Hacker News new | past | comments | ask | show | jobs | submit login

All forms of public key encryption require proof that Alice or Bob are who they say they are or you can setup a man in the middle attack. Without a public key athority to Safely provide the correct public key your stuck with manual key exchanges which can work, but does not scale. If the government has the public key authority's private key they can spoof them and setup man in the middle attacks easily.

Web of trust. So say I meet someone visiting from the US that I trust, he gets my public key and signs it, and vice versa, then I can guarantee to people who have my pubkey that the one I'm sending them is his one.

Web of trust has massive scaling issues. The most obvious being a rooted devices can quickly compromise the network and your talking about a huge attack surface if your willing to trust more than one link in the chain.

Edit: Realistically if you want secure peer to peer communications your protocalls has to survive when 40+% of peers are compromised and well good luck with that at scale. This seems like a reasonable problem but you also need to be able to revoke certificats.

What about some sort of web of trust model that has a notion of confidence. Lets say I have four people; Alice, Bob, Carol, and me. I know both Bob and Carol, but I don't know Alice directly. Since both Bob and Carol vouch for Alice, I can be fairly sure that Alice is Alice. Now lets say that Bob has reason to believe that Alice has been compromised, so he revokes his link to Alice. Now I have am less confident about Alice, because I have one link to Alice instead of two. Or is this how Web of trust works?

This is how bitcoin works. The network will adopt whatever the majority agree on in terms what transactions happened. As a result, you can't man-in-the-middle bitcoin and it remains secure even without centralized key signers, because you can increase your confidence by confirming a transaction with as many nodes as you want. This is how you validate a local block chain - you connect to enough other bitcoin clients in the swarm such that at some confidence threshold you agree your chain is the correct one. The usual number is 8 independent connections in the bitcoin network (both for blockchain verification and confirmation of transaction acceptance) because the probability of getting 8 bad actors agreeing to the same fraudulent transaction is mathematically demonstrated to be sufficiently low.

Note: that is (besides the 51% attack vector) the primary reason the bigger parts of the crypto scene won't call bitcoin truly secure. Because there is still a risk of insecurity, it is just abysmally small, and disrupting one node doesn't mean the degradation of the web of trust because as long as the majority still agrees on the correct state of affairs (and as a false block chain diverges it becomes more expensive to maintain that public facing fork to disrupt other clients).

An important point about bitcoin for this discussion. It in no way authenticates who anyone is beyond there public key, it just keeps track of what someone does with those keys. Aka I did this work which I signed, i want to move a bitcoin to this act which I signed.

You make it sound like Web of Trust does not include revocation.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact