Linux crypto killer apllication

Robert J. Hansen rjh at sixdemonbag.org
Fri May 16 00:54:05 CEST 2008 

David Picón Álvarez wrote:
> From the patterns of use of crypto most people don't have any secrets
> worth bothering with, and most people don't want their e-mail kept
> secret.

I'm not willing to go there.  We can conclude crypto is not often used,
but if you want to talk about why crypto is not often used you're going
to need some foundation other than speculation.  Ed Felten has a paper
out -- I'll dig it up if people are interested -- outlining patterns of
PGP usage in an international, politically-active NGO that had a lot of
secrets to keep, which included interviews asking "so why do or don't
you use PGP?"

> Because it is probably a fairly good lower bound.

Words like "probably" make people think of probabilities; weighted,
measured, quantitative things grounded in objective reality.

That is not the case here.  "Because it seems like a fairly good lower
bound" is more accurate -- and then it opens the door to ask, why
precisely does it seem that way, and how do you know your perceptions
are accurate with respect to the mathematical and technological
developments of a century hence?

> 1) Did you have to choose the iPhone, one of the most 
> free-software-hostile platforms ever, to exemplify smart pohnes?

I didn't choose the iPhone -- the free market did.  The iPhone's
capabilities are understood, at least vaguely, by most people, which
makes them good for exposition purposes.

> 2) Are you sure RSA 16k would take that long to run?

Talk to the OpenPGP WG.  The mobile operators are pushing ECC since RSA,
ElGamal and DSA all require unreasonable amounts of time, memory and
procesor power.

> 3) Like it or not, smart phones are not to be considered, for now, 
> general purpose computers. They can do many things, but not 
> everything expected from a computer at this point.

Yes, but we're not talking about manipulating spreadsheets. We're
talking about _reading email_, which is clearly something people do with
their smart phones.

> RSA is more flexible. Easier to protect several documents, easier to 
> have shared secrets, etc.

Explain the "RSA is more flexible", please.

It is also not easier to protect several documents.  Great, so I take my
several documents, I zip them up, I encrypt the file symmetrically,
bang, Bob's your uncle.

It is also not easier to have shared secrets.  Shamir's scheme is in no
way connected to asymmetric crypto.  You can do a secret sharing scheme
with a small symmetric key just as easily as you can with an asymmetric key.

More information about the Gnupg-users mailing list