HOME
BLOG
PHOTO
« February »
SunMonTueWedThuFriSat
   1234
567891011
12131415161718
19202122232425
262728    
       
About
Radovan Semančík
Evolveum
nLight
Papers
Contact
Categories
Recently
Syndication
XML RSS ATOM
Locations of visitors to this page

Powered by blojsom

Radovan Semančík's Weblog

Monday, 27 February 2006
Why may Bob be wrong

Bob Blakeley, one of my favorite bloggers, recently blogged about the evil nature of passwords:

Static passwords are an unacceptable hazard, good alternatives exist, we should get rid of static passwords in favor of those alternatives, and we should do it fast.

He also issued a call for action:

I believe that this community should commit itself to achieving the goal, before this decade is out, of providing every computer user with a strong authentication device and the infrastructure required for its universal acceptance.

While I can understand Bob's motives, I'm afraid that he is too optimistic and maybe even partially wrong. I think we just can't get rid of passwords. Not in a soon future. The reason is quite simple, but the explanation is quite long. Here it goes:
(for all of you impatient readers, you may skip directly to the point)

It is a common knowledge that we have three types of authentication:

  • Something you know: passwords, PINs, ...
  • Something you have: tokens, mobile phones, ...
  • Something you are: biometrics

Another (but not-so-common) knowlege is, that just one type of authentication is not enough. Why?

  • Something you know: can usually be easily compromised. See all Bob Blakeley's arguments.
  • Something you have: can be stolen. Even if we accept Bob's requirement that the theft has to be quickly noticed, "quickly" may easily be several hours. Consider that you are asleep in a hotel and that one of the hotel employees steal your device. You will detect that in the morning at the earliest. And that may be too late.
  • Something you are: There is nothing about you that one device can read and the other cannot. You leave you fingerprints all around you, and it takes just a few gummi bears to exploit that. A little more effort is paid to iris, and you even leave lots of your DNA around. It seems that once you get inexpensive biometric reader device, there are only few steps that lead to the inexpensive method to fool that device.
Using only one type of authentication is a risk. It does not matter much which one you choose. The first one (passwords) is the most frequently used in digital world and hence the attacks agains it are the most advanced. But who can tell that the other two are more secure? We did not tried that on the same scale, yet.

So called "two-factor" authentication can address the vulnerability of single authentication mechanism. You just have to use two types of authentication to lower the risk of breaking one of them. For example combine tokens and PINs or biometrics and passwords. Now, you have three different combinations of two-factor authentication mechanisms, and only one does not involve passwords: tokens + biometrics. And how would we implement that? Putting fingerprint reader in your notebook does not help much. As Bob correctly said: the workstation is not secure. And even if it was, fingerprint authentication is not. And I can't really imagine portable token with DNA analyzer being affordable anytime soon. And I don't even dare to think about consumer acceptance.

Well, what we have left? Tokens + passwords and biometrics + passwords. I will not ponder about the feasibility of these in detail. All we need to know is that they both involve passwords. May they be in form of PIN, passphrase or whistled-morse-code-signal, these are still passwords.

(There is another issue while using tokens for authentication, and that is the number of tokens needed in day-to-day business. Just recall how many keys are on your keyring. Why do you think that you will not have that many tokens? But more about this later. Maybe.)

One way or another, we cannot get rid of passwords anytime soon. But the one thing that we can change is the way how we use and manage them. First of all we need to get rid of one-factor password-only authentication for all important transactions. We should use two-factor authentication instead. And make sure that we enter our passwords into secure devices, not into our workstations. We shoule have the secure device do the "strong" authentication, not your notebook.

We have to assume realistic goals. We cannot get rid of passwords, but we can change the way that we use them. This should be the goal of the decade.

Posted by semancik at 10:37 PM in security
Responses (0)
Sunday, 5 February 2006
Uncovering Problems

Just now I'm finishing my contribution to this year's InfoSeCon conference. As I've done some final (re)touching of the paper, a sudden realization struck me.

The identity technologies uncover all kinds of underlying problems. Many old problems are being uncovered, the problems that are here since the very beginning and nobody have the will strong enough to solve them.

The danger of global identifiers, the workstation insecurity, the weakness of "strong" authentication, the digital signature disaster-in-waiting, the enterprise organizational structure, workflow and roles problems, none of these is "native" identity problem. They are more like a legacy, old problems left unsolved for too long.

Maybe the whole identity hype is all about this. Solving old problems.

Posted by semancik at 8:36 PM in Identity
Responses (0)
Thursday, 2 February 2006
Government Identity Skeptic

My friend Kozo recently pointed out the fact that any smart dude can read biometrics from Dutch passports. Kozo called me a "skeptic" regarding government identity-based technologies. And I think that he is right, I really am skeptic about that. And I want to explain why.

The first time that I've touched something that was at least remotely related to governemt ID technology was in 1999. We were starting a feasibility project that should demonstrate the capabilities of PKI in the Internet. I've build a small web-based certificate authority on top of OpenSSL to show what the X.509 PKI can do. The project conclusion was simple: The technology works, but it is not clear how to use it.

A lot of time passed since, but nothing seems to really change. We have a digital signature law, based on EU directive 1999/93/EC. We know how to create a signature. But we do not know what to sign or how to use it. Well, you may sign non-structured RTF document, but what would that be good for? You cannot process that automatically, as it is not structured. Yes, you may send it using e-mail instead of standard snail mail. But is this single feature worth the pain of such a complex system?

While signing presentation-oriented documents (like RTF or HTML), there is another problem. Imagine that you are signing contract, and there is a paragraph written in small light gray letters on white background. Is the paragraph binding for you, if you cannot see it on your monitor? And is it binding for the other party, if they has set the monitor that they can see it?

And another problem. You receive a signed document, verify that the signature is correct and deliver the services according to it. But the other party will claim, that the document is not valid, because they did not used certified device for siganture creation (and thus the keys might be stolen, etc). You have no way how to detect that, given only the signed document. Oh yeah, the "bad" party may be eligible to pay for your losses, but you have to prove them first and that may take months and may not be even effective.

Now to the core of the problem. It is quite clear, once you adopt the Persona Model: the signature is not created by the physical person, but by a device that is only a "proxy" (persona) of the physical person. How can you be sure, that the person controls the proxy? The root crtificate authority certificate will only claim, that the physical person provided some identification document while requesting the certificate. It does not claim that it was specific person requesting it, only that the identification document belonged to that person. The certificate also claims that the person presenting the identification document controlled the private key to the certificate only at the time of issuing the certificate. It does not claim that the person is still controlling it. And the certificate of the certificate authority does absolutely no claim about the method of digital signature creation. You might compute the signature manually on счёты if you want (and have hell a lot of time, patience and really big abacus).

As you can see, the technology still works, but we are not sure how to use it. Nothing really changed.
And I've not been talking about privacy implications of PKI, yet. Maybe later.

But back to my skepticims. Some years ago I've talked to someone from Estonia. It looks like they use the digital signature quite a lot. And they make the signature on common PCs. I wonder, how they cope with viruses and other malware. Maybe they are just lucky that nobody made a virus to misuse the digital signture (yet)? And recently I've learned (also via Kozo) that they've conducted a communal elections using the Internet. Maybe I've missed something important, but electronic elections used to be one of the most difficult (and not completely solved) cryptographic problem. I've had a brief look at the description of their "secure" election system, and it looks to me that all the system's claimed security features may not be absolutely correct.

It looks that this little country's progressed a little bit too fast. I wonder how will this all end. I'm really skeptic about it ...

Posted by semancik at 11:35 PM in Identity
Responses (0)