[Cryptography] Explaining PK to grandma

Kelly John Rose iam at kjro.se
Mon Nov 25 18:02:53 EST 2013 

On 11/25/2013 7:29 AM, Ralf Senderek wrote:
> 
> On Mon, 25 Nov 2013, Nico Williams wrote:
> 
>> - Same analogy, only this time your correspondents' addresses are
>>   barcoded and you must affix barcode stamps (or print the barcodes) on
>>   the envelopes.  If someone replaces the barcodes in your addressbook,
>>   how would you notice?  If you don't, your mail goes to an MITM.
>>
>>   This one is a better analogy, methinks.  It clearly illustrates the
>>   difficulty of bootstrapping trust (how to find a peer's address), it
>>   clearly illustrates MITM attacks, and it's a clear enough analog of
>>   RSA encryption.
> 
> IMHO the analogy does not explain encryption, because grandma's vision
> will be a box that she locks with a key, that's familiar.
> But unless you can convince gandma that there is a box that you lock with
> one key and open with another, she hasn't understood anything about RSA.
> 
> And the most difficult thing is still left to be explained: how does the
> key she has used to lock the first box get to the recipient? Even if
> grandma is willing to use the new double-key box for this transport,
> it'll dawn on her that she needs one of the two keys to lock it.
> And getting that key is the problem. If she is tricked in using the
> wrong one, somebody else, not the intended recipient is able to open it.
> 
> At that point granny will be crying out for something simpler, and we
> have to
> tell her that we cannot make it simpler.
> 
>         --Ralf
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography


What is so crazy about this analogy?

Public Key encryption works as follows:

Your son-in-law build a little lock factory he gives you that you put on
your computer, this machine creates padlocks that only his key can open.
So when you want to send him an package, you just tell the machine to
print a padlock, you put your package into a box, lock it with the
padlock and mail it to him. As long as you know the lock factory you
have is his, no one but him will be able to open it.

What am I missing here?

More information about the cryptography mailing list