How do you plan to handle the authentication problem? IE: How can I send a message securely to a person, remotely, without having any prior out-of-band information from them?
You could do a one-time-insecure-setup model, not unlike SSH. Which is vulnerable in obvious ways, but maybe not on a massive scale. The certificate authority system is obviously broken when the adversary is the NSA. And sharing out-of-band keying information doesn't scale.
I'm just not able to see a solution to authentication that scales, is easy to use, and doesn't involve a trusted third party.
Alt--F45 karma
How do you plan to handle the authentication problem? IE: How can I send a message securely to a person, remotely, without having any prior out-of-band information from them?
You could do a one-time-insecure-setup model, not unlike SSH. Which is vulnerable in obvious ways, but maybe not on a massive scale. The certificate authority system is obviously broken when the adversary is the NSA. And sharing out-of-band keying information doesn't scale.
I'm just not able to see a solution to authentication that scales, is easy to use, and doesn't involve a trusted third party.
View HistoryShare Link