Simson Garfinkel on Spooky Cryptographic Motion at a Distance
Wonderful learn. One instance:
Take into account the case of fundamental public key cryptography, wherein an individual’s private and non-private key are created collectively in a single operation. These two keys are entangled, not with quantum physics, however with math.
After I create a digital machine server within the Amazon cloud, I’m prompted for an RSA public key that shall be used to regulate entry to the machine. Sometimes, I create the private and non-private keypair on my laptop computer and add the general public key to Amazon, which bakes my public key into the server’s administrator account. My laptop computer and that take away server are thus entangled, in that the one solution to log into the server is utilizing the important thing on my laptop computer. And since that administrator account can do something to that server—learn the sensitivity knowledge, hack the net server to put in malware on individuals who go to its net pages, or anything I’d care to do—the personal key on my laptop computer represents a safety danger for that server.
Right here’s why it’s unattainable to guage a server and know whether it is safe: as lengthy that non-public key exists on my laptop computer, that server has a vulnerability. But when I delete that non-public key, the vulnerability goes away. By deleting the information, I’ve eliminated a safety danger from the server and its safety has elevated. That is true entanglement! And it’s spooky: not a single bit has modified on the server, but it’s safer.
Learn all of it.
Posted on October 30, 2024 at 10:48 AM •
0 Feedback
Sidebar picture of Bruce Schneier by Joe MacInnis.
