[Cryptography] Explaining PK to grandma
Ralf Senderek
crypto at senderek.ie
Mon Nov 25 07:29:29 EST 2013
On Mon, 25 Nov 2013, Nico Williams wrote:
> - Same analogy, only this time your correspondents' addresses are
> barcoded and you must affix barcode stamps (or print the barcodes) on
> the envelopes. If someone replaces the barcodes in your addressbook,
> how would you notice? If you don't, your mail goes to an MITM.
>
> This one is a better analogy, methinks. It clearly illustrates the
> difficulty of bootstrapping trust (how to find a peer's address), it
> clearly illustrates MITM attacks, and it's a clear enough analog of
> RSA encryption.
IMHO the analogy does not explain encryption, because grandma's vision
will be a box that she locks with a key, that's familiar.
But unless you can convince gandma that there is a box that you lock with
one key and open with another, she hasn't understood anything about RSA.
And the most difficult thing is still left to be explained: how does the
key she has used to lock the first box get to the recipient? Even if
grandma is willing to use the new double-key box for this transport,
it'll dawn on her that she needs one of the two keys to lock it.
And getting that key is the problem. If she is tricked in using the
wrong one, somebody else, not the intended recipient is able to open it.
At that point granny will be crying out for something simpler, and we have to
tell her that we cannot make it simpler.
--Ralf
More information about the cryptography
mailing list