On Sun, May 21, 2006 at 04:27:49PM -0500, chrisisbd@leary.csoft.net wrote:
Why is it that *everything* uses some sort of public-key encryption algorithm for storing sensitive data? It's stupid!
OK, it's brilliantly useful for sending data across the internet and so on but for storing one's own sensitive data it is entirely pointless as far as I can see.
For example if I want to store a file with some sensitive data in it and only only want to be able to decrypt it myself then surely anything *but* a public key encryption algorithm makes sense. Essentially a public key algorithm means that there is always a brute force way of getting at the data, it may take more computing power/time than is available but it is in principle possible. Other ways of encrypting can be made essentially uncrackable if you want.
Are there any encryption experts here who can persuade me that I'm being silly?
The only thing that's provably secure is a one time pad. Even a symmetric key algorithm can be brute forced. The key is to ensure that the algorithm and key length you choose is not feasibly brute forceable before universe heat death.
Most public key implementations these days use the public/private key to encrypt a symmetric key that's then used for the session/instance. PGP and SSH both work this way for example.
The example you give of a file encrypted on your hard drive is probably one where the extra properties of public key cryptography don't really add much; PKI's real strength is about the fact you anyone who can encrypt stuff to you can't also decrypt anything to you; you can distribute the public key far and wide, which you can't do with a symmetric key.
(Disclaimer: I'm knackered and it's many years since I did any crypto related mathmatical proofs.)
J.