[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
"Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com> writes:
> Actually, I forgot to mention the point that PK crypto only scales well when
> you have a CA. Sharing your self-signed cert with 500 people is no easier
> than sharing 500 different preshared keys.
Actually, that's not true. If you have a full mesh of 500 people
sharing keys, then with shared secrets you have 500^2 == 250,000
shared keys (assuming each pair share a unique key). OTOH with public
keys (preshared or otherwise) you only need a total of 500 keys in the
system.
How the public keys are verified (either by CA validation or by
pre-sharing them and validating by hand) is irrelevant to this
particular discussion.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
Follow-Ups:
References: