I've seen a number of postings so far about "secure *and* authenticated" requiring advance in-person distribution of key material. This would seem to eliminate the main advantage of public key systems, i.e. open distribution of public keys. So as long as we're handling key material in person, how about one-time systems, eh? Absolutely secure, provably so, obsolescence-proof, simple & straightforward. Not particularly exciting from a theoretical point of view, but one-time systems are practical and on the bottom line, they work. What do y'all think...? -gg@well.sf.ca.us
George recommends one-time pads. The key distribution problem for one-time pads is *much* worse than for public key systems, or even conventional secret key ciphers for that matter. You still have to exchange keys without transmission (i.e. face to face meetings again, or mail, etc.). Anything that is secure for exchanging a one-time pad is also secure for exchanging public keys. Then you have to do this again when your pad runs out. The bandwidth required for one-time keys is much higher than for conventional keys to boot. But the biggest advantage of public key systems is that I can sign someone else's key, and if you know my key, then you know his. To put it more humorously, you will have exchanged cryptographic fluids with everyone I have as well. This is a good thing. Eric
participants (2)
-
Eric Hughes -
George A. Gleason