Re: ::scr tales from the crypto

[Simon Wistow <simon@xxxxxxxxxxxxxx>]

[snipped and rearranged for clarity]

On Fri, Apr 19, 2002 at 10:39:46AM -0700, matt jones said:
> For instance, I've read that one of the main problems with crypto in
> general is that the concepts of how it works can be tricky to grok. I must
> admit that my grasp of how the key-based system used by P?GPG? actually
> works is shaky at best

However it is probably worth explaining especially if we're going to be
having a discussion on this. 

[SIMON thinks for a while]

Right. Imagine we have a message, which can be thought of as
the variable $message, and public and private keys which can be thought
of as functions (like wot you get in maths).

Public/Private key cryptography works on the premise that

  $message == private(public($message))

and

  $message == public(private($message))


ie. public is the inverse function of private[0]. The functions can be
anything but obviously you want something that's difficult to break but
that starts getting into the realm of scary maths so I won't go into it
now. 


The upshot of this is that you can download my public key ...
 
  http://www.thegestalt.org/simon/stuff/public.asc

... and use that to encrypt a message. Then you send it to me. Because
I'm the the only one with my private key (which I keep locked up good
and safe in my sock drawer)  I can then apply it to the message, which
is the equivalent of public($message), and get the results out.
Excellent, now you can send me stuff that no-one else can read. But how
do I know that it *really* came from you?

This is where the second equation comes in - you can use your private
key (which only you have) to 'sign' the message. The I can download your
public key, run it over the signed message and the original will pop
out. Therefore it must have come from you.  

Of course I've probably got it completely wrong but that's the basic
premise. I hope :)

> What I keep reading again and again is that one of the main problems
> facing security and cryptography is the conflict between utility and
> usability[1]. As I understand it, this conflict arises from the need for
> security to be quite complex in order to be implemented usefully, and yet
> in order to ensure it's widespread use it needs to be transparent enough
> at the user end to be accessable by Johnny X. L. Spreadsheet.

We've kind of touched on this before in the thread on IE. But it kind of
keeps coming up.

Recently I stumbled across this gem.

  http://peterme.com/archives/00000171.html

Peter Me being a big name in the IA type world.

Then I started thinking about it. 

Maybe we do put too much security in the way of everything. Maybe we
could just open everything up but put more thought into preventing the
bad results. Not really sure where I'm goign with this one but it's a
crack fuelled idea I had during a bout of insomnia :

basically you rig up your system  to minimise the effects of an hack
(yes, technically a crack but hey ho). Keep regular backups, put in
measures to prevent Denial of Service attacks or spamming. Not really
sure how possible it is but it'd be a return to pre Morris Worm days.
[1]

A lot more open, a lot more, I dunno, friendly.

It is, of course, a completly crack fuelled idea and almost certainly
impossible or, at very least, much more impractical than implementing
traditional security. But it's an interesting idea.


....


[TUMBLEWEED floats past]

I'm off to go heat up another couple o' rocks in the old glass pipe.


Simon


p.s  Final link ...  this was in the last Cryptogram, a monthly security
letter from uber-guru Bruce Schneier. It's an article on "How to think
about security". I think it's been passed around a fair bit now but it's
worth a read if you haven't already.

http://www.counterpane.com/crypto-gram-0204.html#1



-- 
: omnipotence for dummies

[0] so, say for example, if private is the function 


  function private ($num)
  {
	return 2*$num; // return two times the input
  }


and public is the function


  function public ($num)
  {
	return $num/2; // return the input divided by two
  }

then

  4 == public(private(4));


[1] Robert Tappan Morris Jr. released the Internet Worm on November the
2nd 1988.

You can read about it here.

http://sunland.gsfc.nasa.gov/info/guide/The_Internet_Worm.html

The embarassing thing was that his Dad was Robert Morris Senior who was
chief scientist at the National Computer Security Center -- part of the
National Security Agency (NSA). 

Up until that point systems had been far more open but the worm changed
all that. 

Clifford Stoll wrote about it in his book 'The Cuckoo's Egg'. Which in
itself is an interesting story of when an open society meets a more
security concious one. Stoll was a Berkley astronomer who starts 
working for the computer department and ends up tracing a hacker in his
system. In the course of his investigations he ends up working with the
FBI and the NSA which causes friction between him and his hippy friends.

It's an interesting book and extremely well written and gives an really
good insight into security works in the real world.

I think I'll shut up now.