[Cryptography] Explaining PK to grandma

[Nico Williams]

The problem with lockboxes for analogies is that we don't use them for
communication; that's also a plus in that they show the unwieldiness of
crypto.  But lockboxes *can* be asymmetric, as in drop-safes: anyone can
drop something in, but only the holder of the key can take out the
contents.

Ditto open padlocks: you can close someone else's padlock (if it's not
locked yet), but you can't unlock it without the key.

Perhaps we should combine the postal service and padlock analogies: you
send letters (and open padlocks for the responses) in padlocked boxes.
The combination shows the unwieldiness of crypto and matches the rough
outlines of PK.

I don't yet have a padlock-like analogy for PK signatures, only for PK
encryption.

Anyways, we're talking about necessarily imperfect analogies.

The proposition that any one analogy is good (or bac) can probably be
tested -to some degree- on real people.  Perhaps we should make a list
of analogies and gather some anecdotal (at first) evidence for their
utility.

Measuring an analogy's utility is no doubt not trivial, so some thought
would have to go into that first.  Perhaps we could have a standard
questionaire to measure a person's understanding of the analogized
subject matter before and after being exposed to the analogy.  (I'm sure
there is literature on how to do this correctly.  Clearly polling is not
an area where I have any expertise.)  I'm not sure this is worth doing
at all, but having decent grandmanalogies on hand might be useful for
discussions of policy where the general public is the audience.

Nico
--