[Cryptography] Making scenarios realistic

Phillip Hallam-Baker phill at hallambaker.com
Sat Apr 13 11:02:18 EDT 2019

The point of it all of course is that Alice and Bob aren't Turing machines,
they are people.

So the reason Alice and Bob are worried about Eve overhearing their
conversations is that Alice is married to Eave but she really wants to have
an affair with Bob who is really interested but a little worried that Alice
might turn out to be an axe murderer. And yes, Alice does have an axe
hidden under her bed because she is 4'11" tall weighing less than 100lb and
Bob is the Naval mixed martial arts champion.

So unknown to Bob, Alice enlists the help of Carol the cop and engages in
some protocol to escrow contact details with her in such a way that these
will only be released if Doug doesn't see Alice the next morning. Only
Alice doesn't really want Doug to know that she is doing this unless it
turns out to be necessary because Bob is Doug's Ex.

Now a particular constraint we wish to enforce here is to ensure that Carol
only obtains decryption warrants in very specific circumstances and not
because she might try to blackmail Alice threatening to tell Eve about Bob.

My point here is not humorous. These are the real problems people face in
the real world. Security protocols that assume all the actors are operating
openly and in good faith to all are brittle. Given what people really use
the Web for (Tindr, Grindr, Club Penguin, FetLife), I am astonished that we
don't have an epidemic of serial killings and missing persons (unless of
course we do and nobody noticed because everyone is focused on whatever we
are focused on).

I also have this follow on scenario in which Alice and Bob ask Phill the
photographer and Vinnie the videographer to join them and share the events
with exactly a dozen of their very close friends without Eve finding out. I
am not sure if that one really has a solution but people ask me about that
scenario all the time.

Ooops, sorry. Nobody has ever asked me about it, they just did it anyway
knowing that there was a risk even though they were worried about it at the

The cryptography is the easy part. I have running(ish) code that addresses
all of these. The hard part is working out what the scenarios should be.

Perhaps a business model for a Web MetaNotary is selling the key escrow
service to Alice.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190413/d10bfd8c/attachment.html>

More information about the cryptography mailing list