[FoRK] Re: identity-based encryption

Meltsner, Kenneth Kenneth.Meltsner at ca.com
Tue Feb 10 09:44:06 PST 2004


And locks with master keys, credit cards, wireless telephones, and cell
phone all have been found to have significant vulnerabilities.  It
doesn't mean that they're useless as a result, or that most users of
these technologies will be attacked.

My guess is that the vast majority of theft and fraud use old-fashioned
methods (e.g. cons first described in The Art of Catching Coney from the
1500s) or brute force.  Smart criminals go for higher stakes, such as
stealing entire elections or complete databases of subscriber names and
CC numbers.

If I had to evaluate the potential of IBE, I'd ask:

Does IBE represent a significant improvement in functionality or
convenience when compared to existing technologies, and if so, is it
significantly less secure? 

Right now, people fail to use the most rudimentary protections because
it takes "too much" effort.  Any solution that improves security without
reducing effort will not succeed because lack of security is not the
barrier for all but a small number of users.

Ken


More information about the FoRK mailing list