Tim writes:
I'm surprised at you for thinking trust is some number that is either 0 or 1.
The same could be said about "good" and "evil", yet in ordinary conversation, one doesn't use the words to refer to their zero values. Unqualified "trust" is somewhere between "more likely than not" and "absolutely certain."
All crypto is economics, and so is all trust.
To a Jewish friend of mine, everything is marketing. I suppose it depends on ones perspective. :)
Consider two situations:
Situation 1: "I have generated a key for you and will send it securely. You can trust me not to look at it and not to reveal it to anyone else....Well, not unless Saddam's men force me to, or not until John Ashcroft threatens to hold me as an illegal combatant if I don't cooperate. Or not until someone offers me $500 cash, no questions asked, for just a peek. Or not until I realize that this key is being used to further right wing Nazi causes. Or..."
Sounds like a good description of the difference between confidentiality and anonymity. I prefer the latter.
Situation 2: "Determining your private key requires an attacker to either monitor your keystrokes and bug your computer, so you'd better secure it, or it requires factoring a 309 decimal digit number associated and derivable from your public key.
This is the difference between wishful thinking and anonymity.
So far, the best algorithms have only factored a 137-digit number [for example] and no mathematicians have yet found cleverer ways. Great fame would await anyone who found a significantly faster method, even a Fields Medal, and yet no one has yet revealed one."
How silly. Factoring is like the Poincare Conjecture. Solving it doesn't let us do anything new and exciting, and nothing else we care about has a reduction into it. Fast factoring will be greeted by "oh, yes, of course", and the sound of mass yawning and moving on. In 10 years, "factor" will be a commodity microprocessor opcode. Is anyone even working on factoring any more? How long has it been since the last RSA Challenge number was factored? Seems like aeons.
Now I maintain there is a huge difference in the valuations placed on the "trust" in these two cases.
There is a huge difference in the valuation *YOU* place on the "trust" in these two cases. Valuation is hardly an absolutely quantifiable notion, completely independent of who is doing the valuating. I choose to avoid both situation 1 and situation 2 above. You avoid situation 1, and think you are safe in situation 2. You very well could be, but then again...
If you wish to believe that Joe Sixpack saying he promises to keep your private key secret is on the same footing as the apparent difficulty of factoring very large numbers (and if 309 digits is deemed too small, only a tiny increase in key generation effort and later use to go to 500 decimal digits or even 1000) then you are of course welcome to your delusion.
Yes, I believe Joe Sixpack saying that he promises to keep my key safe to be on the same footing as Joe Sixdiploma saying that because he can't figure out how to factor 309 digit numbers quickly, it must not be possible. Vanity, Vanity, All is Vanity.
All crypto is economics. All trust is economics.
All RSA is faith-based crypto. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"