[Cryptography] Why prefer symmetric crypto over public key crypto?

Christian Huitema huitema at huitema.net
Sat Sep 7 23:06:53 EDT 2013

> Pairwise shared secrets are just about the only thing that scales worse than public key distribution by way of PGP key fingerprints on business cards.  > The equivalent of CAs in an all-symmetric world is KDCs.  Instead of having the power to enable an active attack on you today, KDCs have the power
>  to enable a passive attack on you forever.  If we want secure crypto that can be used by everyone, with minimal trust, public key is the only way to do it.  

I am certainly not going to advocate Internet-scale KDC. But what if the application does not need to scale more than a "network of friends?"

-- Christian Huitema

More information about the cryptography mailing list