Team for Research in
Ubiquitous Secure Technology

No More Alice to Bob: Reality-based Models for Message Encryption and Key Management
Terence Spies

Citation
Terence Spies. "No More Alice to Bob: Reality-based Models for Message Encryption and Key Management". Talk or presentation, 29, September, 2005.

Abstract
Communication security has long subsisted under a model motivated by the assumption that endpoints were secure, while intermediaries and third parties were untrusted. The natural implication of this model is that properties like non-repudiation, confidentiality and end-entity authentication be provided in an end-to-end fashion. Not only is this model and its implications incorrect in real systems, but it is actively detrimental to building systems that customers need. This talk will go into experiences integrating encryption into a major operating system, and also the realities of deploying email encryption within 100,000 user enterprises, and will attempt to distill a set of different security and design assumptions that lead to useful systems.

Electronic downloads

Citation formats  
  • HTML
    Terence Spies. <a
    href="http://www.truststc.org/pubs/7.html"
    ><i>No More Alice to Bob: Reality-based Models for
    Message Encryption and Key Management</i></a>,
    Talk or presentation,  29, September, 2005.
  • Plain text
    Terence Spies. "No More Alice to Bob: Reality-based
    Models for Message Encryption and Key Management". Talk
    or presentation,  29, September, 2005.
  • BibTeX
    @presentation{Spies05_NoMoreAliceToBobRealitybasedModelsForMessageEncryption,
        author = {Terence Spies},
        title = {No More Alice to Bob: Reality-based Models for
                  Message Encryption and Key Management},
        day = {29},
        month = {September},
        year = {2005},
        abstract = {Communication security has long subsisted under a
                  model motivated by the assumption that endpoints
                  were secure, while intermediaries and third
                  parties were untrusted. The natural implication of
                  this model is that properties like
                  non-repudiation, confidentiality and end-entity
                  authentication be provided in an end-to-end
                  fashion. Not only is this model and its
                  implications incorrect in real systems, but it is
                  actively detrimental to building systems that
                  customers need. This talk will go into experiences
                  integrating encryption into a major operating
                  system, and also the realities of deploying email
                  encryption within 100,000 user enterprises, and
                  will attempt to distill a set of different
                  security and design assumptions that lead to
                  useful systems.},
        URL = {http://www.truststc.org/pubs/7.html}
    }
    

Posted by Christopher Brooks on 30 Sep 2005.
Groups: trustseminar
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.