Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Propose a Revocable Identity-Based Encryption Scheme

Posted by timothy on from the now-who-was-I? dept.

jd writes Identity-based public key encryption works on the idea of using something well-known (like an e-mail address) as the public key and having a private key generator do some wibbly-wobbly timey-wimey stuff to generate a secure private key out if it. A private key I can understand, secure is another matter. In fact, the paper notes that security has been a big hassle in IBE-type encryption, as has revocation of keys. The authors claim, however, that they have accomplished both. Which implies the public key can't be an arbitrary string like an e-mail, since presumably you would still want messages going to said e-mail address, otherwise why bother revoking when you could just change address?

Anyways, this is not the only cool new crypto concept in town, but it is certainly one of the most intriguing as it would be a very simple platform for building mostly-transparent encryption into typical consumer apps. If it works as advertised. I present it to Slashdot readers to engender discussion on the method, RIBE in general and whether (in light of what's known) default strong encryption for everything is something users should just get whether they like it or not.

76 comments

  1. Hmmm by Anonymous Coward · · Score: 0

    An interesting idea.

    1. Re:Hmmm by mlts · · Score: 1

      This isn't a new idea. I saw the opposite workings with the NeXT back in 1992 had a public/private key scheme, where a person could create a password or passphrase, of any characters as a private key, and then NeXTStep would make a public key from that phrase.

  2. I am not an email address! by Anonymous Coward · · Score: 0

    I am a free-ish sort of slave!

  3. Not distributed by Animats · · Score: 4, Interesting

    I'm not qualified to judge whether it's secure, but it's not distributed. "Each user is provided by PKG with a set of private keys corresponding to his/her identity for each node on the path from his/her associated leaf to the root of the tree via a secure channel as in IBE scheme." So there's a tree of all users, maintained by somebody. I think; the paper suffered in translation.

    1. Re:Not distributed by Lennie · · Score: 3, Interesting

      (I haven't read the article yet)

      Distributed wouldn't be my fear, federated would be fine (for example can a person or organization use their own domain).

      I wonder will my communication be easy to identify with an Identity-based encryption scheme.

      --
      New things are always on the horizon
    2. Re:Not distributed by Anonymous Coward · · Score: 1

      Yeah. And Someone(TM) is providing private keys -- thus the keys ain't truly private anymore.

      One of the really nice properties of the "classical" schemes were that my private keys never left my realm -- from (and including) creation to disposal.

      While there are enough weaknesses to these schemes as well (is my realm secure?), giving up this property seems to make us weaker, not stronger.

      Make no mistake: big players will be pushing towards central management, but that's not because it serves the user, but because it serves the big player.

    3. Re:Not distributed by Anonymous Coward · · Score: 2, Informative

      For most schemes you can't check which identity encrypted a message unless you know the private key, so you can't be tracked any more than e-mail headers already tell about you. The main problem with all IBEs is that you need a centralized key generator that will generate all the keys. The key generator has a master secret key and can therefore decrypt all messages. Therefore, it's best suited for organizations, where it doesn't hurt that there's one entity with the keys to the safe.

      There are some more complicated attribute based encryption schemes, where there can be multiple key generators that do not trust each other. Each key generator can give out rights "attributes" that it manages, but no other key generator can enable a user to have these rights. I.e. one key generator for company X can give a user the attribute "is an employee of X" while a key generator for company Y can give the same user the attribute "is a contractor at Y". Then if someone sends out a message, you can give the message the attributes, say, "contractors and employees at Y" and then this said user could decrypt the message being a contractor at Y, but a regular employee at X could not open it.

      However, key sizes tend to grow with the number of key generators, so these are not implementable in practice.

  4. flawed by Anonymous Coward · · Score: 3, Informative

    You can not generate a secure private key from a public key by definition.

    This method requires the use of a middle man.

    Everytime you make it "stupid proof" you make it insecure, in this case, needing a trusted (insecure) third party.

    Let's just grow up, and start teaching kids at a young age about data security and making better UX for existing tech.

    1. Re:flawed by Sique · · Score: 2

      You can by adding a random salt. If the scheme warrants that the spaces of possible private keys of two sources don't overlap, then you can have secure private keys which are not recreatable from the publicly known source, but which still can be attributed to it.

      --
      .sig: Sique *sigh*
  5. Something seems off... by penguinoid · · Score: 4, Interesting

    If the email address is the public key, and then you generate a private key from that... what's to stop someone else from generating your private key from the email address?

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
    1. Re:Something seems off... by Anonymous Coward · · Score: 1

      The article summary is useless, it's just better to read the article.

    2. Re:Something seems off... by Anonymous Coward · · Score: 2, Funny

      It's the wibbly wobbly, timely slimely, wishy washy magic sauce.

    3. Re:Something seems off... by jarkus4 · · Score: 4, Informative

      from wiki (http://en.wikipedia.org/wiki/ID-based_encryption)

      Identity-based systems allow any party to generate a public key from a known identity value such as an ASCII string. A trusted third party, called the Private Key Generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the corresponding master private key (referred to as master key). Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID.

    4. Re:Something seems off... by Anonymous Coward · · Score: 0

      >A trusted third party
      Fairly useless then...

    5. Re: Something seems off... by Anonymous Coward · · Score: 0

      _everybody_ trusts the Chineese gov, don't they?

    6. Re:Something seems off... by Anonymous Coward · · Score: 0

      A trusted third party

      Ugh.

    7. Re:Something seems off... by Anonymous Coward · · Score: 0

      So when this "trusted party" gets hacked and loses their master private key, every private key becomes known and the whole system breaks down. Nice.

    8. Re: Something seems off... by Taco+Cowboy · · Score: 1

      We used to trust the USA

      At least, ***I*** used to

      --
      Muchas Gracias, Señor Edward Snowden !
    9. Re:Something seems off... by Anonymous Coward · · Score: 0

      Not a big problem, the master key is own by the goverment.

    10. Re:Something seems off... by Anonymous Coward · · Score: 0

      And the government can't get hacked?

    11. Re:Something seems off... by JaredOfEuropa · · Score: 1

      If IBE requires a trusted third party, it seems to me that its only advantage over having a public key repository is that it can work offline, i.e. you do not need access to the trusted 3rd party to generate someone's public key from an email address, you only need to get and remember the master public key (once). In that case, a public key repository (a service that spits out someone's public key when given their email address) seems to have a lot of advantages, especially in the sense that this repository does not need to be trusted. And it'll handle revocations as well.

      Any encryption scheme that requires a trusted third party is not sufficiently private in this day and age.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    12. Re:Something seems off... by Anonymous Coward · · Score: 0

      Pretty much. Every time I see this phrase, I realize that the person proposing the scheme copped out of doing the real work to remove that bit of attack surface.

    13. Re:Something seems off... by X10 · · Score: 1

      from wiki (http://en.wikipedia.org/wiki/ID-based_encryption)

      A trusted third party, called the Private Key Generator (PKG), generates the corresponding private keys.

      Right. It's the same as PKI, just more complicated.

      --
      no, I don't have a sig
    14. Re:Something seems off... by Anonymous Coward · · Score: 0

      It's the wibbly wobbly, timely slimely, wishy washy magic sauce.

      So Timmy finally got around to the Harry Potter series, did he? At this rate, he'll discover the RFC's in 2074.

    15. Re:Something seems off... by AmiMoJo · · Score: 1

      Problem is there are no trusted third parties any more. Pretty much anyone could be lent on by governments demanding access to keys and gagging them from warning users. There is also the risk of hacking my GCHQ/NSA/etc.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    16. Re: Something seems off... by Anonymous Coward · · Score: 0

      Your boss is the trusted third party for your work e-mails. That would make sense as a use case, since he's going to demand to be able to read your work emails anyway. For your personal email, maybe you run your own mailserver that acts as keymaster for your private domain. The sheep would be happy letting an NSA-friendly mail service both host the mail and the key service.

    17. Re:Something seems off... by Anonymous Coward · · Score: 0

      Problem is there are no trusted third parties any more. Pretty much anyone could be lent on by governments demanding access to keys and gagging them from warning users. There is also the risk of hacking my GCHQ/NSA/etc.

      Perhaps it is time someone stands up to the Government and refuses to hand-over the master private key / private key / password and defies the Government by publishing the request from Government. When enough peasants get agitated they will be burn down the White House.

    18. Re:Something seems off... by Anonymous Coward · · Score: 0

      TL;DR: it's encryption that ensures both you AND YOUR BOSS get to see all the messages.

    19. Re:Something seems off... by MrNemesis · · Score: 1

      Because no-one else in the world knows how to ROT13 the @ sign.

      --
      Moderation Total: -1 Troll, +3 Goat
    20. Re:Something seems off... by Anonymous Coward · · Score: 0

      The government is your friend

    21. Re:Something seems off... by Anonymous Coward · · Score: 0

      I detect a broken joke detector!

    22. Re:Something seems off... by Anonymous Coward · · Score: 0

      A trusted third party, called the Private Key Generator (PKG)

      I think you misspelled NSA.

      Much more seriously, this is nothing special. There is nothing special here over CA model except that public key is derived from another public key, making the private keys non-random and therefore related.

      So,

      foo@example.com
      bo@example.com

      have related keys. So there must be information leaking somewhere.

      But since I'm not an expert, I'll remain cautiously pessimistic about any new novel crypto schemes and I'll stick with my PGP based mail crypto.

    23. Re:Something seems off... by Anonymous Coward · · Score: 0

      The other benefit here is the issue of time-sensitivity. You can't get a public key from a public key repository if the user never generated a private key in the first place, whereas IBE theoretically lets you go ahead and just send to someone that has never thought they might need a public key on a public key repository and leave the recipient to figure out how to authenticate with the PKG if they want to read your message.

    24. Re:Something seems off... by JaredOfEuropa · · Score: 1

      Very good point, thanks.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    25. Re:Something seems off... by Foresto · · Score: 1

      Could a domain owner be their own trusted third party?

    26. Re:Something seems off... by strikethree · · Score: 1

      What the FUCK?!

      ...retains the corresponding master private key (referred to as master key).

      So we have a Master Public Key and a Master Private Key but we refer to the Master Private Key as only Master.

      What kind of hand-waving smoke and mirrors bullshit is going on here?

      To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID.

      Contacts the PKG which uses the Master Private Key?

      Really. What. The fuck. Ever. Did I miss something here? How is this in ANY way a good idea? "But if you trust..." I trust NOBODY. I barely even trust myself and only because I have to.

      Meh

      --
      "Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
  6. Any other schemes to choose from? by Taco+Cowboy · · Score: 2

    So we have email-based public / private key encryption scheme; revocable identity-based encryption scheme ...
     
    Are there other schemes or paradigms we can choose from?

    --
    Muchas Gracias, Señor Edward Snowden !
  7. Terrorism never sleeps by Anonymous Coward · · Score: 0

    And neither does the American Secret Service. If you intend to use this technology to engage in terrorist activities, we will find you. You can't escape the SS.

    1. Re:Terrorism never sleeps by Chrisq · · Score: 2

      And neither does the American Secret Service.

      Are you sure about that?

    2. Re:Terrorism never sleeps by Anonymous Coward · · Score: 0

      The ASS?

    3. Re:Terrorism never sleeps by Dragonslicer · · Score: 1

      And neither does the American Secret Service. If you intend to use this technology to engage in terrorist activities, we will find you. You can't escape the SS.

      Apparently you didn't read the news this weekend.

  8. IBE needs a trusted central authority by Anonymous Coward · · Score: 0

    The OP didn't get that all identity based encryption (IBE) schemes need to have a trusted authority that issues the private keys: If I could generate my own private key (fitting to my public key that is my e-mail address), what would prevent me from generating someone else private key?

  9. Oh please. by andyn · · Score: 5, Insightful

    having a private key generator do some wibbly-wobbly timey-wimey stuff to generate a secure private key out if it.

    This is Slashdot. Pretty please stop underestimating our skills.

    1. Re:Oh please. by Anonymous Coward · · Score: 1

      I don't even know how to code 'Hello World' in QBASIC.

    2. Re:Oh please. by Anonymous Coward · · Score: 2, Funny

      Let me explain how to do it:
      1. open your editor
      2. do some wibbly-wobbly stuff
      3. some more timey-wimey
      4. done!

    3. Re:Oh please. by Megol · · Score: 1

      This should work in any BASIC dialect:

      10 PRINT "HELLO WORLD"

    4. Re:Oh please. by Anonymous Coward · · Score: 0

      This should work in any BASIC dialect:

      10 PRINT "HELLO WORLD"

      Some BASIC dialects don't use line numbers.

    5. Re:Oh please. by Anonymous Coward · · Score: 0

      i prefer

      11 PRINT "HELLO WORLD"
      20 goto 11

      it goes to 11!!!

      ok, sorry i am going to crawl back to the basement now.

  10. entropy by epyT-R · · Score: 3, Insightful

    an email address is likely very low entropy.. Shouldn't both key halves be as random as possible?

  11. The same public key can map to many private keys by Simon+Brooke · · Score: 2

    Private key and public key are factors in a two factor mathematical relationship.

    So there can potentially be many (possibly infinitely many, I haven't tried to prove this) valid private keys for any given public key.

    So I can see that, given the public key john@doe.com, I can see that there could be potentially many private keys. I see how you could brute force selecting a private key that matched your public key, and I can see that, depending how the brute-forcing is done, it would not be determinate that an attacker also trying to brute force a private key from the same public key would not come up with the same private key.

    What I can't see is how, if you have a message which unlocks with the public key, how you can tell whether it was locked with the 'authentic' private key or with an attackers' inauthentic private key.

    Anyone?

    --
    I'm old enough to remember when discussions on Slashdot were well informed.
  12. Probably not by IamTheRealMike · · Score: 2

    whether (in light of what's known) default strong encryption for everything is something users should just get whether they like it or not.

    There are many unsolved problems for making strong end to end secured communications work. Key management is only one. A bigger and even more complicated problem is that people derive significant benefits from sharing their message contents with big, powerful third parties, for example spam filtering, importance filtering, ability to search 10 years of email from a cheap battery powered device, ability to receive messages when all personal devices are offline, ability to reset passwords if they are forgotten and so on.

    To make truly end to end communication ubiquitous you would have to find a way to recreate all these features in the purely decentralised end to end context. Otherwise "giving" e2e crypto to people "whether they like it or not" is a quick way to find an angry mob with pitchforks outside your house. A lot of people care a lot more about those features than (somewhat theoretical) privacy against the NSA.

  13. wibbly-wobbly timey-wimey stuff by thegarbz · · Score: 5, Funny

    Oh thank god for a moment I thought I was going to get a dumbed down news article rather than news for nerds. Good to see they cover the technical details like the "wibbly-wobbly timey-wimey stuff" in the summary.

  14. No better than using gmail by logicnazi · · Score: 1

    As any such identity based encryption requires a master secret (or secrets) that is used to generate the private keys (if not anyone who knows your email can generate a private key for that public key and thus read anything encrypted to you) you might as well just be using gmail and counting on google not to get hacked. After all, you can't compromise every gmail account by gaining access to a few servers but anyone who hacks the server with the master secret brings down the whole system in IBE. And gmail also provides transport security and tls for your web connections so why even bother with IBE unless your correspondent doesn't have transport level security.

    MAYBE you could create some kind of large distributed infrastructure for storing the master key but at that point it seems easier just to distribute standard public keys directly.

    --

    If you liked this thought maybe you would find my blog nice too:

  15. Multiple master secrets by logicnazi · · Score: 1

    Of course you can have as many master secrets as you want with each controlled by a different entity but those master public keys need to be distributed somehow. However, if you try and allow any master secret to work with any email you have exactly the system we have with ssl certs and we know that won't work for things like email. After all if any master secret can generate a private key for any email that means that if any master key is compromised so is the whole system. I believe it also requires that anyone encrypting messages needs information about all the master keys so it really is like certs, you trust all the root certs in the list that comes with your software.

    On the other hand if each email address can specify the master key to use with it we are back to the problem of key distribution as the choice of master public key for your email address functions just like a public key (to send you encrypted messages the sender needs to know it and if they are tricked into using the wrong one you get a MITM attack).

    Obviously, I use email to stand in for whatever identifier one has in mind.

    --

    If you liked this thought maybe you would find my blog nice too:

  16. RESEARCHERS PROPOSE HOBSINS CHOICE by Anonymous Coward · · Score: 0

    slice and dice it any way you like it's still a turd.

    yum?

  17. The same public key can map to many private keys by Anonymous Coward · · Score: 0

    What you describe is no different than the weakness of any public-private key encryption scheme.

  18. Revoke is pointless by Anonymous Coward · · Score: 0

    Revoke is pointless. You can always refuse messages encoded with an old key, so you can abandon them.

    Half of the problem with encryption is that you make it too complex, add on pointless fluff like key-revoke, and third party identify confirmation, and in the process you open it to attack, and make it so complex as to be useless.

    Just attach the public key to outgoing messages, reader stores the key, and verifies them each time, and over time if the key changes they can flag it. To attack that system you have to intercept the first key, and then every subsequent message (miss one and the key is flagged and the user alerted). Since no attacker can travel back in time, it is as secure as the first key exchange*.

    * And the encryption scheme needs to be secure, so use a combination of all of US, Russian and Chinese encryption schemes.
    * And the software doing the encode/decode needs no backdoors, so open source and no 'auto upgrade'.

    A user can always do the first key exchange themselves via a USB key or similar, or verify it later via a different route.

    When you get a key, you encrypt the messages to that user automatically using their key.

    1. Re:Revoke is pointless by Ronin+Developer · · Score: 1

      It's an older code, sir...but, it checks out. Shall I hold them?

      No...I will DEEEAAAALLL with them myself.

    2. Re:Revoke is pointless by mlts · · Score: 1

      Revocation in general has issues. If you block access to a revocation server, it would allow a key that is compromised to be in effect longer.

      The ideal might be SLC (short-lived certificates), but of course, the downside of that is the computational overhead by the key signing machines.

      I agree with you on the software. In the 1990s, console games were not shipped until they were finished. Not "finished", but of a release grade. This doesn't mean it will be 100% bug free, but solid enough. Even with this in mind, an upgrade needs to be a manual process, with the user finding the download site and fetching it from a mirror themselves. "auto-updates" in theory can be easily used to target users and push a Trojan, or hijacked by blackhats to destroy the product completely.

      One addition: The program should have apps for iOS, Android, and other smartphone/tablet operating systems, and use the native security facilities of the devices. This isn't 100%, but if the security is there, might as well use it, such as Apple's KeyChain, or how Android mounts data on a temporary basis for encrypted content. It might be that the best place to do encryption is on a smartphone, although that isn't completely hackproof.

  19. PGP? by buckfeta2014 · · Score: 1

    Isn't this what PGP is for?

    --
    Buck Feta. You know what to do.
  20. Spam filtering would be far easier by Anonymous Coward · · Score: 0

    Encryption can be simple easy and painless.

    Simply sending out your public key automatically, and encrypting with that public key if you have it.

    If you attach a public key to outgoing emails, and you receive spam unencrypted without the public key, then it makes the spam filtering much easier. The important stuff is encrypted, spam is in the unimportant stuff.

    *Your* computer is perfectly capable of searching *your* emails. Thunderbird still does search and spam filtering without issue.

    You really don't need to make it more complicated than simple public key encryption. The complexity is what prevents widespread encryption.

  21. Anybody ACTUALLY read the article? by Ronin+Developer · · Score: 1

    Or, are they responding the premise that this simply can't be secure?

    I haven't fully digested it, but it sounds interesting at the very least for me to at least try to understand it. It does not appear to be a crackpot article as one might assume. And, it sounds like it's being posted for true peer review as most security papers should,

  22. what are we gonna do today pinky? by Anonymous Coward · · Score: 0

    well ....

  23. Better to make the public key the identity by CptJeanLuc · · Score: 1

    It makes sense embedding into the identity itself the means to prove that identity. Linking a public key identity to an email address would be simple; you just put a self-signed certificate somewhere which claims "this email address belongs to me". There could be public, distributed lookup services for this.

    To make things simpler, instead of using complex schemes for carrying private keys around, better just to use a deterministic key generation scheme which builds the identity from a passphrase. It is easy to use slight variations of this data to create alternate identities for different services and "ID spaces". There exist implementations of this concept, e.g. search Google for "decentral identities". There would be no need for password based login to services, because you would log in with the public key of your identity, and you would use the private key to prove your identity. Server side password theft is no longer possible. With such a scheme, you could possibly maintain only one single very complex password, and all identities are generated from that password, by adding e.g. service name. No need for any password manager or such.

    If the key is compromised, then the identity is effectively lost. The identity would have to be revoked by distributing a self-signed revocation certificate, and the user would have to register a new identity to associate with service accounts and for contacts.

  24. Cursory reading by ndykman · · Score: 1

    To address the summary, the difficulty is in proving certain security aspects, as current models don't fit the assumptions that RIBE models use. In practice, it could be fine.

    The article seems to propose a set forward in a scheme to manage the keys by combining two previously proposed methods in a novel way. I can't judge if this is indeed an advance as I am not familiar with this domain. The main advance claimed is that the publicly needed parameters is constant. This suggests that other schemes had an issue in which the public information would keep growing as the number of issued keys and users grew, causing a scaling issue that limited practical, widespread applications. Again, I can't judge if this is indeed correct.

    But, as noted, this does require a trusted third party to ultimately decide if a key is valid. Also, a lot of the work seems to be temporally based; the identity is combined with a timespan to create a key that is only use for a given set of time.

    It's an interesting idea overall. It avoids the public key problem by making the information you need the channel in which you communicate on. (For example sending a encrypted email in which the key is the email address),

    1. Re: Cursory reading by jd · · Score: 1

      That was pretty much my interpretation as well. Which would be great for ad-hoc encrypted tunnels - the source and destination can have keys that are valid only until the tunnel's authentication expires (typically hourly) and where the encryption is based on the identity the other side is known by. Ad-hoc tunnels need to generate keys quickly and efficiently, but also don't need to be super-secure. In fact, they can't be.

      If RIBE isn't useful in ad-hoc, then you'd end up having to ask when it would be useful.

      Anything that depends on a third party, including PGP/GPG with keyservers, is vulnerable to some form of compromise, SSL/TLS certificates all have a third party signer and Kerberos depends on all kinds of behind-the-scenes work being secure. However, although they're imperfect, they're considered adequate for what they do. Well, except for SSL, perhaps.

      RIBE presumably therefore also has a niche where it's good. Rapid key turnover is what's wanted for conversation-based protocols with timeouts. That makes RIBE sound promissing for IPSec ad-hoc and SSL, as it makes store and crunch by attackers less likely to work. But is that the right niche?

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  25. The Time? by TechyImmigrant · · Score: 1

    After reading through it, my first response to new IBE schemes is "Can I implement it efficiently in hardware?". In this instance, no. The need for bignum arithmetic is a problem since it leads a nondeterministic state requirement. Worse is it appears to require a common understanding of time between the interacting entities. If IBE is used for the key management and those keys are used to secure a common, secure notion of time, then you have a circular dependency.

    I'll need to go an abduct a proper crypto mathematician to check my interpretation though.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  26. Re: More great insightful summaries from /. - not! by jd · · Score: 1

    I've used the site longer and reserve the right to use Doctor Who references where I'm suspicious of technical details, especially as relate to timing vulnerabilities. This is allowed, as per The Hacker's Dictionary. Bonus points for finding the Doctor Who references included.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  27. why not use email header by vividvew · · Score: 1

    Serious question. Why is there not just some email header that contains your public key so that anyone who had gotten an email from you and has a supporting client can then send you an encrypted message? It so simple a solution that I assume I must be missing something obvious that prevents it from be a no brainer for key distribution.

  28. Oh my god by strikethree · · Score: 1

    and having a private key generator do some wibbly-wobbly timey-wimey stuff to generate a secure private key out if it.

    This is another one of those fucked up "articles" isn't it... Perhaps it is time I left. What the HELL is up with this crap? When I arrived here back in 99 there were very few articles that insulted me. Lately, it seems that one out of every 5 articles is insulting me. Did I miss a memo or something?

    --
    "Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
    1. Re: Oh my god by jd · · Score: 1

      Don't Blink.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)