[cryptography] phishing/password end-game (Re: Why anon-DH ...)

Warren Kumari warren at kumari.net
Fri Jan 18 15:40:57 EST 2013

On Jan 18, 2013, at 2:04 PM, Jeffrey Walton <noloader at gmail.com> wrote:

> On Fri, Jan 18, 2013 at 12:29 PM, Warren Kumari <warren at kumari.net> wrote:
>> On Jan 18, 2013, at 11:14 AM, ianG <iang at iang.org> wrote:
>>> On 17/01/13 05:21 AM, dan at geer.org wrote:
>>>>> To clarify:  I think everyone and everything should be identified by
>>>>> their public key,...
>>>> Would re-analyzing all this in a key-centric model rather than
>>>> a name-centric model offer any insight?  (key-centric meaning
>>>> that the key is the identity and "Dan" is an attribute of that
>>>> key; name-centric meaning that Dan is the identity and the key
>>>> is an attribute of that name)
>>> Key-centric works up until a point.  It is certainly more elegant and more secure in technical terms, but some assumptions tend to need to be handwaved away to make it workable.
>>> Primarily, storing the key and protecting it seems to result in the same old mess -- it has to be stored somewhere safe and kept safe.
>> … and available.
>> When you are at one of the hotel "Print your boarding pass here" things here and suddenly need your United credentials, or are visiting your granny and sudden discover that the great stock tip that your barber gave you last week is not actually so great, and need your E-Trade credentials so you can use her machine to sell, well….
>> Sure, you can store them all in the "cloud" and protect them with… err… a username and password and then just download the ones you need and import them and…
>> Oh, and this needs to be usable by the sort of folk who need help plugging in a USB cable…
> Dangerous.

Oh, no doubt… 

> When the US government started its illegal wiretapping campaign, I
> understand only one telecom resisted. Here, information was being
> provided upon request and not by court order. Will any cloud providers
> resist?

Ah, I guess I was not clear -- the keys would be encrypted *with your password* somewhere -- "the cloud" was shorthand for "somewhere easily and universally reachable".

They would only be decrypted on a local machine (like, you know, the untrusted kiosk!)
Yes, this reduces the entire solution to a password ;-)

I guess I hadn't selected the sarcasm font when writing this...

> Before someone gets upset, I've been in meetings where folks gasped
> when I claimed we should model government as a threat.

Well, duh… Isn't basically everything that is not yourself a threat?

> When I asked if
> its OK for the DoD or an Army analyst to read/analyze State Department
> or Diplomatice Security Service traffic, the answer was NO. I took
> that to mean they wanted privacy from all parties (including other
> agencies), but did not know how to ask for it (and I did not frame it
> properly).

> Jeff

Eagles soar but a weasel will never get sucked into a jet engine 

More information about the cryptography mailing list