On Thu, 22 Aug 2019 at 11:06, Charles Mills <[email protected]> wrote:
> You might ask what part of *private* key they are having trouble > understanding. See "Why Johnny Can't Encrypt" (1999) https://pdfs.semanticscholar.org/389f/55c5c376db4ce1c88161dca98c329614faa8.pdf and "Why Johnny Still Can't Encrypt" (2016) https://arxiv.org/pdf/1510.08555 Youtube seems to have videos on these topics, but I haven't looked at any of them. The above are talking specifically about PGP, but many of the lessons are common to other cryptosystems. The crypto is fine, but the end-user understanding is the weak point. Sure, maybe they should be crypto experts, but not every software developer is. See also Ross Anderson's "Why Cryptosystems Fail". Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
