[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: On shared keys (was RE: SOI: identity protection and DOS)
At 05:16 PM 11/28/2001 -0500, Dilkie, Lee wrote:
>Alex,
>
>With all due respect, I think the ATM network is a great example of why PSK
> (symmetric kind) security is an expensive and non scalable solution.
>
Mr. Lee Dilkie,
Unfortunately I don't have time to counter all your points due to an upcoming
deadline. Nor will I have time to follow this thread in near real-time for a
while.
I will re-iterate my position. If a network security system is properly
designed
then either Public Key or Symmetric/Private Key cryptography will work fine in
establishing trust. I furthermore claim that Symmetric/Private Key
cryptography
will scale to great numbers of users and I use the bank ATM secure network
using
DES as an excellent example. To prove this point beyond any reasonable doubt I
suggest that you go read the US patents underlying the ATM security system.
In particular, US Patent # 4,268,715 "Method and Apparatus for Securing Data
Transmissions" is probably the core patent. You can look at whatever
patents cite
it or are cited by it to discover related patents dealing with secure
enrollment
of users, detecting forged cards, etc.
As far as I'm concerned this should be the end of the discussion about whether
or not Symmetric/Private Key cryptography can scale to large numbers of
users in
an efficient, easy to use by ordinary people, inexpensive to implement
manner and
interoperable between devices made by different manufacturers and
maintained by
different organizations. It has been done for the past 20 years by what is
probably the most successful world-wide commercial networked security system.
Anyone who still claims that Public Key is superior to Symmetric/Private Key
cryptography, or that it is the only way to scale, is a *damn fool* and should
be treated as such.
Good Night,
- Alex Alten
--
Alex Alten
Alten@Home.Com
Follow-Ups:
References: