Encryption

Timothy C. May tcmay at got.net
Sat Aug 31 03:29:08 PDT 1996


At 8:52 PM 8/30/96, Benjamin Suto wrote:
>I'm probably the last person who could mention something intelligible
>here, but assuming this encryption algorithm works, and Joe wants to give
>Jane a file, how would he tell her how to decrypt it?

There are two parts to this: the algorithm and the key.

For a strong cipher, the algorithm can be told to Jane...there is no real
security in "security through obscurity."

The remaining part is the _key_. It can be communicated in person, prior to
sending the message (or after, though this is of course a less interesting
situation). Or by a trusted courier, again prior to the encrypted
communication.

(A common thought error newcomers make is to ask "If the key can be
communicated securely, why is encryption needed?" Think of military
communications--the keys are established before a mission, then units can
communicate securely, even over insecure radio channels.)

Public key cryptography allows Joe and Jane to communicate without any
exchange of private key material. Joe encrypts a message to Jane's public
key, then sends it by some channel. Jane can decrypt it, using her private
key.

>If he found a "secure medium" to give her the passcode under, wouldn't
>encrypting it be useless since he could just use that secure medium to
>send the original file?

As I said, think of _time value_. It is often necessary to exchange key
material (or get public keys in advance of a communication) before a
message sending is needed. Also, key materials may be exchanged via
reasonably-secure channels, such as FedEx delivery, and then the Internet
may be used for actual messages. While FedEx may be vulnerable to
interception in certain cases, clearly this is an improvement over using no
encryption.

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."










More information about the cypherpunks-legacy mailing list