In lieu of an abstract, here is a brief excerpt of the content:

180 Chapter 7 from the protocol so as to influence the outcome of the survey, perhaps for political reasons. Equally problematic, however, is getting honest respondents to perform the protocol correctly: randomized response methodologies can become rapidly cumbersome, requiring respondents “to perform complex randomization tasks for which interviewers must provide seemingly ‘mindboggling’ explanations; the result can be respondent suspicion, confusion, and uncertainty as to the level of disclosure that a truthful answer entails.”57 Moran and Naor’s “human-centric protocols” thus bring additional benefits to the table. Because the security properties of scratch-cards or sealed envelopes are well understood, respondents are more likely to believe that the protocols perform as advertised than if they were implemented using computers. As they note, “the computers and operating system actually implementing the protocol may not be trusted (even though the protocol itself is). . . . Even for an expert, it is very difficult to verify that a computer implementation of a complex protocol is correct.”58 Basing cryptographic primitives on familiar technologies with a long social history may thus provide a way to develop collective trust in modern cryptographic protocols while maintaining the rigorous mathematical analysis characteristic of the provable security framework. Cognition Developing such collective trust may require not only transparency of technical means but also the ability for users to understand how the protocols themselves perform their often mysterious feats. In fact, the security proofs of Moran and Naor’s human-centric protocols depend on the ability of honest parties to follow instructions correctly, something they recognize is difficult to either guarantee or model mathematically. Perhaps, then, the development of something akin to cryptographic literacy is just as necessary to information security as that of impregnable mathematical protocols. Researchers tackling this issue have tended to adopt one of two distinct approaches.59 The first one frames the issue in terms of “public understanding of science”; that is, the cryptographic literacy problem lies in getting the general public to understand the capabilities of modern cryptographic protocols for ensuring security and privacy over networks. Cryptographic literacy allows the public to “cultivate a higher level of trust for systems The Cryptographic Imagination 181 that use sophisticated protocols to protect information. Just as an understanding of biology goes a long way towards making informed decisions on environmental issues, understanding the technical issues involved in cryptography enables informed decisions on privacy issues.” Indeed, the confounding lack of uptake of cryptographic technologies in the marketplace may be attributed to the public’s inability to grasp their potential: “If more people knew about such things, they would lobby for their adoption to better protect privacy in everyday transactions.”60 Such research thus focuses on the design of effective pedagogical tools for explaining cryptographic capabilities to lay publics as might be found in schools, universities, popular science television programs, and the like. Encryption and key distribution, for example, might be demonstrated using a chain and padlock, and the intrinsic cryptographic properties of playing cards can be used to develop “simple and meaningful visual metaphors ” for many protocols.61 Given their familiarity and inherent dramatic structure, even children’s folk tales may prove helpful: Quisquater and colleagues leverage the story of Ali Baba and the Forty Thieves in the service of explaining zero-knowledge protocols to children—even including advanced theoretical concepts such as simulation and parallel executions.62 Although also concerned with the popularization of cryptographic concepts , the second approach to cryptographic literacy conceives of this objective as one that may drive cryptographic research itself.63 In this vein, Fellows and Koblitz have proposed the development of a “Kid Krypto” subdiscipline, where the accessibility of protocols is a design goal in its own right: “As in the case of the more traditional criteria—efficiency and security —the search for cryptosystems that meet the accessibility standard naturally leads to interesting theoretical and practical questions. It is a new challenge to determine how much can be really be done with minimal mathematical knowledge, and to find ways to present cryptographic ideas at a completely naïve level.”64 Kid Krypto is also unplugged, “crayontechnology ” cryptography. It is not exposure to computers that leads to cryptographic literacy, but rather, “wide-ranging experience working in a creative and exciting way with algorithms, problem-solving techniques and logical modes of thought.”65 In “Comparing Information Without Leaking It,” Fagin, Naor, and Winkler join the cognitive criterion of accessibility and the material crite- ...

Share