Also, encryption is easy; key management is hard. If your workplace sets up a Public Key Infrastructure on your Exchange server, all you have to do is click “encrypt.” But outside of an organization that uses it, you’ll need some out-of-band way of exchanging keys with everyone you want to communicate with. And, as fun as key-signing parties are, they can be a little awkward for, say, someone you just met on reddit.
Right. Encryption is a lever; it permits you to use the secrecy of a small piece of data (the key) to secure a larger piece of data (the message). The security isn’t in the encryption math. It’s in the key storage and exchange mechanism.
*I stole this analogy from something I read recently, probably on HN.
Also, encryption is easy; key management is hard. If your workplace sets up a Public Key Infrastructure on your Exchange server, all you have to do is click “encrypt.” But outside of an organization that uses it, you’ll need some out-of-band way of exchanging keys with everyone you want to communicate with. And, as fun as key-signing parties are, they can be a little awkward for, say, someone you just met on reddit.
Right. Encryption is a lever; it permits you to use the secrecy of a small piece of data (the key) to secure a larger piece of data (the message). The security isn’t in the encryption math. It’s in the key storage and exchange mechanism.
*I stole this analogy from something I read recently, probably on HN.