Dear mr Schoen, On 01-06-13 02:57, Seth David Schoen wrote:
Arvind Narayanan has just pushed a two-part paper in _IEEE Security& Privacy_ about exactly this point: http://randomwalker.info/publications/crypto-dream-part1.pdf http://randomwalker.info/publications/crypto-dream-part2.pdf Narayanan argues that "a mis-alignment of incentives frequently occurs" to discourage the use of cryptography to protect privacy (particularly in the strongest end-to-end sense) and that there is minimal demand for protecting data against intermediaries and service providers. (I find this paper extremely depressing, but it does describe actual events. If I were writing this paper, I would continue to ask how we can increase demand for cryptographic privacy mechanisms rather than declaring defeat.)
I'm not so depressed by it. In fact the paper clearly outlines the problems and the way out. But there is the crypto-trap, it must be perfect or it is useless. It doesn't have to be that way. Here is a simple way to start. We won't start to solve the privacy problem. We attack other simpler problems with crypto. From there we can venture into more privacy. Here's how. With anonymous client certificates, we can solve the password problem when people sign up for an account. It eases the usability of websites (no more hassle with passwords or email addresses) and it makes site building easier as client side crypto is already part of every mature web server. By making it easier, time will come that passwords are considered more expensive than client certificates. The push comes from companies that need to pinch money. Once we've replaced password authentication, the same client certificates can be used to write authenticated messages. At first, it could be used by banks to communicate with their clients. By using client certificates as third-level authentication (in addition to pin-based TAN-generators) it can defeat most phishing attempts. Even if the customer falls for it and tries to log in at the phishers' site, the bank detects it and blocks the account. Here the demand for crypto comes from the financial pressure on banks to solve the phishing problem. The end user, although he has a privacy wish to protect him/herself against advertisement networks, doesn't have a clue on how to get that protection. He doesn't need it. He needs computers that do the protection for him. The system above to end the password problem and phising problem is aligned with the financial pressure. The things we need to get there are pointed out by Arvind Narayanan in his papers too: 1. We need completely automated key management, invisible to the user; 2. We need computers that are trustworthy. The good news, is: there is light at the end of the tunnel. I've been working on the first part with my eccentric-authentication 'protocol' [1]. It shows what we can do with anonymous client certificates. And there are plenty of people working on the trustworthy computers. Just like the drive to virtualisation on the server is a drive to compartmentalization, we see a rise of operating systems that bring that to client computers: genode.org, coyotos.org, qubes-os.org. Many more. With the high speed of replacement in the mobile and tablet markets, it offers opportunities that better not be wasted.
* To pick up on Narayanan's argument, even if this kind of service is legal and even if carriers thought it was a reasonable service for them to offer, we might expect problems with demand for it. One problem for the level of demand for blinded e-cash payments for telecommunications services is that if users lose their mobile devices and don't have suitable backups, they lose all of their prepaid account value (because it existed only in the form of e-cash on the devices).
To answer this with another current development: real time synchronization. Many people already use dropbox to synchronize their phone with their PC. Combine that with a fingerprint scanner (and pincode) at the phone to identify yourself to the phone and the loss/theft of the phone won't mean the loss of data nor e-cash. Respectfully, Guido Witmond [1]. http://eccentric-authentication.org/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech