Why ¨trouble¨ ?

pants pants at cs.hmc.edu
Tue Aug 28 04:20:25 CEST 2012

On Tue, Aug 28, 2012 at 03:54:19AM +0200, No such Client wrote:
> Why put your pubkey up forever, to make it easier to socially or
> technically attack your comms?  

I mean, by having access to a public key turns the technological attack
on encrypted data from an intractable one to an intractable one.  You
might now have a problem that goes with some smaller number raised to
the n, but that grows exponentially with n nonetheless.

> Perhaps it is different in your country, however in the military, we
> often have to think pragmatically of the human weakness, and when
> symmetric or pKI is appropiate. Otherwise, others are at risk.

Yes, it is fortunate that I, and indeed most of the cryptographic
community, will likely never face any sort of physical coercion.  I, for
one, am more concerned with privacy than with any serious data
sensitivity.  But the addition of a frail human element into the problem
is certainly interesting.  If one can torture a passphrase or key out of
someone, what is to stop them from extracting the encrypted data from
the person as well?  After all, in the situations you hint at, it is
this which is actually relevant to the torturing party.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: </pipermail/attachments/20120827/05740ff3/attachment-0001.pgp>

More information about the Gnupg-users mailing list