[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat

[Bill Stewart]

On 9/9/25 18:53, Jerry Leichter wrote:
>> 2. On Your Mischaracterization of QKD and PKI
>> Your assertion that "the whole point of quantum key distribution and PKI is to eliminate the need for out-of-band communications" is categorically false and demonstrates a surprising gap in your knowledge of cryptographic trust roots.
>> Public Key Infrastructure (PKI): PKI absolutely relies on out-of-band mechanisms for its security. The trust in a certificate authority (CA) is ultimately rooted in the pre-distribution of the CA's root certificates into your browser or operating system. This distribution is a secure out-of-band
>> process....
>> Quantum Key Distribution (QKD): While QKD secures the channel against eavesdropping, it requires an authenticated classical channel to prevent man-in-the-middle attacks....
> You're missing the forest for the trees here.  According to your apparent definition of an out-of-band channel, traditional symmetric cryptography is impossible - after all, Alice and Bob had to share the key somehow.  Yes, Diffie-Hellman key exchange appears to avoid any need for an initial secure channel - but then you get to the issue of authentication - and as I've argued here in the past, it's hard to make much sense of the very notion of "authentication" in the absence of some secure connection to establish just what you're authenticating.
Yeah. The difference is whether you need a private OOB mechanism,
or only a reliable one.