Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students

Compliance Defects in Public-Key Cryptography

Don Davis


Public-key cryptography has low infrastructural overhead because public-key users bear a substantial but hidden administrative burden. A public-key security system trusts its users to validate each others' public keys rigorously and to manage their own private keys securely. Both tasks are hard to do well, but public-key security systems lack a centralized infrastructure for enforcing users' discipline. A "compliance defect" in a cryptosystem is such a rule of operation that is both difficult to follow and unenforceable. We present five compliance defects that are inherent in public-key cryptography, and argue that these defects make public-key cryptography more suitable for server-to-server security than for desktop applications.

View the full text of this paper in ASCII (36,453 Bytes) and POSTSCRIPT (174,192 Bytes) form.

To Become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 1 May 2002 aw
Conference Index