This works if physical contact is available and parties are trusted (even the weakest literal reading of fourth amendment says "right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures," -- exchanging a key token counts as such).
Yet what of basic online communications where key-exchange is necessary and where we have very little say about the protocols involved?
You probably know what I was getting at. Public-key crypto is very important in today's world. If we can't use the current system, we need something to replace it. Pre-shared keys is for a different scenario.
You are missing both Schneier's point and mine. The point is that if you can contrive of a way to (perhaps inconveniently) pre-share static keys, you should consider doing that instead of relying on number theory to protect your secrets.
> The point is that if you can contrive of a way to (perhaps inconveniently) pre-share static keys, you should consider doing that instead of relying on number theory to protect your secrets.
No I got that just fine. As you know, I'm suggesting that not using public-key crypto or something else for the same purpose is impractical.
Nerdnit, but it's not like AES is based on some wholesome certified organic granola theory to the exclusion of number theory. Number theory didn't wait around 2+ millennia to be useful only to be dissed like that, man!
and you are conveniently missing his point. If we were to throw away public key technology today and say 'Only pre-shared keys' some significant portion of the internet would simply be unencrypted. What do we do about that?
Yet what of basic online communications where key-exchange is necessary and where we have very little say about the protocols involved?