From: Harvey Newstrom (mail@HarveyNewstrom.com)
Date: Tue Jan 23 2001 - 10:06:24 MST
KPJ <kpj@sics.se> wrote,
>It appears as if Ken Meyering <ken@define.com> wrote:
>I fail to detect any solution to the man-in-the-middle attack on encryption,
>unless people meet "in the flesh" to exchange encryption keys. The PGP "web
>of trust" really does not solve this problem, IMO.
>
>Until one solves this, free trade using networks lacks security. The telephone
>network has this problem too, but on the Internet it becomes a major problem.
>Without security, the libertarians lack the tools to conduct free trade and
>speach.
To be technical, the man in the middle attack is not an "attack"
against an existing securely established relationship. It is a form
of fraud or con wherein one is persuaded to set up a new secure
relationship with someone untrustworthy. That means that if you
personally know someone and set up proper secure communications with
them, the man-in-the-middle con cannot break it (theoretically).
This con only works if you are trying to set up a new relationship
with a stranger to do business. The man-in-the-middle is a stranger.
You set up secure communications with him. No one else can break
into your secure communications (theoretically). Therefore, the
system worked as designed. The problem is not with the encrypted
communications. The problem is with dishonorable people at the other
end.
This problem always exists, whether someone has interposed a
man-in-the-middle or not. The person on the other end of the
communications must be trusted. If he is not trustworthy, he is a
break in security. No fix on the communications pipe will solve the
problem of dishonorable people. Even if the person on the other end
is not a pre-arranged man-in-the-middle, he still can turn out to be
untrustworthy and could pass along your secret messages to any third
party.
I do not believe any amount of technology on the communications pipe
will be able to solve the problem of untrustworthy humans on the
other end. A different solution for trusting or controlling business
partners would need to be found.
One possible solution for some cases would be full anonymous cash.
If you could do business anonymously and still get paid, you wouldn't
care what the person did on the other end. In this case, you
wouldn't need your messages to be encrypted, merely that your
messages could not be traced back to you. This is a different
solution to a different problem, but might solve some business
requirements for e-business.
-- Harvey Newstrom <HarveyNewstrom.com>
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:05:14 MST