Please explain today's XKCD to me

[thepd7]

Text

I am a hardward guy (EE), I normally get them (even some of the CS ones) but today's is way over my head. I would really appreciate an explanation.

THANKS!

 

[brtspears2]

I would have to guess that his private key combined with her public key.
http://en.wikipedia.org/wiki/Public-key_cryptography

 

[Epic Fail]

http://en.wikipedia.org/wiki/Key_signing_party

 

[theprodigalrebel]

From the XKCD Forum

Basically, it's like this: in order to receive encrypted mail from people, you need to have a public key. This will let people encrypt emails to you that only you can read. However, there is the problem of authentication, how do you know for certain that key X belongs to person Y, someone could just have made a fake key so they can decrypt and read your mail and then pass it on to the real recipient (reencrypting it, so he doesn't know that you've read it). This is called a man-in-the-middle attack.

One solution for this is that people sign each others keys. It works like this: say you want to send an email to Bob, but you've never met him. You find his key online (they are stored on certain servers, like cryptographic phone books), but how can you be sure that it's really his? Well, turns out that you have a friend Alice, and you have her key and you know that it is hers. If Alice has signed Bob's key with her key (which only she can do, you need the secret part of the key-pair), it means that she's dead certain that that really is Bob's key (maybe they are friends, or have met somewhere in real life). So then you can be sure that Bob's key is genuine (since you have a common friend, Alice) and that your communications will be safe.

A key-signing party is simply a super-geeky party where people meet in real life so that they can be sure of people's identity and then everyone signs everyone else's key. It's a good way to expand the web of trust. The joke here (which totally is not funny if you explain it, but I found it hilarious when I read ) is that he has no idea who this girl is and yet he signed her key. The humor lies in the juxtaposition of what you expect (that they screwed) and what is the case (they signed each others key, also known as geek-sex).

As I said, not funny if you explain it, but it made me laugh

 

[thepd7]

Thanks, I would sign each of your keys even though I have never met you, because yall are that awesome.