absolutely nothing to panic over

listo factor listofactor at mail.ru
Tue Oct 27 08:25:24 CET 2015

On 10/27/2015 03:55 AM, Robert J. Hansen wrote:
> You start from tautology and conclude at paradox.  This doesn't appear
> to be something to be taken seriously.

Allow me to try again:

*There is no secure communication over an insecure channel
without out-of-channel bootstrap*.

I believe the above can be re-phrased as follows, with no change
in meaning:

Cryptography is an art of turning large secrets into small secrets. [1]

We need a secure channel to transfer small secrets (typically
the cryptographic device and the key), so that we can communicate
large secrets over an insecure channel. [2]


[1] The definition is of course not mine.

[2] It is often forgotten that it is not ~only~ the key
that comprises the "bootstrap". The cryptographic device does not
need to be secret, but it must be authenticated, which can not be
done over an insecure channel. Same holds for the "public" key in
asymmetric systems.

More information about the Gnupg-users mailing list