home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!usc!zaphod.mps.ohio-state.edu!wupost!cs.utexas.edu!milano!cactus.org!ritter
- From: ritter@cactus.org (Terry Ritter)
- Subject: Re: PGP *2.0* available
- Message-ID: <1992Oct8.064316.17440@cactus.org>
- Organization: Capital Area Central Texas UNIX Society, Austin, Tx
- References: <1992Sep7.142336.5733@ghost.dsi.unimi.it> <1992Oct7.224601.8915@qualcomm.com>
- Date: Thu, 8 Oct 1992 06:43:16 GMT
- Lines: 67
-
-
- In <1992Oct7.224601.8915@qualcomm.com> karn@qualcom.qualcomm.com
- (Phil Karn) writes:
-
- >In article <17939.Sep2300.39.3792@virtualnews.nyu.edu>, brnstnd@nyu.edu
- >(D. J. Bernstein) writes:
- >|> In article <1992Sep20.195136.8642@cactus.org> ritter@cactus.org
- >|>(Terry Ritter) writes:
- >|> > As far as I can tell, the whole point of cryptography is to be
- >|> > able to restrict information to only those who are intended to
- >|> > have it.
- >|>
- >|> That description is far too broad. You cannot singlehandedly restrict
- >|> information to a chosen recipient, because he can in turn give the
- >|> information to someone else. You pose an impossible problem; is it a
- >|> surprise that there are no solutions?
-
- >Indeed. I've been making this point regarding anti-piracy devices for
- >some time. Even if Videocipher, for example, had not been broken there
- >would have been no way to prevent someone from taping the output of a
- >legitimate decoder and selling it or giving it away. The same is
- >undoubtedly true for software packages, at least those running on
- >standard general purpose machines. If you can't trust the authorized
- >user, then all bets are off.
-
- The rest of my original comment was:
-
- "When a public key "appears," it may really be a key
- which was generated inside a spoofing node. When one responds
- to that key, one's response may be deciphered in the spoofing
- node, then re-enciphered to the ultimate recipient.
-
- "Note that the recipient does, in fact, get the message. One
- can communicate in cipher. The problem is that the spoofing
- node gets to read all the communications. So unless we actually
- *intended* that there be a spoofing node, and that they should
- read our messages, I think the cryptography has failed."
-
-
- The reality that someone privy to a secret can betray it is
- something most of us learned the hard way, before third grade,
- and may have re-learned many times since. This is not news.
-
- What *is* news is the idea that anyone would equate betrayal at
- the other end with the possibility that a spoofer could *also*
- be reading the mail and distributing it.
-
- Expressed perhaps a bit more clearly: The *whole point* of
- cryptography is to deliver information, *unexposed*, to the far
- end. Then, if the secret *is* exposed, at least you know it was
- them (or you). The ability to identify and eliminate channels
- of exposure is a major part of security. (No previous part of
- this thread has concerned the broadcast distribution of secure
- information.)
-
- If a spoofer *is* reading the mail (something well within the
- range of a cracker, but which could easily be prevented by the
- user), the system is *not* pretty good cryptography, it is not
- even good cryptography, it is just *failed* cryptography. Instead
- of a fancy two-key cipher with a strong one-key data engine, it
- might as well have been a modest homophonic substitution, or a
- stream cipher with a little 32-bit LCG or LFSR. But this would
- *not* be real cryptography, it would be *toy* cryptography.
-
- ---
- Terry Ritter ritter@cactus.org
-
-