gpgme 0.3.3 questions

Matthew Byng-Maddick gnupg at lists.colondot.net
Fri Sep 21 12:59:01 CEST 2001


On Fri, Sep 21, 2001 at 11:29:27AM +0200, Rick van Rein wrote:
> > A fingerprint is the best identity you can have.
> But, per definition, it is not an identity, _because_ there is a >0 chance
> of two different entities with the same fingerprint. An identity requires
> an =0 chance for that.

Not even a key is an identity, then, so why bother using PK cryptography?

There is a finite chance that two people can generate the same keypair. Or
alternatively generate two different private keys which have a same
corresponding public key.

> Similarly, the trust ring in GPG is indexed by fingerprint -- which I don't
> like much, but given the average ring size, chances of error are slim (and
> acceptable). But worldwide stuff should not be indexed by fingerprint if
> you want my opinion.

Also remember that not every stream of 1024 bits is a valid public/private
key, so there are *many* less than 2^1024 possible keys. Admittedly it's
not as low as 2^160, but 2^160 is bigger than the IPv6 address space (2^128)
although not big enough to avoid a birthday paradox attack.

> > About everything in cryptography is about probability, so it does not
> > make sense to try to do something "exact" in one part of the system.
> Definately, but where exact solutions exist, it is better not to rely on a
> game of chance, even if the stakes are pretty darn good. Identities are

Um... How do you think, eg. anonymous digital cash works? There isn't an
"exact" solution, because two people could, in theory, generate the same
public-key. In practice the chance of it happening is so minute as to be
entirely ignorable.

> quite easy to construct in almost any application, and it is better to look
> further and not jump to fingerprints as identities too easily. If it can be
> avoided, that's a gain.

Agreed, to an extent. Identities are a difficult thing to consider, after all,
how many "John Smith"s are there? They're not all the same. So we try and
add (eg) a birthdate, but there are still >1 on that same day. Add a location,
there's still a chance of >1. So saying "identity" is not the answer to all
your problems: cryptography can only use data that's in the real world
already. Also what happens when I have a case of split identity, eg, role
addressing, or similar, where I keep my "identity" disparate between different
groups of people.

This is not a trivial problem, and undermie a lot of what you mean in
cryptosystems. Crypto can do certain things, but it relies on the humans to
understand what it's doing. Humans like identifiers like "John Smith", and
in some ways, a key is a better identifier than the humans have.

Fingerprints are a way to deal with a sensible amount of data - imagine
trying to look up someone's "identity" by having to remember 1024 bits,
which is still 256 hex digits. It doesn't really scale.

MBM

-- 
Matthew Byng-Maddick         <mbm at colondot.net>           http://colondot.net/




More information about the Gnupg-devel mailing list