Skip to main content

Crypto misconceptions due to poor semantics

Let's start by explaining a use case and the confusion it gives due to poor nomenclature in the crypto-world. The case of me giving a so-called private-key to someone, so I can send the person an encrypted message with the pared public-key, so only the receiver can open it.

In this use case, in fact, I make a private-key public and assume the public-key to be private.

This use case makes clear that the naming of private-key and public-key are a poor semantic choice. It is a poor choice because depending on the use case, the private-key can be public and the other way around.

We better call the private-key just the encryption-key, and the public-key an encryption-vault. Let's then revisit the example use case now with the new naming.

The case of me giving a so-called encryption-key to someone, so I can send the person an encrypted message in an encryption-vault, so only the receiver can open it.

We have 4 clearly define objects now:

  1. public-encryption-key
  2. private-encryption-key
  3. public-encryption-vault
  4. private-encryption-vault

And vaults can have two states, namely be empty or being filled.

So we can split 3 and 4 in two types of boxes; empty and filled:

  1. encryption-vault (empty)
  2. encrypted-vault (filled)
     

Comments

Post a Comment

Popular posts from this blog

Brussels could do a better job

Abstract Legal systems should enable good public services, not just complicate things. We (the people) don't really need governments, we need good public services. These days, too little is done to ensure a level playing field for companies on a global scale. Enabling big companies to lock buyers into their influence sphere and squeeze as much as possible money out of them. Below three examples where our public services fail. Selling hardware with preinstalled OS should be illegal If a consumer buys a smartphone or a personal computer, it is always sold with an operating system preinstalled. This fixes the consumer into the commercial influence sphere of the hardware seller. Apparently, the Brussels bureaucracy is not really interested in a plane playing field that enables European suppliers to participate in the smartphone and desktop computing market. Would Brussels really be interested in a plane playing field, it would not be allowed to sell end-user devices (smartphones and pe...
Post a Comment
Read more

The end of Windows is underway

Thanks to the virtual machine (VM) revolution, slowly but surely UX (unix like) operating systems are becoming the defacto industry standard. All Apple OS-es are UX based. Android is UX based. All internet is UX based. The whole Linux family of OS-es are UX based. The only remaining exception is Windows. The virtual machine revolution and cloud based (UX) computing is nail in the coffin for Windows however. Now  Google acquired Cameyo and with that brings Windows apps to ChromeOS. It is only a matter of time and all the functionality only available on Windows will be available as a SaaS or ( first  in VM mode) on Linux. All companies (for example SolidWorks ) start to offer SaaS, forced by the market. They feel the pressure  of OnShape . Most development work is already done on Linux based machines. Windows is also becoming legacy because there is extra cost involved to make apps for Windows compatible  with the newest generation of hardware (linke Tablets). This is...
Post a Comment
Read more

Inconsistency in legislation

Good BDO Netherlands July 20 writes about the privacy paradox between PSD2 and the GDPR . PSD2 is a new European directive aimed at payment transactions in Europe. The law has five goals: Competition in the European payment market. Make innovations in the payment system better possible. Protect consumers better. Increase the security of payments. Contribute to a single European payment market. "However, where PSD2 requests open access to (confidential) transaction data, the GDPR imposes stricter requirements with regard to allowing this data and security to be shared." This is just one of the examples showing that the legislative process has completely got out of hand. How come? What is the quality of legislation? And is there something to do about it? How it comes In a word "islands". Too many people are involved in the legislative process in Europe. It certainly concerns thousands and perhaps tens of thousands of people. These work for different governments, diffe...
Post a Comment
Read more