in 1998. We allowed the system security officer to
select the
default cipher to use in sending emails (DES, 3DES, Blowfish, RC4, etc.).
The receiver
could use any cipher for decrypting incoming email. A sys admin installed
some filter
software into the email client, and except for an initial login dialog (and
we even simplified
that by hooking the OS login dialog), the user never had to do anything
further. The local
auth keys that he received during enrollment were encrypted with his
password on a small
floppy disk, or could be installed on the hard drive automatically.
Last I heard (early 2005) one system was operational over in the nuclear
engineering
department at Ohio State (for DOE work?). Of course one old system rack in
the
dusty corner of a school building does not a market make.
- Alex
--
- Alex Alten
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list