Aram Perez wrote:

Hi Ed and others,

Like usual, you present some very interesting ideas and thoughts. The
problem is that while we techies can discuss the "identity theft" definition
until we are blue in the face, the general public doesn't understand all the
fine subtleties. Witness the (quite amusing) TV ads by CitiBank.

Thanks. That's why my suggestion is that techies should solve the real problem (authentication theft) that is allowing identity theft to create damage to the general public. What's the use of stolen identity data if that data cannot be used to impersonate the victim? At most, it would be a breach of privacy... but not a breach of access and data protected by the access. Furthermore, if identity data is not used as authenticators, they would not be so much available (and valuable!) to be stolen in the first place.

BTW, the confusion between identification and authentication begins in
our circle. Just check, for example, The Handbook of Cryptography by
Menezes et. al.:

        "10.2 Remark (identification terminology) The terms identification
        and entity authentication are used synonymously throughout this book."

Ed Gerck

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to