Thanks for the living hell, and question about OpenSSL

[Tim May]

On Friday, April 25, 2003, at 03:30  PM, Patrick Chkoreff wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Tim May wrote:
>
>> Not meaning to sound too harsh, but you need to think deeply about 
>> what
>> cryptography is all about and why "trust me, I promise not to look"
>> systems are not desirable or interesting.
>
> I'm writing "(unblind (sign (blind X))) = (sign x)" on the board one
> hundred times.

You don't need to take our word for it--you need to see why modern 
cryptography avoids trust issues almost completely.

I suggest that you dig up Chaum's "Communications of the ACM" paper 
from 1985: "Transaction Systems to Make Big Brother Obsolete." I read 
it when it came out, and it triggered many ideas. It's online, or was 
as of a few years ago.

Also, look at his paper on "Dining Cryptographers" to see how 
information-theoretically secure messages can be sent.

Forget worrying about the details of various ciphers in Schneier's 
book, at least until you have grasped the essence of not relying on 
trust or "I promise not to look" b.s. schemes.

BTW, a more abstract book is Oded Goldreich's "Foundations of 
Cryptography--Basic Tools," 2001. A little disorganized in places, but 
lots of core concepts.

When you have fully grokked the way messages can be sent without any 
practical way of tracing their origin, as in the dining cryptographers 
example, your eyes will be opened. And zero-knowledge interactive proof 
systems (ZKIPS) will blow your mind. Never again will you argue in 
terms of "trust me" and "so long as they don't subpoena me" and "I 
promise not to look."

(My simple explanation of ZKIPS in terms of demonstrating a Hamiltonian 
cycle for a graph is in the archives, from around 1992-3.)

--Tim May

"Al Qaida was never the real threat...Afghanistan is."
"Aghanistan was never the real threat...Iraq is."
"Iraq was never the real threat...Syria is."
"Syria was never the real threat...stay tuned."