-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>> I am certainly not going to advocate Internet-scale KDC. But what
>> if the application does not need to scale more than a "network of 
>> friends?"
>
> A thousand times yes.

There is however a little fly in that particular ointment. Sure, we can develop 
system that manage pairwise keys, store them safely, share them between several 
user devices. But what about PFS? Someday, the pairwise key will be 
compromised, and the NSA will go back to the archives to decrypt everything. We 
could certainly devise a variant of DH that use the pairwise key to verify the 
integrity of the session keys, but that brings the public key technology back 
in the picture. Maybe I am just ignorant, but I don't know how to get PFS using 
just symmetric key algorithms. Does someone know better?

- -- Christian Huitema

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using gpg4o v3.1.107.3564 - http://www.gpg4o.de/
Charset: utf-8

iQEcBAEBAgAGBQJSLU6uAAoJELba05IUOHVQ32QH/jVt7j/FpZXc7G07fvfu8/ij
4h53Vn0dfNZmX+XLNX3yILizSz712bGEGWVnq7nPh1IB9JEbYu0lFJxzXbZB6Cv1
Owu+QKnJ1NgctggwKkaCwOELFPNEZ1amzu3f+Haxrq9knv/H2/mykpLPyRR0IU8T
8KFoud1rg7nffIW+flkEGVGgcExibjXOd8H7+/q6Mu6u4/aVJ4O3m2c1sv0kLhl3
gPIeoD8LlRBERUslkqF/jEv6PVgByLD8D94/f7wJ34e9RZQNILPH2dGdck02G/vK
IimsR7K/9cB0KhNnIIqCnmxYSvm7KU97h6ejm5lyyZPTtnoDPjfEU+0w7vl5uMs=
=ze/o
-----END PGP SIGNATURE-----

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to