Scare tactic?

Ben Laurie ben at
Thu Sep 20 09:34:51 EDT 2007

Nash Foster wrote:
> Any actual cryptographers care to comment on this? I don't feel
> qualified to judge.

It seems to me that the requirement cited:

"Entity i cannot be coerced into sharing a key with entity j without i’s
knowledge, ie, when i believes the key is shared with some entity l != j."

is generally impossible to achieve in practice. Which is lucky:
otherwise DRM would work.

To address their particular complaint, one of the two parties must
cooperate with the passive attacker to cause key leakage. If they are
prepared to cooperate then they can leak the key anyway, and no amount
of testing of public keys will prevent this.




"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list