[Cryptography] Email is unsecurable
Nico Williams
nico at cryptonector.com
Mon Nov 25 15:28:39 EST 2013
On Mon, Nov 25, 2013 at 09:01:31AM +0300, ianG wrote:
> >Yes, but it's about time we do something about that. Do we *exactly know
> >why* it is such a failure?
E-mail has been not secure for... 40 years. So what? It works well
enough for a lot of things, and nothing else we've yet seen would work
as well for some uses (e.g., fora like this one).
It'd be better to incrementally deploy more secure protocols for
specific use cases (IM, video chat, ...) move use cases off of email
where/as possible. In fact, we're doing that all the time: with web
services and IM for example.
E-mail generally cannot be secured, I think this is true. The
anonymization concepts discussed in this forum theoretically work, but
they aren't likely to be widely adopted.
And as to mass-adoption keep in mind that only a few thousand (or a few
tens of thousands) of people at most can really be expected to review/
audit/build/run their software stacks. Which is to say that pretty much
everyone will necessarily be running bits subject to backdooring. It
might be interesting to consider cross-border commercial certifications
for software stacks, but I doubt those would be feasible for a long
time, and to be meaningful they'd have to include certifications from a
variety of countries, some friendly and some hostile to the end-user's
(not that that matters, for as we all know, Oceania hasn't in fact
always been at war with Eastasia).
(Among other things, certifications are massively expensive, in large
part due to their opportunity costs, some of them relating to their very
negative impact on development schedules. End-users aren't going to pay
for them.)
Nico
--
More information about the cryptography
mailing list