absolutely nothing to panic over
andrewg at andrewg.com
Sun Oct 25 10:20:30 CET 2015
> On 25 Oct 2015, at 07:40, listo factor <listofactor at mail.ru> wrote:
> I do however believe that we must face the future without the
> hocus-pocus of "public key cryptography".
By calling PKC "hocus pocus" and using "scare quotes" you won't convince us of your claims, just of your obsession. ;-)
> *There is no secure
> communication over an insecure channel without out-of-channel
Correct. And PKC has just such an out of band bootstrap - key verification.
> For a while, we thought that we can cheat the laws
> of nature with smoke and mirrors: either "trusted third parties"
> (a contradiction in term), or public key verification using
> devices such as "web of trust" (a Rube Goldberg-esque contraption
> if there ever was one in widespread use) or party-to-party key
> verification that depended on authentication and information
> exchange integrity over an insecure channel.
There is nothing wrong in principle with any of these, so long as one understands and accepts the limitations. A trade off between security and practicality will always have to be made at some level.
> As if that was not
> enough, we now see the cracks in the basement: advances in
> computing technology are corroding the fundamental algorithms,
> one by one...
Advances in computing technology have corroded every encryption algorithm ever made. This is not unique to PKC. Security is and always will be an arms race.
> Fortunately, this process is slow, and there is ample time to
> transit. If the sky is falling, it is falling only for those that
> deal with the reality by burying their heads in the sand.
Well, no. If you believe that PKC is fundamentally flawed, it may look that way to you. But you haven't shown any evidence other than your gut instinct. You may be right, or you may not. But gut instinct isn't enough to give up PKC, which is the only PRACTICAL mass-cryptography paradigm we know of. Imagine having to exchange out of band and in advance symmetric keys with every person or company you will ever deal with. Imagine Microsoft, Google, etc having to keep on file AND SECRET a symmetric key for every person on the planet. The drawbacks of a non-PKC future should be blindingly obvious.
None of that is to say that some fundamental flaw in PKC won't be found. But all the signs point to the future being quantum-resistant PKC, and there is no point worrying about a future in which even that fails. If we are forced back to symmetric cryptography it will be a disaster, but we have the tools already. And who knows what other algorithms will arise in the meantime.
More information about the Gnupg-users