[12491] in cryptography@c2.net mail archive
Re: Columbia crypto box
daemon@ATHENA.MIT.EDU (Adam Fields)
Mon Feb 10 14:31:45 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Mon, 10 Feb 2003 10:54:14 -0500
From: Adam Fields <fields@surgam.net>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: Pete Chown <Pete.Chown@skygate.co.uk>,
cryptography@wasabisystems.com
In-Reply-To: <20030210043401.298CD7B4D@berkshire.research.att.com>
On Sun, Feb 09, 2003 at 11:34:01PM -0500, Steven M. Bellovin wrote:
> First, there was no key management. This means that loss of a single
> unit -- a stolen laptop or a disgruntled (ex-)employee would do --
> compromises the entire network, since it's impossible to rekey
> everything at once in an organization of any size. For most real-world
> deployments, this is the most serious weakness. Furthermore, if there
> were real key management, the next two problems couldn't have happened.
> This was clearly avoidable.
Practically, what's the right way to do this? You could do it with a
centralized server key that has the ability to broadcast a new shared
key to all clients, but then if the server gets compromised you lose
control of the entire network (possibly true anyway, for different
reasons).
>From my personal (limited) experience, key management is really
hard. I'm curious about potential solutions to this.
--
- Adam
-----
Adam Fields, Managing Partner, fields@surgam.net
Surgam, Inc. is a technology consulting firm with strong background in
delivering scalable and robust enterprise web and IT applications.
http://www.adamfields.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
