Wednesday, June 25, 2003

Keys-Based Groupware

Justin Frankel, of WinAmp and Gnutella fame, recently released something called Waste. The MIT Technology Review just posted a good overview of what Waste is.

It's interesting. Most interesting to me is the concept of keys-based groupware. I've been nudging a few friends of mine to use PGP in our email correspondence, almost as an experiment more than anything else, and I'm increasingly convinced that there's a mismatch between our human concept of "keys" and what PGP actually does.

We're actually quite bad at keeping track of items like keys. I've probably either broken into my house/car or called a locksmith at least 10 times in my life. In none of those cases was the total cost/effort/damage more than about $100 or a couple hours of my time. That's a very small percentage of the value of either my house or my car.

Contrast that to PGP, which is more like stashing your car or house on the back side of the moon when you're not there. Lose that key, and the contents are finito. One of my friends has now been through about three keys -- I have to keep going back and re-sending him stuff, re-encrypted to his new key, so he can keep an accessible archive.

So am I saying that we should create some "weak" alternative to PGP for people to use in day-to-day secure interactions, in the same way that your house is not exactly the vault of the Bank of England?

The problem here is one of message context. Effectively, when you send data around the Internet, you are both sending it through a very bad neighborhood every time, and even leaving it parked in a dark alley in the bad neighborhood in many cases -- it may go through the servers of people who have no incentive but to do you ill. Even if you and your friend are both in "trusted" environments, your data flow is almost certain to take a highly untrustworthy path.

Drive through a bad neighborhood, like the South Side of Chicago. Note that the security on the shopfronts bears a much closer resemblance to the Bank of England (or PGP, metaphorically) than does the front door of your house.

If we can't have weaker keys, and we can't effectively manage stronger keys, what is the answer?

Perhaps the answer is security in numbers, combined with social security. For instance, in a workgroup environment, there is no reason that everyone shouldn't share the same public/private key pair. If I lose my pair, I can get it from someone else. Authentication and security now both happen at the group, rather than the individual level -- and there are always 5-20 copies of a given key pair in 5-20 locations. The problem, of course, is scale and boundaries. If I am a part of 15 different workgroups, I must use 15 different keys. As these groups morph, grow, and shrink, keys will diffuse through both organization and personal networks. Soon we'll end up with the password problem all over again, which is in the face of confusion, everyone defaulting to something so banal that it's highly statistically likely that it can be outright guessed.

This is an interesting problem.