Cryptography Reference
In-Depth Information
hindered the development of cryptographic technologies. When the medi-
ating role of models goes unrecognized, scientific practice becomes blind
to the trade-offs inherent in the process of abstracting away the unruliness
of the phenomenal world. Phil Agre has articulated the consequences of
such an epistemological stance in his analysis of the role of metaphor in
the field of artificial intelligence: “Any practice that loses track of the figu-
rative nature of its language loses consciousness of itself. As a consequence,
it becomes incapable of performing the feats of self-diagnosis that become
necessary as old ideas reach their limits and call out for new ones to take
their place. No finite procedure can make this cycle of diagnosis and revi-
sion wholly routine, but articulated theories of discourses and practices
can certainly help us to avoid some of the more straightforward impasses.”
77
Such articulated theories might prove quite relevant to cryptographers.
They might help them account for how models evolve and mutate in
response to the constantly shifting boundaries between theory and prac-
tice. Indeed, such shifts have already occurred with respect to the proof
model under which the correctness of cryptographic schemes is ascer-
tained. Chapter 7 investigates the struggles of the community as it debates
how to best adjust the model while maintaining the epistemological integ-
rity of its practices.
Conclusion
This chapter gradually built a fuller picture of the cryptographic signature
model. Based on the mechanics of public-key encryption, the model
involves distinct steps of signature creation and verification, supposes an
underlying infrastructure for key distribution and revocation, and posits
specific threats to which cryptographic signature schemes must be resis-
tant. Without yet attempting to evaluate the
fitness
of the model, we are
nevertheless in a position to examine some of the (inevitable) abstractions
and simplifications built into it. In attempting to create a digital analogue
of handwritten signatures, what did the definitions of the signature process,
of the three security services, and of the threat model foreground, what
did they relegate to the background?
First, in the model, the evidential value of signatures is wholly derived
from the verification process. Though it merely outputs a binary answer—
either the signature is valid or it is not—the verification process encom-
