There are times when the most of the world goes into a frenzied argument for something without thinking it through. This happens with many kinds of issues from (recent news) geopolitical to (since the beginning of time) religious to (what this post is about) technical issues.
Effective means of reason and deduction are forgotten, research is ignored as unnecessary, the only thing that matters is that everybody (except for a couple of loonies) says so – then it must be true.
This doesn’t happen all the time. Often even large, unrelated groups of people can accomplish amazing feats. But sometimes I’m flabbergasted by the stupidity of the masses.
Public key encryption. Everybody uses it, few people understand it. I do. Many many years ago I read a book called Crypto – an excellent introduction to the science, technology, and politics of cryptography. In particular I learned something very important there that applies to this post: how public key cryptography works. I won’t bore you with the details, fundamentally it’s this:
- There is a key pair – public key and private key.
- The holder of the public key can encrypt a message. The key is public – that’s anyone – can encrypt a message.
- Only the holder of the paired private key (private – that’s one person) can decrypt a message encrypted with that public key.
It’s an amazing system made possible by mathematical one-way functions, and it works. Because of it, more than anything else, the current internet was made possible. We would not have had online shopping, banking, services, or anything at all that requires privacy and security on the internet without public key cryptography.
Public key cryptography has one really unfortunate complication – key exchange. You can be sure the holder of the private key is the only one who can read your message that you encrypted with their public key, but how can you be sure you have that person’s public key? What if an impostor slipped you his public key instead?
There are various solutions to this problem, none of them ideal. The most popular one is to have a central authority that certifies the certificates. So if you want to be sure https://www.fsf.org is really the Free Software Foundation and not an impostor – you’ll have to trust their current certificate authority Gandi Standard SSL CA. Who the hell is that? Why should you trust them? Yeah, that’s the problem. The trust is enforced partially by financial benefits and partially by croud-sourced trust: Gandi would lose their business if they were caught issuing fake certificates, that’s all. But it’s the best we’ve got today.
There is one case when a third-party certificate authority is unnecessary, in fact undesired: when I control both ends of the communication. When would that happen? Well it just so happens that I’m currently working on an Android app (my code) which connects to a web service (my code on my server).
I would like to have secure communication between the two. Meaning I need to be sure that either the messages between the two have arrived unmodified and unread by third parties or they will not arrive at all. Perfect use case for pubic key encryption, and I can of course put my own public key in my own Android app to match my own private key on my own server.. right?
No. Or at least not without a great amount of difficulty. Try to find a solution for using a self-signed certificate with the Android (i.e. Apache) DefaultHttpClient or HttpClient. You’ll find a lot of people who will say (with foam at their mouthes) NEVER DO THIS THIS IS INSECURE HORRIBLE TERRIBLE STUPID WHY WOULD YOU EVEN ASK!!!
And it would be ok, if they explained why they think this is the case, but they don’t. Of course not, why bother figuring it out? Everyone else is saying (no, shouting) the same. Must be true.
This is when I start to lose faith in humanity. From “weapons of mass destruction” in Iraq (willingly swallowed by hundreds of millions in the west) to “god has a problem with condoms” (in certain popular religions) to bullshit like this technical problem I’m trying to solve it’s amazing we haven’t blown ourselves up to bits a long time ago.
And it’s not like things like this are rare or are a relic of the unenlightened past, this is happening now and on a global scale. I am dumbfounded, and only mildly optimistic because there are still very many people on this planet who are clearly doing well enough. I just don’t understand how we made it this far.
When (or, I should say “if”) I figure out how to make a connection with HttpClient and a self-signed certificate I’ll post a followup.