Compliance Defects in Public-Key Cryptography
Public-key cryptography has low infrastructural overhead because
public-key users bear a substantial but hidden administrative burden.
A public-key security system trusts its users to validate each others'
public keys rigorously and to manage their own private keys securely.
Both tasks are hard to do well, but public-key security systems lack a
centralized infrastructure for enforcing users' discipline. A
"compliance defect" in a cryptosystem is such a rule of operation that
is both difficult to follow and unenforceable. We present five
compliance defects that are inherent in public-key cryptography, and
argue that these defects make public-key cryptography more suitable
for server-to-server security than for desktop applications.
View the full text of this paper in
ASCII (36,453 Bytes) and
POSTSCRIPT (174,192 Bytes) form.
To Become a USENIX Member, please see our