Simpson Garfinkel on Spooky Cryptographic Motion at a Distance
Wonderful learn. One instance:
Take into account the case of fundamental public key cryptography, through which an individual’s private and non-private key are created collectively in a single operation. These two keys are entangled, not with quantum physics, however with math.
Once I create a digital machine server within the Amazon cloud, I’m prompted for an RSA public key that can be used to regulate entry to the machine. Usually, I create the private and non-private keypair on my laptop computer and add the general public key to Amazon, which bakes my public key into the server’s administrator account. My laptop computer and that take away server are thus entangled, in that the one strategy to log into the server is utilizing the important thing on my laptop computer. And since that administrator account can do something to that server—learn the sensitivity information, hack the net server to put in malware on individuals who go to its net pages, or anything I would care to do—the non-public key on my laptop computer represents a safety danger for that server.
Right here’s why it’s unattainable to judge a server and know whether it is safe: as lengthy that personal key exists on my laptop computer, that server has a vulnerability. But when I delete that personal key, the vulnerability goes away. By deleting the info, I’ve eliminated a safety danger from the server and its safety has elevated. That is true entanglement! And it’s spooky: not a single bit has modified on the server, but it’s safer.
Learn all of it.
Sidebar picture of Bruce Schneier by Joe MacInnis.