[Cryptography] Explaining PK to grandma

Ralf Senderek crypto at senderek.ie
Wed Nov 27 10:03:19 EST 2013 

Jerry Leichter wrote:

> *But*, there is one thing that may need, no so much "explanation" in the 
> sense of conveying a deep understanding, as "training".  Somehow, a user 
> of secure email has to know how to get a key for themselves; how to move 
> that key to different machines; that they must *not* give that key to 
> anyone else.  Conversely, they need to understand how to get some secure 
> "thing" - I don't want to call it a "key" because it makes the term 
> ambiguous and leads to people passing their private key to others - that 
> you give to others so that they can reach you securely, and conversely 
> that you have to get from them so that you can reach them securely. 
> Most of the actual work involved must be automated and invisible, but the 
> decisions involved have to be made by the humans involved, and they need 
> to understand the implications.

Exactly!

Imagine Granny has a little box next to her computer that does all
the nasty crypto stuff she does not need to know about. Let us call
it the crypto pi. All she can do is plug a memory stick in to feed the
box some texts and pull another second memory key out to carry her
encrypted text off to her lappy.

What does the crypto pi have to do?

1) generate a RSA key pair for her, store the public part on the
    (output) memory stick.
2) check for new text on the input, try to find the public key for a
    recipient.
    Granny only says who it should be, giving an email address.
3) If found, use the public key on the text and write the encrypted result
    to the other memory stick. Inform Granny that the encryption is ready.
4) Check the input stick for new encrypted texts Granny might have stored,
    decrypt them with the private key inside the crypto pi.
    Granny does not know it even exists.

What's left to do for Granny?

1) Give her "thing" (from the output stick) to everyone who might send her
    secure mail.
2) Store incoming "secure mails" on the input stick and feed it to the
    box.
3) Store her messages on the input stick under the name of the intended
    recipient's email address.
    (finding the trustworthy pubkey is the pi's job)
4) Send the encrypted result to the email address.

I'd argue that even if such a box existed, finding a trustworthy public 
key to a given email address is not something we can take off of Grannie's
shoulders and delegate it to the box.

So there is another task for Granny:

5) Do good key management for the box.
    And this cannot be done without knowing about the risks and taking
    appropriate action.

    --Ralf

More information about the cryptography mailing list