the sad state of cryptographic infrastructure, 17 May 2012
I've been looking at ssh and IPsec again and it's made me realise again
that we (in the computing field)
have made a mess of the artifacts of cryptography
and it's entirely our own fault.
Starting from goals such as privacy and authentication of communication,
we have taken aim at our feet and fired with
- oids (object ids)
- the X.509 binary encoding used for key certificates
- dozens of certificate `authorities'
- protocols with so many optional parts and choices that systems can barely interoperate
- an array of binary key formats
- and more
PGP is a sad example:
by changing key formats and algorithms repeatedly
(sometimes for compelling legal reasons),
interoperability is so impaired that you pretty much
need to know in advance which version of PGP each recipient uses.
The triumph of ssh v2 (a classic second system)
over v1 is another example:
whatever the theoretical weaknesses of v1 were,
it was surely better to encrypt one's communication than not.
We need a v3, a stripped-down and streamlined version closer
to v1 than v2.
We seem to be better at building great steaming piles of crypto
(e.g., OpenSSL)
than getting to the core of what needs to be done and doing just that.
Geoff Collyer
geoff at collyer.net