More on naming systems - Journal of Omnifarious
May. 8th, 2003
10:30 pm - More on naming systems
This is a continuation of my previous post on this topic.
We will call the strange values public keys. Public keys actually have two parts. One part is called the secret key or private key , and the other part is called, confusingly enough, the public key. In order to reduce this confusion, I shall call my secret key Somni, and the corresponding public key Pomni. I will call the both of them together SPomni.
Pomni has a number of uses. Some of the are obviously related to naming, and some are not. One use is to verify assertions that have been signed with Somni. Another use is similar, and that's to verify the assertion from someone (or something) you're communicating with that they hold Somni, which is a verification of their identity. A last use is sending messages that only someone who knows Somni can read.
When cryptographers discovered public key cryptography, they were the most excited about the last use. But, I think the first two uses are actually much more useful.
Public keys are names. A given public key, say Pomni, uniquely and securely identifies the owner of a particular secret key. That secret key may be held by and individual, or by a program, or by an organization. The important attributes the owner has is some information that the owner keeps from everybody else (at the least, the secret key), and the ability to exchange information with something else. The latter attribute is needed because otherwise all of the things the public key allows you to do are useless. The holder of the secret key will never be making any assertions, and you'll never need to verify their identity in a conversation because you'll never be conversing with them.
But, there is another kind of name. That name is called a hash. A hash algorithm is a way of assigning a big random number to a piece of data. For example, the SHA1 (a particular hash algorithm) hash of the previous paragraph is
Each time anybody runs the SHA1 hash algorithm on that paragraph, they will come up with the same number. Change the paragraph even slightly, and the number is completely different. Pick any other paragraph in the entire world, in any piece of literature ever written in any language, and run SHA1 on it, and it will give you a different number.
In fact, if we used a hash to assign a number to every cup of water in the ocean, we'd have to have 100 oceans for there to be even close to a 50% chance of two cups ending up with the same number. And, if we ever end up with more things to name than that, there are other hash algorithms waiting. With a number that was only 308 digits long, we could use it to assign a random number to every electron in the known universe, and have a much greater chance of a meteor killing you in the next 5 seconds than you would of having two electrons be assigned the same number.
Since it's so unlikely for two pieces of data to generate the same random number, that the number is, for all intents and purposes, a unique name for the piece of data. Yes, the name isn't particularly human readable. But, it's much shorter than the data it names. This makes it very useful as a sort of shorthand for the data it's a name for.
Well, I'm done talking about naming again for awhile, there'll be more later...