Usability of Cryptography (was Re: More FUD from First Virtual)

[Nathaniel Borenstein]

Excerpts from mail.nonpersonal: 10-Dec-95 Re: More FUD from First Vir..
"Ed Carp"@netcom.com (5360)

>  IMO, taking 
> the complexity out of the key management process will almost 
> certainly lead to designers and programmers making bad decisions 
> about how the process should work

This is exactly right.  In fact, it isn't even just bad programmer
decisions; some of the complexity is really inherently needed for
security.  PGP's notion of who you trust to certify keys, for example,
confuses the heck out of naive users, who want to "trust" anyone they
believe is a good person, not just people they believe are sophisticated
enough to sign keys.  It's really hard to explain to some people why
they should say, "No, I don't trust Grandma."

What a lot of people don't seem to realize is that, in crypto software,
there is a fundamental tradeoff between usability and security.  You can
simplify PGP (or similar software) to the point where it's easy to deal
with key management, but it will then be far more susceptible to
compromise.

Key management is the Achilles heel of crypto-for-the-masses.  I know
there are some people who want to shoot the messenger, and who think
that by stating this fact, I am declaring myself an opponent of
cryptography, but the fact is that my company has been using PGP very
heavily internally for almost 2 years, and we think we've managed our
keys securely, but it has taken a lot of effort and user education.  The
experience has left us more skeptical than ever about secure key
management by and for millions of non-technical customers.
--------
Nathaniel Borenstein <nsb at fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq at nsb.fv.com       | http://www.netresponse.com/zldf