[Cryptography] So please tell me. Why is my solution wrong?
James A. Donald
jamesd at echeque.com
Wed Feb 8 19:19:35 EST 2017
On 2/9/2017 4:06 AM, Joseph Kilcullen wrote:
> Cool question. The whole point is that TLS fails in one TINY area. To
> protect usernames and passwords the identity of the remote website MUST
> be authenticated. My research indicates an un-counterfeitable login
> screen is needed.
Which is the unforgeable UI of a Zero-knowledge password proof, where
both parties prove they know the password without giving the password
away to each other.
This stops phishing and spearphishing, which in this election was a
major national security issue and major private security issue, since
Clinton and her team had a pile of state secrets valuable to the enemies
of the united states in their email, and a pile of political secrets
valuable to the enemies of Clinton in their email.
Another problem that needs fixing is keeping piles of emails on the
server in the clear, which provoked Secretary of State Clinton to keep
her emails on a thumbdrive that she personally controlled. Secretary of
State Clinton did not want her people's emails sitting on a system that
President Obama's people could physically get at.
Though in the end everyone from the Russians to the Chans did get her
emails, due to spearphishing, weak passwords, and insider sexual misconduct.
What should happen is that when both parties are logged in with their
respective email servers at the same time, their respective email
servers should arrange a direct encrypted connection between their
respective email clients, so that messages pass directly from one client
computer to the other, so that Clinton's emails do not pass through
Obama's servers.
We cannot do much about insider sexual misconduct, but direct client to
client transmission of emails at least mitigates that problem substantially.
More information about the cryptography
mailing list