[Cryptography] Toxic Combination

Guido Witmond guido at witmond.nl
Mon Dec 1 18:01:20 EST 2014

Dear members of the list,

Thanks you for the responses. I'm replying in a single message...


DNSSEC and DANE are quite a hurdle to set up. However, PGP has shown
that shifting the burden from users to the site owners is justified. The
site owner can outsource, the end user has no such option.

On using zero knowledge proofs:

A zero knowledge proof for passwords has existed for years in browsers.
Digest Authentication suffers from the problem that there is no
logout-button on the browser chrome. Closing the browser was the only
way. That's why every site uses session management under server control.

On PAKE, password authenticated key agreement:

It requires users to come up with passwords. The wetware is very bad at
that. Suggesting a password manager is defeating the one good thing
about passwords: they don't live inside the user's computer. When that
benefit is gone, certificates are a perfect fit. We need to get a proper
key exchange.

On CA's:

Diginotar has shown that EV certificates have been falsified.

On stealing passwords from the server:

Eliminating passwords and replacing these with client certificates
eliminates that problem.

On managing risk:

Why manage risk of scammers faking EV-certificates if it can be eliminated.

I'm offering a protocol that performs a proper authenticated key
exchange between a site and a user's agent. It makes life easy for the
end user, at a higher price for the site owner, who can outsource.

The details are in the paper.

With high regards, Guido Witmond.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141202/c2cd96aa/attachment.sig>

More information about the cryptography mailing list