[Cryptography] We need a new encryption algorithm competition.

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Mar 20 05:27:17 EDT 2014

Nico Williams <nico at cryptonector.com> writes:

>That's great, but PSK doesn't scale

Given that { username+password * no_internet_users * no_sites_used } is
somewhere in the hundreds of billions, at what point does it stop scaling?
It's PKI that doesn't scale.  Like ethernet, passwords work in practice but
not in theory, and vice versa for PKI.

>Also, PKI leaves evidence of MITM CAs, whereas Needham-Schroeder doesn't

It's PKI that enables MITM CAs in the first place.  Since they can't occur for
PSK, you don't need to worry about trying to detect them.  The evidence of
MITM CAs is a sign of a fundamentally broken design, not a "feature" of PKI.


More information about the cryptography mailing list