Secure key exchange
Edgar W. Swank
edgar at spectrx.Saigon.COM
Thu Dec 3 15:26:58 PST 1992
Anserwing some comments about my suggestions for key verification.
Phil Karn pointed out that the next version of PGP will display an
MD-5 hash of any public key for phone comparison purposes. That's
great, but that version of PGP isn't here quite yet. I suspect, in
any case, that the added security isn't all that great since I suspect
it's very hard to find another valid key-pair where the public key
matches the last 24 bits plus some fragment of another 20 bits or so
from the middle of the key.
Phone, as opposed to mailed paper verifications has the following
Phil says you have to recognize the voice, which implies you've met
him in close quarters, which implies you could have exchanged keys
physically anyway. If the only place you've heard the voice is
over the phone, that's not a very good criterion.
Phone verification is good, IMHO, *only* if the person being verified
is *called at a listed number*. You can't verify a person who calls you,
(unless you know the voice). You can't verify a person you call at
an unlisted number which you got over the net!!
Economics: Net participants are scattered over the country and even the
world. Paper verification costs about $2-$3 allowing for my fee, copying
costs and two-way international postage. Adding notarization adds about
$5.00. Phone verification is economical locally (maybe cheaper than
mail), but more expensive when long-distance rates apply, especially
Meeting at parties or face-to-face is most expensive of all, unless
the meeting happens fortuitously. Overseas plane fare to exchange keys
is beyond the means of most of us.
I would much rather trust a simple verification procedure based on
redundancy and close personal relationships than a single,
complex, impersonal process involving people I don't know. This
is not to impugn your integrity, of course -- I'm simply speaking
No offense taken! I, on the other hand, would rather have in my hand
a signed statement of identity with photocopied ID that I can keep
and file away. I also don't want to go broke making international
As it happens, I, so far, have not been able to sign a single key!!
I called Phil Zimmerman at a listed number, I read him my key and
he signed it, but he was called away from the phone before he could
verify his key to me. So I can't sign his!
I've met a few people at parties I've given my paper key (fragments)
to. So far none of them have signed my key, but none of them had
paper key fragments to trade, so I can't sign theirs.
George Gleason commented about supplying home addresses. Your
comments are well taken. Phil Zimmerman also commented to me in E-mail
that some people don't want the serial numbers on their photo ID
copied. Everyone please feel free not to supply a home address and
to obscure any home address or serial number on the photocopied
photo ID. I'll still sign your key, although I'll note what you did
in my signed key directory, which I'll send to customers & publish
here. If you don't want *me* to know your home address, you can
use a P.O. box for me to return my (or other customers') ID
certificate(s) to you. On the other hand, as the service provider,
MY home address and phone are public info.
I also acknowledge George's criticism re the "I'm not a cop"
statement. I'm going to leave it in my statement, because it's
true, but in general you should be aware that any legal protection is
questionable at best. The lack of protection has been verified by
a source on Extropians and by an attorney on the RIME network.
In the meantime, I guess we can discuss illegal subjects not with
"I've done ..." but with "I've heard that ..." or "I used to know
somebody who ...". Also anonymous remailers will be a big help.
edgar at spectrx.saigon.com (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca
More information about the cypherpunks-legacy