Secret Key protection (was Re: PKI creed)

Carl Ellison ukcrypto at maillist.ox.ac.uk
16 Sep 2000 08:57:30 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 11:40 AM 9/15/00 +0100, Brian Gladman wrote:
>The problem with this is not the public keys, since the keys we have
>exchanged do not need to be public - it is the secret keys, since we are
>depending on their long term secrecy.  And here I am not convinced that we
>have the technology to provide for this when these keys are being
>manipulated by the sort of computer systems that we typically use at the
>moment.

Amen.

It hit me the other day that when Diffie and Hellman were writing (and 
introduced the idea we now call non-repudiation) -- in 1976 -- computers 
were large, expensive corproate assets, kept in glass-walled rooms with 
raised floors and special air conditioning, with strong personnel access 
control on that room -- and were never loaded with software from a Microsoft 
Word attachment or an Active-X plug-in.  In fact, purchase and installation 
of software was a major undertaking, performed by the system administration 
staff.

Under those conditions, it was reasonable to think of computers as properly 
speaking for the registered owner of the computer.

>It will be some years before internet connected home PCs will be able to
>sustain such levels of secrecy and this means that someone will have to
>underwrite the resulting risks if e-commerce from home is to take off.

If we plot such security measures versus time and look at the trend, we 
don't see computers becoming more secure over time -- they become less 
secure.  What market force will change that (especially since the market 
(the consumer) hates security(*) and wants nothing to get in the way between 
him and his dancing pigs)?


(*):  After all, if security does anything it says "NO".  What consumer will 
pay to be told "no"?


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQA/AwUBOcOYaXPxfjyW5ytxEQJVAwCgtaxxEPeVWysBACEMQno0cv1LnsoAoKoy
JGqxDHwwtFAfW5OL+kfXHpgW
=Sj2b
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison         cme@acm.org     http://world.std.com/~cme |
|    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+