[Cryptography] How to build trust in crypto

Ralf Senderek crypto at senderek.ie
Wed Mar 19 07:18:08 EDT 2014 

On Wed, 19 Mar 2014, ianG wrote:

> Trust then is optimised risk analysis over time.

Of course there is a big difference between trust and risk but primarily
it has to do with what we know (context) as a foundation for our
decisions.
While trust - accumulated over time - defines what I can truly expect
to happen under normal circumstances as a result of past experience,
risk calculation focuses on what I don't know, and what the consequences
are, if things go wrong. Reducing risks is fine, and it helps to build
trust, but what we need for a trusted, secure communication is the
assurance that our expectation of a private conversation is real in
practice and not only a faint hope.

To achieve this it does not suffice to look at one part of the picture,
as risk assessment does (which is important without a doubt!) but to
construct a process that we can know to work as we reasonably expect.
A process we can trust, based on context.

Getting the correct PGP public key is a hard problem in itself, but
it's still only part of the problem to be solved when the decryption
key (for instance) is stored in plain text on an insecure endpoint
(smartphone) or when we don't have any idea how intensely the code
running there had been scrutinized, or ... or .. or ... and we still
want a reliably secure communication. Without solving the whole
problem we cannot get trust.

The bad news is, that we have to attack the complexity problem, there
is no way around it. We need to think about how we can reduce both the
code base and the algorithmic dependencies in our solution to be able
to reach the point where we have enough evidence (context) to trust
the process.


> how do we put (more?) trust into crypto, if PGP is our starting point?
> For the next step in evolution, I'd suggest looking closely at CAcert's
> Assurance programme.  That programme rewrote the WoT and the CA rulebook.
>
> It didn't (IMO) quite create trust.  It came a bit short of it (I say
> this in the sense that it went further than anything else I am aware of
> in the space).  But it did lay the foundation for the next evolution.

I will have a look at it, certainly with the focus on solving the
complexity problem.

        --ralf

More information about the cryptography mailing list