At 12:06 AM +0000 12/6/97, Adam Back wrote:>
Another lower bandwidth method of making the MITM's job harder is to sign and/or publish hashes of public key databases -- download the keys, or some useful easily definable subset of keys on keyservers, and publish the hash of them in as many media as possible (web, finger, news, mail, newspapers, etc.)
I have always felt this to be a nearly complete and practical answer to MITM attacks. Frozen versions of major key databases would be made available on the net along with a master list of hashes. The hash of that master list would be widely distributed by electronic and non-electronic means. One would only have to do it periodically, say every year or two. Why can't this be done now? A public billboards would be a good location to post the master hash. (I like to call the whole approach the "Billboard defense.") I suspect one could rent visible space on the back side of billboards quite cheaply. Another good location would be on a bulletin board near a publicly accessible library. The MIT "infinite corridor" comes to mind. A variant is for PGP users to post their own fingerprint near their house or place of business. A business-card-size sign in a window near the front door would do. People who agree to post such signs would be identified in the key server database. A suspicions John could then look up a suitable public key holder in their area, visit their house, and verify the fingerprint. John would then e-mail an encrypted request to verify a suspect key to that person.
Let's say John buys a book on cryptography, and the author included his fingerprint. Then John could use this person to authenticate a key with Alice. He could write to the author, including a nonce with the plaintext, and ask the author to check that the key he thought belonged to Alice really did belong to her.
My PGP fingerprint is printed on page 232 of E-mail for Dummies, 2nd edition, IDG Books Worldwide, which I co-authored. Arnold Reinhold