James A. Donald writes:
> In real life situations where one wishes a conversation to be secure, are
> people most commonly authenticated by true name, or by face.
We're mixing several unrelated items in one pot here. One thing is
authentication, the other is securety. Authentication is when Alice
can prove with a very high probability that the current transaction is
being conducted with Bob, while in the past Alice or a party Alice
trusts has already had dealings with Bob. This creates a machinery for
maintaining a private (but publicable) list of identities which can
build trust, which is clearly useful to distinguish defectors from the
good guys. To best of my knowledge, authentication can be currently
only conducted with one-time pads (too inconvenient for large groups
of people) or public key cryptography (where in principle you could
put meddling black boxes downstream of public key servers, and perform
transparent key substitutions on the fly, or just spoof the IP address
of the keyserver(s), or just hack the key server, or remotely
compromise the local machine you're using).
Above does not say anything about whether this transaction is in
cypher or clear.
Of course you would typically want to conduct the session via a block
cypher channel, exchanging session keys either via one time pad or a
public key protocol.
Clearly, you can maintain a secure connection to an anonymous
party. Authentication and securety only touch shoulders when you're
trusting the public key server (and the local machine, and the network
in between) to give you the right public keys which match advertised
identity. It would be obviously a good idea to generate a small set of
public/private key pair for every key server (putting them in the
keyring of well known privacy packages as default), and authenticate
each session with the key server. Another good idea is to conduct
random consistency checks against a pair of keyservers each residing
in different countries by yourself (of course this would make both the
privacy packages and the packets travelling between you and the world
more opaque), or someone who is widely trusted.
Anyone knows whether this is being done?
> Think of every secure conversation you have had. Did the participants know
> your true name?
